As www.foxhr.com.tr (hereinafter referred to as the "Website"), FKS İnsan Kaynakları Anonim Şirketi (hereinafter referred to as the "Company"), we attach great importance to the security and privacy of your personal data and try to take the highest possible security measures to process and preserve your personal data. We process your personal data within the scope of the Law No. 6698 on the Protection of Personal Data (the “Law”) and the relevant legislation, and in the scope described below as our “data controller”.
The Clarification and Explicit Consent Text on the Personal Data Protection and Processing Policy has been prepared with the purpose of informing you in the most transparent way about the identity of the data controller, the method and legal reason for the collection of your personal data, the reason for processing this data, to whom and for what purpose it can be transferred, the data processing period, and your rights listed in Article 11 of the Law as per Article 10 “Clarification Obligation of the Data Controller” of the Law. The explanations made for your "Personal Data" in the Clarification Text, contain your "Sensitive Personal Data" as well.
ARTICLE 1: DATA CONTROLLER
Your personal data may be processed by the Website as data controller within the scope described below. The concept of data controller comes to mean the natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
ARTICLE 2: PURPOSE OF PROCESSING PERSONAL DATA
Personal data is processed by us for the following purposes within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law:
- Providing and changing the services provided on the website,
- Carrying on processes of human resources,
- Providing corporate communication,
- Providing Website security,
- Customizing the offered products and services in accordance with the demands; updating, developing due to customer needs, legal and technical developments,
-
- Making user definitions for the systems specific to the products and services offered,
- Announcing new or existing products, services and campaigns, executing sales and marketing activities,
- Conducting market research,
-
- Performing statistical studies and analyzing its usage,
- Fulfilling the obligation to inform arising from the Law No. 6563 on the Regulation of Electronic Commerce and other relevant legislation,
- Transmitting the advertisements of the company's website and products and services suitable for the purpose of processing the data to the Related Person, providing information about the products, services, promotions and campaigns,
- Providing solutions to the problems encountered during the use of the Website,
- Providing contact/communication,
- Execution of commercial relations with cooperating companies, suppliers, resellers and service providers,
- Reporting within the scope of cooperation,
- Developing the company's commercial strategies and making plans,
- Contacting the company for satisfaction measurement surveys,
- Management of judicial/administrative processes, responding to requests from public institutions,
- Fulfillment of legal obligations depending on legal regulations, resolving legal disputes,
- Managing investor relations,
- Providing the results arising from this legal transaction in case the company is merged with another company, split, transferred in whole or in part,
- Introducing Company employees, Real Person Customers and Relevant Persons on social media,
- Conducting job interviews, evaluating job applications,
- Establishment, execution and termination of the business relationship/work agreement,
- Performing work and transactions in consequence of signed contracts and protocols,
- Ensuring the fulfillment of legal obligations as required or mandated by legal regulations,
- Contacting real / legal persons that have a business relationship with the Website,
- Making legal reports,
- Fulfilling the burden of proof as evidence in legal disputes that may arise in the future,
- Ensuring the security of the Company’s Website and Applications,
- Usage analysis of the Website,
- Making personal data inventory,
- Evaluating and responding to all questions, requests, suggestions, complaints and applications submitted in writing, verbally or electronically, including those related to personal data,
- The performance of the contract is transferred to systems located in other countries, particularly in the European Union countries in the country or abroad, for data security, compliance with our company's policies and other purposes mentioned above.
ARTICLE 3: PERSONAL DATA COLLECTION METHODS AND LEGAL REASONS
3.1. Your personal data; It is obtained by automatic or non-automatic methods, filling out contact forms on the website in electronic environment, cookies, information and request forms in mobile applications and social media, applications downloaded to smartphones, sending e-mail messages and visiting the website, or in physical environments. These are for the fulfillment of the purposes set out in article 2 of this policy.
Your personal data can be processed and transferred within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law, and the legal reasons for the collection and processing of personal data are as follows:
-
· Storing personal data as it is directly related to the establishment and performance of contracts,
-
·Storing personal data for the purpose of establishing, using or protecting a right,
-
· Requiring to keep personal data for the legitimate interests of the Website on condition that it does not harm the fundamental rights and freedoms of individuals,
-
· Storing personal data with the aim of fulfilling any legal obligations of the Website,
-
· Stipulating the storage of personal data in the legislation clearly,
-
· Having explicit consent of data owners with regard to storage activities that require the explicit consent of data owners,
-
· Being publicized by the data owners themselves,
-
· The data owner, who is unable to express his consent due to actual impossibility or whose consent is not legally valid, is mandatory for the protection of life or bodily integrity of himself or someone else.
