Copper Casting, casting machine, upcast machine, Upcasting, copper, melting, copper melting, continuous casting, upward casting,copper wire, wire rod, oxygen-free copper, wire drawing, casting facility, casting line, induction furnace, copper wire machine, upcasting, copper processing line, melting system, high conductivity copper, copper production technology, copper forming, non-ferrous metal processing, conductive copper production, oxygen-free copper

copper wire annealing, copper rod, copper processing, copper refining, copper rod casting line, upcast machine, continuous casting line, upcasting line, casting furnace, melting furnace, induction furnace, annealing furnace, casting plant, copper wire machine, rod casting machine, melting plant, system design, channel induction furnace, heat treatment line, rod, copper rod, copper cable, casting technology, metal processing technology, upcasting technology, industrial melting, high-purity copper, casting quality, low-oxygen copper

4000 TPA, 8000 TPA, 12000 TPA, 18000 TPA,inductor,copper ring, automatic coiling system, copper casting simulation, cable industry, industrial furnace, production engineering, high-capacity production, casting solutions, collector, drawing unit, industrial power systems, engineering technology, 8000 TPA CP, 10000 TPA, melting and holding furnace, holding furnace, aluminum casting, aluminum, aluminum casting, brass, brass casting, cathode, copper cathode, copper bale, copper

  • tr
  • EN
  • ru
Get a Quote

Policy on the Protection and Processing of Special Categories of Speci..

POLICY ON THE PROTECTION AND PROCESSING OF SPECIAL CATEGORIES OF PERSONAL DATA

1. PURPOSE
The purpose of the Policy on the Protection and Processing of Special Categories of Personal Data is to fulfill the legal obligations arising from the Personal Data Protection Board’s decision dated 31/01/2018 and numbered 2018/10 on "Adequate Measures to be Taken by Data Controllers in the Processing of Special Categories of Personal Data" and to set forth the technical and administrative measures taken in the processing of special categories of personal data.  

2. DEFINITIONS
 
ABBREVIATION DEFINITION
Explicit Consent Consent regarding a specific subject, based on information and expressed with free will.
Destruction Deletion, destruction, or anonymization of personal data.
Personal data Any information relating to an identified or identifiable natural person.
Anonymization of personal data Making personal data impossible to be associated with an identified or identifiable natural person under any circumstances, even if matched with other data.
Processing of personal data Any operation performed upon personal data such as collection, recording, storage, retention, alteration, adaptation, disclosure, transfer, retrieval, making available for collection, categorization, or prevention of use thereof, either wholly or partly by automated means or by non-automated means provided that the data are part of a data filing system.
Deletion of personal data The process of making personal data inaccessible and non-reusable in any way for the relevant users.
Destruction of personal data The process of making personal data inaccessible, irretrievable, and non-reusable by anyone in any way.
Board The Personal Data Protection Board
Policy Policy on the Protection and Processing of Special Categories of Personal Data
Company PROTON OTOMASYON ELEKTRİK MAKİNA İNŞAAT TAAHHÜT SANAYİ VE TİCARET LİMİTED ŞİRKETİ
Data owner The natural person whose personal data are processed
Data controller The natural or legal person who determines the purposes and means of processing personal data and who is responsible for the establishment and management of the data filing system

3. PROCESSING OF SPECIAL CATEGORIES OF PERSONAL DATA
Data relating to race, ethnic origin, political opinions, philosophical beliefs, religion, sect or other beliefs, clothing and attire, membership to associations, foundations or trade-unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data are special categories of personal data.
The Company complies with the Law and other legislative provisions in the processing of special categories of personal data. In this direction, special categories of personal data are processed in accordance with the following principles:
a. Being in compliance with the law and good faith
b. Being accurate and, where necessary, up to date
c. Being relevant, limited, and proportionate to the purposes for which they are processed
d. Being processed for specific, explicit, and legitimate purposes
e. Being retained for the period provided for in the legislation or required for the purpose for which they are processed.
Special categories of personal data other than health and sexual life are processed by the Company in cases where the explicit consent of the data owner is obtained or in cases provided for in the laws.
Data relating to health and sexual life, on the other hand, are processed in cases where the explicit consent of the data owner is obtained or for the purposes of protection of public health, operation of preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing.  

