Information Text Regarding Personal Data



Mega Endüstri Kontrol Sistemleri San. Ve Tic. Ltd. Şti. (“MEGA”); when you visit our website or in any spoken, written or electronic environment, your data, which is considered 'personal data' within the scope of the Law on the Protection of Personal Data No. 6698 ("GDPR"), is occasionally recorded and processed, stored and protected in accordance with the law. As an institution that takes all kinds of measures to protect data and shows maximum sensitivity, we would like to inform you about how and for what purposes MEGA processes this personal data in accordance with the GDPR and the relevant legislation, and what measures it takes to protect your personal data.





Your personal data is processed by us in accordance with the following principles



a) Compliance with law and fairness.

b) Accuracy and up-to-date when necessary.

c) Processing for specific, explicit and legitimate purposes.

ç) Related to the purpose for which they are processed, limited and proportionate.

d) Preservation for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed.





Obligation to Inform



a) Identity of the data controller and, if any, its representative,

b) The purposes for which personal data is processed,

c) To whom and for what purpose the processed personal data may be transferred,

ç) The methods and legal grounds for collecting personal data,

d) The rights that the data subject can exercise against the data controller in accordance with Article 11 of the GDPR.

This information is provided through this Information Text, and MEGA informs and enlightens the individuals whose personal data it processes in accordance with the provision of Article 10 of the GDPR.





Identity of the Data Controller



Article 3, paragraph 1, subparagraph (ı) of the GDPR defines the data controller as 'real or legal persons who determine the purposes and means of processing personal data, and are responsible for the establishment and management of the data recording system', and within this framework, MEGA holds the status of data controller.





Information Text Regarding Personal Data



Mega Endüstri Kontrol Sistemleri San. Ve Tic. Ltd. Şti. (“MEGA”); when you visit our website or in any spoken, written or electronic environment, your data, which is considered 'personal data' within the scope of the Law on the Protection of Personal Data No. 6698 ("GDPR"), is occasionally recorded and processed, stored and protected in accordance with the law. As an institution that takes all kinds of measures to protect data and shows maximum sensitivity, we would like to inform you about how and for what purposes MEGA processes this personal data in accordance with the GDPR and the relevant legislation, and what measures it takes to protect your personal data.





Processing of Personal Data and Purposes



As MEGA, your personal data is only processed if you have given your explicit consent or if one of the legal compliance situations listed below exists.

a) Explicitly stipulated in the laws.

b) Being necessary to protect the life or bodily integrity of the individual who is unable to express their consent due to factual impossibility or whose consent is not legally valid, or of another person.

c) Being necessary for the processing of personal data belonging to the parties to a contract, provided that it is directly related to the establishment or performance of the contract.

ç) Being necessary for the data controller to fulfill its legal obligations.

d) Being made public by the data subject.

e) Being necessary for the establishment, exercise, or protection of a right.

f) Being necessary for the processing of data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

In accordance with the principles above, your personal data is processed for the purposes of improving and developing the products and services offered to you within the scope of MEGA's activities, customizing them in accordance with your needs, enabling MEGA's business units to carry out the necessary studies, protecting the lawful legitimate interests of MEGA and real and legal persons with whom it has business relations, ensuring that MEGA continues its activities in its own sector, and increasing data security within the scope of our obligations under the GDPR.

According to all of this, your personal data is processed for purposes such as planning and carrying out MEGA's Human Resources processes, recruitment, performance evaluation, creation and storage of personnel files, carrying out exit interview processes, fulfilling legal obligations, carrying out other internal operational activities, and ensuring security within the company and its surroundings.





To Whom and for What Purpose the Processed Personal Data May be Transferred



Your personal data may be shared with private institutions and public institutions and official authorities as necessary for MEGA to fulfill its legal obligations, within the scope of the purposes listed above. In sharing your personal data, the regulations in Articles 8 and 9 of the GDPR are complied with, and all kinds of technical and administrative measures are taken to ensure data security throughout and after the sharing process. In accordance with Article 8 of the GDPR, personal data may be transferred without explicit consent if the data subject has given explicit consent or if one of the situations mentioned under the heading "Processing Purposes" above exists. In accordance with Article 9 of the GDPR, in order to transfer personal data to real or legal persons abroad, adequate protection is required in the country to which personal data is transferred, in addition to the above. Countries with adequate protection are determined by the Data Protection Authority.





Regarding to Whom and for What Purpose the Processed Personal Data May be Transferred



Your personal data processed by MEGA in accordance with the principles and provisions of the GDPR; may be transferred to our business partners, suppliers, Company Managers, legally authorized public institutions and private individuals only for the purposes stated above and with the necessary confidentiality agreements, within the framework of the personal data processing conditions and purposes stipulated in Articles 8 and 9 of the GDPR.





How is the Personal Data Collected? What is the Legal Reason?



As mentioned above, your personal data is collected and processed based on different legal grounds when you visit our website or in any spoken, written or electronic environment. The personal data collected through these methods and legal grounds can be processed and transferred in accordance with the personal data processing conditions stipulated in Articles 5 and 6 of the GDPR and, primarily, for MEGA to fully and correctly fulfill its obligations arising from law and contracts, in line with the purposes stated in this Information Text.





What are the Rights of the Data Subject



Article 11 of the GDPR regulates a number of rights for every natural person whose personal data is processed and, as part of the obligation to inform that it imposes on the data controller, requires that these rights be notified to the data subject. These rights include: learning whether personal data is processed or not, requesting information if personal data has been processed, learning the purpose of processing personal data and whether it is used in accordance with the purpose, knowing the third parties to whom personal data is transferred domestically or abroad, requesting the correction of incomplete or incorrect processing of personal data, requesting the deletion or destruction of personal data if, although processed in accordance with the GDPR and relevant other legal provisions, the reasons requiring processing have ceased to exist, requesting the notification of the correction of incomplete or incorrect processing of personal data, or the deletion or destruction of personal data within the scope of Article 7 of the GDPR to the third parties to whom personal data is transferred, objecting to the processing of data solely through automated systems that result in a decision against the data subject, and demanding compensation for damages if they suffer damage due to the unlawful processing of personal data.





How do we Protect Your Personal Data?



All necessary technical and administrative measures are taken by us to ensure the protection of personal data collected and processed by MEGA, to prevent it from falling into the hands of unauthorized persons, and to prevent parties from being harmed; MEGA ensures that the software we use in our operations complies with standards, that the third parties we work with are carefully selected, that our employees are trained in this direction, and that the data protection policy is adhered to within the company.





Right to Apply and Obtain Information



In the event that the data subject wishes to exercise any of the rights explained above regarding your personal data, within the scope of Article 11 of the GDPR, they can apply to MEGA as the data controller. This application should be made to the Company in writing or by other methods determined by the Data Protection Authority.