This Disclosure Text describes the principles of processing your personal data by the Society and in the capacity of a data controller at the address of “Darüşşafaka Mah. Darüşşafaka Cad. No:5/9 Maslak 34457 Sarıyer, İstanbul” in accordance with the Personal Data Protection Law no. 6698 (“Law”) and other applicable laws and regulations pertaining thereto.
Purpose of Processing of Personal Data
Your personal data, consisting of IP and log records obtained from your visit to our website, are processed to keep traffic on the website protected within the scope of cyber security measures and thus to ensure legal, commercial, and technical reliability, and to develop and disseminate activities carried out by the Society.
To Whom and For Which Purposes Personal Data Are Transferred
Your personal data may be transferred for the aforesaid purposes of processing upon legitimate demand to domestic/foreign firms providing support services in cloud computing, and to external service providers of our Society.
Method and Legal Basis of Collection of Your Personal Data
Your personal data is collected automatically and electronically through technical communication files in the data controller’s systems and for the purposes specified in this Disclosure Text. Your personal data is processed under the obligation to monitor the traffic of the website as stipulated in the Law on Regulation of Publications via the Internet and Fight Against Crimes Committed Through These Publications no. 5651.
Application to the Data Controller and Your Rights
According to Article 11 of the Law, you have the right to file an application to our Society in order (a) to learn whether your personal data are processed, (b) if processed, to request information about processing, (c) to learn the purposes of processing, and whether they are processed and used in accordance with the originally intended purposes, (d) to learn the identity of domestic/foreign parties to which your personal data is transferred, (e) if they are processed incompletely or inaccurately, to request completion or correction of them, as the case may be, (f) to request deletion / destruction in accordance with the conditions stated in Article 7 of the Law, (g) to request notification of actions taken in accordance with paragraphs (e) and (f) hereinabove to the third parties to whom your personal data are transferred, (h) to object against results to detriment of you that may arise solely due to analysis of your personal data by automated systems, (i) to claim indemnification of your damages and losses, if any, you suffer due to processing of your personal data in violation of the Law.
Applications about your rights listed above may be made to the address of “Darüşşafaka Mah. Darüşşafaka Cad. No:5/9 Maslak 34457 Sarıyer/İstanbul” by filling out the Darüşşafaka Society application form available at our website https://www.darussafaka.org/kisisel-verilerin-korunmasi/basvuru-proseduru , or you may also send the application form to firstname.lastname@example.org by secure e-signature, mobile signature, or e-mail address previously reported by you to the data controller and registered in the data controller’s system.
Our Society shall fulfill all your requests free of charge as soon as possible and within thirty days at the latest, depending on the nature of your request. However, fees may be charged for costs that may be separately incurred by our Society in connection therewith. Darüşşafaka may accept and process the request or may reject it by indicating the reasons in writing.
After sending your application as per the procedure mentioned above, you are entitled to file a complaint to the Personal Data Protection Board (“Board”) within thirty days following the date of delivery of the request if the application is rejected, the reply is deemed insufficient, or the requests are not responded promptly, and in any case within sixty days following the date of application. However, the complaint cannot be filed without exhausting this application process.
The Board shall, upon receipt of a complaint or ex officio upon becoming aware of the allegation of breach, conduct the necessary investigations within its fields of duty. Upon a complaint, the request shall be examined by the Board and answered to the related person/people. If no reply is given within sixty days after the date of the complaint, the request shall be deemed to be rejected. If, as a result of investigations conducted upon receipt of a complaint or ex officio investigation, a breach is detected, the Board instructs and orders the data controller to remedy the breaches of law, and delivers its decision to the related persons. This decision shall be fulfilled without delay but no later than thirty days after the notification of the decision. The Board is authorized to suspend the data processing or international transfer of personal data in case of occurrence of damages and losses hard or impossible to repair and upon explicit contravention to or infringement of the law.
We would like to emphasize that your data is meticulously protected by Darüşşafaka and to thank you for the trust that you place in us.