PART ONE

1.1. Introduction

 

We, TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. (“Company” or “TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.”), attach utmost importance to the protection and processing of Personal Data in accordance with the Personal Data Protection Law No. 6698 (“Law”) and act accordingly in our all plans and activities. With this awareness, we, TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ., take all necessary administrative and technical measures for the protection and processing of Personal Data.

 

1.2. Purpose of the Policy

 

The purpose of the Personal Data Protection and Processing Policy (“Policy”) is to protect the fundamental rights and freedoms of individuals, especially the privacy of private life regulated under Article 20 of the Constitution, in the protection and processing of personal data in accordance with the purpose of the Law, and to inform the Data Subjects about our Company’s liabilities and the procedures and principles that it will respect in accordance with the Law. TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. , in the capacity of Data Controller, lawfully processes the personal data of its employees, company officers who work in design, R&D, engineering, production, sales, and after-sales departments and make the configured vehicles, spare parts, engines, and casting pieces available, and communicate on its own behalf or in the capacity of a representative to carry out the business activities, or of other natural persons who established a relationship through a job application or any other purposes or means. Another purpose of this policy is to inform the data subjects about these processing activities performed by TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. and the systems adopted for the protection of personal data and thus to provide transparency regarding personal data.  In this context, TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. has elaborately explained the processing of personal data under the Law, the data subjects whose data are processed, the rights of these persons, and the use of cookies and similar technologies in this Policy.

 

1.3. Scope of the Policy

 

This Policy has been prepared for the Company’s Shareholders (natural persons), the Company’s Business Partners, the Company Officials, the Job Candidates, the Visitors, the Company’s Customers, the Potential Customers and Third Persons and will be applied within the scope of the specified persons. The Company informs the Data Subjects of the Law by publishing this Policy on its website. This Policy will not apply to legal persons, whatever their capacities. “Personal Data Processing Policy for Employees will apply for the employees of our Company. This Policy will apply to the above-mentioned data subjects if their Personal Data are processed by our Company in a wholly or partly automated way, or in a non-automated way provided that it is a part of any data recording system. This Policy will not be applied if the data are not included in the scope of “Personal Data” or if the Personal Data processing performed by our Company are not performed in the above-mentioned ways.

 

1.4. Definitions

 

The concepts used in the implementation of this policy will have the following meanings:

 

Express Consent

:

Consent that relates to a specified issue, declared by free will and based on

information.

Anonymization

:

Making personal data incapable of being associated with an

identified or identifiable natural person under any circumstances, even by matching them with other data.

Job Candidate

:

Natural persons who have applied for a job to our Company in any way or

opened their CV and related information to our Company's review.

Data Subject

:

Natural person notified by the data controller at the time of Registration for the communication with the   Authority

 in relation to the obligations of legal persons resident in Turkey and the data controller representative of a legal person who is not resident in Turkey in accordance with the Law and secondary regulations to be issued based on this Law.

Processing of Personal

Data

:

Any operation which is performed on personal data

such as collection, recording, storage, protection, alteration, adaptation, disclosure, transfer, retrieval, making available for collection, categorization, preventing the use thereof, with fully or partially automated means or non-automated means provided that form part of any data recording system.

PDP Board

:

Personal Data Protection Board.

Personal Data Owner

/Data Subject

:

Company Stakeholders, Company Business Partners,

Company Officials, Job Candidates, Visitors, Company Customers, Potential Customers and Third Parties whose Personal Data are Processed.

Personal data processing

inventory

:

Inventory that is created by data controllers by associating the personal data

processing activities they perform depending on the business processes with personal data processing purposes, data category, recipient group and data subject group and that explains maximum time required for the purposes of processing of personal data, personal data that are expected to be transferred to other countries, and measures taken for data security in detailed manner.

Personal data storage and

disposal policy

:

Policy which data controller issues as a basis for

erasure, destruction and anonymization of personal data and determination of maximum storage period for the purpose for which personal data are processed.

Personal Data

:

Any information relating to identified or identifiable natural

person.

 

 

Company Customer

:

Natural persons who use or have used the products and services offered by our Company,

regardless of having a contractual relationship with our Company.

Sensitive Personal

Data

:

Any relating to the race, ethnic origin, political opinion, philosophical belief, religion, religious sect or

other belief, appearance, membership to associations, foundations or trade-unions, health, sexual life, criminal convictions and security measures, and the biometric and genetic data constitute the sensitive personal data.

