PRIVACY AND DATA POLICY

NORDICTEKS TEKSTİL SAN. VE DIŞ TİC. LTD. ŞTİ. (“Nordicteks” or “Company”) has adopted the principle of processing, storing and protecting your personal data in accordance with the laws and the provisions of this Personal Data Policy and Personal Data Protection Law No. 6698 (“PDPL”).

As a company responsible for the obtaining, processing, storage and security of your personal information in accordance with the law and legal regulations, Nordicteks takes all necessary precautions to protect and secure your information against any loss or change; performs technical and software operations in this regard.

As Nordicteks, we hereby declare that we obey at all times the principles of processing the personal data with certain, clear and legitimate purposes, in accordance with the law and the rule of honesty, ensuring that their personal data are accurate and up-to-date when necessary, processing and maintaining the personal data in connection with the purpose for which they are processed, for a limited, measured and required time, transferring personal data to third parties at home and/or abroad after taking security measures, in order to protect the fundamental rights and freedoms of our employees and business partners, our customers and/or their representatives, especially the ones on the privacy of private life, that, in this context, we act in accordance with the provisions of PDPL and all other legal regulations.

It is also included in our Company policy to ensure that the principles and rules for the protection of personal data are adopted by our employees and business partners, and to create and establish such awareness, to raise and increase awareness.

As Nordicteks, we declare that we have fulfilled all our obligations arising from legal legislation in order to obtain, process, store and protect your personal data in accordance with the law; that, in this scope, we have signed up for VERBIS (Data Controllers Registration Information System), fulfilled our obligation to enlighten the data subjects verbally and in writing during the acquisition of personal data, as a data controller, and that we have taken the necessary technical, software and administrative measures to ensure the security of the personal data (such as preventing any unlawful processing of personal data and preventing any unlawful access to personal data). As a technical measure; we hereby declare that a closed network system is used to ensure network and application security, key management is implemented, security measures within the scope of supply, development and maintenance of information technology systems have been taken, access logs are kept regularly and without user intervention, data masking measure is applied where necessary, management of user accounts and authority control system are implemented, confidentiality commitments are made, including data security provisions for employees, firewalls are used with current anti-virus systems, physical environments containing personal data are secured against external risks, personal data obtained and processed are minimized as numerically as possible, special quality personal data transfers are necessarily made with encryption technique, an intrusion detection and prevention system is applied to prevent cyber attacks and penetration tests are carried out, data loss prevention software is used, and these measures are periodically followed up and updated, and if the reason for processing personal data disappears during periodic follow-ups or upon the application of the person concerned, or if the period of storage of personal data expires, that personal data has been deleted, destroyed or anonymized in accordance with the data category and the nature of the data.

Our website also contains links to web sites that we believe are reliable, in order to convey more accurate information to our users. However, our company is not responsible for the data and / or privacy policies or content of the related sites. Your use of our website means that you have read, understood and approved our data privacy policy in line with this clear information, and, we declare that, in the event of cooperation and/or information request from judicial or administrative authorities, we can share your personal information requested with the necessary authorities in accordance with legal legislation.

Anonymous information that is not sufficient to identify you personally is non-personal information and such information is automatically stored on our servers.

We would also like to inform you in terms of your rights under this Privacy and Data Policy, since personal data holders ("Applicant") defined in the PDPL are entitled to make certain requests for the processing of their personal data in Article 11 of the same law.

In accordance with Article 13/1 of the PDPL, you can apply to our company, which is the data controller, in writing or through other methods determined by the Personal Data Protection Board ("Board"). In the applications you will make in writing in this context, the data subject may print out and fill the application form and, sign it with original signature and submit to us (i) by the applicant personally or (ii) through a notary public. If the Board later determines an application method, the application conditions will be announced separately.

Specific information about written applications is given in the table below.


Application Method Features Address to where the application will be made Information to be specified while submitting an application
Personally The Applicant personally coming and applying with an identifying document. Nordicteks Tekstil San. ve Dış Tic. Ltd. Şti. A. Nafiz Gürman Mah. Mehmet Akif Cad. Turunçlu Sok. No:25/14 Güngören/İstanbul Applicant is kindly requested to write “An information request within the scope of Personal Data Protection Law” on the envelope.
Through a public notary The Applicant sending the Data Subject Application Form, which bears the original signature of the Applicant, to our Company through a notary public, together with the document confirming the identity of the Applicant. Nordicteks Tekstil San. ve Dış Tic. Ltd. Şti. A. Nafiz Gürman Mah. Mehmet Akif Cad. Turunçlu Sok. No:25/14 Güngören/İstanbul You are kindly requested to write “An information request within the scope of Personal Data Protection Law” within the content of the notification envelope.

Your applications delivered to us will be evaluated and concluded within the shortest time and at the latest within 30 (thirty) days after it reaches our Company, pursuant to Article 13 of PDPL. We hereby declare that, although it is essential not to charge any fee regarding the evaluation of the requests and informing the result, if the transaction requires cost, our company reserves the right to request a fee based on the fee schedule determined by the Board.

Best regards,

NORDICTEKS TEKSTİL SAN. VE DIŞ TİC. LTD. ŞTİ.