INFORMATION TEXT REGARDING THE PROCESSING OF PERSONAL DATA

Introduction and General Information

In accordance with the Personal Data Protection Law numbered 6698, all institutions and organizations collecting/storing data are obliged to inform data subjects and provide enlightenment on the subject. Therefore, we share the information below with you. With this responsibility, we process your personal data by our company in accordance with the Constitution, Law, and relevant legislation, including but not limited to the following:

For your applications regarding the rights detailed below, questions, and suggestions, you can reach us at info@aristomarble.com. Our company will respond to your applications and questions in writing as soon as possible and within the framework determined by the law.

We exhibit maximum sensitivity regarding the security of your personal data in accordance with the Personal Data Protection Law No. 6698, published in the official gazette on 07.04.2016. According to Article 20 of the Constitution of the Republic of Turkey, all individuals have the right to demand the protection of their personal data. Aristo Group, as a constitutional right, takes necessary care for the protection, processing, storage, classification, transfer, and destruction of your personal data within the framework of the rules prescribed by the legislation, which is also among the values and policies cherished by our company.

Our company reserves the right to update this “Information Text Regarding the Protection of Personal Data” in accordance with any changes that may be made in the current official legislation.

Data Controller

As per the Personal Data Protection Law No. 6698, since all institutions and organizations collecting and storing data are obliged to inform data subjects and enlighten them on the subject, the data controller regarding the processing of personal data within the scope of the Law is the company located at Akarca Neighborhood, Yerguzlar Street, No: 13/2, 48300 Fethiye/Muğla GSM: +90 538 342 86 06. Personal data can be processed and preserved by the company in accordance with the Personal Data Protection Law.

Purpose of Processing Your Personal Data

Your collected personal data can be processed by Aristo Group within the framework of the fundamental principles envisaged by the Personal Data Protection Law and the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law for the following purposes:

– Carrying out activities in the fields detailed in the Company’s Articles of Association; ensuring the quality provision of services within the scope of the contract and measuring and increasing service quality,

– Responding to inquiries, requests, and claims for effective customer service,

– Identifying problems related to customer accounts and resolving identified problems,

– Introducing and announcing the Company’s practices and services; ensuring transaction security by recording conversations in case of transactions made through the call center,

– Execution of the Company’s human resources policies; fulfillment of sales and marketing activities; conducting information research,

– Investigation, detection, examination, prevention of contractual and legal violations, and resolution of disputes that may arise between the Company and the Customer,

– Utilization for the purpose of performing transactions and transactions to be carried out in compliance with information storage, reporting, and notification obligations envisaged by the competent public authorities.

SPECIAL CATEGORIES OF PERSONAL DATA

In accordance with the Personal Data Protection Law, data such as race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, clothing, association, foundation or union membership, health, sexual life, criminal conviction, and security measures related to individuals, as well as biometric and genetic data, are considered as special categories of personal data. Our company takes adequate measures determined by the Personal Data Protection Board regarding the processing of special categories of personal data. Our company will process individuals’ special category data only with their explicit consent and only to serve the purpose of collection.

STORAGE AND SECURITY OF PERSONAL DATA

Our company takes all necessary technical and administrative measures to prevent the unlawful processing of personal data, prevent unauthorized access to personal data, and ensure the preservation of personal data at the appropriate security level, in accordance with Article 12 of the Personal Data Protection Law. In case your processed personal data is obtained by others through unlawful means, the data controller will inform the relevant person and the Board as soon as possible.

Your personal data is kept for the periods specified in the relevant laws and regulations. If the duration for which personal data will be kept is not regulated in the relevant legislation, it is processed for the period required by our company’s practices and commercial life customs, and then it is deleted, destroyed, or anonymized.

WITH WHOM AND FOR WHAT PURPOSES CAN YOUR PERSONAL DATA BE SHARED?

Your collected data can be shared with our business partners, suppliers, shareholders, legally authorized institutions, agents, Company officials, Company internal units, consultancy, support or service providers, third parties from whom the Company receives or plans to receive consultancy, support or service, institutions to which we are obliged to notify according to laws and regulations, within the framework of the conditions for processing personal data specified in Articles 8 and 9 of the Personal Data Protection Law.

RIGHTS REGARDING YOUR PERSONAL DATA

Everyone has the right to apply to the data controller regarding the following issues related to themselves:

– Learning whether personal data is processed,

– Requesting information if personal data has been processed,

– Learning the purpose of processing personal data and whether they are used appropriately for their purpose,

– Knowing the third parties to whom personal data is transferred domestically or abroad,

– Requesting correction of personal data if it is incomplete or incorrect,

– Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in the law,

– Requesting notification of the operations carried out as a result of the correction, deletion, or destruction of personal data to third parties to whom personal data has been transferred,

– Objecting to the occurrence of a result against the individual by analyzing the processed data exclusively through automated systems,

– Requesting compensation if personal data is processed unlawfully and causes damage.

In accordance with Article 13 of the Personal Data Protection Law, we kindly request you to send your explanations regarding the rights you want to exercise with your explicit identification information in written form to info@aristomarble.com via secure electronic signature. For applications made on behalf of others, legal documents proving that you represent the applicants must be attached to the application letter. Only the e-mail address info@aristomarble.com should be used for issues related to your personal data, and requests and notifications from channels other than this address will not be considered. In applications made within this scope, we will get back to you within 30 days at the latest. (The periods stipulated by the law are reserved)

SITUATIONS WHERE OUR COMPANY CAN PROCESS YOUR PERSONAL DATA WITHOUT YOUR EXPRESS CONSENT AS REQUIRED BY LAWS

In accordance with Article 5 of the Personal Data Protection Law, our Company may process your personal data without your express consent in the following cases:

– In cases clearly envisaged in laws,

– In cases where it is necessary to process personal data for the protection of life or bodily integrity of the data subject or another person, who cannot express their consent due to actual impossibility or whose consent is not legally valid,

– If the processing of personal data is necessary for the establishment, use, or protection of a right,

– If personal data has been made public by the data subject,

– If it is necessary to process personal data for the performance of a legal obligation of the data controller.