Potential Customer

:

Natural persons who have requested or interested in using our products

and services, or who have been assessed by the custom of trade and good faith for which they may have such interest.

Company / Our Company

:

TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.

Company Stakeholder

:

Natural persons who are the stakeholders of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.

Company Business Partner, Business

Partners’ Stakeholder, Authorized Person, Employees

:

Natural persons with whom our Company has any business relationship, and

all natural persons who work under natural and legal persons (business partner, supplier, etc.) with whom our Company has any business relationship, including stakeholders and authorized persons.

Authorized Person

:

Natural persons who are the board member and other authorized persons of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.

Third Party

:

Other persons who are not covered by the Personal Data Protection and Processing Policy of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. that is prepared for the Company Employees and who do not fall into any Data Subject category under this Policy.

Data category

:

Personal data class related to data subject group(s)

where personal data are grouped according to their common features.

Data subject group

:

Data subject category in which data controllers process

their personal data.

Data Controllers’ Registry

Information System (VERBİS)

:

Information system that is accessible via the Internet and established and managed by the  

Presidency, that data controllers will use for the registration with the Registry and the other operations related to the Registry.

Data Processor

:

Natural and legal person who processes Personal Data on

behalf of the data controller upon its authorization.

Data Filing System

:

System where Personal Data are processed by being structured

according to specific criteria.

Data Controller

:

Person who determines the purposes and means of processing

Personal Data and manages the system where data are filed systemically (data filing system).

 

 

Visitor

:

All natural persons who have entered our Company’s physical locations

for various purposes or have visit our website for any reason

Management Procedure

for Requests from Data Owners

:

Procedure that is prepared within TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.  and details the process to be used to meet the requests from the Data Subjects under the Law.

 

1.5.Enforcement of Policy

 

The Policy that has been prepared by TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. and has entered into force is published on the Company’s website (www.tesamedikal.com.tr, www.oxyvital.com.tr) and made accessible to data subjects upon request. TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. has always the right to make amendment on this policy within the framework of the Law, the secondary legislation and the PDB Board’s decisions.

 

PART TWO

 

2. PROTECTION OF PERSONALDATA

 

2.1. Security of Personal Data

 

Our Company takes all necessary technical and administrative measures to prevent Personal Data from being processed and accessed unlawfully, and to protect the Personal Data in accordance with the Law.

 

2.2. Audit

 

Our Company performs or has performed necessary audits to ensure the data security described above and the regularity and continuity of the measures taken.

 

2.3. Privacy

 

Our Company takes all necessary technical and administrative measures to prevent the data controllers and data processors from disclosing the Personal Data to any person contrary to the provisions of the Law and Policy and from using them for other purposes than the processing purpose, to the extent permitted by technological possibilities and implementation costs. In this context, our Company conducts information and training activities to inform our employees about the Law and the Policy

 

2.4. Unauthorized Disclosure of Personal Data

 

In the event that the Personal Data processed by our Company are unlawfully obtained by others, our Company takes the necessary actions to notify this to the Data Subject and the PDP Board. If deemed necessary by the PDP Board, this may be announced on the PDP Board’s website or by another means to be approved by the PDP Board.

 

2.5. Protection of the Data Subjects’ Legal Rights

 

Our Company protects all the legal rights of the Data Subjects with the implementation of the Policy and Law and takes all necessary measures to protect these rights.

 

2.6. Protection of Sensitive Personal Data

 

Our Company takes all necessary measures as determined by the PDP Board within the framework of the Policy on the Protection and Processing of Sensitive Personal Data.

 

  •  

PART THREE

 

3.PROCESSING AND TRANSFER OF PERSONAL DATA

 

3.1. General Principles for Processing of Personal Data

 

Our Company processes Personal Data in accordance with the procedures and principles stipulated by the Law and this Policy. Our Company processes Personal Data in compliance with the following principles.

  • Compliance with the Law and Integrity rules
  • Being Accurate and Up-to-date When Necessary
  • Processing for Specific, Clear and Legitimate Purposes
  • Being Connected, Limited and Restrained for the Purpose for Which They are Processed
  • Preservation for the Period Envisaged in the Relevant Legislation or Required for the Purpose for Which They are Processed

3.2. Conditions for Processing of Personal Data

 

The personal data are processed in TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. with the express consent of the data subjects or in the light of activities that are not subjected to express consent under Article 6 of the Law, only within the framework of the purposes given in the “Purposes of Processing of Personal Data” section in this Policy. Our Company may process Personal Data without seeking the express consent of the data subject in cases where one of the following conditions is met.

