Privacy Policy

1. PURPOSE

As Turkish Journal TR | USA; it is our priority to process the personal data of real persons, including our members, visitors, suppliers and employees, in accordance with the Constitution of the Republic of Turkey and international conventions on human rights to which our country is a party and the relevant legislation, especially the Law No. 6698 on the Protection of Personal Data (“KVKK”), and to ensure that the rights of the data subjects are used effectively.

For this reason, including but not limited to those listed; we carry out transactions regarding the processing, storage and transfer of data related to our employees, suppliers, customers, visitors, members, users who visit our website and mobile applications, in short, all personal data we obtain during our activities in accordance with the Turkish Journal TR | USA NewsProtection and Processing of Personal Data Policy (“Policy”).

The protection of personal data and the observance of the fundamental rights and freedoms of natural persons whose personal data are collected is the basic principle of our policy regarding the processing of personal data. For this reason, we carry out all our activities where personal data is processed by observing the protection of privacy, confidentiality of communication, freedom of thought and belief, and the right to effective remedies.

For the protection of personal data, we take all administrative and technical protection measures required by the nature of the relevant data in accordance with the legislation and current technology.

This Policy explains the methods we follow for the processing, storage, transfer, deletion and deletion or anonymization of personal data shared during our commercial or social responsibility and similar activities within the framework of the principles mentioned in the KVKK.

2. SCOPE

All personal data processed by the Company, including our visitors, business contacts, business partners, employees, suppliers, members, third parties are covered by this Policy.

Our policy is applied in all activities for the processing of personal data owned or managed by the Company and has been handled and prepared by considering the KVKK and other relevant legislation on personal data and international standards in this field.

3. definitions and abbreviations

In this section, special terms and phrases, concepts, abbreviations, etc. used in the Policy are defined. briefly explained.

  • Turkish Journal Turkish Journal | turkishjournal.com
  • Turkish Journal or the Company: Turkish Journal and its subsidiaries, affiliates and associates.
  • Explicit Consent: Consent given on a specific subject, based on information and free will, in a clear manner that leaves no room for hesitation, limited only to that transaction.
  • Anonymization: Making personal data impossible to be associated with an identified or identifiable natural person under any circumstances, even by matching with other data.
  • Employee Company Personnel.
  • Personal Data Owner (Data Subject): The natural person whose personal data is processed.
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Sensitive Personal Data: Data relating to race, ethnic origin, political opinion, philosophical belief, religion, sect, or other beliefs, appearance and dress, membership of associations, foundations or trade unions, health, sexual life, criminal convictions, and security measures, and biometric and genetic data.
  • Processing of Personal Data: Any operation performed on personal data such as obtaining, recording, storing, storing, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data by fully or partially automatic means or by non-automatic means provided that it is part of any data recording system.
  • Data Processor: A natural or legal person who processes personal data on behalf of the data controller based on the authorization granted by the data controller.
  • Data Controller: The natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
  • KVK Board: Personal Data Protection Board.
  • KVK Institution: Personal Data Protection Authority.
  • KVKK: Law on the Protection of Personal Data published in the Official Gazette dated April 7, 2016 and numbered 29677.
  • Policy Turkish Journal Data Protection and Processing Policy.

4. LEGAL OBLIGATIONS

Legal obligations within the scope of protection and processing of personal data as a data controller in accordance with KVKK are listed below:

4.1. Our obligation to inform

When collecting personal data as a data controller;

  • The purpose for which your personal data will be processed,
  • Information about our identity and, if applicable, the identity of our representative,
  • To whom and for what purpose your processed personal data may be transferred,
  • Our method of collecting data and legal grounds,
  • Rights under the law,

We have an obligation to inform the Relevant Person on the issues.

As the Company, we take care to ensure that this Policy, which is open to the public, is clear, understandable and easily accessible.

4.2. Our obligation to ensure data security

As the data controller, we take the administrative and technical measures stipulated in the legislation to ensure the security of personal data under our responsibility. Obligations and measures taken regarding data security are set out in this Policy. 8. and 9. are detailed in chapters 9.

5. CLASSIFICATION OF PERSONAL DATA

5.1. Personal data

Personal data is any information relating to an identified or identifiable natural person.

