Dısposal Polıcy

CONTENT

1. INTRODUCTION
2. OBJECTIVE
3. SCOPE
4. PROCESSING OF PERSONAL DATA OBTAINED/TO BE OBTAINED (MANUFACTURER-SUPPLIER-SUBCONTRACTOR-CUSTOMER) WITHIN THE SCOPE OF EMPLOYEE CANDIDATE, EMPLOYEE AND COMMERCIAL ACTIVITY
   • 4.1. Documents to be Requested from Employee Candidate and Employee
   • 4.2. Purpose of Processing Employee Candidate’s Personal Data
   • 4.3. Employee Candidate’s Special Personal Data
   • 4.4. Places Where Employee Candidate’s Personal Data Can Be Transferred
   • 4.5. Purpose of Processing Employee’s Personal Data
   • 4.6. Places Where Employee’s Personal Data Can Be Transferred
   • 4.7. Purpose of Processing Customer, Supplier, and Visitor’s Personal Data
   • 4.8. Customer, Supplier and Visitor’s Special Personal Data
   • 4.9. Places Where Customer, Supplier and Visitor’s Personal Data Can Be Transferred
   • 4.10. Processing of Personal Data Related to Internet Use
   • 4.11. Processing of Personal Data Related to Security Camera Application
5. PERSONAL DATA RETENTION AND DESTRUCTION PERIODS
   • 5.1. Personal Data Recording Media
   • 5.2. Personal Data Retention Periods
   • 5.3. Destruction of Personal Data
6. SECURITY OF PERSONAL DATA AND MEASURES
   • 6.1. Technical and Administrative Measures for Processing, Protecting and Storing Personal Data
7. DESTRUCTION OF PERSONAL DATA
8. RIGHTS OF THE PERSONAL DATA OWNERS
9. ENFORCEMENT AND UPDATABLE
10. DEFINITIONS

1. INTRODUCTION

In accordance with the Personal Data Protection Law (No. 6698), effective March 24, 2016, the protection of personal data is crucial to ensuring the privacy of individuals and safeguarding their fundamental rights and freedoms. As the Data Controller in terms of personal data processing at O-Blades, this policy outlines the procedures and practices for processing, storing, and securely destroying personal data related to applicants, employees, visitors, suppliers, subcontractors, and other stakeholders.

2. OBJECTIVE

This policy aims to establish and clarify the procedures related to the processing, protection, and destruction of personal data held by O-Blades in line with the Personal Data Protection Law.

3. SCOPE

This Policy applies to all personal data processed either automatically or manually as part of a data recording system, concerning employees, applicants, visitors, suppliers, subcontractors, and other real persons related to O-Blades.

4. PROCESSING OF PERSONAL DATA OBTAINED/TO BE OBTAINED FROM EMPLOYEES, APPLICANTS, AND COMMERCIAL ACTIVITIES

4.1. Documents to be Requested from Employees and Applicants:

• Identification Data: Name, surname, Turkish ID number, date of birth, country, and city of birth, gender, marital status, nationality.
• Contact Data: Phone number, home address, email address.
• Sensitive Personal Data: Disability status, blood type, criminal record, health status, fingerprint and retina scans, etc.
• Education Data: Education level, school information, foreign language skills, certificates, computer skills.
• Work Experience Data: Previous job titles, companies worked for, salary expectations, military status, etc.

4.2. Purpose of Processing Employee Candidate’s Personal Data

The personal data of job applicants is processed to evaluate candidates for employment, verify references, and store resumes for potential future employment.

4.3. Special Personal Data of Employees and Prospective Employees

Sensitive personal data such as race, ethnicity, political opinions, religion, and health status are handled with extra care, following strict legal guidelines.

4.4. Places Where Employee Candidate Personal Data Can Be Transferred

Personal data may be shared with the human resources department, references, and external entities for the purpose of recruitment.

4.5. Purpose of Processing Employee’s Personal Data

For managing employment contracts, payroll, health services, occupational safety, training, and other HR-related processes.

4.6. Transfer of Employee Personal Data

Employee data may be transferred to public institutions, banks, auditors, and commercial partners, complying with legal obligations.

4.7. Purpose of Processing Customer, Supplier, and Visitor Personal Data

Personal data from customers, suppliers, and visitors is processed for business purposes such as sales, after-sales services, customer support, legal obligations, and promotional activities.

4.8. Special Category Personal Data of Customers, Suppliers, and Visitors

Special category data such as health or criminal records will be processed only when required by law or with explicit consent.

4.9. Transfer of Personal Data of Customers, Suppliers, and Visitors

Personal data may be transferred to third parties in compliance with legal requirements or business needs.

4.10. Processing of Personal Data Related to Internet Usage

Log records related to internet access are maintained to ensure network security and prevent unauthorized access to sensitive information.

4.11. Processing of Personal Data Regarding Security Cameras, Retina Scanning, and Fingerprint Applications

Security camera footage and biometric data are processed for workplace security purposes and in accordance with legal standards.

5. PERSONAL DATA RETENTION AND DESTRUCTION PERIODS

5.1. Personal Data Recording Media

Personal data is stored electronically (servers, databases, and software) and physically (paper, printed documents, cards).

5.2. Personal Data Retention Periods

Personal data is retained in line with applicable laws such as the Personal Data Protection Law, Labor Law, and others for the legally required duration.

5.3. Destruction of Personal Data

When the retention period expires or the data is no longer needed for processing, personal data will be securely deleted or anonymized.

6. SECURITY OF PERSONAL DATA AND MEASURES

6.1. Technical and Administrative Measures for Processing, Protecting, and Storing Personal Data

We implement measures such as access controls, virus protection, data encryption, and regular audits to safeguard personal data.

7. DESTRUCTION OF PERSONAL DATA

When personal data is no longer required for its intended purpose, it will be securely destroyed by appropriate means, such as shredding physical documents or deleting electronic data.

8. RIGHTS OF THE PERSONAL DATA OWNERS

Under the Personal Data Protection Law, data owners have the right to access, correct, delete, or request the anonymization of their personal data.

9. ENFORCEMENT AND UPDATABILITY

This policy may be updated as necessary to ensure compliance with changes in laws and regulations. Updates will be communicated via the company website.

10. DEFINITIONS

• Personal Data: Any information related to an identified or identifiable individual.
• Data Subject: The individual to whom the personal data pertains.
• Processing of Personal Data: Any operation performed on personal data, such as collection, storage, and transfer.
• Special Category Personal Data: Data revealing sensitive information, including health, racial or ethnic origin, and others.

Data Controller: O-Blades, as the entity responsible for processing personal data.