DEMO REQUEST

PDPL

INFORMATION NOTICE AND EXPLANATIONS ON DATA PROTECTION

In accordance with the Law on the Protection of Personal Data No. 6698 (KVKK), the processing and protection of personal data is of great importance. Therefore, as MDP TR TEKNOLOJİ LİMİTED ŞİRKETİ (hereinafter referred to as “MDP Group”), we show due diligence to implement necessary technical and administrative measures to protect, retain, and process your personal and/or sensitive personal data in accordance with the law.

We frequently collect personal data from you through digital means. Any personal and/or sensitive personal data collected and recorded during your visit to our website is processed in accordance with the Law on the Protection of Personal Data. MDP Group, acting as the data controller, collects and stores your data within legal limits. Additionally, please note that all personal and sensitive personal data collected during your visit to our website is protected under our Privacy Policy, which you can review on our website.

MDP Group cannot guarantee the data security and data policies of websites that are accessed via links provided on our website. Therefore, the data security and data policy of the redirected site should be carefully reviewed by you.

1. WHAT IS PERSONAL DATA?

According to the Law No. 6698, personal data is defined as “any information relating to an identified or identifiable natural person.” As such, any data that makes you identifiable is considered personal data. Accordingly, your personal data cannot be obtained or processed by others without your explicit consent.

In addition, political opinions, religious beliefs, race, sect, association or foundation membership, health data, philosophical beliefs, sexual orientation, criminal record, biometric data, and similar are considered sensitive personal data. Collecting, transferring, or processing such data requires your explicit and written consent. All statements and explanations in this notice regarding your personal data also cover your sensitive personal data.

2. LEGAL BASIS

Article 10 of the Law on the Protection of Personal Data requires that individuals whose data is being processed must be informed, known as the Obligation to Inform:

“At the time personal data is obtained, the data controller or the person authorized by it must inform the data subject of the identity of the data controller and its representative, if any, the purpose for which personal data will be processed, to whom and for what purpose the processed personal data may be transferred, the method and legal basis of personal data collection, and the other rights referred to in Article 11.”

According to Article 3 of the Law, the Data Controller is:

“The natural or legal person who determines the purposes and means of processing personal data and is responsible for establishing and managing the data recording system.”

The Data Processor refers to any natural or legal person who processes personal data on behalf of the data controller based on its authorization.

In this context, the data controller is MDP Group. The information of the data controller is as follows:

Company Name: MDP TR TEKNOLOJİ LİMİTED ŞİRKETİ
Address: Bayar Cad. Şehit Mehmet Fatih Öngül Sk. No: 3 Bağdatlıoğlu İş Merkezi Kat: 10 Kozyatağı – Kadıköy / İstanbul
Phone: +90 216 317 77 90
E-mail: info@mdpgroup.com

3. SCOPE OF THE INFORMATION NOTICE

As explained above, MDP Group is the data controller. As such, the company informs the data subjects that personal and sensitive personal data are processed within the limits defined by law and in compliance with the law.

MDP Group assumes the following responsibilities under the obligation to inform: stating the purposes of data processing, transfer and its purposes, recipients of such data, informing data subjects about their rights such as updating, deleting, or anonymizing data as stated in Article 11 of the Law, as well as the legal grounds and principles of data collection.

4. PURPOSES OF PROCESSING YOUR PERSONAL DATA

Your personal data is processed in accordance with the principles and purposes stated in the Law No. 6698. The purposes for which MDP Group processes personal data include:

  • Improving the quality of products and services;
  • Informing you quickly about updates, products, and services;
  • Identifying personal needs and usage purposes to offer customized products and services;
  • Fulfilling MDP Group’s commercial activities and ensuring complete performance;
  • Providing information about new or modified products and services;
  • Enabling optimal use of our products and services;
  • Developing MDP Group’s business strategies and corporate identity;
  • Supporting company policies and increasing customer satisfaction;
  • Ensuring data security;
  • Developing online products and services;
  • Quickly resolving issues;
  • Enabling communication with individuals submitting requests or complaints;
  • Ensuring compliance with the Privacy Policy.