The protection of personal data relates only to natural persons and information of legal entities that does not contain information about natural persons is excluded from personal data protection. Therefore, this Policy does not apply to the data of legal entities.

5.2. Sensitive personal data

Personal data relating to race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership of associations, foundations or trade unions, health, sexual life, criminal convictions, and security measures, and biometric and genetic data are sensitive personal data.

6. PROCESSING OF PERSONAL DATA

6.1. Our principles for processing personal data

We process personal data in accordance with the following principles.

6.1.1. Processing in accordance with the law and good faith

We process personal data in accordance with the rules of honesty, transparency and within the framework of our obligation to inform.

6.1.2. Ensuring that personal data is accurate and, where necessary, up to date

We take the necessary measures in our data processing procedures to ensure that the processed data is accurate and up-to-date. We also offer the Personal Data Owner the opportunity to apply to us to update his/her data and to correct errors in the processed data, if any.

6.1.3. Processing for specific, explicit and legitimate purposes

As the Company, we process personal data within the scope of our legitimate purposes, the scope and content of which are clearly defined and determined to maintain our activities within the framework of the legislation and the ordinary flow of commercial life.

6.1.4. Personal data are relevant, limited and proportionate to the purpose for which they are processed

We process personal data in connection with the purpose we have clearly and precisely determined, in a limited and measured manner.

We refrain from processing personal data that is not relevant or not needed. For this reason, we do not process personal data of a special nature unless there is a legal requirement or we obtain explicit consent on the subject when we need to process it.

6.1.5. Retention of personal data as stipulated by legal regulations and for the duration of our legitimate commercial interests

Many regulations in the legislation require personal data to be kept for a certain period of time. For this reason, we store the personal data we process for the period stipulated in the relevant legislation or required for the purposes of processing personal data.

We delete, destroy or anonymize personal data in the event that the retention period stipulated in the legislation expires or the purpose of processing disappears. Our principles and procedures regarding retention periods are set out in Section 8.1 of this Policy. is elaborated in the article.

6.2. Our purposes for processing personal data

As Turkish Journal, we process personal data for the purposes listed below:

  • Conducting our activities,
  • Providing support services within the scope of the contract and within the framework of service standards,
  • To determine the preferences and needs of our members/visitors and to shape and update the services we provide in this context,
  • To ensure that we fulfill our legal obligations as required or mandated by legal regulations,
  • To be able to conduct market research and statistical studies,
  • Surveys, contests, promotions/ channel development and sponsorships,
  • Evaluating job applications,
  • To liaise with persons who have a business relationship with the Company,
  • Marketing,
  • Compliance management,
  • Vendor / supplier management,
  • Legal reporting,
  • Invoicing,
  • Advertising and promotion of blogs and websites,
  • Providing tailor-made job postings and employment information,
  • Sending newsletters or notifications by e-mail.

6.3. Processing of special categories of personal data

Sensitive personal data are processed by us by taking the administrative and technical measures stipulated in the laws and stipulated by the KVK Board and if there is explicit consent, or in cases where the legislation requires it.

Since personal data of special nature related to health and sexual life can be processed by persons or authorized institutions and organizations under the obligation of confidentiality for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, it is not processed by us except for the data of our employees. Such data belonging to our employees may be processed by persons stipulated by law.

6.4. Processing of personal data collected through cookies

We use cookies to improve the functioning and use of our websites or mobile applications and try to make the time you spend on our digital platforms more efficient and enjoyable. In addition, we use some cookies to remember the preferences you have made on our websites and mobile applications and thus provide you with an improved and personalized experience.

We may collect your personal data through cookies on our digital platforms, process, transfer and store the data we collect.

You can find detailed information about the cookies we use in the “Turkish Journal Privacy Policy”.

6.5. Processing personal data for human resources and employment purposes

We process, store and transfer your personal data contained in your resume, diploma, etc. that you share with us during the applications you make as an employee candidate for the purpose of evaluating your job application. The processing, transfer and storage of the personal data you share as an employee candidate are covered by this Policy.

