deneme
top of page

CORPORATE GENERAL CLARIFICATION TEXT
REGARDING THE PROCESSING OF PERSONAL DATA

As Renkteks Tekstil San. ve Tic. Ltd. Şti., within the scope of our activities arising from the Law No. 6698 on the Protection of Personal Data (KVKK) and other relevant legislation and legal regulations, we have prepared this clarification text to inform you—our Visitors, Online Visitors, Customers, Potential Customers, Supplier Employees, and Supplier Representatives—regarding the processing, storage, and transfer of your personal data.

  1. WHAT CATEGORIES OF PERSONAL DATA DO WE PROCESS AND FOR WHAT PURPOSES?

  2. Your personal data may be processed by Renkteks Tekstil San. ve Tic. Ltd. Şti. in accordance with Article 4.2 of the Law on the Protection of Personal Data No. 6698 (KVKK), which stipulates the following principles:

  3. Processing in accordance with the law and good faith,

  4. Being accurate and kept up to date where necessary,

  5. Being processed for specified, explicit, and legitimate purposes,

  6. Being relevant, limited, and proportionate to the purposes for which they are processed,

  7. Being retained for the period stipulated in relevant legislation or as required for the purpose for which they are processed.

  8. In line with these principles, your data may be processed for the following purposes within the scope of our business relationships.

  9. A - Our Visitors

  10. The physical space security data of our visitors (e.g., camera recordings)
    will be processed for the purpose of ensuring physical space security.

  11. B - Our Online Visitors

  12. Marketing data and identity data of visitors using our website
    will be processed for the purposes of:

  13. Ensuring compliance with legal obligations,

  14. Carrying out information security processes,

  15. Tracking requests/complaints,

  16. Conducting communication activities,

  17. Informing authorized persons, institutions, and organizations,

  18. Providing access to our website via the internet.

  19. C - Our Customers

  20. Identity, contact, customer transaction, physical security, financial, legal transaction, and marketing data of individual customers or the representatives/employees of corporate customers
    will be processed for the following purposes:

  21. Ensuring compliance with legal regulations,

  22. Conducting financial and accounting operations,

  23. Carrying out and supervising business activities,

  24. Conducting logistics operations,

  25. Managing post-sale support services,

  26. Executing product/service sales processes,

  27. Conducting marketing analysis,

  28. Managing contract processes,

  29. Informing authorized persons, institutions, and organizations,

  30. Ensuring physical space security,

  31. Resolving legal disputes,

  32. Managing storage and archiving processes,

  33. Running risk management procedures,

  34. Managing processes regarding loyalty to company/products/services,

  35. Conducting communication activities.

  36. D - Our Potential Customers

  37. Identity, contact, customer transaction, physical security, and marketing data of potential individual customers or representatives/employees of corporate customers
    will be processed for the following purposes:

  38. Managing product/service sales processes,

  39. Managing contract processes,

  40. Ensuring physical space security,

  41. Conducting marketing analysis.

  42. E - Our Supplier Employees

  43. Identity, contact, and physical security data of our supplier employees
    will be processed for the purposes of:

  44. Carrying out communication activities,

  45. Managing and supervising business operations,

  46. Ensuring physical space security,

  47. Managing supply chain processes,

  48. Carrying out logistics operations,

  49. Ensuring compliance with legal obligations.

  50. F - Our Supplier Representatives

  51. Identity, contact, physical security, financial, and legal transaction data of individual or corporate supplier representatives
    will be processed for the purposes of:

  52. Managing and supervising business operations,

  53. Carrying out product/service procurement processes,

  54. Conducting financial and accounting operations,

  55. Managing contract processes,

  56. Managing investment processes,

  57. Ensuring physical space security,

  58. Managing and following legal affairs.

  59. 2. HOW ARE YOUR PERSONAL DATA COLLECTED?

  60. Your personal data, categorized above, are collected through physical means such as order forms, contracts, visitor forms, or via information systems and electronic devices (e.g., telecommunications infrastructure, computers, and phones), third parties (e.g., KKB and Findeks), our website, and other documents provided by the data subject, through automated or non-automated means.

  61. 3. WHAT IS THE LEGAL BASIS FOR COLLECTING YOUR PERSONAL DATA?

  62. Your personal data are processed by Renkteks Tekstil San. ve Tic. Ltd. Şti. based on the following legal grounds as per Article 5 of the KVKK, in line with the purposes explained above:

  63. Explicitly stipulated by law,

  64. Being necessary for the establishment or performance of a contract,

  65. Being mandatory for the data controller to fulfill its legal obligations,

  66. Being necessary for the establishment, exercise, or protection of a right,

  67. Being mandatory for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed.

  68. 4. DO WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES?

