CUSTOMER INFORMATION AND NOTIFICATION TEXT
This Information Notice has been prepared by POS BİLİŞİM TEKNOLOJİLERİ SANAYİ VE TİCARET ANONİM ŞİRKETİ (“Company” or “POS Bilişim”), in its capacity as data controller, in accordance with Article 10 of the Personal Data Protection Law No. 6698 (“KVKK”) and the Communiqué on the Procedures and Principles of Fulfilling the Obligation to Inform.
Personal data provided to "POS Bilişim" are processed solely in accordance with the purposes for which they were collected and are not shared with third parties without the existence of exceptions specified in Article 5 of KVKK or explicit consent. We guarantee that all necessary administrative and technical measures have been taken to ensure the security of personal data.
1. What Personal Data Is Processed and What Are the Purposes of Processing Your Personal Data?
Within the scope of our activities, your personal data in the categories listed below are collected and processed for the specified purposes.
1.1. Data Categorization
Data Groups:
- Personal Data (Including Special Categories of Personal Data)
- Identity Information: Name, Surname, Turkish ID Number
- Contact Information: Phone Number, Email Address, Residential Address, KEP Address, IP Address, Log Records
- Financial Information: Tax Identification Number, Credit Card Information, Bank IBAN Number, Bank Account Number, Invoice Details
- Physical Space Security Information: Images Recorded by Camera Footage
- Gender Information: Gender
- Visual and Auditory Records: Photos and Videos Taken in the Workplace Areas for Use in the Promotional Activities of “POS Bilişim”
- Legal Transaction Information: Personal Data Contained in Correspondence with Judicial Authorities and Information Included in Petition and Response Briefs Submitted to Courts During a Possible Legal Process
- Customer Transaction Information: Request Information, Complaint Information
- Marketing Data: Data Obtained Through Survey Work, Cookie Records
- Health Data (Special Category Data): Whether or Not COVID-19 Has Been Contracted and/or Whether There Has Been Any Contact
1.2. Purposes of Processing Personal Data
| Data Category | Purpose of Data Processing |
|---|---|
| Physical Space Security Information | Ensuring the Security of Physical Spaces |
| Identity Information, Contact Information | Conducting Emergency Management Processes, Carrying Out Finance and Accounting Processes, Conducting Communication Activities, Managing Business Activities / Audits, Conducting Sales Processes for Goods/Services, Managing Production and Operation Processes for Goods/Services, Managing Customer Relationship Processes, Organizing and Managing Events, Monitoring Insurance Processes, Conducting Contractual Processes, Managing Requests and Complaints, Conducting Information Security Processes, Ensuring Compliance with Legislation, Providing Information to Authorized Persons, Institutions, and Organizations |
| Financial Information | Conducting Finance and Accounting Processes, Ensuring Compliance with Legislation, Conducting Sales Processes for Goods/Services, Managing Contractual Processes |
| Customer Transaction Information | Managing Business Activities / Audits, Managing Requests and Complaints, Conducting Sales Processes for Goods/Services |
| Gender Information | Managing Business Activities / Audits, Providing Information to Authorized Persons, Institutions, and Organizations |
| Visual and Auditory Records | Managing Production and Operation Processes for Goods/Services, Ensuring the Security of Movable Property and Resources, Ensuring the Security of Data Controller Operations |
| Legal Transaction Information | Monitoring and Conducting Legal Affairs, Managing Contractual Processes, Providing Information to Authorized Persons, Institutions, and Organizations |
| Health Data | Providing Information to Authorized Persons, Institutions, and Organizations |
| Identity Data, Contact Data | Managing Customer Satisfaction Activities, Conducting Advertising/Campaign/Promotion Processes, Managing Loyalty Processes Related to Company/Products/Services, Conducting Marketing Analysis Studies, Gathering and Evaluating Suggestions for Improving Business Processes, Managing Marketing Processes for Products/Services |
2. To Whom and For What Purposes Personal Data May Be Transferred
| Recipient Group | Purpose of Transfer |
|---|---|
| Authorized Public Institutions and Organizations | Courts, Prosecutors, and Law Enforcement Agencies Upon Written Request, Revenue Administration in Case of Audit |
| Business Partner (Banks, Financial Advisors) | Sharing Information Related to Credit Card Collection, Fee Refunds, etc., With the Bank, Audit of Financial Records |
| Business Partner (Financial Advisor) | Approval of Financial and Accounting Statements by Certified Public Accountant |
| Business Partner (Broker Insurance Company) | Monitoring Insurance Processes |
| Supplier (Email Service Provider) | Transmission of Correspondence Information Related to the Purchase of Goods and Services, Establishing a Contractual Relationship, Providing Information |
| Supplier (Car Rental Company, Transportation Company) | Providing Waybill Information to the Transportation Company During the Shipment of Goods |
| Supplier (IT System Provider Company) | To Provide Information Technology Support Services |
| Shareholders | Conducting/Auditing Business Activities |
| Supplier (Evaluation Specialist) | Conducting Surveys on Customer Satisfaction, Market Research, etc. |
| Authorized Public Institutions and Organizations | Providing Information to Authorized Public Institutions and Organizations Such as the Ministry of Health Upon Request Due to the Pandemic |
| Private Law Legal Entities | Conducting Contractual Activities, Fulfilling Our Legal Obligations |
3. Methods and Legal Grounds for Collecting Your Personal Data
Your personal data can be collected by “POS Bilişim” through the completion of contract forms, using automatic or non-automatic, written, verbal, or electronic methods for the purposes mentioned above. Your personal data are processed for the initiation and continuation of commercial relationships, the provision of better and higher quality services, and the conduct of commercial and administrative activities in compliance with laws regulating business and social life, within the legal grounds specified in Articles 5 and 6 of the Law.
4. Your Rights as a Personal Data Owner Under Article 11 of the Law
As a personal data owner, you are entitled to the following rights under Article 11 of the Law:
- To learn whether your personal data is being processed,
- To request information regarding the processing of your personal data,
- To learn the purpose of processing your personal data and whether it is used in accordance with that purpose,
- To know the third parties to whom your personal data is transferred within the country,
- To request the correction of incomplete or incorrect data and to request that the transaction performed in this context be notified to third parties to whom your personal data is transferred,
- To request the deletion or destruction of your personal data, despite the fact that it has been processed in accordance with the law and other relevant legislation, in the event that the reasons for its processing no longer exist, and to request that the transaction performed in this context be notified to third parties to whom your personal data is transferred,
- To object to the occurrence of any adverse result by analyzing the processed data exclusively through automated systems,
- To request compensation for the damages in case you suffer damages due to unlawful processing of your personal data.
You may submit your requests regarding your rights listed above by filling out the Data Subject Application Form, which can be accessed on our website at www.posbilisim.com.tr, or by submitting another written document containing the same content to “POS Bilişim.” Depending on the nature of your request, your application will be processed free of charge within the shortest time possible and no later than thirty days. However, if the process incurs additional costs, you may be charged a fee according to the tariff set by the Personal Data Protection Board.
For comprehensive information on the principles of protection and processing of your personal data, please review the Personal Data Protection and Processing Policy available at www.posbilisim.com.tr. You can submit all your requests in writing to the address provided below or via email to kvkk@posbilisim.com.tr.