6.9. Processing of personal data collected within the scope of Turkishjournal.com

Turkishjournal.com Turkishjournal.com is a platform for digital publishing and content.

Within the scope of the services we provide on Turkishjournal.com, our visitors are entitled to access the services provided by us in accordance with Article 6.6 of this Policy. As a member in accordance with the article; they can share comments on the content by selecting their name and surname information or a pseudonym. The information shared by our members/visitors within the scope of the comments made is at their own initiative and the information shared is subject to Section 5.2 of this Policy. All personal data, including if it contains sensitive personal data within the scope of the article, is deemed to have been made public by the member / visitor. The content in question is subject to Section 6.2 of this Policy. It can be processed without the explicit consent of the member / visitor within the scope of our processing purposes in the article.

Within the scope of the content that our visitors or members want to view on Turkishjournal.com, links can be given to the websites of Turkish Journal.

The deletion, destruction or anonymization of personal data within the scope of this platform is subject to Article 8 of this Policy. article of the Constitution.

6.19. Exceptional cases where explicit consent is not required for the processing of personal data

We may process personal data without obtaining explicit consent in the exceptional cases listed below and arising from the law:

  • Explicitly stipulated in the law;
  • It is necessary to process personal data belonging to the parties to the contract, provided that it is directly related to the conclusion or performance of a contract;
  • Data processing is mandatory for the establishment, exercise or protection of a right;
  • Provided that it does not harm fundamental rights and freedoms, it is mandatory for us to process your data for our legitimate interests as the data controller.

The exceptional cases where sensitive personal data may be processed without the explicit consent of the Data Subject are specified in Article 6.3 of this Policy.

7. TRANSFER OF PERSONAL DATA

7.1. Domestic transfer of personal data

As the Company, we act in accordance with the decisions and regulations stipulated in the KVKK and taken by the KVK Board regarding the transfer of personal data.

Without prejudice to the exceptional circumstances set forth in the legislation, personal data and special categories of data shall not be transferred by us to other natural persons or legal entities without the explicit consent of the Data Subject.

In exceptional cases stipulated by the KVKK and other legislation, data may be transferred to the authorized administrative or judicial institution or organization without the explicit consent of the Data Subject in the manner and subject to the limits stipulated in the legislation.

In addition, in exceptional cases stipulated by the legislation;

  • Policy 6.19. in the cases described in Art,
  • Regarding special categories of personal data, Article 6.3 of the Policy. in the cases listed in the article,
  • In addition to taking the measures stipulated by the KVK Board and the relevant legislation, sensitive personal data regarding the health and sexual life of the Data Subject may only be disclosed to persons or authorized institutions and organizations under the obligation of confidentiality for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing,

can be transferred without explicit consent.

7.2. Transfer of personal data abroad

As a rule, personal data is not transferred abroad without the explicit consent of the Data Subject. However, see 6.3 of this Policy. and 6.19. third parties located abroad in cases where one of the exceptional circumstances set out in Art:

  • Being located in countries with adequate protection declared by the KVK Board;
  • In case the data is located in countries where there is no adequate protection, the data controllers in Turkey and in the foreign country in question must undertake an adequate protection in writing and have the permission of the PDP Board;

In such cases, personal data may be transferred abroad without explicit consent.

7.2.1. Transfer of personal data abroad for the provision of our services and marketing activities

We work with service providers abroad for purposes such as developing the website and digital platforms, conducting surveys, increasing the variety of products and services according to the preferences of visitors and members, and measuring user experience. It is recommended to review the relevant policies of the service providers it cooperates with regarding the processing and protection of personal data.

7.3. Institutions and organizations to which personal data are transferred

Personal data;

  • Our suppliers,
  • Our business partners and business contacts,
  • Production companies,
  • Community companies,
  • Legally authorized public institutions and organizations,
  • To legally authorized private law persons,
  • To our shareholders

can be transferred according to the principles and rules described above.