  69. a) Personal data of our visitors may be shared with law enforcement and judicial authorities in case of legal disputes or upon request in accordance with applicable legislation.
    b) Personal data of our online visitors may be shared with judicial authorities and competent public institutions and organizations under the same circumstances.
    c) Personal data of our customers may be shared with public authorities, IT companies, suppliers, cargo companies, insurance companies, banks, and our financial advisor within the scope of legal compliance, legal processes, and operational needs. Additionally, this data may be shared with our contracted law office and judicial authorities for use as evidence in potential legal disputes.
    d) Personal data of our potential customers may also be shared with our law firm and judicial authorities in case of legal disputes.
    e) Personal data of our supplier employees may be shared with public institutions, IT companies, suppliers, cargo companies, banks, and our financial advisor for legal compliance and service fulfillment. This data may also be shared with our law firm and judicial authorities in case of legal disputes.
    f) Personal data of our supplier representatives may also be shared under similar legal and operational necessities with relevant institutions, suppliers, and our law firm.

  70. 5. DO WE TRANSFER YOUR PERSONAL DATA ABROAD?

  71. As Renkteks Tekstil San. ve Tic. Ltd. Şti., we do not transfer your personal data abroad.

  72. 6. HOW CAN YOU EXERCISE YOUR RIGHTS REGARDING YOUR PERSONAL DATA?

  73. You may submit your requests regarding your rights under Article 11 of the KVKK to Renkteks Tekstil San. ve Tic. Ltd. Şti. by using the “Application Form to the Data Controller,” prepared for your convenience in line with the "Communiqué on the Principles and Procedures for the Request to Data Controller", available on our website: www.renkteks.net

  74. Data Controller: Renkteks Tekstil San. ve Tic. Ltd. Şti.
    Address: Osmangazi Mah. Mertler Cad. No:20 Samandıra / Sancaktepe / İstanbul
    Email: kvkk@renkteks.com

RENKTEKS TEKSTİL SAN. VE TİC. LTD. ŞTİ.

CORPORATE PERSONAL DATA PROTECTION POLICY

Document Information

  • Document Name: Personal Data Protection Policy

  • Document Purpose: To define the procedures for planning personal data protection activities and the principles to be applied by Renkteks Tekstil San. ve Tic. Ltd. Şti.

  • Publication Date: October 18, 2021

  • Version: 1

  • Reference / Justification: Law on the Protection of Personal Data No. 6698 and related legislation

  • Approval Authority: Board of Directors of Renkteks Tekstil San. ve Tic. Ltd. Şti.

1. PURPOSE

Everyone has the constitutional right to demand the protection of their personal data. At Renkteks Tekstil San. ve Tic. Ltd. Şti., we regard the fulfillment of this right as one of our highest priorities. We are committed to ensuring that your personal data are processed and protected in accordance with the law. This Corporate Personal Data Protection Policy sets out the basic principles and procedures we follow when processing and securing personal data.

2. SCOPE

This policy applies to all personal data managed by Renkteks Tekstil San. ve Tic. Ltd. Şti.—whether obtained and processed partially or fully automatically, or as part of a non-automated data recording system. This includes collection, recording, storage, retention, modification, restructuring, disclosure, transfer, acquisition, making accessible, classification, and blocking of data. It covers personal data related to our partners, officials, customers, employees, supplier representatives and employees, and third parties. The policy may be updated to comply with legislation and decisions by the Personal Data Protection Authority, or to enhance data protection.

3. DEFINITIONS

TermDefinition

Recipient GroupCategories of persons or legal entities to whom personal data are transferred.

Explicit ConsentFreely given, informed consent on a specific matter.

AnonymizationIrreversible transformation of personal data into a form that cannot be associated with a specific individual.

Data SubjectThe natural person whose personal data are processed.

Data UserIndividuals or units processing personal data, excluding those responsible for technical storage, protection, and backup.

DestructionDeletion, destruction, or anonymization of personal data.

KVKKLaw No. 6698 on the Protection of Personal Data.

Storage MediumAny physical or digital environment where personal data are processed.

Personal DataAny information related to an identified or identifiable natural person.

Data InventoryA detailed record of personal data processing activities, including categories, purposes, recipients, storage periods, cross-border transfers, and security measures.

ProcessingAny operation performed on personal data—collection, storage, disclosure, etc.

AuthorityPersonal Data Protection Board.

InstitutionPersonal Data Protection Authority.

Sensitive Personal DataData related to race, religion, health, biometrics, etc.

Scheduled DestructionRecurrent destruction or anonymization of data when processing purposes cease.

PolicyThis Personal Data Protection Policy.

Data ProcessorNatural or legal persons processing data on behalf of the data controller.

Data ControllerEntity determining purposes and means of data processing and managing data systems.

4. GENERAL PRINCIPLES

When planning new workflows involving personal data, Renkteks ensures compliance with these principles:
I. Lawfulness and fairness
II. Accuracy and timely updates
III. Explicit and legitimate purposes
IV. Relevance, proportionality, and limitation to the processing purpose
V. Retention only as long as legally required and destruction after purpose is fulfilled

5. DATA SECURITY MEASURES

We implement both technical and administrative safeguards to: (i) prevent unlawful data processing, (ii) unauthorized access, and (iii) ensure data preservation.

5.1 Technical Measures

  • Network and application security

  • Secure procurement, development, and maintenance of IT systems

  • Periodic access log reviews

  • Use of firewall systems

  • Physical access controls to data-containing premises

  • Protection against environmental risks (fire, flood, etc.)

