GDPR (General Data Protection Regulation)

My Antalya Transfer (MAT) COMPANY

EXPLANATION TEXT ON THE PROCESSING OF PERSONAL DATA

 This Clarification Text has been prepared by My Antalya Transfer (MAT) Company (“Company”) to enlighten the Company's customers regarding the processing of their personal data by the Company within the scope of the Personal Data Protection Law No. 6698 (“Law”).

My Antalya Transfer (MAT) Company at the address [www.myantalyatransfer.com].

1. a) Methods of Obtaining Personal Data and Legal Reasons

Your personal data is collected electronically or physically. Your personal data collected for legal reasons specified in this Clarification Text can be processed and shared within the framework of the personal data processing conditions specified in Articles 5 and 6 of the Law.

1. b) Purposes of Processing Personal Data

offered by the Company according to the tastes, usage habits, and needs of the persons concerned, within the framework of the personal data processing conditions specified in Articles 5 and 6 of the Law, to recommend and promote them to the relevant persons, To carry out the necessary work by the business units to benefit the persons concerned from the products and services and to carry out the relevant business processes, To carry out the necessary work by the relevant business units for the realization of the commercial activities carried out by the Company and to carry out the related business processes, To plan the commercial and/or business strategies of the Company It is processed to ensure the legal, technical and commercial-occupational security of the Company and the related persons who have a business relationship with the Company.

1. c) Parties and Purposes of Sharing Personal Data

The company according to the tastes, usage habits, and needs of the persons concerned, and to recommend and promote them to the relevant persons, within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law, To carry out the necessary work by the business units to benefit the persons concerned from the products and services offered by the Company and to carry out the relevant business processes, to carry out the necessary work by the relevant business units for the realization of the commercial activities carried out by the Company, Business partners and suppliers of the Company, legally authorized institutions and organizations and legal entities within the scope of planning and executing business strategies and ensuring the legal, technical and commercial-occupational safety of the Company and the persons who have a business relationship with the Company. maybe shared with authorized private law legal entities.

1.d) Rights of Data Owners and Use of These Rights

As personal data owners, if you submit your requests regarding your rights stated below to the Company through the methods specified under the heading Exercise of Rights by Data Owners, your requests will be evaluated and finalized by our Company as soon as possible and in any case within 30 (thirty) days.

According to Article 11 of the Law, you have the following rights as a personal data owner :

• Learning whether your personal data is processed,

• If your personal data has been processed, requesting information about it,

• To learn the purpose of processing your personal data and whether they are used for the purpose,

• Knowing the third parties to whom your personal data is transferred, in the country or abroad,

• Requesting correction of your personal data in case of incomplete or incorrect processing and requesting notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,

• Requesting the deletion or destruction of your personal data in the event that the reasons requiring its processing cease to exist even though it has been processed by the provisions of the law and other relevant laws, and requesting that the transaction carried out within this scope be notified to the third parties to whom the personal data has been transferred,

• Objecting to the emergence of a result against the person himself by analyzing your processed data exclusively through automated systems,

• Requesting compensation for the damage in case of loss due to unlawful processing of your personal data.

• Paragraph 2 of Article 28 of the Law has listed the cases where data owners do not have the right to demand, and in this context;

• Personal data processing is necessary for the prevention of crime or criminal investigation,

• Processing of personal data made public by the person concerned,

• Personal data processing is necessary for the execution of supervisory or regulatory duties and disciplinary investigation or prosecution by authorized and authorized public institutions and organizations and professional organizations like the public institution, based on the authority given by the law,

• In cases where the processing of personal data is necessary for the protection of the economic and financial interests of the State concerning budget, tax, and financial matters, the above-mentioned rights shall not be used for the data.

• According to paragraph 1 of Article 28 of the Law, since the data will be outside the scope of the Law in the following cases, the requests of data owners will not be processed in terms of these data either:

• Processing of personal data by real persons within the scope of activities related to themselves or their family members living in the same residence provided that they are not given to third parties and that the obligations regarding data security are complied with.

• Processing personal data for purposes such as research, planning, and statistics by making it anonymous with official statistics.

• Processing of personal data for art, history, literature, or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, the privacy of private life or personal rights or does not constitute a crime.

• Processing of personal data within the scope of preventive, protective, and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public safety, public order, or economic security.

• Processing of personal data by judicial authorities or execution authorities concerning investigation, prosecution, trial, or execution proceedings.

Exercise of Rights by Data Subjects

• " Form for Applications to be made by the Personal Data Owner to the Data Controller" in the link [www.myantalyatransfer.com] to exercise the above-mentioned rights.

• Applications will be made by one of the following methods, together with documents that will identify the relevant data owner:

• Fill in the form and send a signed copy of the form by hand, via a notary public, or by registered letter with a return receipt [Güzelyurt Mh. İncikpınarı Cd. 16/B Aksu / Antalya],

• Sending the form by registered electronic mail to [email protected] by signing with a secure electronic signature issued within the scope of Electronic Signature Law No. 5070,

• Following a method prescribed by the Personal Data Protection Board.

• The Company responds to data owners who want to exercise the rights in question within the limits outlined in the Law, within a maximum of thirty (30) days, as stipulated in the Law. For third parties to apply on behalf of personal data owners, a special power of attorney issued by the data owner through a notary public on behalf of the person to apply must be present.

• As a rule, data owner applications are processed free of charge, however, a fee may be charged based on the fee schedule stipulated by the Personal Data Protection Board.

• The company may request information from the data subject to determine whether the applicant is the owner of personal data, and may ask questions about the application to the personal data owner to clarify the issues specified in the application.