These data are processed in accordance with the conditions in Articles 5 and 6 of the Law.

5. PRINCIPLES FOR PROCESSING PERSONAL DATA

MDP Group is committed to the following principles:

  • Retaining data for the period prescribed by applicable law or as required for processing;
  • Processing data lawfully and fairly;
  • Keeping data accurate and up to date;
  • Ensuring data is processed for specific, explicit, and legitimate purposes;
  • Avoiding processing data beyond the purpose;
  • Ensuring processing is proportionate and limited;
  • Acting in line with public morals, traditions, and customs;
  • Complying with all relevant legislation, especially the KVKK.

6. METHODS OF PROCESSING PERSONAL DATA

In general, MDP Group processes personal data based on either explicit consent or legal compliance. Except for the exceptions listed below, explicit consent is required from the data subject.

Exceptions Where Explicit Consent Is Not Required:

According to Article 5(2) of the Law:

  • When clearly stipulated by law;
  • In cases of physical impossibility or lack of legal capacity to give consent, for protection of life or bodily integrity;
  • If directly related to the establishment or execution of a contract;
  • If necessary for the data controller to fulfill a legal obligation;
  • If data is made public by the data subject;
  • If necessary to establish, exercise, or defend a legal right;
  • If processing is necessary for the legitimate interests of the data controller, provided that it does not violate the fundamental rights and freedoms of the data subject.

Under these conditions, MDP Group may process your data without your explicit consent.

7. METHODS OF COLLECTING PERSONAL DATA

Data may be collected through various channels including but not limited to: websites, social media, instant messaging, email, phone, fax, manual methods, contracts, documents related to business execution, mobile applications. Data collected via these methods may be oral, written, or electronic.

All collected data are processed and may be transferred within the scope and conditions stated in this notice and in accordance with the principles and purposes of the Law.

8. TRANSFER AND PROTECTION OF DATA

8.1. Data Transfer:

Your data may be transferred only for the purpose of fulfilling obligations, in line with our confidentiality agreements and in compliance with the Law. MDP Group exercises utmost care and minimizes the scope of data shared with business partners and service providers.

8.2. Data Protection:

The main objective of the Law is to protect data and prevent unauthorized transfers. MDP Group takes all technical and administrative precautions, aligns internal policies with the law, and uses appropriate software and hardware to ensure data security. We strive to prevent our employees and third parties from violating our Privacy Policy.

9. RIGHTS OF THE DATA SUBJECT

9.1. General Information

Under Article 11 of the Law, data subjects have the right to:

  • Learn whether personal data is processed;
  • Request information if processed;
  • Learn the purpose of processing and if data is used appropriately;
  • Know third parties to whom data is transferred, domestically or abroad;
  • Request correction if data is incomplete or incorrect;
  • Request deletion or destruction of personal data as per Article 7;
  • Request notification to third parties about corrections or deletions;
  • Object to outcomes resulting from automated data processing;
  • Request compensation for damages caused by unlawful data processing.

You may submit your requests regarding these rights to our company in writing, following the procedures outlined in this notice. MDP Group will respond within thirty days. Applications must be made by the data subject directly. If a fee is determined by the Personal Data Protection Board, this may be charged by our company.

9.2. Application Procedure

Please include the following in your application:

  • Full name
  • Turkish ID number (or passport number for foreign nationals)
  • Wet signature if submitted in hard copy
  • Subject of your request under Article 11
  • Contact phone/fax number(s)
  • Contact email address
  • Mailing address

You can submit applications via: hand delivery, notary, registered mail, KEP address, or [info@mdpgrup.com].

For Digital Transformation in Supplier Processes

Contact Us!


Sizinle Nasıl İletişime Geçelim?