ARTICLE 4: PARTIES AND PURPOSE OF TRANSFERRING PERSONAL DATA
Your personal data may be shared with the following persons within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law:
-
• For the purpose of planning and executing the activities necessary for recommending and promoting the products and services offered by the Website to the relevant persons by customizing them according to the tastes, usage habits and needs of the persons concerned,
-
•Carrying out the necessary work by the business units and executing the relevant business processes in order to benefit the related persons from the products and services offered by the Website,
-
• Carrying out the necessary work by the relevant business units for the realization of the commercial activities carried out by the Website and to carry out the related business processes,
-
• Planning and execution of the commercial and/or business strategies of the Web Site and ensuring the legal, technical and commercial-work security of the Web Site and the relevant persons, companies, commercial enterprises and organizations that have a business relationship with the Web Site, Personal data may be shared with the business partners of the Website, Company employees, related companies, commercial enterprises, organizations and suppliers with which it has business relations,
-
• Legally authorized institutions and organizations and legally authorized private law legal entities.
-
In this context, you give express consent to the transfer of your personal data to the parties mentioned above for the above-mentioned purposes.
ARTICLE 5: TRANSFER OF PERSONAL DATA TO THIRD PARTIES
5.1. We may share your personal data with the specified persons, without prejudice to the rights in the Law: Other related companies, commercial enterprises, organizations and suppliers with which the Company has a business relationship within the scope of commercial activities on the Company Website, their employees, shareholders and officers, legal, financial and tax advisors, auditors, primarily cloud companies abroad, IBM Softlayer Data Center, Amazon Web Services, Inc. (AWS), consultants and contracted organizations with which it cooperates, educational institutions, in order to carry out data processing activities, the advertising and marketing agencies that the Company works with, and real or legal persons in order to present advertisements that may be of interest to the Related Person by anonymization. You give express consent to the Company regarding this sharing.
5.2. Your personal data processed based on the legal reasons specified in paragraph 2 of Article 5 of the Law, because the sales and marketing activities of the Company's products and services are carried out or can be carried out through online software systems whose databases are abroad, in line with the conditions of transfer abroad in paragraph 2 of Article 9 of the Law, it can be transferred to those listed without obtaining the explicit consent of the person concerned:
-
· to foreign countries declared to have adequate protection by the Personal Data Protection Board,
-
· provided that it is limited to the foreign country and/or countries where the data controllers in Turkey and the relevant foreign country undertake an adequate protection in writing and where the permission of the Personal Data Protection Board is available for the relevant transfer.
-
The transfer of your personal data processed within the scope of the above-mentioned purposes abroad will be carried out by our Company with due care and by taking all necessary security measures, in accordance with the decisions taken by the Personal Data Protection Authority and the relevant regulations, in particular the Law and other relevant legislation.
ARTICLE 6: DATA SECURITY OF NETWORK SERVER
When you log in to the Company Website, your web browser is technically set to automatically transmit the following data (“data log”) to our internet server, after which we will record the following information in the data log records even without your consent.
-
• Entry date
-
• Entry time
-
• URL of the application website
-
• Received files
-
• Amount of data transmitted
-
• Scanner type and version
-
• Operating system
-
• IP address
-
• The domain name of your internet access provider
These are the information required for technical purposes so that the content requested by you can be delivered correctly. The collection of this data is an inevitable aspect of the use of websites. Therefore, you give express consent to the above-mentioned information being recorded in the Data log.
7.1. We use help of "cookies" just like many other websites. Cookies are small pieces of text sent to your hard drive by a website you visit. With this way, we automatically acquire certain data such as the IP address, the browser used, the operating system on your computer and your internet connection. The corresponding technical communication file facilitates the use of the Internet by storing the status and preferences about the site. The technical communication file is not designed to retrieve data or any other personal information from the main memory or your e-mail. In addition, cookies cannot be used to run programs or send viruses to your computer.
