Disclosure Text For Website Users
Protecting the privacy of the visitors of website (https://aydindoganvakfi.org.tr/) operated by Aydın Doğan Vakfı (“ADV” or “Foundation”) is one of the leading principles of our Foundation.
The principles concerning the processing of your personal data by Foundation as the data controller based in “Burhaniye Mah. Kısıklı Cad. No:65/1 Üsküdar/İstanbul” in accordance with the European Union General Data Protection Regulation (“GDPR”), Turkish Law on Protection of Personal Data no. 6698 (“Law”) and other applicable legislation are provided in detail in this Disclosure Text.
1. Purpose of Processing Personal Data
Your personal data obtained as you visit our website, may be processed by ADV for the purposes listed below and in complaint with article 5 and 6 of Law:
- - In case of requests by the data subject through communication channels, in order to obtain information, to evaluate requests/suggestions and to make a complaint,
- - Conducting information security activities,
- - Conducting volunteer relationship management processes,
- - Planning and execution of the Foundation’s management strategies,
- - Informing official and competent persons, institutions and organizations,
- - Ensuring the legal, technical and commercial-business security of the Foundation and the people that have a business relationship with the Foundation.
2. Locations to which Processed Personal Data are Transferred and Purpose of Transfer
Your collected personal data may be transferred to authorized public institutions and individuals in accordance with data processing conditions and purposes stated under Purpose of Processing Personal Data and purposes specified under article 8 and 9 of the Law.
3. Method and Legal Basis For Collecting Your Personal Data
Our legal basis for processing your personal data are:
- article 5/2 (f) of the Law; processing of your personal data is necessary for the legitimate interests pursued by the ADV, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.
- article 5/2 (ç) of the Law; processing of your personal data is necessary for the It is necessary for compliance with a legal obligation to which the ADV is subject.
4. Application to the Data Controller and Your Rights
As per the Article 11 of the Law and Articles 12 through 23 of GDPR, you are entitled to a) learn whether your personal data are being processed, b) if they are, request information, c) obtain information on the purpose of processing and find out whether personal data has been used as fit for the purpose d) obtain information about the third persons in Turkey and abroad, to whom personal data are transferred, e) request rectification of personal data that may have been incompletely or inaccurately processed, f) request the deletion or destruction of personal data as per the Article 7 of the Law and the Article 17 of GDPR g) request notification of the operations made as per indents (e) and (f) to third parties to whom personal data have been transferred, h) object to occurrence of any detrimental result by means of analysis of personal data exclusively through automated systems and i) request compensation for the damages due to unlawful processing of personal data.
You can send your requests to ADV according to Comminuque on the Principles and Procedures for the Request to Data Controller. Please fill out the Application Form provided on our website with your information and application requests and submit it to the address “Burhaniye Mah. Kısıklı Cad. No:65/1 Üsküdar/İstanbul” via registered letter or to the [email protected] e-mail address.
Our Foundation fulfills your requests as soon as possible and within thirty days at the latest and once for free of charge. However, requester may be charged for following requests or for the initial request if the action taken on the request requires additional cost. Our Foundation can accept and process the request or reject the request in writing by explaining its reason.
You are entitled to file a complaint to the Turkish Board of Personal Data Protection (“Board”) within thirty days as of the notification of the reply and in all cases within sixty days if the application is rejected after carrying out the procedure mentioned above, the reply is deemed to be insufficient or the requests are not responded in a timely manner. However, the complaint cannot be filed without exhausting this application process.
The Board may conduct the necessary inspections within its field of duty upon receiving a complaint or ex officio upon detecting a breach. The complaint shall be examined by the Board and answers shall be provided to those concerned. If no replies are given within sixty days as of the date of the complaint, the request shall be deemed to be rejected. If, as a result of inspections upon receiving a complaint or ex officio investigation, a breach is detected, the Board shall rule the identified contraventions of law to be eliminated by the data controller, and shall notify those concerned accordingly. This decision shall be fulfilled without delay but no later than within thirty days as of the notification of the decision. The Board is authorized to halt data processing or international transfer of data if damages that are hard or impossible to compensate occur and if there is an explicit infringement of the law.
We would like to emphasize that your data is meticulously protected by our Foundation and thank you for the trust that you place in us.