Purposes of Processing Personal Data
The company processes the personal data mentioned limited to the purposes specified in Fenne İlaç’s Personal Data Processing Policy, which is shared on http://fennelab.omnitim.com; improving, developing and presenting the services provided to the User on the Website; Informing of the User who communicated his requests and complaints and contacting the User; providing better quality and personalized service to the user; İnforming and contacting the user for marketing purposes provided that it is shared and consented by the user in the relevant parts of the Website; fixing the security vulnerabilities of the website in the fastest way, improving the user experience, to eliminate errors on the website, making sense of the user data, planning and enforcing marketing policies; planning and implementing the human resources policies; perform and reporting and business development activities, creating a database; achieving purpose of ensuring corporate policy operations of the Company.
Personal data can be processed by the Company without seeking explicit consent of the User, in the presence of one of the conditions sought pursuant to paragraph 2 of article 5 and paragraph 3 of article 6.
Transfer of Personal Data
Company will be able to share the personal data limited to the purposes listed above and shared on the http://fennelab.omnitim.com website with third parties from whose it receives services (such as call centers, law offices, service providers, hosting service providers) set out in the Fenne İlaç Personal Data Processing Policy . The User agrees that his personal data may be stored by the Company in any location owned by the third party in accordance with the Law, and that the Company has fulfilled its obligation of clarification and consent to this subject, provided that it is limited to the above-mentioned purposes.
The Company may transfer personal data to third parties without seeking explicit consent of the User, in case of existence of one of the conditions sought in accordance with the paragraph 2 of the article 5 of the Law and the paragraph 3 of the article 6 and where necessary, by ensuring compliance with the paragraph 2 of the article 9 of the law.
Personal Data Processed
The company, depending on the User’s access to the Website and the transactions to be performed on the Website, will be able to process;
Website Browsing Information
Legal Transaction Information
Request/Complaint Management Information of the User and personal data that may be required to operate the web site of the company in accordance with the Law on Protection of Personal Data.
Cookies are information files consisting of small parts that are sent to the users by the servers. In this context, the Company stores certain information on the User’s computer, phone, etc. for a determined period of time as text files in places and uses it when necessary.
Personal data related to the transactions performed by the User during the browsing of the website can be processed by the Company for the purposes written below and shared with third parties for this purpose. In this context, the Company may follow-up the browse information and usage history of the user, process information collected from the User, and use it with information from other sources, such as third parties to provide special services to the User through the website and to improve the service quality, to make special promotion, to improve the page contents according to the User, to improve the user experience, to offer promotion and marketing suggestions.
Rights of the Person concerned in accordance with Article 11 of the Law
The Company notifies Concerned Person his/her rights pursuant to Article 10 of the Law; It provides guidance on how to exercise such rights and perform the necessary internal functioning, administrative and technical arrangements for all these.
The Company declares to the persons whose personal data have been taken in accordance with the article 11 of the law that they are entitled; to learn whether their personal data is processed or not, to request information if their personal data has been processed, to learn the purpose for processing their personal data and whether it is used appropriately, to know about third parties to whom your personal data is transferred at home or abroad, to request corrections of their data in case of incomplete or incorrect processing, to request the deletion or destruction of their personal data, to request notification of the transactions made in accordance with the paragraphs (d) and (e) of article 11 of the Law to the third parties to whom their personal data have been transferred, to raise objections against any results that may have been obtained against them due to analysis of their processed data solely through automatic systems and if they have incurred damages due to unlawful processing of their personal data, to request indemnification of their damages.
Application to the Company
The Person concerned may fill in the requests regarding the implementation of the Law by filling out the Personal Data Protection Application Form (“Application Form”) on the Personal Data on the Website and submit it to the Company as specified in the Application Form. The company concludes the requests in the application free of charge as soon as possible and within thirty days at the latest, depending on the nature of the request. However, if the transaction requires a separate charge, the fee at the tariff determined by the Board may be charged. The Company may respond to these requests in the ways specified in the Application Form.
In case the application is rejected, the response found to be insufficient or the application is not answered in due time; the Person concerned may file complaint to the Board within thirty days after the Company has learned the answer, and in any case within sixty days from the date of application. No complaint may be filed until the application remedy described above is completed.
Retention Period, Deletion, Destruction, or Anonymization of Personal Data
(i) If the purposes of processing personal data have been fulfilled or (iii) if the time required for the provision of the service by the Company to the User has expired or (iv) the periods of retention determined by the relevant legislation and the Company have expired, the personal data should be deleted, destroyed or anonymized. This personal data can only be stored for the purpose of citing as evidence in possible legal disputes or execution of a right associated with a personal data.
Method, Legal Reason of Data Collection and Data Security
Personal data are collected in all kinds of verbal, written, and electronic media for the above-mentioned purposes and processed by the Company or the commissioned data processors.
Company, in order to ensure data security, shall take all kinds of technical and administrative measures to;
a) prevent personal data from being processed unlawfully,
b) prevent personal data from being illegally accessed,
c) ensure the preservation of personal data,
d) to ensure the appropriate level of security.
In case of redirecting to other sites or applications through the website, the Company is not aware of the compliance of the directed sites and applications with the legislation for the protection of personal data and is not responsible for their privacy policies and contents.