Catalog
B4B Download
VEHICLES
VEHICLES
SCANIA
VOLVO
IVECO
DAF
RENAULT
MERCEDES
MAN
ZF
PRODUCTS
INNOVATION
BRANDS
CORPORATE
CORPORATE
ABOUT US
TIMELINE
PRINCIPLES
CAREER
SOCIAL RESPONSIBILITY
ENVIRONMENTAL POLICY
PRIVACY POLICY
COVID-19 POLICY
PDPP
CONTACT

social accounts

languages

0

0 product in your cart

GO TO CART
en

Corporate

Privacy is Our Priority

MESAY AUTOMOTIVE INDUSTRY AND TRADE INC. (“MESAY OTOMOTİV or the Company”), we care about the security of your Personal Data as much as your security.

Privacy Policy

MESAY AUTOMOTIVE INDUSTRY AND TRADE INC.

PERSONAL DATA PROCESSING, PROTECTION AND PRIVACY POLICY

MESAY AUTOMOTIVE INDUSTRY AND TRADE INC. (“MESAY AUTOMOTIVE or the Company”), we care about the security of your Personal Data as much as your security. As MESAY OTOMOTİV, we are sensitive about the processing and preservation of all kinds of personal data belonging to the people who benefit from our products and services and all persons related to the Company, in accordance with the Law on the Protection of Personal Data No. 6698 (“KVK Law”). We process your Personal Data within the framework of the procedures and principles set forth in the legislation and explained in detail below.

PURPOSE, SCOPE AND DEFINITIONS

AIM
This Personal Data Processing and Protection Policy (“Policy”) is the main policy text regulating the principles that MESAY AUTOMOTIVE will comply with while fulfilling its obligations brought by the Law on the Protection of Personal Data No. 6698 (“KVKK”) and other relevant legislation.

SCOPE
The Policy covers the Personal Data collected, processed or shared with MESAY AUTOMOTIVE during its activities, including MESAY AUTOMOTIVE employees, customers, website visitors; MESAY AUTOMOTIVE is binding on its managers, departments and employees.

DEFINITIONS

  • Personal Data: Means any information that allows MESAY AUTOMOTIVE to determine, directly or indirectly, the identity of a Relevant Person, alone or by combining it with other information held or controlled by MESAY AUTOMOTIVE..
    • Data Controller: It means the natural or legal person who determines the purposes and means of processing Personal Data and is responsible for the establishment and management of the data recording system. The data controller may be the Company or, from time to time, on behalf of the Company or a third person authorized by the Company.
    • Data Processing: Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying personal data by fully or partially automatic or non-automatic means provided that it is a part of any data recording system. or any kind of operation performed on the data, such as preventing its use, means all natural persons whose Data Subject Personal Data are processed by or on behalf of MESAY AUTOMOTIVE.
    • Data Processor: It means the natural or legal person who processes Personal Data on behalf of the data controller based on the authority given by him.
    • Sensitive Personal Data: Data about the race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, costume and clothing, membership to associations, foundations or unions, health, sexual life, criminal convictions and security measures, and biometric data. and genetic data.
    • Personal Health Data: Means any health information relating to an identified or identifiable natural person.
    • Explicit Consent: It means the consent given on a particular subject, after being informed, of free will.
    • Anonymized Data: It means making the Personal Data in no way associated with an identified or identifiable natural person, even after the Data Controller or any other person to make the Relevant Person identifiable, uses all reasonable and usual methods.
    • Destruction: It means the deletion or destruction of Personal Data.
    • Board: It means the Personal Data Protection Board.

GENERAL PRINCIPLES OF PROCESSING PERSONAL DATA
MESAY AUTOMOTIVE acts in accordance with the following principles in all its activities regarding the collection and processing of Personal Data:

Compliance with the law and honesty rules; Personal Data will be collected and processed in accordance with the law and honesty rules.

Accuracy and, where necessary, timeliness; MESAY AUTOMOTIVE will take reasonable measures to keep Personal Data complete, accurate and up-to-date if necessary for the purpose of collecting and processing Personal Data, and will update Personal Data if Relevant Persons provide information about changes in Personal Data. will take reasonable steps to update, correct or delete incomplete or inaccurate data.

