Privacy Notice on the Protection of the Personal Data of Prospective Employee/Intern
This Privacy Notice outlines the principles of processing your personal data in accordance with the Personal Data Protection Law (the “Law”) No. 6698 and the related regulations by the data controller Sabancı Dijital Teknoloji Hizmetleri A.Ş. located at “Küçük Çamlıca Mahallesi, Kısıklı Caddesi, No. 56, Üsküdar/ISTANBUL” (the “Company”).
1. Purpose of Personal Data Processing
Your identity, communication, professional experience, personnel record and visual records data, collected as a result of your application to work in our company, are processed in accordance with the basic principles stipulated by the Law; for the purposes of receiving your job application, examining your resume and investigating your suitability for the job description, conducting the recruitment processes and contacting you in this context within the scope of the contractual relationship based on the execution of the recruitment process; additional disability/health information obtained from the disabled prospective employees is processed for the purpose of evaluating the suitability of your health condition for the relevant position. It is your responsibility to share with our Company the correct information about your reference and obtain approval from your reference so that we can contact them where requested by our company or specified on your CV.
We would also like to mention that please make sure that the resume you have submitted to us does not contain any personal data of special nature (race, ethnicity, political opinion, philosophical belief, attire and dress, membership to associations, foundations or trade unions, data on health, sexual life, criminal convictions and security measures, biometric and genetic data).
We would also like to mention that please make sure that the resume you have submitted to us does not contain any personal data of special nature (race, ethnicity, political opinion, philosophical belief, attire and dress, membership to associations, foundations or trade unions, data on health, sexual life, criminal convictions and security measures, biometric and genetic data).
2. Places and Purpose of Transfer of Processed Personal Data
Your personal data may be transferred in accordance with Articles 8 and 9 of the Law to our business partners, suppliers, sub-employers, our domestic and/or foreign group companies whose servers provide the systems used for the continuation of business activities, to our domestic and/or foreign group companies, and to the relevant official institutions. The purpose of processing personal data and the purpose of transferring the data are aligned to each other.
Our company cooperates with intermediary institutions for auxiliary works such as the creation or storage of business processes, working hours and documents in the personnel file. Your personal data may be shared with these institutions in accordance with the Law so that they can fulfill their duties. We stress that the relevant institutions do not have the right to use this data for any other activity.
Our company cooperates with intermediary institutions for auxiliary works such as the creation or storage of business processes, working hours and documents in the personnel file. Your personal data may be shared with these institutions in accordance with the Law so that they can fulfill their duties. We stress that the relevant institutions do not have the right to use this data for any other activity.
3. Method of Personal Data Collection and Legal Reason
Your personal data are collected within the scope of conducting the recruitment processes through our websites or various websites that allow you to apply for a job on the Internet, through online CV sharing media such as LinkedIn, through the Turkish Employment Agency, through e-mails sent by you, by phone or in a physical environment within the scope of evaluating and finalizing your job application and your suitability for the relevant position.
Nevertheless, provided that your personal data are directly related to the establishment or performance of a contract pursuant to Article 5/2/c of the Law, where processing the personal data of the parties to the contract is required, provided that they are disclosed to the public by the concerned person in accordance with Article 5/2/d of the Law and provided that the fundamental rights and freedoms of the person concerned are not harmed pursuant to Article 5/2/f of the Law, those data are processed with the legal grounds that processing is required for the legitimate interests of the data controller.
The health data collected from prospective disabled employees are processed on the basis of explicit consent obtained under Article 6/2 of the Law.
Nevertheless, provided that your personal data are directly related to the establishment or performance of a contract pursuant to Article 5/2/c of the Law, where processing the personal data of the parties to the contract is required, provided that they are disclosed to the public by the concerned person in accordance with Article 5/2/d of the Law and provided that the fundamental rights and freedoms of the person concerned are not harmed pursuant to Article 5/2/f of the Law, those data are processed with the legal grounds that processing is required for the legitimate interests of the data controller.
The health data collected from prospective disabled employees are processed on the basis of explicit consent obtained under Article 6/2 of the Law.
4. Methods of Application to the Data Controller and Your Rights
Further to Article 11 of the Law, you have the rights to apply to our Company and a) learn whether your personal data are processed, b) request information if they are processed, c) learn the purpose of processing and whether they are used in accordance with the purpose, d) learn the parties to whom they are transferred domestically / abroad, e) request their correction if they are processed incompletely / wrong, f) request their deletion / destruction in accordance with the requirements of Article 7 of the Law, g) request communication of the foregoing actions listed in items (e) and (f) to the third parties to whom the data are transferred, h) object to the occurrence of any negative outcome due to their being analyzed exclusively by automatic systems, i) claim recovery of damages if you are damaged due to their processing against the Law.
You can send your applications related to your foregoing rights by completing the Data Subject Application Form accessible on our website, by sending mail to the foregoing address of our Company, or by sending to the registered e-mail address at sabancidijital.kvk@sabancidijital.hs03.kep.tr .
Our company resolves your requests free of charge as soon as possible according to the nature of the request, and not later than thirty days. However, if the action requires any extra cost, then it may be charged. Our company may accept and process the request or decline it in writing by explaining the reason.
In the event the application realized through the foregoing procedure is declined, the given answer is considered inadequate or the application is not answered in due time, you are entitled to refer to the Personal Data Protection Authority (the “Authority”) within thirty days from the submission of the replay, and sixty days from the submission of the application in any case. However, you may not refer to the Authority before consuming all your resorts for application.
The Authority conducts the required inspection in their field of duty automatically upon complaint or when they are informed of a claim of violation. Upon complaint, the Authority examines the request and answers to the related parties. Unless the complaint is answered within sixty days, the request shall be considered as declined. If the reason for violation is determined to have resulted from the review of the complaint or automatic inspection, the Authority shall decide on the correction of the legal violations by the controller and submits the decision to the related parties. This decision shall be fulfilled immediately after has been communicated, and not later than thirty days. The board may decide to cease the processing of data or transfer of the data abroad in the event that damages deemed difficult or impossible to repair arise and which represent an explicit violation of law.
We would like to inform you that your data are carefully protected at our Company and thank you for your confidence.
You can send your applications related to your foregoing rights by completing the Data Subject Application Form accessible on our website, by sending mail to the foregoing address of our Company, or by sending to the registered e-mail address at sabancidijital.kvk@sabancidijital.hs03.kep.tr .
Our company resolves your requests free of charge as soon as possible according to the nature of the request, and not later than thirty days. However, if the action requires any extra cost, then it may be charged. Our company may accept and process the request or decline it in writing by explaining the reason.
In the event the application realized through the foregoing procedure is declined, the given answer is considered inadequate or the application is not answered in due time, you are entitled to refer to the Personal Data Protection Authority (the “Authority”) within thirty days from the submission of the replay, and sixty days from the submission of the application in any case. However, you may not refer to the Authority before consuming all your resorts for application.
The Authority conducts the required inspection in their field of duty automatically upon complaint or when they are informed of a claim of violation. Upon complaint, the Authority examines the request and answers to the related parties. Unless the complaint is answered within sixty days, the request shall be considered as declined. If the reason for violation is determined to have resulted from the review of the complaint or automatic inspection, the Authority shall decide on the correction of the legal violations by the controller and submits the decision to the related parties. This decision shall be fulfilled immediately after has been communicated, and not later than thirty days. The board may decide to cease the processing of data or transfer of the data abroad in the event that damages deemed difficult or impossible to repair arise and which represent an explicit violation of law.
We would like to inform you that your data are carefully protected at our Company and thank you for your confidence.
