Terms & Conditions
info@diyarkablo.com.tr 905331511698
English العربية Türkçe

Terms & Conditions

Terms & Conditions

Personal Data Processing and Protection Policy

1. Introduction

1.1 Purpose of the Policy

Within the scope of the Law No. 6698 on the Protection of Personal Data (hereinafter referred to as the “Law”), Diyar Kablo Elekt. İnş. Nak. San. ve Tic. Ltd. Şti. (hereinafter referred to as the “Company”) attaches utmost importance to the lawful processing and protection of personal data. This priority is observed in all planning and business activities carried out by the Company.

Accordingly, pursuant to Article 10 of the Law, this Personal Data Processing and Protection Policy (hereinafter referred to as the “Policy”) has been prepared in order to inform you and to set forth the administrative and technical measures adopted for the processing and protection of personal data.

1.2 Scope

This Policy determines the conditions for processing personal data and outlines the principles adopted by the Company in this regard. It covers all personal data processing activities carried out by the Company within the scope of the Law, all processed personal data, and all data subjects.

1.3 Definitions

  • Explicit Consent: Consent that is informed, specific, and freely given.
  • Anonymization: Rendering data permanently non-identifiable with a natural person, even when matched with other data.
  • Job Applicant: Natural persons who apply for employment with the Company.
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Subject: The natural person whose personal data is processed.
  • Processing of Personal Data: Any operation performed on personal data, such as collection, recording, storage, preservation, alteration, disclosure, transfer, acquisition, classification, or prevention of use.
  • Special Categories of Personal Data: Data relating to race, ethnicity, political opinion, religion, health, sexual life, criminal convictions, biometric and genetic data, etc.
  • Data Processor: A natural or legal person who processes personal data on behalf of the data controller.
  • Data Controller: The entity determining the purposes and means of processing personal data.

1.4 Entry into Force

This Policy entered into force on 01/01/2022 and has been made available to the public. In case of conflict between this Policy and applicable legislation, the provisions of the legislation shall prevail. The Company reserves the right to amend this Policy in line with legal developments.

2. Personal Data Processing Activities

2.1 Data Subjects

Data subjects covered by this Policy include customers, potential customers, job applicants, visitors, online visitors, business partners, and other third parties whose personal data is processed by the Company (excluding Company employees).

2.2 Purposes of Processing Personal Data

  • Execution of product and service sales processes
  • After-sales support activities
  • Customer relationship management
  • Human resources processes
  • Performance evaluation and recruitment processes
  • Commercial activity planning and execution
  • Marketing and promotional activities
  • Supply chain and logistics management
  • Financial and accounting processes
  • Legal compliance and risk management
  • Ensuring physical and operational security

2.3 Personal Data Categories

  • Identity information
  • Contact information
  • Location data
  • Customer and transaction data
  • Physical security data (CCTV recordings)
  • Financial information
  • Job applicant information
  • Legal compliance data
  • Marketing data
  • Special categories of personal data

3. Principles and Legal Grounds for Processing

3.1 Principles

The Company processes personal data in accordance with Article 4 of the Law:

  • Lawfully and in good faith
  • Accurately and up to date
  • For specified, explicit, and legitimate purposes
  • Relevant, limited, and proportionate
  • Retained only for the period required by law or purpose

3.2 Legal Grounds

Personal data is processed based on at least one of the following legal grounds under Article 5 of the Law:

  • Explicit consent of the data subject
  • Expressly provided for by law
  • Protection of life or physical integrity where consent cannot be obtained
  • Necessity for the establishment or performance of a contract
  • Fulfillment of legal obligations
  • Data made public by the data subject
  • Necessity for the establishment, exercise, or protection of a right
  • Legitimate interests of the Company, provided fundamental rights are not harmed

3.3 Special Categories of Personal Data

Special categories of personal data are processed in strict compliance with the Law, subject to adequate safeguards determined by the Personal Data Protection Board.

4. Transfer of Personal Data

Personal data may be transferred domestically or internationally in accordance with Articles 8 and 9 of the Law, provided that necessary security measures are taken.

Data may be transferred to:

  • Business partners
  • Shareholders
  • Company executives
  • Authorized public institutions
  • Legally authorized private entities

5. Rights of the Data Subject

Under Article 11 of the Law, data subjects have the right to:

  • Learn whether personal data is processed
  • Request information if processed
  • Learn the purpose of processing
  • Know third parties to whom data is transferred
  • Request correction of inaccurate data
  • Request deletion or destruction
  • Object to automated decision-making
  • Request compensation for damages

6. Retention and Destruction of Personal Data

Personal data is retained for the duration required by applicable legislation or the purpose of processing. Upon expiration, data is deleted, destroyed, or anonymized in accordance with the Company’s Retention and Destruction Policy.

7. Data Security Measures

The Company takes administrative and technical measures including:

  • Access authorization procedures
  • Regular security audits
  • Employee training and awareness programs
  • IT security infrastructure
  • Emergency response planning

8. Application Procedure

Data subjects may submit their requests in writing with a wet signature to the Company’s registered address, via notary, or by secure electronic signature/mobil signature to the Company’s registered KEP address.

Applications are evaluated and concluded within thirty (30) days free of charge, unless additional cost is required as per the relevant Communiqué.

9. Right to Lodge a Complaint

In case the application is rejected, not responded to within due time, or the response is found insufficient, the data subject has the right to lodge a complaint with the Personal Data Protection Board within thirty (30) days from the date of learning the response and in any case within sixty (60) days from the application date.