Processing for certainty, clarity and legitimate purposes; MESAY AUTOMOTIVE undertakes to collect and process Personal Data to the extent necessary and in connection with the business purpose in its collection. Except where permitted or required by law, Personal Data will not be collected and/or processed in advance for the purposes expected to arise in the future. Except where the processing of Personal Data is legally required or possible, it will only be processed for the legitimate purposes clearly stated before the data is collected and in accordance with the consent to be obtained or, where necessary, Explicit Consent.

Any data collected by the company but prior to its activity, in cases where it is necessary to obtain the Explicit Consent of the Related Person in accordance with the data collection method and this Policy, the consent form or online environments where the consent is obtained will be used.

In cases where Personal Data is processed by third parties that Process Data on behalf of the Company, the third parties must undertake in writing, contractually or otherwise, that they will act in accordance with the obligations contained in this Policy.

Preserving for the period required by the relevant legislation or for the purpose for which they are processed; Personal Data are stored for the maximum retention period in accordance with the purposes of processing; this period may be kept longer in order to comply with the obligations set forth in the legislation or to protect legitimate business interests. Personal Data that is not needed after the legal, administrative or commercial periods expire will be deleted, anonymized or destroyed in accordance with the legislation and the MESAY AUTOMOTIVE Personal Data Storage and Disposal Policy (“Destruction Policy”).

MESAY AUTOMOTIVE is responsible for the annihilation of all data in accordance with the legislation, in the event that the purpose of collection of this data disappears and the legal retention periods expire regarding the Personal Data in physical and electronic data recording systems.

All transactions regarding the deletion, destruction and anonymization of Personal Data will be recorded and these records will be kept for at least three (3) years, excluding other legal obligations.

PERSONAL GROUPS THAT ARE THE SUBJECT OF PERSONAL DATA
MESAY OTOMOTİV will collect and process Personal Data in accordance with the following legal conditions.

APPROVAL

Relevant Person will be informed about the collection and/or processing of Personal Data in accordance with the legislation and the Policy, and will be processed after giving their explicit consent in writing or electronically with their free will. In case of processing of Personal Health Data, Explicit Consent must be obtained in writing. Explicit Consent statements received will be documented and stored in physical or electronic media. Personal Data may be processed without the consent of the Relevant Person in the presence of the following conditions listed in the KVKK:

  • Explicitly stipulated by law.
  • The person who is unable to express his/her consent due to de facto impossibility or whose consent is not given legal validity is compulsory for the protection of himself or someone else's life or bodily integrity.
  • Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the Personal Data of the parties to the contract.
  • It is mandatory for the Data Controller to fulfill his legal obligation.
  • Relevant Person made public by himself.
  • Data Processing is mandatory for the establishment, exercise or protection of a right.
  • The data processing is mandatory for the legitimate interests of the Data Controller, provided that it does not harm the fundamental rights and freedoms of the Relevant Person.

SPECIAL QUALITY PERSONAL DATA
Sensitive Personal Data can only be processed in cases where the Explicit Consent of the Relevant Person is present, or in cases expressly stipulated in the law, excluding data related to health and sexual life (for example, in cases listed under the title of Consent above). Personal Data related to health and sexual life can only be processed without the explicit consent of the person concerned, for the purposes of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing. . In the processing of Special Quality Personal Data, the decisions of the Personal Data Protection Board are followed.

Conditions for the Processing of Special Categories of Personal Data

MesAY OTOMOTİV pays special attention to the processing of special quality personal data, which is believed to be of more critical importance for data owners in various aspects. In this context, provided that adequate measures determined by the Board are taken, such data are not processed without the explicit consent of the above-mentioned data owners.

However, special categories of personal data other than health and sexual life data can also be processed without the explicit consent of the data owner in cases stipulated by law. However, data on health and sexual life can be processed without obtaining explicit consent, provided that adequate precautions are taken and in the presence of the reasons listed below:

  • Protection of public health,
  • Preventive medicine,
  • Medical diagnosis,
  • Execution of treatment and care services,
  • Planning and management of health services and its financing.

METHODS OF COLLECTION AND PROCESSING OF PERSONAL DATA

MESAY OTOMOTİV, in accordance with the KVK Law and based on the Personal Data Processing Inventory, which must be regulated within the scope of the 5th, 7th, 9th and 10th articles of the Regulation and must contain the information below. processes personal data of real persons.

Although the Personal Data Processing inventory title is not included in this Policy, if the following information is included in this title and the following titles, the relevant items will be considered as "Personal Data Processing Inventory".