7.4. Measures we take regarding the transfer of personal data in accordance with the law

7.4.1. Technical measures

Including but not limited to those listed to protect personal data;

  • In-house technical organization for the processing and storage of personal data in accordance with the legislation,
  • It creates the technical infrastructure to ensure the security of the databases where your personal data will be stored,
  • It monitors and audits the processes of the technical infrastructure created,
  • It sets out procedures for reporting on the technical measures we have taken and the audit processes,
  • Periodically updating and renewing technical measures,
  • Risky situations are re-examined and necessary technological solutions are produced,
  • We use virus protection systems, firewalls and similar software or hardware security products and install security systems in accordance with technological developments,
  • We employ employees specialized in technical issues.

7.4.2. Administrative measures

To protect your personal data, including but not limited to;

  • It establishes policies and procedures for access to personal data, including company and subsidiary employees within our company,
  • We inform and train our employees on the protection and processing of personal data in accordance with the law,
  • In the contracts we make with our employees and/or in the Policies we have established, the company records the measures to be taken in cases of unlawful processing of personal data by our employees,
  • We supervise the personal data processing activities of data processors or partners of data processors that we work with.

8. STORAGE OF PERSONAL DATA

8.1. Retention of personal data for the period stipulated in the relevant legislation or required for the purpose for which they are processed

We store personal data for the period required by the purpose of processing personal data, without prejudice to the retention periods stipulated in the legislation.

In cases where we process personal data for more than one purpose, the data is deleted, destroyed or anonymized and stored if the purposes of processing the data disappear or if there is no obstacle in the legislation to delete the data upon the request of the Data Subject. The provisions of the legislation and the decisions of the PDP Board are complied with in terms of destruction, deletion or anonymization.

8.2. Measures we take regarding the storage of personal data

8.2.1. Technical measures

  • It establishes technical infrastructures for the erasure, destruction and anonymization of personal data and related control mechanisms,
  • It takes necessary measures for the secure storage of personal data,
  • It employs employees with technical expertise,
  • It creates business continuity and emergency plans against possible risks and develops systems for their implementation,
  • We install security systems in accordance with technological developments regarding the storage areas of personal data.

8.2.2. Administrative measures

  • Raises awareness by informing our employees about the technical and administrative risks related to the storage ofpersonaldata,
  • In case of cooperation with third parties for the storage of personal data, we include provisions in the agreements made with the companies to which personal data is transferred; We include provisions regarding the persons to whom personal data is transferred to take the necessary security measures for the protection and safe storage of the transferred personal data.

9. SECURITY OF PERSONAL DATA

9.1. Our obligations regarding the security of personal data

Personal data;

  • To prevent unlawful processing,
  • Prevent unlawful access,
  • To ensure that it is stored in accordance with the law,

We take administrative and technical measures according to technological possibilities and implementation costs.

9.2. Measures we take to prevent unlawful processing of personal data

  • It carries out the necessary audits within our company and has them carried out,
  • We train and inform our employees about the processing of personal data in accordance with the law,
  • The activities carried out by our company are evaluated in detail for all business units, and as a result of this evaluation, personal data are processed in the commercial activities carried out by the relevant units,
  • In cases where cooperation is made with third parties for the purpose of processing personal data, in the contracts made with the companies processing personal data; it includes provisions regarding the necessary security measures to be taken by the persons processing personal data,
  • In the event of unlawful disclosure of personal data or data leakage, we notify the PDP Board and carry out the investigations and take the measures stipulated by the legislation in this regard.

9.2.1. Technical and administrative measures taken to prevent unlawful access to personal data

To prevent unlawful access to personal data;

  • It employs employees with technical expertise,
  • Periodically updating and renewing technical measures,
  • Access authorization procedures are established within our company,
  • It sets out procedures for reporting on the technical measures we have taken and the audit processes,
  • It creates the data recording systems used within our company in accordance with the legislation and periodically audits them,
  • It creates emergency aid plans against possible risks and develops systems for their implementation,
  • We train and inform our employees on access to personal data and authorization issues,
  • In cases where cooperation is made with third parties for the purpose of activities such as processing and storing personal data, in the contracts made with companies providing access to personal data; It includes provisions regarding the necessary security measures to be taken by the persons providing access to personal data,
  • We establish security systems within technological developments in order to prevent unlawful access to personal data.