 

3.3. Conditions for Processing of Sensitive Personal Data

 

Our Company does not process Sensitive Personal Data without the express consent of the data subject. However, Personal Data other than health and sexual life information may be processed without seeking the express consent in cases stipulated by laws. Personal Data on health and sexual life are processed by our Company, without seeking the express consent of the data subject, for the purposes of protection of public health, operation of preventive medicine, medical diagnosis, treatment and nursing services, planning and management of health-care services as well as their financing. Our Company takes necessary actions on taking adequate measures for the processing of Sensitive Personal Data, as determined by the Board.

 

3.4. Conditions for Transfer of Personal Data

 

Our Company may transfer the Personal Data and Sensitive Personal Data of the Data Subjects to third persons by meeting the necessary privacy requirements and taking necessary measures in line with the purposes of processing of Personal Data, in accordance with the Law. Our Company acts in line with the regulations stipulated by the Law in the course of the transfer of the Personal Data. In this respect, our Company may transfer the Personal Data to third parties on the basis of, and limited to, one or several of the conditions to process Personal Data listed in Article 5 of the Law lawfully and legitimately:

 

  • If the Data Subject has given his/her express consent;
  • If there is any express regulation in laws for the transfer of the Personal Data,
  • If it is mandatory to protect the life or physical integrity of the Data Subject or some other party, and in the event that the Data Subject is unable to explain his/her consent due to actual impossibility or if his/her consent is not legally valid,
  • If it is required to transfer Personal Data of the contractual parties provided that it should be directly related to the establishment or performance of a contract,
  • If the transfer of Personal Data is mandatory in order for our Company to fulfill its legal liability,
  • If the Personal Data are publicized by the Data Subject himself/herself,
  • If the transfer of Personal Data is mandatory to establish, use or protect a right,
  • If the transfer of Personal Data is mandatory for our Company’s legitimate interests, without prejudice to the fundamental rights and freedoms of the Data Subject.

3.4.1.   Conditions for Transfer of Personal Data Abroad

 

Our Company may transfer the Personal Data and Sensitive Personal Data of the Data Subjects to third persons abroad by taking necessary measures in line with the purposes of processing of Personal Data, in accordance with the Law. Our Company may transfer the Personal Data to foreign countries which are declared by the PDP Board to have adequate protection, or in the absence of adequate protection, to foreign countries where data controllers in Turkey and in the relevant foreign country undertake to provide adequate protection in writing and where it is permitted by the PDP Board.

 

PART FOUR

  1. PURPOSES OF CATEGORIZATION, PROCESSING AND TRANSFER OF PERSONAL DATA, PERSONS TO WHOM THEY WILL BE TRANSFERRED

 

4.1. Categorization of Personal Data

 

  1. Identity information

Data containing information about the identity of the person: first name, last name, ID number, marital status, nationality, parents names, place and date of birth, sex, personal background, factory and registration number of employees, title deed and other official registry information and other identifying information including driving license, ID card and passport copies, tax number, social security number, signature, vehicle license plate, etc.

 

4.1.2. Contact Information

Phone number, address, e-mail address, fax number, IP address and other information

 

4.1.3. Processing Security Information

Personal data of either the Data Subject or the Company that are processed for the technical, administrative, legal and commercial security of the Company while conducting the Company’s activities

 

4.1.4. Financial Information

Processed personal data regarding information, documents and records showing all kinds of financial results created according to the type of legal relationship that our company has established with the personal data owner, and bank account number, branch code, bank card information, IBAN number, credit card information, financial profile, credit rating, assets data, income information and other information

 

4.1.5. Visual and Auditory Information

Photographs, footage, voice records and all data containing these information and other information

 

4.1.6. Personal Information

Any personal data processed to obtain information to form a basis for the protection of personal rights of the Data Subject and natural persons who have working relationships with him/her

 

4.1.7. Location Information

Information determining the location of the Data Subject while he/she is using the Company tools within the scope of the activities and operations of the Company or other companies and institutions with which it is in cooperation; GPS location, travel data and other information

 