  • Secure data storage environments

  • Regular backups and secure backup storage

  • User account and permission management

  • Tamper-proof log retention

  • Intrusion detection and prevention systems

  • Data encryption

5.2 Administrative Measures

  • Disciplinary policies for employee data security

  • Regular training and awareness programs

  • Policies for access, usage, storage, and destruction of data

  • Data masking as needed

  • Confidentiality agreements

  • Role-based access matrix management

  • Revocation of access rights upon role change or termination

  • Data security clauses in contracts

  • Formal procedures and policies for data protection

  • Incident reporting protocols

  • Continuous security monitoring

  • Minimization of personal data collection

  • Internal and random audits

  • Risk identification and mitigation

  • Special procedures for sensitive data

  • Encrypted communication (e‑mail/KEP) for sensitive data

  • Ensuring security awareness among data processors

6. RIGHTS OF DATA SUBJECTS

Data subjects may apply to Renkteks to exercise their rights under Article 11 of KVKK, including:
I. Confirming whether their data is processed
II. Requesting information if data is processed
III. Learning the purpose of processing and how data is used
IV. Identifying domestic and foreign third-party recipients
V. Requesting correction of inaccurate or incomplete data and notification to third parties
VI. Requesting deletion, destruction, or anonymization when processing grounds no longer apply, and notification to recipients
VII. Objecting to automatic processing that yields negative outcomes
VIII. Claiming compensation for unlawful processing

7. BREACH NOTIFICATIONS

Employees must report suspected breaches of KVKK or policy. A committee will convene to create an action plan. If personal data are unlawfully accessed or obtained, the incident will be reported to both the data subject and the Board within 72 hours, in accordance with the Board’s decision dated January 24, 2019, No. 2019/10.

8. POLICY UPDATES

Any changes to this policy will be drafted by management and submitted to the Board for approval. Updates will be communicated via email or published on the company's website.

9. EFFECTIVE DATE

This version of the policy was approved by the Board on October 18, 2021, and is currently in effect.

PERSONAL DATA TRANSPARENCY NOTICE FOR JOB APPLICANTS

Dear Applicant,

This transparency notice has been prepared by Renkteks Tekstil San. ve Tic. Ltd. Şti., as the data controller, in accordance with Article 10 of KVKK and the related Communiqué, to inform you about the purposes, legal grounds, collection methods, data recipients, and your rights regarding the processing of your personal data.

Please be aware that we may not control all information included in your CV or provided via online platforms. We recommend that you avoid submitting personal or sensitive data you do not wish to share.

Data We May Process

  • Name, surname, date and place of birth, gender, marital status, nationality

  • Email, address, phone number

  • Health-related data (e.g., disability status)

  • Education, certifications, language proficiency, skills

  • Employment background (companies, roles, responsibilities, salary)

  • Photograph, driver’s license information

  • Hobbies, salary expectations, military status

  • References (name, title, firm, contact details)

  • Any other information you voluntarily include in your CV

Retention Period

If your application is unsuccessful, your data may be retained for up to 1 year. If hired, data may be retained up to 10 years after termination of employment.

Purposes of Processing

We process your data for:

  • Managing recruitment processes

  • Communicating with you

  • Assessing qualifications for roles

  • Reference checks

  • Determining position fit, salary expectations, availability

  • Identifying eligibility to drive company vehicles

  • Assessing age compliance for positions, including child labor regulations

  • Recognizing applicants during interviews

  • Preparing personal files if employed

  • Verifying potential disruptions per Military Penal Code Article 75

Legal Basis and Method

Your data are processed based on your explicit consent, and the legal grounds in Article 5 of KVKK: necessity for legal obligations, legitimate interests of the data controller (without harm), and contractual necessity. Data may be collected automatically via online submissions or manually (e.g., phone notes).

Data Sharing

Your data may only be shared with judicial authorities or law enforcement in case of legal disputes or legal requirement.

Rights and How to Apply

You have rights under Article 11 of KVKK. You may submit requests in writing or via registered electronic methods (KEP, secure or mobile e-signature, or previously notified email) using the application form available on our website. Applications can be sent to: Osmangazi Mah. Mertler Cad. No:20, Samandıra / Sancaktepe / İstanbul, or emailed to kvkk@renkteks.com.

PERSONAL DATA NOTICE FOR CONTACT FORM SUBMISSIONS

This notice applies to personal data (name, email, etc.) submitted via the contact form on our website. These data are processed to enable our teams to carry out necessary work, manage business processes, and respond to your inquiry. Since we do not control all information provided, please refrain from submitting any personal or sensitive data you do not wish to share.

The data are processed automatically under the legal grounds of “legitimate interests of the data controller” and “compliance with legal obligations” under Article 5 of KVKK, and will only be shared with judicial authorities in the event of legal disputes.

You may exercise your Article 11 KVKK rights via written request or electronic methods as described above, using our application form available on our website. Requests can be mailed to our Istanbul office or sent via email to kvkk@renkteks.com.

  • Instagram Social Icon
  • Facebook Social Icon

© 2023 by Renkteks Tekstil San Tic Ltd Şti

bottom of page