  • Personal data processing purposes,
  • Data category
  • Recipient group or recipient groups to which data is transferred
  • Data subject contact groups
  • Association of data category with data subject groups
  • Personal data projected to be transferred to foreign countries
  • Measures taken regarding data security
  • Maximum period required for the purposes for which personal data is processed

PERSONAL GROUPS OF PERSONAL DATA SUBJECT

PERSONAL GROUPS OF PERSONAL DATA SUBJECT

DESCRIPTION

MESAY AUTOMOTIVE COMPANY SHAREHOLDERS

Real persons who own the shares of MESAY OTOMOTİV.

MESAY AUTOMOTIVE COMPANY OFFICIALS

Mesay Automotive's  Members of the Board of Directors and other authorized natural persons.

MESAY AUTOMOTIVE COMPANY TENANT, SUPPLIER, CUSTOMERS AND SUBCONTRACTORS

The authorized real persons of the tenants who continue their activities within the framework of the lease agreement in the independent departments of MESYA OTOMOTİV; The Company's customers, authorized real persons of its suppliers and subcontractors that it uses while performing its activities, and employees assigned by these persons.

EMPLOYEE / INTERNSHIP

Real persons working or doing internships within the company.


DATA CATEGORIZATION

DATA CATEGORIZATION

DATA CATEGORY EXPLANATION

ID INFORMATION

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; data that contains information about the identity of the person; name-surname, T.C. Documents such as driver's license, identity card and passport, which contain information such as identity number, nationality information, mother's name and father's name, place of registration and other population information, place of birth, date of birth, gender, marital status, tax number, SGK number, signature information etc. information

İLETİŞİM BİLGİSİ

Kimliği belirli veya belirlenebilir bir gerçek kişiye ait olduğu açık olan; kısmen veya tamamen otomatik şekilde veya veri kayıt sisteminin bir parçası olarak otomatik olmayan şekilde işlenen; telefon numarası, adres, e-mail adresi, faks numarası, IP adresi gibi bilgiler

FAMILY MEMBERS AND RELATIVE INFORMATION

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Within the framework of the activities carried out by the Company, information about the family members of the personal data owner (e.g. spouse, mother, father, child), relatives and other persons who can be reached in an emergency)

SAFETY INFORMATION

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Personal data regarding the records and documents taken at the entrance to the physical space, during the stay in the physical space; camera recordings, vehicle license plate information, recordings taken at the security point, voice recordings from phone calls, etc.

FINANCIAL INFORMATION

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Financial personal data, bank account number, bank account information (IBAN number, account holder, etc.), credit card information, etc. processed regarding information, documents and records that vary according to the type of legal relationship MESAY OTOMOTİV has established with the personal data owner. and employees' financial and salary details, payrolls, premium progress, premium amounts, file and debt information regarding execution proceedings, bank passbook, minimum living allowance information, private health insurance amount, etc. information.

PERSONAL INFORMATION (PERFORMANCE EVALUATION DATA, CAREER DEVELOPMENT DATA, RECORDS REGARDING WORKING AND LEAVE DAYS)

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Information that will form the basis of the personal rights of real persons who are in a working relationship with the company and that is required by law to be included in the personnel file (Educational status, certificate and diploma information, foreign language information, education and skills, CV, courses taken, Leave seniority base date, leave seniority additional days, leave group, exit/return date, day, reason for leave, address/phone to be taken on leave, position name, department and unit, title, last date of employment, date of entry/exit, insurance entry/retirement, social security No, flexible hours working status, travel status, number of working days, projects worked, monthly total overtime information, severance pay base date, severance pay extra days, days on strike, employee internet access logs, all kinds of personal data processed to obtain logs of entry and exit data and the performance, training and skills necessary for the employee to advance in his/her position, information on the date of which training he received, e-mail, signed participation form, customer interview quality evaluation form, monthly performance evaluation and goal realization status, activity) information.

SPECIAL QUALITY PERSONAL DATA

(to be written in detail)

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Data specified in Article 6 of the KVK Law (eg, health data including blood group, biometric data, religion and membership information)

REQUEST AND COMPLAINT MANAGEMENT INFORMATION

It is clear that it belongs to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Personal data regarding the receipt and evaluation of any request or complaint directed to MESAY OTOMOTİV

TRANSFER OF PERSONAL DATA
Personal Data can only be transferred to third parties in Turkey if the Relevant Person has the Explicit Consent to the data transfer or if there is one of the situations listed under the heading "APPROVAL" and where Explicit Consent is not sought.

