Benova Consulting Yönetim Danışmanlığı
Benova Consulting Yönetim Danışmanlığı

Personal Data Processing and Protection Policy

Benova Consulting Yönetim Danışmanlığı

1. Introduction

This Personal Data Processing and Protection Policy (“Policy”) is implemented by Benova Consulting Consultancy Services Limited Company (“Benova Consulting”) in accordance with the Law No. 6698 on the Protection of Personal Data and related legislation, not only to fulfill the data protection obligations but also to determine the principles to be adhered to by Benova Consulting during the processing of personal data and/or by Benova Consulting.

2. Definitions

Explicit Consent: Consent that is based on informed notification about a specific issue and expressed by free will,

Anonymization: The alteration of personal data in a way that it can no longer be associated with an identified or identifiable real person, and this condition cannot be reversed,

Employee: Personnel of Benova Consulting, regardless of their role and title, Benova Consulting: Benova Consulting Consultancy Services Limited Company, Law: Law No. 6698 on the Protection of Personal Data,

Data Subject: The real person whose personal data is processed,

Personal Data: Any information relating to an identified or identifiable real person,

Processing of Personal Data: Any operation performed upon personal data whether or not by automatic means such as collection, recording, storage, preservation, alteration, reorganization, disclosure, transmission, takeover, making available, classification or preventing its use,

Special Category Personal Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and data concerning health or sex life, criminal convictions and offenses, security measures as well as biometric and genetic data,

Data Controller: Benova Consulting Consultancy Services Limited Company which determines the purposes and means of processing personal data, and which is responsible for establishing and managing the data registration system.

3. Principles Regarding the Processing of Personal Data

The foremost principle of importance for Benova Consulting is to act in accordance with the general principles prescribed in the legislation on the processing of personal data. In this context, it acts in accordance with the principles listed below in the processing of personal data in accordance with the Constitution, the Law, and other related legislation.

3.1. Compliance with the Rule of Law and Honesty in Personal Data Processing Activities

Benova Consulting operates in accordance with the law and the principles of honesty within the framework of personal data processing activities. Benova Consulting processes personal data only as much as necessary and at a level appropriate to the data processing objectives by applying the principles of proportionality and necessity in the processing of personal data.

3.2. Ensuring Personal Data is Accurate and Updated when Necessary

Taking into account the fundamental rights of the data subjects and its legitimate interests, Benova Consulting ensures that the personal data it processes are accurate and up-to-date, and sets up systems to ensure this by taking the necessary measures in this direction.

3.3. Processing for Specific, Clear, and Legitimate Purposes

Benova Consulting processes personal data for legitimate and lawful reasons, in connection with the activities it carries out and to the extent necessary.

3.4. Being Relevant, Limited, and Measured with the Purpose of Processing

Benova Consulting processes personal data in a way suitable for achieving the determined purposes and avoids processing personal data that is not related to the realization of the purpose or unnecessary.

3.5. Retaining for the Period Stipulated in the Relevant Legislation or Necessary for the Purpose for which they are Processed

Benova Consulting retains personal data only for periods stipulated by laws or limited to the purposes for which they are processed. In this context, it acts in accordance with the periods determined for the storage of personal data in the relevant legislation. In cases where no period is determined, personal data are retained for as long as necessary for the purpose they are processed.

3.6. Requirements for the Transfer of Personal Data

Benova Consulting complies with the rules provided below in the transfer of personal data, including special category personal data.

3.6.1. Transfer of Personal Data Domestically

Benova Consulting transfers personal data to third parties in accordance with the purpose of processing personal data required by Article 8 of the Law, and taking necessary security measures.

3.6.2. Transfer of Personal Data Abroad

Personal data processed by Benova Consulting can be transferred abroad under the provisions of Article 9 of the Law, limited to internet and social media sharing, cloud storage, and mailing applications.

4. Obligations of Benova Consulting Regarding the Processing and Protection of Personal Data

4.1 Obligation to Register with the Data Controllers Registry

Benova Consulting has registered with the Data Controllers Registry (VERBİS).

4.2. Obligation to Inform the Data Subject

During the collection of Personal Data, Benova Consulting informs the data subject about the following:

  • Identity of the Data Controller,
  • The purpose for which personal data will be processed,
  • To whom and for what purpose personal data can be transferred,
  • Method and legal reasons for collecting personal data,
  • Rights of the data subject.

4.3. Obligation to Ensure the Security of Personal Data

The security of Personal Data is ensured in accordance with our storage and destruction policy. In accordance with Article 12 of the Law, Benova Consulting takes the necessary technical and administrative measures to prevent unlawful processing of personal data and unlawful access to these data, and to ensure the protection of the data.

4.4. Obligation to Inform the Data Subject

Data subjects have the right to request information about their data by applying to our company by personally delivering a signed copy of the Personal Data Application Form available on our company’s website when they feel the need, by sending it to our e-mail address in a way that their identity can be confirmed, such as using a registered electronic mail address, secure electronic signature, mobile signature, or an electronic mail address previously reported by the relevant person and recorded in its system, or by other methods to be determined by the Personal Data Protection Board.

In this context, Benova Consulting has established the necessary mechanisms to evaluate the rights of personal data owners and to inform personal data owners in accordance with Article 13 of the Law.

5. Organizational Structure within Benova Consulting

A “Data Protection Officer” has been appointed within Benova Consulting to manage this policy and other policies connected and related to this policy.

Benova Consulting may change the provisions in this Policy at any time by publishing. The provisions changed by Benova Consulting become effective on the date of publication.

6. Date of Entry into Force of the Policy

This Policy will enter into force on 01/02/2022.

İletişim Formu_EN