The purpose of this policy is to inform you about the personal data that we may collect through your interaction with the websit, www.sisecam.com.tr (“Website”). We take this opportunity to inform you that the personal data conferred or automatically collected by the system, will be processed using manual and automated tools in compliance with the provisions laid down in Regulation EU No. 679/2016 (“GDPR”) and in Legislative Decree no. 196/2003 (so called “Privacy Code”), as amended by Legislative Decree 101/2018, and the amendments and supplements thereto.
Further this Privacy Policy is published in compliance with, inter alia:
- (a) Section 43A of the Information Technology Act, 2000 (“IT Act”); and
- (b) Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“SPDI Rules”).
Controller
T. Sise ve Cam Fabrikaları A.S. (“Sisecam”) with registered office in Icmeler Mah. D-100 Karayolu Cad. No:44 A Tuzla, Istanbul/Turkey
e-mail : dataprivacy@sisecam.com
Personal data collected
During your interaction with the Website we may collect the following personal data belonging to you:
- Browsing data: data that are automatically collected during the navigation, such as (i) static and dynamic IP, the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment. On the Website we use the so-called cookies. In order to understand what cookies we use and how we process personal data collected through their use, please see our Cookie Policy on the Website.
- Other personal data: data that are collected on a voluntary basis, i.e. provided by you to receive services or information (such as our newsletter or replying to your request) name, surname, address, telephone number, e-mail address, age, profession and any sector related data, etc.
Purpose of processing
The personal data provided directly by you and/or collected by fill-in forms, will be processed for the following purposes:
- (a) for marketing purposes (direct sales, sending of advertising material, carrying out market research, commercial communication, surveying the degree of customer satisfaction) and send you marketing communications by mail, email, and/or SMS/MMS relating to products/services offered by Sisecam or other companies of the Sisecam’s group,
- (b) for profiling purposes, in order to be able to send you personalized promotional communications based on the products and services you purchased from us over a year period as well as on the other data that you has provided to Sisecam when you contacted Sisecam,
- (c) to take steps at your request prior to entering into a contract.
- (d) to provide web-based services, to extract statistical information on service usage and to check functioning of the services;
- (e) for the purposes of establishment, exercise or defence of legal claims; or
- (f) other purposes permitted under applicable law.
The processing of personal data collected for the purposes referred to in points (a) and (b) is based on your express consent. You have the right to withdraw your consent or to object at any time and free of charge the processing of your personal data for such purposes, by writing us an e-mail to the address above reported. In relation to promotional/marketing communications sent via e-mail, you can withdraw your consent to the processing of your e-mail address for marketing purposes by clicking on the cancellation link (opt-out) in each promotional e-mail.
The processing of persona data collected for the purposes referred to in point (b) is based on the need to follow up on your request.
The personal data that are automatically collected during your browsing sessions are necessary to use web-based services and are also processed in order to pursue our legitimate interest to (i) extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.) and (ii) check functioning of the services.
All personal data may be processed based on our legitimate interest and the legitimate interest of third parties for the establishment, exercise or defence of legal claims.
The provision of your personal data is optional, but failure to provide the data may prevent the possibility for us to provide you with the information or services that you have requested or may affect the use of the Website as far as the browsing data are concerned.
If you do not consent to the processing of your personal data for marketing or profiling purposes, you will not suffer any prejudicial consequences whatsoever.
Subjects authorized to process the personal data
Our employees and collaborators in charge of the maintenance of the Website or the legal affairs, as well as those who have to provide you with the information that you have requested, might have knowledge of your personal data. Moreover, the following categories of entities, acting as data processors, might have knowledge of your personal data: IT service providers, including cloud service provider; consultants; service providers, sales and marketing agencies. You provide your consent to enable processing of your personal data by such third parties.
Possible third parties’ recipients of the personal data within the European Economic Area
Your personal data may be disclosed to third parties belonging to the following categories: judicial authorities and/or police forces, when required by the law; lawyers and law firms, where necessary to pursue our legitimate interest or the legitimate interest of a third party in exercising or defending a right in court and out of court.
