Purpose of the Privacy Notice
Osmanbey Textile Business People Association (“OTİAD”) provides the security of your personal data sensitively. According to the General Data Protection Regulation Numbered 2016/679 (“GDPR”) OTİAD acts as the data controller towards natural persons whose personal data is processed (“Data Subject”). OTİAD acts lawfully, fairly and in a transparent manner on processing, erasure, destruction, pseudonymisation, transfer of the personal data, informing the Data Subject and providing the security of personal data as stipulated under GDPR. This Privacy Notice aims to inform Data Subject about OTİAD’s activities regarding processing personal data within the scope of GDPR.
Personal Data Processed by OTİAD
OTİAD collects the below mentioned personal data of its customers. Unless otherwise indicated, the term “personal data” will cover the below mentioned personal information.
Credentials (composed of name and last name)
- Contact Information (composed of an e-mail address, address, fixed phone number, and mobile phone number)
- Professional Experience (composed of career field and title)
- Risk Management Information (composed of IP address)
- Process Security Information (composed of password)
OTİAD processes only the IP addresses of its online visitors.
Purpose of Processing Personal Data
Your personal data will be processed under the following purposes:
- Providing product and services, communicating about the product or service that have been or will be bought,
- Offering improved and diversified services or informing the natural and legal persons under commercial relations,
- Planning the scope of the fair in accordance with the demands of participants and visitors, following the activity and providing continuity,
- Increasing the recognition level of fairs by participants, visitors, non-governmental organizations, relevant institutions, and organizations,
- Creation of databases with regards to customers, participants and visitors, pursuing marketing activities; to be recognizant of our customers, participants, and visitors, increasing the communication, conducting data analyses and researches, and to improve the quality of service,
- Preparing pertinent documents and records to complete transactions in all oral, written and electronic forms,
- In order to be able to share crucial information with you through relevant contact details,
- Carrying out activities within offered services by contracted providers,
- Providing legal and technical security of persons and business continuity in a mutual business relationship,
- Carrying out quality and standard inspection or fulfilling legal obligations deriving from various laws and regulations.
- Carrying out all necessities and obligations which are determined under the GDPR, as required by regulatory and supervisory authorities,
- Recording to provide security, control the fair area activities and visitors,
- Additionally, in case that you give consent, in order to share promotion and marketing activities through SMS and e-mail with regard to the services that OTİAD provides. Those SMS and e-mail notifications will be made by the third-party organizations and commercial electronic messaging service providers that we have cooperated with by processing your personal data or using your data that is already processed.
Transfer of Personal Data
OTİAD merely transmits your personal data to the third parties in accordance with the purposes of this Privacy Notice pursuant to Article 6 and 44 of the GDPR.
OTİAD shall provide personal data to,
- domestic and international partners and affiliates to fulfill the commercial activities and to ensure continuity.
- domestic or international third parties who provide or receive support services and to service providers that provide support to OTİAD in data processing activities,
- audit firms within the scope of related contracts for the audit of their commercial activities in accordance with the provisions of the relevant laws and regulations,
- to legally authorized public institutions and organizations within the scope of their demands within the legal authority of related public institutions and organizations,
- public institutions and organizations designated to ensure the fulfillment of the legal obligations specified in the GDPR,
- in the event that commercial electronic message approval is given, it may be transferred to the commercial electronic messaging service provider in accordance with your express consent or the conditions stipulated in the GDPR Law for the purpose of promotion and advertising.
The Method and Legal Cause of Collecting Personal Data
Your personal data is collected by OTİAD by automated or non-automated means via digitally or written applications which are directed to the sales team or the companies providing call center services; via online visits to our website or the applications made through our website; via the applications through e-mails, faxes, letters, all mobile applications, SMS channels, social media mediums, customer testimonials, surveys and information forms which are filled out during fairs and records in verbal, written and electronic forms.
