One Human Yazılım ve Bilişim Danışmanlığı San. Tic. A.Ş.

Clarification Text on the Processing of Personal Data

COMMERCIAL ELECTRONIC MESSAGE

As One Human Yazılım ve Bilişim Danışmanlığı San. Tic. A.Ş. (“OneNewOne” or “Company”), the protection of your personal data obtained while conducting our processes is one of our primary priorities. We attach high importance to ensuring the security of your personal data and its use/processing in accordance with the legislation.

This clarification text contains information regarding how we process your personal data within the scope of sending commercial electronic messages to you.

1. Which personal data do we process, for what purposes, and based on which legal grounds?

Article 5 of the Law on the Protection of Personal Data (“Law”) regulates the legal grounds for processing personal data. Below, we have listed the purposes for which we process your personal data and the legal grounds we rely on within the scope of these purposes:

Processed Data	Data Processing Purposes	Legal Basis for Data Processing
· Identity (name – surname) · Communication (phone number, e-mail address) · Other (permission information)	· Informing you about campaigns, promotions, events, surveys, and opportunities in line with your communication permission preferences (such communications allow us to increase your loyalty and satisfaction with our products/services),	Law Art. 5/1 Presence of the explicit consent of the data subject
· Identity (name – surname) · Communication (e-mail address) · Transaction Security (IP address, log records) · Other (permission information) · Legal Action (information in correspondence with judicial authorities, information in the lawsuit file)	· Providing clarification to you in the online environment within the scope of sending commercial electronic messages and reporting the records regarding your consent obtained in the online environment to authorized institutions and organizations.	Law Art. 5/2-(ç) Fulfillment of our legal obligations.

 

1. With whom and for what purposes do we share your personal data?

Your personal data is shared with third parties by complying with the rules regarding the transfer of personal data in the Law and relevant legislation. The parties we share with and the purposes of sharing within this scope are as follows:

• Authorized Institutions and Organizations: Fulfilling our legal obligations in cases where information or document requests are made from our Company or where we are expected to notify these institutions. (For example; transferring to Message Management System Inc. (İYS) in order to fulfill the notification obligation under the Regulation on Commercial Communication and Commercial Electronic Messages)

 

• Suppliers and Business Partners: Receiving support from suppliers to fulfill the purposes specified under the heading “Which personal data do we process, for what purposes, and based on which legal grounds?” above (for example; if you have given explicit consent for sending commercial electronic messages, receiving support from suppliers within the scope of being able to send commercial electronic messages),

 

In case of the transfer of your personal data, we act in accordance with the rules stipulated in Articles 8 and 9 of the Law.

1. Through which channels do we collect your personal data?

We collect your personal data through automated and partially automated methods via forms filled in electronically on the website, SMS, e-mail correspondence, and calls.

1. How can you exercise your rights regarding your personal data?

Article 11 of the Law on the Protection of Personal Data regulates the rights of data subject individuals. Pursuant to this article, you have the following rights:

• To learn whether your personal data is processed or not,
• To request information if your personal data has been processed,
• To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
• To know the third parties to whom your personal data is transferred at home or abroad,
• To request correction of your personal data if it is incomplete or incorrectly processed and to request notification of the transaction made within this scope to the third parties to whom your personal data has been transferred,
• To request the deletion or destruction of your personal data in the event that the reasons requiring its processing disappear, despite the fact that it has been processed in accordance with the Law and other relevant legal provisions, and to request notification of the transactions made within this scope and in case of incomplete or incorrect processing to third parties to whom your personal data has been transferred,
• To object to the occurrence of a result against you by analyzing your processed data exclusively through automated systems,
• To demand compensation for damages in case you suffer damage due to unlawful processing of your personal data.

You can choose the following methods to submit your requests regarding your rights mentioned above to the Company:

• You can send an e-mail to info@onenewone.com via your e-mail address registered in our systems,
• You can also choose other methods specified in the Communiqué on the Procedures and Principles of Application to the Data Controller.