9.2.2. Measures we take in case of unlawful disclosure of personal data

We take administrative and technical measures to prevent unlawful disclosure of personal data and update them in accordance with our relevant procedures. If we determine that personal data has been disclosed without authorization, we create systems and infrastructures to notify the Data Subject and the PDP Board.

In the event that an unlawful disclosure occurs despite all administrative and technical measures taken, if deemed necessary by the PDP Board, this situation may be announced on the website of the PDP Board or by another method.

10. RIGHTS OF THE PERSONAL DATA OWNER

Within the scope of our obligation to inform, we inform the Personal Data Owner and establish systems and infrastructures for this information. We make the technical and administrative arrangements necessary for the Personal Data Owner to exercise his/her rights regarding your personal data.

Personal Data Owner on his/her personal data;

  • Learn whether personal data is being processed,
  • Request information if personal data has been processed,
  • To learn the purpose of processing personal data and whether they are used for their intended purpose,
  • To know the third parties to whom personal data are transferred domestically or abroad,
  • To request correction of personal data in case of incomplete or incorrect processing,
  • To request the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear,
  • Request notification of the aforementioned correction, deletion or destruction to third parties to whom personal data are transferred,
  • To object to the occurrence of an unfavorable result by analyzing the processed data exclusively through automated systems,
  • In case of damage due to unlawful processing of personal data, to demand compensation for the damage,

rights.

10.1. Exercise of rights regarding personal data

In case a separate method is determined by the PDP Board, the Personal Data Owner may submit his/her request regarding his/her personal data through this method or 100. Yıl Neighborhood, 2264. Sokak No:1 Bağcılar/ Istanbul in writing and with wet signature.

In the application that the Personal Data Owner will make in order to use the above-mentioned rights and includes explanations regarding the right he / she requests to use; the requested issue must be clear and understandable, the requested subject must be related to the applicant’s person or if acting on behalf of someone else, he / she must be specifically authorized in this regard and this authority must be documented, in addition, the application must contain identity and address information and documents certifying his / her identity must be attached to the application.

Such requests will be made individually and requests made by unauthorized third parties regarding personal data will not be evaluated.

10.2. Evaluation of the application

10.2.1. Response time of the application

Requests for personal data shall be finalized free of charge as soon as possible and in any case within 30 (thirty) days at the latest, depending on their nature, or in the event that the conditions in the tariff to be published by the PDP Board regarding the fee occur, against the fee in the tariff.

Additional information and documents may be requested during the application or during the evaluation of the application.

10.2.2. Our right to refuse the application

Applications related to personal data;

  • Processing of personal data for purposes such as research, planning and statistics by anonymizing them with official statistics,
  • Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate the right to privacy or personal rights or constitute a crime,
  • Processing of personal data made public by the Personal Data Owner,
  • The application is not justified,
  • The application contains a request contrary to the relevant legislation,
  • Failure to comply with the application procedure,

in such cases, it is rejected with justification.

10.3. Procedure for the evaluation of the application

In order for the response period specified in Article 11.2.1 of this Policy to start, the requests made must be sent in writing and with a wet signature or electronically signed and sent via KEP or sent by other methods determined by the KVK Board with information and documents certifying the identity of the applicant.

If the request is accepted, the relevant action is taken and notification is made in writing or electronically. If the request is rejected, the applicant shall be notified in writing or electronically by explaining the reasons.

10.4. Right of complaint to the Personal Data Protection Board

In cases where the application is rejected, the response is deemed insufficient or the response is not given in due time; the applicant has the right to file a complaint to the PDP Board within 30 (thirty) days from the date of learning the response and in any case within 60 (sixty) days from the date of application.

11. PUBLICATION AND STORAGE OF THE DOCUMENT

This Policy is stored in two different media, printed paper and electronic media.

12. UPDATE PERIOD

This Policy is reviewed at least once a year and updated, if necessary, in accordance with the principles set out in the Documentation Management Procedure.

13.

This Policy shall be deemed to have entered into force upon its publication on the Company website.

14. REPEAL

In the event that it is decided to abolish this Policy, the old wet signed copies of this Policy shall be canceled and signed by the Legal Unit with the written approval of the Department Manager (by stamping or writing cancellation) and kept by the Legal Unit for 5 years.