4.1.8. Information on Family Members and Relatives

Information relating to the family member (e.g., partner, mother, father, child), relatives and emergency contacts of the Data Subject that are processed for the purposes of protecting the legal and other interests of the Company and the data subject, or within the scope of the activities and operations of the Company or other companies and institutions with which it is in cooperation, including identity information and contact information

 

4.1.9. Physical Premises Security Information

Personal data on the records and documents obtained when entering to the physical premises and during the stay in such premises; footage, fingerprint records, records taken at the security point, and other information on workplace

 

4.1.10. Information on Legal Transactions

Data processed for the determination and proceeding of the Company’s legal claims and rights and within the scope of its legal liabilities

 

4.1.12. Sensitive Personal Data

Data set out in Article 6 of the Law (health data, biometric data, region, and association membership, etc.)

 

4.1.13. Request/Complaint Management Information

Personal information regarding the reception and evaluation of requests or complaints to our Company

 

4.2. Purposes of Processing of Personal Data

 

Our company provides information on for which purposes Personal Data can be processed, and to whom and for which purposes the processed data can be transferred, in order to fulfill the disclosure requirement as stipulated by Article 10 of the Law. Your personal data are processed within the scope of personal data processing conditions set out in Article 5 and 6 of the Law, limited to plan and implement our human resources policy in the best way; to accurately plan and execute our commercial partnerships and strategies; to ensure the legal, commercial and physical security of our Company and business partners; to ensure the corporate functioning of our Company, to allow for you to get the most out of products and services offered by our Company; to offer you services and products customized according to your requests and needs; to ensure the data security at the highest level; to establish databases; to enhance the services offered in our Company’s website; to contact with those who submit their requests and complaints to our Company; and to eliminate any errors in our Company’s website.

 

4.3. Purposes of Transfer of Personal Data

Your personal data are processed within the scope of conditions set out in Article 8 and 9 of the Law, limited to plan and implement our human resources policy in the best way; to accurately plan and execute our commercial partnerships and strategies; to ensure the legal, commercial and physical security of our Company and business partners; to ensure the corporate functioning of our Company, to allow for you to get the most out of products and services offered by our Company; to offer you services and products customized according to your requests and needs; to ensure the data security at the highest level; to establish databases; to enhance the services offered in our Company’s website; to contact with those who submit their requests and complaints to our Company; and to eliminate any errors in our Company’s website.

 

4.4. Persons to Whom Your Personal Data Will be Transferred

 

Your Personal Data may be transferred to our stakeholders, business partners, suppliers, subsidiaries, companies and institutions with which we are in cooperation with, companies that we outsource to fulfill our contractual or legal obligations, authorized institutions and organizations. The nature of these transfers and the parties to whom the personal data are transferred vary depending on the the type and nature of relationship between the data subject and TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ., the purpose of the transfer, and the applicable legal basis; however, these parties generally include:

 

  • Legal authorities such as law offices and institutions that provide support for legal activities,
  • Business units within TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. to ensure coordination, cooperation and productivity,
  • Research companies for various purposes such as customer satisfaction, etc.,
  • Banks allowing for financial transactions,
  • Ministry of Science, Industry and Technology (MoSIT) for R&D Central activity period report
  • Ministry of National Defense, Department of Technical Services for defense industry projects,
  • Ministry of Environment and Urbanization for waste removal,
  • Health institutions or hospitals in case of work accident,
  • Customs Consultant, Customs Directorate, Port Authority for import and export operations,
  • Aegean Region Chamber of Industry, Directorate of Industry for the capacity report,
  • Izmir Governorship State of Emergency, Security General Directorate and company to be shipped for finished products in the defense industry.

PARTFIVE

5. METHOD AND LEGAL CAUSE OF COLLECTION OF PERSONAL DATA, DELETION, DESTRUCTION AND ANONYMIZATION OF PERSONAL DATA AND RETENTION PERIOD

 

 

5.1 Method and Legal Cause of Collection of Personal Data

 

For the purpose of checking the compliance with Article 1 regulating the purpose of the Law and Article 2 regulating the scope of the Law, Personal Data are collected by technical and other methods in any verbal, written and electronic environment through various ways such as call center, our Company’s website, mobile application, etc. to fully and accurately fulfill the legal liabilities within the scope of legislation, contract, request and optional legal reasons in order to achieve the purposes set out in the Policy, and then they are processed by our Company or data controllers as appointed by our Company.

