PERSONAL DATA PROTECTION POLICY
The Company takes its responsibilities with regard to the management of the requirements of the Personal Data Protection Law (PDP Law) very seriously. This policy sets out how the Company manages those responsibilities. Our Company is fully committed to protecting the rights and privacy of individuals with regard to data obtained or to be obtained due to its activity. In this regard, the Company has prepared this policy for the purpose of determining the principles and measures to be applied and taken regarding the processing, protection, storage, deletion and notification of data owners, and carries out its activities related to personal data within the scope of either the PDP Policy or Law No. 6698 on the Protection of Personal Data.
WHAT IS PERSONAL DATA?
Personal data refers to all information relating to an identified or identifiable living person.
THE PURPOSE OF PROCESSING PERSONAL DATA, TRANSFERING, METHOD OF COLLECTION AND CAUSE OF ACTION
The Company processes personal data for the following purposes;
- To provide information related to exhibitions;
- To ensure establishing effective communication between participants and visitors;
- To fulfil the obligations arising from the Law and protecting the Company’s legal rights;
- To perform contractual negotiations, and the execution and performance of contracts, tracking contract processes, and termination of the contracts;
- To provide better services to its customers and to determine projects and services suitable for customers;
- To develop products and services;
- To manage, conduct and review the Company’s activities;
- To offer products and services according to customer preferences;
- To follow up on customer feedback, fulfil requests, address complaints and measure customer satisfaction;
- To better procure supplies and services when needed by the Company;
- To introduce and announce Company activities, sales performance and marketing activities;
- To plan, recruit, manage and review the Company’s human resources within the scope of their personal rights;
- To ensure the necessary coordination and cooperation among Group companies and suppliers within the Company;
- To protect the Company’s contractual and legal rights.
Personal data processing refers to any operation performed upon personal data, including collection, recording, storage, retention, alteration, re-organization, disclosure, transferring, taking over, making retrievable, classifying, or preventing the use thereof, fully or partially through automatic means, or provided that the process is a part of any data registry system, through non-automatic means.
Our Company processes personal data for its own activity as a rule. In this regard, the Company may transfer data owners’ personal data and personal data of a special nature to third parties (Group Companies, business partners, shareholders, subsidiaries, insurance companies, suppliers, public institutions and/or organizations and third parties for the same purposes) by taking necessary security precautions in accordance with the personal data processing purposes in compliance with laws.
In case it is stipulated in the relevant legislation, the Company retains personal data for the period specified in this legislation. If a specific retention period is not regulated by the legislation, personal data is processed as long as required in accordance with our Company’s practices and commercial practices, depending on the activity being performed during the period in which the data is being processed. In the case that a data owner requests the deletion or anonymisation of their personal data, such a request will be fulfilled by our Company at the end of the period specified by the legal regulations; however and in the meantime, personal data will not be processed or shared with third parties, except due to obligations arising from national and international law, regulations and conventions.
In addition, personal data may be shared with our shareholders to help determine the strategies regarding our Company's activities and performing inspection activities.
The Company may transfer personal data abroad, provided that sufficient protection is provided and that the relevant data controllers in Turkey and abroad can guarantee sufficient protection in writing; and that the Board has authorized such transfer, where sufficient protection is not provided.
RIGHTS OF THE DATA OWNER
The data owner has the right to be informed regarding the collection of personal data. This policy is prepared to inform the data owner.
In addition, the data owner has the right to
- learn whether their personal data are processed or not;
- request information if personal data is processed;
- learn the purpose of the data processing and whether this data is used for the intended purposes;
- know the third parties to whom the personal data is transferred in Turkey or abroad;
- request the rectification of incomplete or inaccurate data, if applicable;
- demand the deletion of personal data if conditions required to process personal data are eliminated;
- demand notification of operations performed regarding the rectification and deletion of personal data by third parties;
- to object to automatic processing of personal data that leads to a harmful result for the data owner;
- to request compensation for damage arising from the unlawful processing of personal data.
The data owner may submit requests to the following mailing address, telephone number or e-mail address, along with official proof of their identity;
Title : İFO İstanbul Fuar Hizmetleri A.Ş.
Address : Esentepe Mah. Büyükdere Cad. No: 124, Özsezen İş Merkezi B Blok Kat: 6 Şişli / İstanbul
E-mail : firstname.lastname@example.org
Tel : +90 (212) 275 75 79
Such requests are fulfilled by the Company within a maximum of 30 (thirty) days and the necessary information is released to the data subject at no cost. However, if the operation does incur a cost, a fee may be charged according to the tariff determined by the Board.