4. TECHNICAL AND ADMINISTRATIVE MEASURES TAKEN FOR THE PROTECTION OF SPECIAL CATEGORIES OF PERSONAL DATA
The Company takes all kinds of measures to ensure that special categories of personal data are processed in accordance with the Law and the relevant legislation and to ensure the security of special categories of personal data. The measures taken within this scope are listed below.

5. ADMINISTRATIVE MEASURES
  • The Company provides regular training on the protection and processing of special categories of personal data for the employees involved in the processing of special categories of personal data.
  • The Company concludes confidentiality agreements with its employees to ensure data security.
  • Users who have the authority to access data, their scope of authority and periods are clearly defined, and periodic authority controls are carried out.
  • The access authorizations to personal data of employees who undergo a change of duty or leave their jobs are removed immediately. Within this scope, the Company immediately takes back the inventories allocated to the employees.
6. TECHNICAL MEASURES
a. Technical Measures Taken Regarding Special Categories of Personal Data Maintained and/or Accessed in Electronic Environment
  • All movements carried out on special categories of personal data are securely logged on the basis of the user who creates the transaction logs and the user who last updates them.
  • Security updates belonging to environments where special categories of personal data are located are constantly monitored, necessary security tests are regularly conducted/performed by third parties, and test results are recorded.
  • User authorizations belonging to softwares through which special categories of personal data are accessed are made, security tests of these softwares are regularly conducted/performed by third parties, and test results are recorded.
  • In cases where remote access is provided to special categories of personal data, a verification system with at least two stages is used.
b. Technical Measures Taken Regarding Special Categories of Personal Data Maintained and/or Accessed in Physical Environment
  • Adequate security measures are taken according to the nature of the environment where special categories of personal data are located.
  • Physical security of these environments is ensured and unauthorized entries and exits are prevented.
7. TRANSFER OF SPECIAL CATEGORIES OF PERSONAL DATA
The Company transfers special categories of personal data within the framework of the data processing conditions set forth in Articles 8 and 9 of the Law. For the purpose of ensuring data security, the following rules are applied by the Company in data transfer, and periodic audits are performed within this scope.

• Transfer via E-Mail
In cases where special categories of personal data are transferred via e-mail, the transfer is carried out in encrypted form by using the corporate e-mail address or by using a Registered Electronic Mail (KEP) account.

• Transfer via Media Such as Portable Memory, CD, DVD
In cases where special categories of personal data are transferred via media such as portable memory, CD, DVD, an encryption process is performed for security purposes.

• Transfer Between Servers in Different Physical Environments
In the transfer of special categories of personal data between servers in different physical environments, data transfer is carried out by establishing a VPN between servers or by the sFTP method.

• Transfer via Paper Media
If it is required to transfer special categories of personal data via paper media, necessary measures are taken against risks such as theft, loss of the document, or its view by unauthorized persons, and the document is sent in the format of "documents with confidentiality classification".

8. RETENTION AND DESTRUCTION OF SPECIAL CATEGORIES OF PERSONAL DATA
Special categories of personal data are retained by the Company in accordance with the Law and other legislation and the decision published by the Board titled “Adequate Measures to be Taken by Data Controllers in the Processing of Special Categories of Personal Data” in the following cases:
a. The explicit consent of the data owner has been obtained.
b. The retention of special categories of personal data other than health and sexual life is provided for in the laws.
c. Retention of data relating to health and sexual life for the purposes of protection of public health, operation of preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing.

Special categories of personal data retained by the Company in accordance with the Law and other legislation are deleted, destroyed, or anonymized ex officio or upon the request of the data owner in case the following reasons arise:
a. Withdrawal of explicit consent in cases where the special category of personal data retention activity is based on the explicit consent of the data owner
b. The fulfillment, impossibility, or disappearance by any other means of the purpose of retaining special categories of personal data
c. The amendment or repeal of the provisions of the legislation that form the basis for the retention of special categories of personal data
d. Disappearance of all of the processing conditions set forth in Article 6 of the Law
e. The request regarding the destruction of special categories of personal data submitted duly by the data owner to the Company being found justified and concluded positively by the Company
f. In cases where the Company rejects the application made to it by the data owner with a request for the destruction of his/her special categories of personal data, finds the response given insufficient, or does not respond within the period provided for in the Law; filing a complaint to the Board and this request being found appropriate by the Board.

Other matters regarding the retention and destruction of special categories of personal data are regulated in the Company Personal Data Retention and Destruction Policy.