GDPR & Disclosure Text
The principles concerning the processing of your personal data by Aydın Doğan Foundation (“ADV” or “Foundation”) as the data controller based in “Burhaniye Mahallesi, Kısıklı Caddesi No: 65 P.K 34676 Üsküdar/İstanbul” in accordance with the European Union General Data Protection Regulation (“GDPR”), Turkish Law on Protection of Personal Data no. 6698 (“Law”) and other applicable legislation are provided in detail in this Disclosure Text.
1. Purpose of Processing Personal Data
Your personal data such as identification information and contact details obtained through our website ("https://cc.aydindoganvakfi.org.tr/en") in connection with your registration are processed to provide execution of necessary activities for your registration to competition and to get in contact with you for competition processes.
2. Parties Which Processed Personal Data are Transferred and Purpose of Transfer
The purpose of transferring the data is in line with the purpose of processing personal data. Our Foundation may transfer the personal data it collects to the related business partners, institutions and organizations it cooperates with in order to carry out its activities and public authorities upon request. However, due to the e-mail service provider's servers being located abroad, personal data is being transferred abroad with your explicit consent for the execution of business processes and communication activities.
3. Method and Legal Basis For Collecting Your Personal Data
Our Foundation collects your personal data via semi-automatic way (through the registration form on the website). Our legal basis for processing your personal data is article 5/2 (c) of the Law; processing of your personal data is necessary for the establishment and performance of the membership contract and under Article 5/2 (f) of the Law, data processing is compulsory for the legitimate interests of the data controller, provided that it does not violate the fundamental rights and freedoms of the data subject. Also, our Foundation processes personal data in accordance with Article 5/1 of the Law.
4. Application to the Data Controller and Your Rights
As per the Article 11 of the Law and Articles 12 through 23 of GDPR, you are entitled to a) learn whether your personal data are being processed, b) if they are, request information, c) obtain information on the purpose of processing and find out whether personal data has been used as fit for the purpose d) obtain information about the third persons in Turkey and abroad, to whom personal data are transferred, e) request rectification of personal data that may have been incompletely or inaccurately processed, f) request the deletion or destruction of personal data as per the Article 7 of the Law and the Article 17 of GDPR g) request notification of the operations made as per indents (e) and (f) to third parties to whom personal data have been transferred, h) object to occurrence of any detrimental result by means of analysis of personal data exclusively through automated systems and i) request compensation for the damages due to unlawful processing of personal data.
You can send your requests regarding your rights listed above according to Comminuque on the Principles and Procedures for the Request to Data Controller.
Our Foundation fulfills your requests as soon as possible and within thirty days at the latest and once for free of charge. However, requester may be charged for following requests or for the initial request if the action taken on the request requires additional cost. Our Foundation can accept and process the request or reject the request in writing by explaining its reason.
You are entitled to file a complaint to the Turkish Board of Personal Data Protection (“Board”) within thirty days as of the notification of the reply and in all cases within sixty days if the application is rejected after carrying out the procedure mentioned above, the reply is deemed to be insufficient or the requests are not responded in a timely manner. However, the complaint cannot be filed without exhausting this application process.
The Board may conduct the necessary inspections within its field of duty upon receiving a complaint or ex officio upon detecting a breach. The complaint shall be examined by the Board and answers shall be provided to those concerned. If no replies are given within sixty days as of the date of the complaint, the request shall be deemed to be rejected. If, as a result of inspections upon receiving a complaint or ex officio investigation, a breach is detected, the Board shall rule the identified contraventions of law to be eliminated by the data controller, and shall notify those concerned accordingly. This decision shall be fulfilled without delay but no later than within thirty days as of the notification of the decision. The Board is authorized to halt data processing or international transfer of data if damages that are hard or impossible to compensate occur and if there is an explicit infringement of the law.
We would like to emphasize that your data is meticulously protected by our Foundation and thank you for the trust that you place in us.