OTİAD processes its customers’ personal data in accordance with the principals indicated under Article 5 of the GDPR. Since personal data processing is necessary for the performance of the contract between OTİAD and the customer, OTİAD mainly processes its customers’ personal data pursuant to Article 6/1b of the GDPR. Nevertheless, OTİAD may process personal data by obtaining the explicit consent of the Data Subject under Article 6/1a. or Article 6/1b. of the same regulation. However, in case of a situation requiring personal data processing for “compliance with a legal obligation to which the controller is subject” or for the “performance of a task carried out in the public interest or in the exercise of official authority vested in the controller” or in order to “protect the vital interests of the Data Subject or of another natural person”, OTİAD may process personal data as per Article 6/1c., e., d. of the GDPR.
Storing Period of Personal Data
If you close your customer account, we will delete all the data we have stored regarding you. If it is not possible or necessary to completely delete your data for legal reasons, the relevant data will be blocked for further processing.
Rights of Data Subject
Data Subjects have the following data protection rights under the relevant legal conditions: Right of access (Article 15 of the GDPR), right to rectification (Article 16 of the GDPR), right to erasure (Article 17 of the GDPR), right to restriction of processing (Article 18 of the GDPR), right to data portability (Article 20 of the GDPR), right to lodge a complaint with a supervisory authority (Article 77 of the GDPR), as well as the right to withdraw consent (Article 7/3 of the GDPR).
- The right of access under Article 15 of the GDPR enables the Data Subject to obtain conformation from the controller as to whether your personal data are being processed or not.
- Data Subjects have the right to demand the rectification of inaccurate personal data concerning them without undue delay and to have incomplete data completed pursuant to Article 16 of the GDPR.
- Data Subjects have the right to obtain from the controller the erasure of their personal data without undue delay according to Article 17 of the GDPR and the controller shall erase personal data where one of the grounds applies illustrated under the same Article.
- Data Subjects have the right to demand restriction of processing of their personal data pursuant to Article 18 of the GDPR, if the accuracy of the personal data is contested by them, if the processing is unlawful, if the controller no longer needs their personal data for the purposes of processing or if the data subject have objected to processing pursuant to Article 21 of the GDPR.
- Data Subjects have the right to receive their personal data, which they provided to us according to Article 20 of the GDPR.
- Data Subjects have the right to lodge a complaint with a supervisory authority if they consider that the processing infringes the GDPR. The authority responsible for OTİAD is the authority in your habitual residence, your place of work or place of the alleged infringement in the EU.
If Data Subjects have given consent for the processing of their personal data, they may withdraw it at any time pursuant to Article 7/3 of the GDPR. The withdrawal has no effect on the lawfulness of the processing of your personal data which took place before the withdrawal.
You may get in touch with OTİAD within the scope of the GDPR at any time within your discretion and the scope of your rights indicated herein below.
- Obtain confirmation as to whether the personal data concerning you are being processed and where that is the case, access to the following information;
- The purpose of the processing and whether such data are used in accordance with the purpose;
- The categories of the personal data concerned;
- Third parties to whom your personal data have been or will be disclosed, and request for correction of any errors regarding the personal data and if the transmission has already been made, then, request to the related third party to make necessary correction;
- If possible, the anticipated period for storing the personal data, or, if not possible, the criteria used to determine that period;
- Request from the controller rectification or erasure of personal data or restriction of processing the Data Subject’s personal data or objection to such processing;
- Right to lodge a complaint to a supervisory authority; and
- Where personal data is transferred to a third country, the Data Subject shall have the right to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer.
You can transmit your requests, listed heretofore, to us through the e-mail address: [email protected] . We will conclude your requests within the shortest possible period, up to thirty days on the basis of the nature of the request. However, in case the procedure requires an extra cost, it may be possible then, to charge a fee. Our Company may accept the request and put it into process or refuse such request in a written manner with the reasoning.
OTİAD would like to indicate that your personal data is protected with necessary attention and care by our Company and would like to take opportunity for this occasion to thank you for your trust in us.
Title of the Association: OTİAD - Osmanbey Textile Business People Association
Address : Halaskargazi Cad. Yasan İş Merkezi No: 101 Kat:4 Şişli / İstanbul-Turkey Telephone : +90 212 231 92 85