Kapat Ikon
Information Security Management System Policy

Aktaş Holding;

It aims to ensure the security of information about all existing and future activities; ensure business continuity with minimum interruption; ensure confidentiality of all information belonging to the Company and third parties that it is liable to protect, and to protect the all kinds of physical and electronic information assets used in the continuation of business processes and the services in accordance with the criteria of Confidentiality, Integrity and Accessibility.Aktaş Holding Management declares its commitment to the establishment, realization, operation, monitoring, reviewing, maintenance and continuous improvement of the Information Security Management System (ISMS) in accordance with TS ISO / IEC 27001 Standard by demonstrating the following:

To analyze the risks on the Assets and Processes and to perform risk management in this framework by setting out risk assessments and risk criteria according to the analysis results.
To define the importance of fulfilling the information security objectives and compliance with information security policies, the responsibilities to the statutes and contracts, and the need for continuous improvement.
To provide sufficient resources to build, realize, operate, monitor, review, maintain and continuously improve ISMS.
To organize and manage the necessary actions to determine risk acceptance criteria and acceptable risk levels.
To announce the innovations, changes and developments within the framework of Information Security Management System to ensure awareness of all employees and stakeholders.

İskender Ulusay
Chief Executive Officer

 

PERSONAL DATA PROTECTION POLICY

 

The purpose of this policy is to inform the Related Persons about the Personal Data Processing activities and related systems that Aktaş Hava Süspansiyon Sistemleri Sanayi ve Ticaret A.Ş. carries out in the capacity of Data Officer in accordance with the Personal Data Protection Law no. 6698 (“KVKK”). In this context, Aktaş hereby discloses in this Policy the activities of Personal Data processing within the scope of KVKK and the rights of Data Owners subject to Personal Data Processing.

In this context, the terms referred to under the Law shall have the following meanings:

 

  1. A. PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA

Aktaş hereby adopts the following principles regarding the processing of Personal Data in accordance with paragraph 2 of Article 4 of the KVKK and within the scope of the purposes exemplified in the 'Personal Data Processing Purposes' section of this Policy;

 

B. DATA PROCESSED BY AKTAŞ

Personal Data is processed on the basis of the Data Owner's Open Consent, or in cases not requiring Open Consent, within the scope of the Articles 5 and 6 of the KVKK, in accordance with the purposes set out in the “Personal Data Processing Purposes” section of this Policy. Depending on the type, nature of the relationship between Aktas and the Data Owner and the Personal Data Processing Purposes, the categories of Personal Data processed in accordance with the principles in this Policy are generally as follows:

 

C.    PERSONAL DATA PROCESSING PURPOSES

Personal Data may be processed by Aktaş for the purposes stated below;

 

D.   PERSONAL DATA TRANSFER

Aktaş may transfer data to domestic and international subsidiaries, suppliers and business partners and Personal Data can be processed and stored in appropriate media within the framework of the objectives exemplified in the 'Personal Data Processing Purposes' section of this Policy and the conditions stipulated in Articles 8 and 9 of the KVKK.

 

E.    PERSONAL DATA COLLECTION

In order to meet the objectives exemplified in the 'Personal Data Processing Purposes' section of this Policy by Aktaş, Personal Data will be collected directly from prospective employees, current employees, customers, suppliers, business partners, affiliates, official institutions and other physical environments and also through websites, mobile applications, social media and other public channels or organized trainings, organizations and similar events pursuant to the conditions stipulated in Articles 5 and 6 of KVKK.

 

F. RETENTION TIME OF PERSONAL DATA

Personal Data is kept by Aktaş for the duration of the relevant legal retention periods or for the period required for the realization of the activities and objectives related to this data. Personal Data whose purpose of use or legal retention period expires is disposed of in accordance with the Data Retention and Disposal Policy.

 

G.     RIGHTS OF DATA OWNER

In accordance with Article 11 of the KVKK, the Data Owner has the following rights:

Requests from Data Owners to use one of the above rights will be finalized by Aktaş within 30 days at the latest. Data Owners may forward their requests to one of the following addresses in the specified methods;

Mailing address: Bursa Organize Sanayi Bölgesi, Ali Osman Sönmez Bulvarı, No:13/A Nilüfer-Bursa

E-mail addressbgys@aktasholding.com

Registered Electronic Mail (REM): aktashava@hs02.kep.tr

 

H.    SECURITY OF PERSONAL DATA

Aktaş hereby attaches utmost importance to protecting the privacy and security of Personal Data. Accordingly, necessary technical and administrative security measures are taken to protect Personal Data against unauthorized access, damage, loss or disclosure. Necessary system access controls, data access controls, secure transfer controls, business continuity controls and other necessary institutional controls are applied.

İskender Ulusay

Chief Executive Officer

 

 

INFORMATIVE TEXT ON THE PROCESSING OF PERSONAL DATA

We, as Aktaş Hava Süspansiyon Sistemleri Sanayi ve Ticaret A.Ş. (referred to as "Aktaş" or "Company") want to inform you about the personal data processing activities we carry out in the capacity of Data Officer in accordance with Article 10 of the Personal Data Protection Law no. 6698 (“KVKK”).

 

Informing in the capacity of Data Officer

In accordance with KVKK and in the capacity of Data Officer, your personal data will be recorded, stored, updated, transferred to third parties where permitted by the legislation, classified and processed in the manner specified in KVKK.

 

Method to Store your Personal Data

As per KVKK, your personal data you share with our company may be processed in any way for the legal reasons exemplified below by registering, recording, storage, modification or reorganization them completely or partially automatically or non-automatically as part of any data recording system. Any transaction performed on the data within the scope of KVKK is considered as “processing of personal data”.

 

Processing Personal Data Purposes

Your personal data may be processed in accordance with the basic principles stipulated in the KVKK for the following purposes and stored securely in physical or electronic media for the purpose of processing;

 

Personal Data Transfer

Your personal data processed by our company in accordance with the law will be transferred to our business partners, shareholders, authorized public institutions and organizations, private individuals, companies we receive support to carry out our activities and independent audit companies within the scope of legal obligations and legal limitations.

Your personal data processed by our company in accordance with the law may be transferred in line with your open consent or without obtaining your consent as stipulated under Articles 5/2 and 6/3 of KVKK to the persons or organizations based in foreign countries that have been identified and declared to have sufficient protection by the Personal Data Protection Board (“Board”) or to countries other than those determined and declared by the Board in cases where the data officers in those countries in which the personal data are transferred undertake adequate protection in writing and the Board's consent can be obtained.

 

 

Method of Collecting Your Personal Data and its Legal Reason

In order to meet the objectives exemplified in the above-mentioned 'Personal Data Processing Purposes', Personal Data will be collected directly from prospective employees, current employees, customers, suppliers, business partners, affiliates, official institutions and other physical media and also through websites, mobile applications, social media and other public channels or organized trainings, organizations and similar events.

 

Your Rights as Data Owner as per KVKK

In accordance with Article 11 of the KVKK, you have the following rights:

 

Your requests to use one of the above rights will be finalized by our company within 30 days at the latest. Data Owners may forward their requests to one of the following addresses in the specified methods.

 

Mailing address: Bursa Organize Sanayi Bölgesi, Ali Osman Sönmez Bulvarı, No:13/A Nilüfer-Bursa

E-mail address: info@aktasholding.com

 

 

Bureau Veritas Bureau Veritas Bureau Veritas Bureau Veritas ISO 27001 IRIS
Information society services | 2020 Aktaş Holding. All rights are reserved..