In addition to the situations written above, in the transfer of Personal Data to third parties abroad;

- The foreign country to which the Personal Data is transferred provides adequate protection, or;

- In case of lack of adequate protection in the relevant foreign country, MESAY OTOMOTİV and the data controllers in the relevant foreign country undertake in writing that adequate protection is provided and the Board has permission,

Conditions must be present.

RIGHTS AND OBLIGATIONS

6.1 Rights of the Related Person
Natural persons whose personal data are collected or processed by MESAY OTOMOTİV have the right to apply to the Data Controller in accordance with KVKK.

Relevant Person may direct the following requests in writing or via e-mail to the Company or its representatives by using the right to apply, in line with the contact information given at the end of this Policy:

  • Learning whether Personal Data is processed,
  • Getting information about personal data if processed,
  • Learning the purpose of processing Personal Data and whether they are used in accordance with its purpose,
  • Knowing the third parties to whom Personal Data is transferred, at home or abroad,
  • Correction of Personal Data in case of incomplete or incorrect processing,
  • Deletion or destruction of Personal Data within the framework of the law,
  • In case of making the transactions written in paragraphs 5 and 6 above, notifying the third parties to whom the Personal Data has been transferred,
  • Objecting to the emergence of a result against the person by analyzing the processed Personal Data exclusively through automated systems,
  • Removal of damage in case of damage due to unlawful processing of Personal Data

6.2 Obligations of the Data Controller
The Obligations of the Data Controller are as follows.

6.2.1 Liability to Light
MESAY OTOMOTİV will make an informative, clear and understandable notification to the Relevant Persons about the process of processing their Personal Data and the purposes of Data Processing during the acquisition of Personal Data; will ensure that these persons are informed of their rights regarding their Personal Data and that they have reasonable access to their Personal Data processed by the Company.

Notification to the Relevant Persons shall contain at least the following elements:

  • Identity of the Data Controller or its representative, if any,
  • Purpose, method and legal reason for Data Processing,
  • To whom and for what purpose Personal Data may be transferred,
  • Legal rights of the Relevant Persons specified under article 6.1 above

6.2.2 Obligations Regarding Data Security
MESAY AUTOMOTIVE within the scope determined in the relevant legislation,

  • Personal Data is not processed unlawfully
  • Protect Personal Data from being accessed unlawfully
  • Takes the necessary technical and administrative measures to ensure the appropriate level of security in order to protect Personal Data against misuse, disclosure, alteration and destruction. 
  • The Company carries out or has the necessary audits done in order to ensure the security of Personal Data.
  • Personal Data collected and/or processed within the framework of the Company's activities
  • Keep it confidential in accordance with the provisions of the KVKK and the Policy,
  • Does not use other than for processing purposes,
  • Prohibits all kinds of Data Processing activities of its employees who are not involved in the processing of Personal Data due to their duties,
  • It allows its employees to access Personal Data to the extent appropriate to the limits of their duties. This obligation continues even after they leave office.
  • In case the Processed Personal Data is obtained by others unlawfully, MESAY OTOMOTİV informs the relevant person and the Board as soon as possible.

6.2.3 Registration in the Data Controllers Registry
MESAY OTOMOTİV in accordance with the Regulation on the Data Controllers Registry, by registering with the Data Controllers Registry to be established by the Presidency of the Personal Data Protection Authority, in accordance with the Regulation. will fulfill the relevant obligation to be fulfilled. In this context, the following information will be made available to the public:

  • Data Controller, if any, Data Controller representative and contact person's name, address and KEP address if received,
  • For what purposes Personal Data can be processed,
  • Personal Data subject group and groups and their data categories,
  • Recipient and recipient groups to whom Personal Data can be transferred,
  • Personal Data that is expected to be transferred to foreign countries,
  • The date of registration with the registry and the date that the registration ends,
  • Measures taken regarding Personal Data security,
  • Maximum period required for the purpose for which Personal Data is processed.

CHANGES TO THE POLICY AND THE EFFECTIVE DATE
The provisions in this Policy may be changed by MESAY OTOMOTİV, if deemed necessary, by publishing them on the internet sites in accordance with the provisions of the legislation. If any of these provisions are changed, the relevant changes will enter into force on the date of publication of the change.

This Policy was published on 30/12/2019 and entered into force.

social accounts

COOKIES Copyright © 2020 MESAY Otomotiv. All Rights Reserved.
site design & technology
PROJX
www.projx.com.tr