PRIVACY POLICY
Introduction
Hannover Fairs Turkey Fuarcılık A.Ş. (“HFT”) provides the security of your personal data sensitively. According to the Turkish Personal Data Protection Law No. 6698 (“PDPL”), HFT acts as the data controller towards natural persons whose personal data is processed (“Data Subject”). HFT acts lawfully, fairly and in a transparent manner on processing, erasure, destruction, anonymization, transfer of the personal data, informing the Data Subject and providing the security of personal data as stipulated under PDPL.
This Privacy Policy is prepared and submitted in order to fulfill the clarifying obligation under the PDPL and inform you that our company, as data controller, can process and retain personal data within the scope of your participation as visitor (“Visitor”) in the WIN EURASIA Event (“Event”), which is held on an online platform.
Scope and Purpose of the Privacy Policy
This Privacy Policy clarifies legal reasons and the methods of collecting personal data, which of your personal data is processed, purposes of using of personal data, to whom and for what purposes personal data may be transferred, erasure, destruction, and anonymization of personal data and rights of the Data Subject over their personal data and how these rights can be exercised.
Credentials of Data Controller
Regarding personal data that you share through the collecting methods mentioned below, the Data Controller is Hannover Fairs Turkey Fuarcılık Anonim Şirketi registered with the Istanbul Trade Registry with the registration number 439973, 0772018582500016 Mersis number, and resided in Buyukdere Cad. No: 103 Şarlı Business Center B Blok Kat: 5-2 Şişli- İstanbul.
The Methods, Legal Causes and Purposes of Collecting Personal Data
Personal Data mentioned below in categories is collected electronically via B2B Match-Making Online Registration Form you filled out as visitor and other documents declared by you and stored electronically.
In order to apply the purposes below, personal data is collected by HFT by using the above-mentioned methods in accordance with the legal causes pursuant to Art.5 of PDPL;
- That it is mandatory for the data controller to fulfill its legal obligation, and
- It is mandatory for the legitimate interests of the controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.
Processed Personal Data and Purpose of Processing
Credentials |
Personal Data |
Purposes of Processing Personal Data |
- Name
- Surname
|
- Registration Activities for the Platform
- Carrying out Information and Transaction Security Processes
- Creating Member Portfolio
- Executing the Activities pursuant to Legislation and Regulatory Compliance
- Ensuring Security of Data Controller Operations
- Tracking of Claims and Complaints
- Responding to Information Requests from Administrative and Judicial Authorities
- Ensuring that the Processed Data is Updated and Accurate
- Promotion and Marketing of Services to Members with Commercial Electronic Message Approval
|
Contact Information |
Personal Data |
Purposes of Processing Personal Data |
- E-mail address
- Mobile Phone Number
|
- Registration Activities for the Platform
- Execution of Access Authorizations
- Executing the Activities pursuant to Legislation and Regulatory Compliance
- Carrying out Communication Activities
- Tracking of Claims and Complaints
- Ensuring Security of Data Controller Operations
- Carrying out Information Security Processes
- Ensuring that the Processed Data is Updated and Accurate
- Promotion and Marketing of Services to Members with Commercial Electronic Message Approval
|
Professional Experience Information |
Personal Data |
Purposes of Processing Personal Data |
- Position / Title Information
- Professional Occupation Information
- Name of the Company
- Authority Level
- Information about whether the Company is in a Decision-Making Position or not
|
- Planning Event Scopes in accordance with Members' Expectations and Improving Member Experience
- Ensuring Continuity of the Platform
- Improving the Services Provided Through the Platform and Developing New Services
- Creating Member Portfolio
- Informing about the Event
- Managing the Organization and Event
- Ensuring that the Processed Data is Updated and Accurate
- Promotion and Marketing of Services to Members with Commercial Electronic Message Approval
|
Transferring the Personal Data to Third Persons
HFT merely transmits your personal data to the third parties in the country and overseas in accordance with the purposes of this Privacy Policy pursuant to Articles 8 and 9 of the PDPL.
If you wish to use the B2B Match-Making function created by HFT within the scope of the Event, your personal data specified under the tables titled “Credentials”, “Contact Information” and “Professional Experience Information” will be transferred to the Participant, after the date and time of the meeting are agreed with the Participant you want to communicate with, in order to ensure communication between you and the Participant.
The personal data subject related to domestic transfer mentioned above is transferred and stored by taking all necessary security measures and technical measures by HFT and the third parties to whom data transferred. Additionally, personal data is legally protected within the scope of the data processing contract signed with third parties to whom HFT transfers personal data as the data controller.
Erasure, Destruction and Anonymization of Personal Data
Your personal data collected in line with the purposes and means described above will be processed carefully and confidentially by HFT in accordance with PDPL. Your personal data are processed for the period required by our company's purpose of processing that data and for the period stipulated in the relevant legislation, then they are deleted, destroyed or anonymized. During the period of processing of your personal data, only persons authorized within our company will be able to access your personal data, provided that it is in accordance with the requirements of the job.
When the retention period necessitated by the Law expires, personal data will be destructed immediately in accordance with relevant provisions of PDPL and Turkish Criminal Law, “The Regulation on Deletion, Removal and Anonymization of Personal Data” and company policies.
Rights of the Data Subject
You, as the Data Subject, have the following rights under Art 11 of the PDPL:
a) to be informed whether your data is being processed,
b) to request information if it is processed,
c) to learn the purpose of any processing of your personal data and whether it is being used in compliance with that purpose,
d) to be informed of any unrelated persons residing within the country or overseas to whom the data is transferred,
e) to request adjustment if the personal data is processed incorrectly or in an incomplete manner,
f) To request that personal data are deleted or removed within the framework of the conditions stipulated in article 7,
g) to request that the unrelated persons to whom the data is transferred are informed of the transactions carried out as per paragraphs (d) and (e),
h) to object to a finding against you as a result of analyzing and processing your personal data exclusively through automated systems,
i) to request compensation if you suffer any loss should your personal data be unlawfully processed.
You can submit your request related to your rights above to Company for free along with information and documentation that confirms your identity, using the methods laid out below, or may fill out and sign an application form via other methods defined by Personal Data Protection Committee.
(1) Filling out the application form at the link www.hmist.com.tr and send original signed copy in person or through a notary public to “Büyükdere cad. Şarlı İş Merkezi No:103 B Blok Kat:5 34394 Mecidiyeköy Şişli İstanbul”
(2) Filling out the application form at the link www.hmist.com.tr and send the application form, signed by a secure electronic signature within the scope of the Electronic Signature Law No. 5070, by using e-mail address registered at hannover@hs02.kep.tr
(3) Writing “Personal Data Protection Law Information Request” in the subject line of the e-mail and send it to kvkk@hf-turkey.com by using e-mail address registered in our company system.
(4) Writing “Personal Data Protection Law Information Request” in the subject line of the e-mail and send it to kvkk@hf-turkey.com by using an unregistered email address signed by a secure electronic signature or mobile signature.
Your aforementioned requests will be evaluated and concluded as soon as possible and within 30 days at the latest. Our company reserves the right to charge a fee based on the fee schedule (if any) determined by the Personal Data Protection Board regarding the requests.