 

5.2. Deletion, Destruction and Anonymization of Personal Data

 

Without prejudice to the provisions in other laws regarding the deletion, destruction or anonymization of Personal Data, our Company deletes, destructs or anonymize the Personal Data on its own initiative or upon the request of data subject in accordance with the Personal Data Storage and Disposal Policy in the event that the reasons for processing them disappear, although they have been processed in accordance with the provisions of the Law and other applicable laws.

 

When the personal data are deleted, such data are destroyed so that they will not be used again or restored in any way. Accordingly, the data are deleted from documents, files, CDs, discs, hard discs in which they are stored, so that they will not be restored.

 

The destruction of the data means the destruction of data storage materials in which the data are stored, such as documents, files, CDs, disc, hard discs, etc., so that the information will not be restored and used again.

 

The anonymization of data means making impossible to associate the Personal Data with an identified or identifiable natural person, even if they have been matched with other data.

 

5.3. Personal Data Retention Period

 

Our Company retains the Personal Data during the periods stipulated by the laws and other legislation. In the event that the laws and other legislation have no regulation on the period for which the Personal Data should be retained, your Personal Data are processed for the period until that the purpose of processing that Personal Data is achieved, and then they are deleted, destroyed and anonymized in accordance with the Personal Data Retention and Destruction Policy.

 

PART SIX

§ 6. INFORMING THE DATA SUBJECT, THE RIGHTS OF THE DATA SUBJECT UNDER THE PDP LAW

 

6.1. Informing the Data Subject

Our Company informs the Data Subjects in the course of obtaining personal data, in accordance with Article 10 of the PDP Law. In this regard, it informs about the identity of the contact person (if any), for which purposes the personal data will be processed, to whom and for which purposes the processed personal data may be transferred, the method and legal reason of collection of personal data, and the rights of the Data Subject.

 

6.2. Rights of the Data Subject under the PDP Law

Our Company informs you of your rights in accordance with Article 10 of the Law; guides you how to use such rights, and performs the internal functioning, administrative and technical arrangements required for all these. In accordance with Article 11 of the Law, our Company informs the persons whose personal data are collected about that they are entitled;

 

  • to learn whether their personal data have been processed or not,
  • to request information if their personal data have been processed,
  • to learn the purpose of the processing of their personal data and whether they have been used in compliance with the intended purpose,                                     
  • to know the third person at home or abroad to whom their personal data have been transferred,
  • to request rectification of their personal data in case they have been incompletely or incorrectly processed,
  • to request deletion or destruction of their personal data under the conditions set forth in Article 7 of the Law,
  • In accordance with Article 11 of the Law to request the third parties to whom their personal data have been transferred to be notified on the transactions performed as per subclauses (d) and (e) of Article 11 of the Law,
  • to object to any consequence detrimental to them that may arise from the processed data being exclusively analyzed by automatic systems,
  • to request remedial action in case they incur any damage due to the unlawful processing of their personal data.

If you have any requests regarding the implementation of the Law, you can submit them in written or with secure electronic signature by using the “Personal Data Protection Law Data Subject Request Form” or other means to be determined by the Personal Data Protection Board (“Board”),

 

by following the procedures in the application form Our Company will conclude the requests in the application within the shortest time depending on the nature of the request and within thirty days at the latest and free of charge. However, if the action requires an extra cost, fees may be charged according to the tariff determined by the Board.

 

Our Company may accept the request or refuse it with justification and shall communicate its response to the data subject in writing or by electronic means. In case the request is accepted, our Company performs the necessary action. If the request is made due to fault of our Company, the fee received is refunded to the data subject.

 

In cases where the application is refused, the response is found insufficient or the application is not responded in time, the data subject is entitled to lodge a complaint with the Board within thirty days as of he or she learns about the response, or within sixty days from the date of application, in any case.

 

6.3. Cases Where the Policy and the Law Will not be Fully or Partially Applied

 

These provisions of the Law and the Policy will not be applied in the following cases:

  • Processing of personal data by natural persons within the scope of activities related to themselves or family members living together in the same household, provided that it is not to be disclosed to third parties and the data security obligations are to be complied with.
  • Processing of personal data for official statistics and research, planning, and statistical purposes by being anonymized.
  • Processing of personal data for artistic, historical, literary, or scientific purposes or within the scope of freedom of expression, provided that national defense, national security, public security, public order, economic security, privacy, or personal rights are not violated or the processing shall not constitute a criminal offense.
  • Processing of personal data within the scope of preventive, protective, and intelligence activities carried out by public institutions and organizations duly authorized and assigned to maintain national defense, national security, public security, public order, or economic security.
  • Processing of personal data by judicial authorities or execution authorities with regard to investigation, prosecution, criminal proceedings, or execution proceedings.

