Employee Candidate Disclosure Text

INFORMATION TEXT ON THE PROTECTION OF PERSONAL DATA REGARDING EMPLOYEE CANDIDATES OF HAT DESIGN RESEARCH AND CONSULTING COMPANY

This lighting text; Hat Design Research and Services as data controller pursuant to the "Law No. 6698 on the Protection of Personal Data ("KVKK") and "Communiqué on the Procedures and Principles to be Complied with in Fulfilling the Obligation of Clarification", which aims to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, in the processing of personal data. Prepared by Danışmanlık Anonim Şirketi (“Company”).

1. Processed Personal Data

The following personal data are processed within the scope of your relationship with the company;

Your Identity Information: Name, surname, place of birth, date of birth, marital status, driver's license information,

Your Contact Information: address, e-mail, telephone, mobile phone,

Your Education, Work and Professional Life Data: Work history, educational information, professional competencies, interests and hobbies, interview and employment evaluations, interview and employment evaluations,

Your Data on Family Status: Data on people's marital status, number of children, spouses and relatives (identity, education, etc.)

Your Data Regarding the Security of Our Company Facilities: Data such as CCTV records, visitor records, entry and exit records to the facilities,

Your Data Regarding Audio and Audio Recordings: Photograph

Special Qualified Data: Personal health information, information on disability, criminal convictions and data on security measures

2. Purpose of Processing Personal Data

Within the scope of your relationship with the company, your personal data is processed for the purposes of evaluating your job application and ensuring physical space security.

3. Transfer of Processed Personal Data

Your personal data, within the scope of the provisions of the KVKK regarding the transfer of personal data to the country and abroad, for the purposes specified in the 2nd article of this Clarification Text; It can be transferred to official institutions and organizations, law enforcement agencies, domestic business partners and affiliates in the country.

4. Collection Methods and Legal Reasons of Personal Data

Your personal data can be collected from you, third parties and legal authorities during the establishment of your business relationship with the Company and through the internet, telephone, e-mail and physical, written, verbal and electronic media within the scope of the above-mentioned purposes. It is collected, stored and processed based on the reasons for compliance with the law listed below and listed in the provisions of Articles 8 and 8.

Having your express consent,

Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract, to be able to offer the requested products and services and to fulfill the requirements of the contracts you have concluded,

Fulfilling our legal obligation as a data controller,

The person concerned has been made public by himself,

Data processing is mandatory for the establishment, exercise or protection of a right,

Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

Your sensitive personal data is collected, stored and processed based on the following legal compliance reasons:

Having your express consent,

Personal data other than health, without seeking explicit consent in cases stipulated by law,

Personal data related to health, on the other hand, can only be collected for the purposes of protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned.

5. Rights of the Person whose Personal Data is Processed

In accordance with the provisions of Article 11 of the KVKK, you have the following rights in relation to your personal data.

Learning whether personal data is processed or not,

If personal data has been processed, requesting information about it,

Learning the purpose of processing personal data and whether they are used in accordance with its purpose,

Knowing the third parties to whom personal data is transferred at home or abroad,

Requesting correction of personal data in case of incomplete or incorrect processing,

Requesting the deletion or destruction of personal data,

In case of correction, deletion or destruction of personal data, requesting the notification of these processes to third parties to whom personal data has been transferred,

Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,

To request the compensation of the damage in case of loss due to the processing of personal data in violation of the KVKK.

6. If You Want To Contact Us For Your Rights And Requests

You can submit your requests within the scope of Article 11 of the KVKK, "regulating the rights of the person concerned", by filling out the Lagu Data Owner Application Form, which you can access at https://www.lagu.shop/gizlilik_politikasi_ve_kisisel_verileri_koruma_kanunu , to our address in Teşvikiye Mahallesi Güzelbahçe street no:1A 34365 Şişli / İSTANBUL Istanbul. You can send it by hand, or you can send it through a notary public. In addition, in accordance with Article 5 of the "Communiqué on Application Procedures and Principles to the Data Controller", you can use the registered e-mail (KEP) address, secure electronic signature, mobile signature or the e-mail address you have previously notified to our Company and registered in our systems. You can forward it to .com.tr.

Depending on the nature of your request, your applications will be concluded free of charge as soon as possible and within thirty days at the latest; however, if the transaction requires an additional cost, you may be charged a fee according to the tariff to be determined by the Personal Data Protection Board.