The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give individuals control over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements related to the processing of personal data of individuals (formally called data subjects in the GDPR) who are located in the EEA, and applies to any enterprise—regardless of its location and the data subjects' citizenship or residence—that is processing the personal information of individuals inside the EEA.a
Controllers and processors of personal data must put in place appropriate technical and organizational measures to implement the data protection principles. Business processes that handle personal data must be designed and built with consideration of the principles and provide safeguards to protect data (for example, using pseudonymization or full anonymization where appropriate). Data controllers must design information systems with privacy in mind. For instance, using the highest-possible privacy settings by default, so that the datasets are not publicly available by default and cannot be used to identify a subject. No personal data may be processed unless this processing is done under one of the six lawful bases specified by the regulation (consent, contract, public task, vital interest, legitimate interest or legal requirement). When the processing is based on consent the data subject has the right to revoke it at any time.
Data controllers must clearly disclose any data collection, declare the lawful basis and purpose for data processing, and state how long data is being retained and if it is being shared with any third parties or outside of the EEA. Firms have the obligation to protect data of employees and consumers to the degree where only the necessary data is extracted with minimum interference with data privacy from employees, consumers, or third parties. Firms should have internal controls and regulations for various departments such as audit, internal controls, and operations. Data subjects have the right to request a portable copy of the data collected by a controller in a common format, and the right to have their data erased under certain circumstances. Public authorities, and businesses whose core activities consist of regular or systematic processing of personal data, are required to employ a data protection officer (DPO), who is responsible for managing compliance with the GDPR. Businesses must report data breaches to national supervisory authorities within 72 hours if they have an adverse effect on user privacy. In some cases, violators of the GDPR may be fined up to €20 million or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.
The GDPR was adopted on 14 April 2016, and became enforceable beginning 25 May 2018. As the GDPR is a regulation, not a directive, it is directly binding and applicable, but does provide flexibility for certain aspects of the regulation to be adjusted by individual member states.
The regulation became a model for many national laws outside EU, including Chile, Japan, Brazil, South Korea, Argentina and Kenya. The California Consumer Privacy Act (CCPA), adopted on 28 June 2018, has many similarities with the GDPR.
Data Controller Information:
Name or Company Name: Ege Information Technologies Address: Etiler Mah. Evliya Çelebi Cad. No:23/106 Remel Plaza Muratpaşa/Antalya Contact Information: +90 242 606 0 216 - [email protected]
Data Protection Officer Information (if applicable):
Name or Company Name: Recep ŞENTÜRK Address: Etiler Mah. Evliya Çelebi Cad. No:23/106 Remel Plaza Muratpaşa/Antalya Contact Information: +90 242 606 0 216 - [email protected]
Purposes of Processing Personal Data:
Your personal data will be processed to respond to the data and requests submitted through the contact form or request form. These purposes may include providing customer services, offering products or services, conducting marketing activities, and performing statistical analyses.
Processed Personal Data:
The processed personal data may include the following data categories, which are relevant to providing customer services, offering products or services, conducting marketing activities, and performing statistical analyses:
- First name
- Last name
- Phone number
- Email address
- IP address
Data Processing Periods:
Your personal data will be retained for the duration necessary to fulfill the specified purposes. The data will be kept for the duration compatible with the purposes of processing.
Sharing of Personal Data:
Your personal data will not be shared with third parties (business partners, service providers, etc.).
Transfer of Personal Data:
Your personal data will not be transferred to countries outside the European Union.
Rights of Data Subjects:
As individuals providing personal data, you have the following rights:
- Right to know whether your personal data is being processed
- Right to access your personal data
- Right to rectify your personal data
- Right to erase your personal data
- Right to object to processing
- Right to data portability
Cookies and Tracking Tools:
1. Necessary Cookies
Necessary cookies are cookies that enable the activation of basic functions related to the website, making the website usable. The website does not work properly without these cookies.
2. Performance Cookies
Performance cookies are cookies that collect usage information and preferences of visitors related to the website anonymously, enabling the improvement of the website's performance.
3. Functional Cookies
Functional cookies are cookies that recognize and remember users based on their past usage of the website, allowing websites to provide personalized services such as language, region, etc. to users.
4. Advertising Cookies
Advertising cookies are third-party cookies used to track visitors' behaviors on websites. The purpose of these cookies is to assist in displaying ads that will attract visitors' interests and the responsibility belongs to the third-party cookie owner.
What Personal Data is Processed with Cookies?
Your identity (name, surname, date of birth, etc.) and contact (address, email address, phone, IP, location, etc.) information will be processed by us through cookies, by automatic or non-automatic methods, and sometimes obtained, recorded, stored, and updated from third parties such as analytical providers, advertising networks, search information providers, technology providers, within the framework of our service and contractual relationship, based on the legitimate interest processing condition.
What are Cookies Used for?
How are Cookies Managed?