7.2. The reason we use cookies and similar technologies is to get to know you on different Services, to have information about your interests on and outside of our Services, to improve your experience and security, to measure the use and effectiveness of our Services, to provide statistical information about how many people visit the site for what purpose and how long they stay on the site, and to help dynamically generate advertisements and content from specially designed user pages for users. We can analyze your visiting on the Company Website and transactions in your membership account through cookies in order to offer you different discounts and campaigns, to make advertisements and promotions, to personalize the Company Website for you, and to provide a personalized www.foxhr.com.tr experience. We can also jointly analyze your personal data collected on the Company Website or third site and mobile applications through various methods.
7.3.Internet browsers are always set up to accept cookies. You can control cookies and stop their use at any time through browser settings and other tools.
Please use your browser's help function to learn how to change these settings. Please note that certain features of our website may not work if you stop the use of cookies.
ARTICLE 8: RESPONSE TO SECURITY VIOLATIONS
Even though you do all you can do, no method of transmission and no method of electronic storage is fully secure on the Internet. For this reason, you give express consent that the Company is not responsible for a security violation. However, if the Company becomes aware of a security violation, we will alert affected users so they can take appropriate protective action. Our violation reporting procedures are consistent with our obligations under regulatory regulations and any industry rules or standards we comply with. Notification procedures include providing e-mail notifications or posting notices if a violation occurs on our website.
ARTICLE 9: RESPONSIBILITY OF PERSONAL DATA SHAREERS
It depends on you to keep your account secure by using highly complex passwords and storing them securely also. You should make sure that the computer, tablet or phone on which you use the company service has sufficient security. By extension, you give express consent that the Company is not responsible for illegal access to your personal data and unlawful processing, transfer and theft of your personal data due to your failure to ensure the security of your personal data.
ARTICLE 10: PERSONAL DATA STORAGE PERIOD
The Company deletes, destroys, overwrites or anonymizes personal data when the purpose of processing personal data ceases to exist and the mandatory storage periods determined under the Laws and other relevant legislation expire.
ARTICLE 11: CHANGES AND UPDATES
This Clarification and Explicit Consent Approval Text on the Protection and Processing of Personal Data has been prepared within the scope of the Law No. 6698 on the Protection of Personal Data and other relevant legislation. Necessary changes can be made in the aforementioned disclosure text in line with the relevant legal legislation and/or changes in the Company's personal data processing purposes and policies.
ARTICLE 12: RIGHTS OF THE RELATED PERSON
12.1. The natural person whose personal data is processed is defined as the data subject. Without prejudice to the cases stipulated in Article 28 of the Law titled "Exceptions", Data subject has the following rights regarding himself within the scope of Article 11:
-
· Learning whether personal data is processed or not,
-
· Requesting relevant information if personal data is processed,
-
· Learning the purpose of processing your personal data and whether they are used in accordance with the purpose,
-
· Learning the third parties at home and abroad of which your personal data is shared with,
-
· Requesting the correction of your personal data processing when it is processed wrong and incomplete,
-
· Requesting the deletion or destruction of personal data,
-
· Requesting notification of the transactions made pursuant to clauses (e) and (f) to third parties to whom personal data has been transferred,
-
· Objecting to the emergence of a result against the person self by analyzing the processed data exclusively through automated systems,
-
· Requesting the rectification of the damage in the event that you suffer damages due to the unlawful processing of your personal data,
-
12.2. In accordance with the Article 11 of the Law and paragraph 1 of Article 13 and the Communique on the Principles and Procedures for the Request to Data Controller;
-
• In order to determine your identity and not to inform the wrong people, in writing, through a notary public or by registered letter with return receipt to the address of “Palladium Tower No:2/114 Kat:32 Ataşehir/İSTANBUL”,
-
• (if any), by using the e-mail address previously notified to our Company and registered in our systems, via a notary public or by registered letter with return receipt.
-
12.3. Required information in the application;
-
a) Name, surname and signature if the application is written,
-
b) TR identity number for citizens of the Republic of Turkey, nationality, passport number or identity number, if any, for foreigners,
-
c) Residential address or workplace address for notification,
-
ç) If available, the e-mail address, telephone and fax number for notification,
-
d) Subject of the request,
-
e) Information and documents related to the subject.
-
12.4. In written applications, the date on which the documents are served to the Company or its representative is the application date. In applications made by other methods; The date on which the application reaches the Company is the application date.