Provided that this complies with and proportional with the purpose and basic principles of this Policy and the Law, Article 10 regarding the data controller's obligation to inform, Article 11 regarding the rights of the data subject, excluding the right to demand compensation, and Article 16 regulating the requirement to register with the Data Controller registry system will not apply to in the following cases:

  • Personal data processing is required for the prevention of a crime or crime investigation.
  • The data which is publicized by the data subject himself/herself are processed.
  • Personal data processing is required for the conduct of supervisory or regulatory duties, for disciplinary investigation, or prosecution by the public institutions, organizations, and professional associations having the status of public institutions, in accordance with the power granted them by law.
  • Personal data processing is required for the protection of State's economic and financial interests regarding budgetary, tax-related, and financial issues.

PARTSEVEN

7. CATEGORIZATION OF DATA SUBJECTS AND MATCHING THEM WITH PERSONAL DATA

 

7.1. Categorization of the Data Subjects

Only natural persons can benefit from the protection scope of this Policy and the Law; the Data Subjects in this scope are grouped as follows:

 

Job Candidate

:

Natural persons who have applied for a job to our Company in any way or

opened their CV and related information to our Company's review.

Company Business Partner, Business

Partners’ Stakeholder, Authorized Person, Employees

:

Natural persons with whom our Company has any business relationship, and

all natural persons who work under natural and legal persons (business partner, supplier, etc.) with whom our Company has any business relationship, including stakeholders and authorized persons.

Company Customer

:

Natural persons who use or have used the products and services offered by our Company,

regardless of having a contractual relationship with our Company.

Potential Customer

:

Natural persons who have requested or interested in using our products

and services, or who have been assessed by the custom of trade and good faith for which they may have such interest.

Company Stakeholder

:

Persons who are shareholders of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.

Authorized Person

:

Board member and other authorized persons of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ.

Third Party

:

Other persons who are not covered by the Personal Data Protection and Processing Policy of TESA MEDİKAL SAĞLIK HİZMETLERİ SAN. TİC. LTD. ŞTİ. that is prepared for the Company Employees and who do not fall into any Data Subject category under this Policy.

Visitor

:

All natural persons who have entered our Company’s physical locations

for various purposes or have visit our website for any reason

 

 

7.2. Matching Personal Data with Data Subjects

 

The matching of the classified Personal Data as described and detailed above with the classified Personal Data Subjects is presented below.

 

Identity information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

Contact Information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

Processing Security

Information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties    

Financial Information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

Visual and Auditory Information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

Personal Information

:

Company Business Partner, Stakeholder, Authorized Person, Employees of Business Partners;

Job Candidate, Third Parties

Location Information

:

Company Business Partner, Stakeholder, Authorized Person, Employees of Business Partners

Family Members and Relatives

Information

:

Company Customer; Potential Customer; Company Business Partner,

Stakeholders, Authorized Person, Employees of Business Partners; Job Candidate; Visitor; Third Parties

Physical Location

Security Information

:

Company Stakeholder; Authorized Person; Company Business Partner,

Stakeholders, Authorized Person, Employees of Business Partners; Job Candidate; Visitor; Third Parties

Information on Legal Transactions

:

Potential Customer; Company Business Partner;

Stakeholders, Authorized Person, Employees of Business Partners; Third Parties

Sensitive Personal

Information

:

Company Stakeholder; Authorized Person; Company Customer;

Potential Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

Request/Complaint

Management Information

:

Company Stakeholder; Authorized Person; Company Customer; Potential

Customer; Company Business Partner; Stakeholders, Authorized Person, Employees of Business Partners; Visitor; Third Parties

 

YOU CAN DOWNLOAD THE APPLICATION FORM BY CLICKING HERE

Новости нашей компании

We are in Expomed Eurasi
Hall: 7
Booth No: 736A


25.04.2024 - 27.04.2004
больше, чем

Наш каталог

Доступ к другим документом можно получить со страницы нашего пресс-набора.
Ознакомьтесь с нашим общим каталогом. пресс-кит