Transfers of personal data to third Countries
With your optional consent, we will communicate your personal data to other companies of the Sisecam’s group, so that they can process them for their own marketing purposes (direct sales, sending of advertising material, carrying out market research, commercial communication, surveying the degree of customer satisfaction) and send you marketing communications by email or SMS/MMS relating to products/services offered by them. If you do not consent to the communication of your personal data to such companies, you will not suffer any prejudicial consequences whatsoever. In any case, you can freely withdraw your consent to the communication of your personal data to such companies at any time, by writing us an e-mail to the address above reported.
The data could also be shared with Sisecam Dis Ticaret A.Ş. (as holding company) that is located in Tukey, for its legitimate interests in connection with the management of the group operations. We can also share personal data with companies, being data processors, which are involved by us to process personal data on our behalf, e.g. IT service providers, including cloud service provider; consultants; service providers, sales and marketing agencies. These companies can be located in third countries, and where necessary we will ask for your consent to transfer personal data to such companies.
Specific provisions applicable to transfer of personal data outside India
You consent to enable transfer of personal data to another body corporate or person in India or outside India, that ensures the same level of data protection that is adhered to under the SPDI Rules.
Other Disclousres:
Personal data may also be disclosed, if legally required to do so, pursuant to an order from a court or governmental entity or in good faith. Dislcosure may be made pursuant to: (a) legal requirements or to comply with legal process; (b) protection of our rights or property or affiliated companies; (c) prevention of crime or protection of national security; or (d) protection of personal safety of employees or other third parties.
Data subject rights
According to the SPDI Rules, you can exercise the following rights by writing us an e-mail to the Grievance Officer on the address provided below:
- to request us to rectify the data that we have available;
- to withdraw consent to our processing of your data. Do note however, that we may not able to provide you with the Services upon withdrawal of your consent
Data retention periods
Your personal data processed on the basis of your consent referred to in points (a) and (b) will be retained until you will revoke your consent to the processing of your personal data for marketing or your request has been accomplished or discharged.
We also have measures in place such that your personal data which is in our possession or under our control, is destroyed and/or deidentified as soon as it is reasonable to assume that: (i) the purposes for which your personal data has been collected have been fulfilled; and (ii) retention is no longer necessary or permissible for any other reason.
We may, however, reserve the right to retain and store your personal data for our business purposes or if a law requires or permits such data to be kept for a longer time. After a period of time, your data may be de-identified and aggregated and then may be held by us as long as necessary for any other lawful purposes.
Browsing data are kept for no longer than seven days (except where judicial authorities need such data for establishing the commission of criminal offences), unless further retention is necessary to comply with any applicable law or to pursue our legitimate interest referred above.
Security of your information
We endeavour to maintain physical, technical and procedural safeguards that are appropriate to protect your information against loss, misuse, copying, damage or modification and unauthorized access or disclosure.
Some of the security measures adopted by us are:
- (a) We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems;
- (b) We restrict access to personal information, to our employees and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations, and may be disciplined or whose relationship with us may terminate if they fail to meet these obligations;
- (c) Our security controls may occasionally request for proof of identity before disclosing any personal data to you; and
- (d) If you suspect any unauthorized use of your personal data, you must immediately notify us by sending an email to the contact details indicated in the contact section. You shall be liable to indemnify us due to any loss suffered by us due to such unauthorized use of your personal data.
Contact our Grievance Officer
In accordance with the IT Act and the SPDI Rules, the name and contact details of the Grievance Officer are provided below:
Name: Aydan Yalçındağ
Address: Icmeler Mah. D-100 Karayolu Cad. No:44 A Tuzla, Istanbul/Turkey
Email: dataprivacy@sisecam.com
Any feedback or comments about this Privacy Policy will be welcome, and can be sent to dataprivacy@sisecam.com . We will employ all commercially reasonable efforts to address the same.