PERSONAL DATA PROTECTION AND PRIVACY POLICY

Grob Mimarlık Dizayn ve Yapı Ürünleri San. ve Tic. Ltd. Şti.

As Grob Mimarlık Dizayn ve Yapı Ürünleri San. ve Tic. Ltd. Şti. (“Company”), we attach great importance to the confidentiality and security of the personal data of our clients, business partners, employees, job applicants, website visitors, and all real persons who are in any kind of relationship with our Company.

Within this scope, ensuring that personal data is processed and protected in accordance with the Turkish Personal Data Protection Law No. 6698 (“Law”) and relevant legislation, and that data subjects can effectively exercise their rights, is among our top priorities.

This Personal Data Protection and Privacy Policy has been prepared to ensure that personal data processed during the Company’s activities is handled in compliance with the Law and applicable regulations. The Policy also aims to ensure transparency and to inform data subjects regarding personal data processing activities.

1. Principles Adopted for the Protection of Personal Data

Personal data processed by our Company is handled in accordance with Article 4 of the Law:

  • In compliance with law and principles of good faith

  • For specific, explicit, and legitimate purposes

  • In an accurate and up-to-date manner

  • Limited and proportionate to the purposes for which they are processed

  • Retained for the period stipulated in the relevant legislation or required for the processing purpose

Necessary administrative and technical measures are taken pursuant to Article 12 of the Law.

Data subjects are informed in accordance with Article 10 of the Law regarding:

  • The purposes of personal data processing

  • Parties to whom personal data may be transferred and the purposes thereof

  • Methods and legal grounds of data collection

  • Rights granted under Article 11 of the Law

Where required, explicit consent is obtained, and special categories of personal data are processed with maximum sensitivity in line with Article 6 of the Law.

2. General Principles of Personal Data Processing

2.1 Lawfulness and Fairness

Personal data is not collected or processed without the knowledge of the data subject and is not used for purposes beyond those stated.

2.2 Accuracy and Currency

Necessary measures are taken to ensure personal data is accurate and up to date.

2.3 Specific, Explicit, and Legitimate Purpose

Personal data is processed solely for clearly defined and legitimate purposes.

2.4 Limited and Proportionate Processing

Personal data unrelated to the processing purpose is not processed.

2.5 Retention Period

Personal data is retained for legal periods or as required by the processing purpose and is deleted, destroyed, or anonymized once the period expires.

3. Obligation to Inform

Pursuant to Article 10 of the Law, data subjects are informed about:

  • The identity of the data controller

  • Purposes of data processing

  • Parties to whom data is transferred and the purposes thereof

  • Methods and legal grounds for data collection

  • Rights set forth in Article 11 of the Law

4. Processing of Personal Data and Legal Grounds

Personal data is processed based on explicit consent or the legal grounds stated in Article 5 of the Law. These grounds include:

  • Explicit provisions of the law

  • Necessity for the establishment or performance of a contract

  • Fulfillment of legal obligations

  • Legitimate interests of the data controller

  • Data made public by the data subject

5. Protection and Transfer of Personal Data

Our Company takes all necessary technical and administrative measures in accordance with Article 12 of the Law to ensure data security.

Personal data may be shared with third parties only with the data subject’s consent or due to legal obligations, and solely by taking appropriate security measures.

6. Data Breach Situations

In the event of a possible personal data breach, necessary measures are immediately taken and notification procedures are carried out in accordance with applicable legislation.

7. Storage and Deletion of Personal Data

Personal data is stored only for the necessary period and is securely deleted, destroyed, or anonymized once the purpose of processing ceases.

8. Rights of Data Subjects

Under the Law, data subjects have the right to:

  • Learn whether personal data is processed

  • Request information regarding processing

  • Request correction, deletion, or destruction

  • Object to processing

  • Learn details of data transfers

  • Request compensation for damages

Requests may be submitted via e-mail to hello@grob.studio or in writing.

9. Data Controller Information

Company Name:
Grob Mimarlık Dizayn ve Yapı Ürünleri San. ve Tic. Ltd. Şti.

Address:
Yamanevler Mah. Siteyolu Cd. No: 8/111
Merkez Ümraniye / Istanbul, Turkey

Phone:
+90 532 361 36 68

E-mail:
hello@grob.studio