Your visit to this website and use of the services we provide through it are subject to the terms set forth in this Privacy Policy regarding how the information we obtain about you and the services you request will be used and protected. By visiting this website and requesting to benefit from the services provided herein, you accept the terms specified in this Privacy Policy.
1. Purpose of the Personal Data Protection and Processing Policy
As Umut İnşaat Turizm San. ve Tic. A.Ş. (hereinafter referred to as "Umut İnşaat" or the "Company"), the confidentiality of data obtained from our customers and prospective customers has always been preserved and not shared with third parties due to the sensitive nature of our business. Protection of personal data constitutes one of the Company’s fundamental policies.
Umut İnşaat undertakes to comply with all obligations under the Law on the Protection of Personal Data No. 6698 (“KVKK”), placing great importance on data confidentiality and adopting it as a working principle. Employees are instructed to act in accordance with this principle.
2. Scope and Amendment of the Policy
This Policy has been prepared within the scope of the Information Security Management System (ISMS) and in compliance with the KVKK. Personal data obtained either with your explicit consent or under other lawful bases provided by the Law may be used to improve the quality of the services we provide and our quality policy.
Certain data held by the Company may be anonymized and used only for statistical purposes. Such data falls outside the scope of the Law and this Policy.
This Policy applies to the data automatically obtained from our customers, potential customers, employees, and business partners. The Company reserves the right to amend the Policy and related procedures in line with the Law to ensure stronger protection of personal data.
3. Fundamental Principles Regarding Data Processing
a) Lawfulness and Fairness: Umut İnşaat questions the source of all personal data collected and ensures it is obtained lawfully and fairly. Third parties selling services on behalf of the Company are also reminded of their obligations regarding data protection.
b) Accuracy and Up-to-Dateness: All data must be accurate and updated as necessary. Updates are made when changes are communicated to the Company.
c) Specified, Explicit, and Legitimate Purposes: Data is processed only for the purposes for which consent has been obtained and services are provided. Data cannot be processed or used beyond these purposes.
d) Relevance, Limitation, and Proportionality: Data is processed only to the extent required by the service.
e) Retention Limitation: Data is retained only for the period required by contractual obligations, statutory limitation periods, and commercial/tax laws. Once such obligations expire, the data is deleted or anonymized.
These principles apply regardless of whether the data is collected with consent or under a legal basis.
Data subjects also enjoy the rights set forth in Article 11 of the KVKK, and a dedicated application form has been prepared by the Company to facilitate the exercise of these rights.
Data Minimization Principle
In accordance with the principle of data minimization (necessity principle), only the data strictly required for processing is collected. Irrelevant or excessive data is not collected; if obtained, it is deleted or anonymized.
Deletion of Personal Data
When statutory retention periods expire, judicial processes are completed, or the necessity for processing no longer exists, personal data is deleted, destroyed, or anonymized by the Company, either automatically or upon request.
Accuracy and Currency of Data
Personal data is processed as declared by the data subjects. Unless official documents or requests for updates are provided, the Company is not obligated to verify the accuracy of such data.
Confidentiality and Data Security
Personal data is confidential. Only authorized personnel may access it. All technical and organizational security measures are taken in compliance with ISMS standards and KVKK to prevent unauthorized access, data breaches, or harm to customers and prospects.
4. Purposes of Data Processing
Personal data is collected and processed for the purposes specified in the Company’s Privacy Notice on Data Processing, primarily for contract formation and provision of better services.
5. Data Concerning Customers, Potential Customers, and Business Partners
Contractual Relationships: Data collected under contractual relationships may be used without requiring additional consent, provided it remains within the scope of the contract.
Potential Customers: Data provided voluntarily is processed to provide better services but is deleted if no contractual relationship arises.
Business Partners: Data shared with business and solution partners is limited to service requirements, with confidentiality undertakings and data protection obligations enforced.
Marketing/Advertising: Pursuant to the Law on Regulation of Electronic Commerce and the Regulation on Commercial Communication, electronic marketing communications may only be sent with prior explicit opt-in consent.
Legal Obligations: Data may be processed without consent where explicitly required by law.
Special Categories of Personal Data: Sensitive personal data (e.g., health, biometric, political opinions, etc.) is processed only with explicit consent and in line with safeguards set by the Personal Data Protection Authority (KVKK Board).
Automated Processing: Automated systems may be used for profiling, provided that such results are not used against the data subject without explicit consent.
Cookies and Internet Usage: Visitors are informed of cookies and online tracking tools used. Data is processed in compliance with legal requirements.
Purpose of Cookie Use Cookie Type
Google (Analytics, DoubleClick) Functional & Analytical Cookies, Commercial Cookies
Facebook, Twitter, Instagram Commercial Cookies
Insider, Hotjar Functional & Analytical Cookies, Commercial Cookies
Third Parties (Criteo, RTBHouse) Functional & Analytical Cookies, Commercial Cookies
6. Data Concerning Employees
Employment Relationship: Employee data is processed as necessary for employment and social security purposes.
Legal Obligations: Data may be processed where legally required without additional consent.
Employee Benefits: Data may be processed for benefits such as private health insurance.
Special Categories: Sensitive employee data is processed with explicit consent and subject to additional safeguards.
Automated Processing: Data may be used for promotions and performance evaluation; employees have the right to object to adverse outcomes.
orkplace Systems: All IT and telecommunication systems provided by the Company are for business use only. The Company reserves the right to monitor and audit usage.
7. Transfer of Personal Data
Personal data may be transferred domestically and abroad to:
Business partners,
Suppliers,
Affiliates and subsidiaries of Umut İnşaat,
provided that it is limited to the purposes described and compliant with applicable legal conditions.
8. Rights of the Data Subject
In accordance with Article 11 of the KVKK, individuals have the right to:
Learn whether personal data is processed,
Request information on processing,
Learn the purpose of processing and whether it is used accordingly,
Know third parties to whom data is transferred domestically or abroad,
Request correction of incomplete/incorrect data,
Request deletion or destruction of personal data,
Request notification of corrections or deletions to third parties,
Object to adverse results from automated processing,
Claim compensation for damages arising from unlawful processing.
Applications must be submitted via the official application form on the Company website: https://www.umutinsaat.com.tr/
Requests must be sent by registered mail with signature and ID copy to:
Kayıhan Mah. İnönü Cad. İnegöl Çarşısı No:14 İç Kapı No:101 Osmangazi / BURSA
or electronically via secure e-signature.
9. Principle of Confidentiality
All personal data within Umut İnşaat is confidential. No one may use, copy, transfer, or process such data for purposes other than those lawfully permitted.
10. Data Security
Technical and administrative measures are taken to ensure data security, prevent unauthorized access, and minimize risks of breach. Security systems are continuously updated and improved.
11. Audits
Umut İnşaat conducts regular internal and external audits to ensure compliance with personal data protection requirements.
12. Breach Notification
In the event of a personal data breach, the Company will immediately take action to mitigate harm, notify the Personal Data Protection Authority, and inform the affected data subjects as required by law.
Contact Information
For questions regarding this Privacy Policy, please contact:
Umut İnşaat Turizm San. ve Tic. A.Ş.
Kayıhan Mah. İnönü Cad. İnegöl Çarşısı No:14 İç Kapı No:101 Osmangazi / BURSA
Phone: +90 224 220 30 20
Email: info@umutinsaat.com.tr
Website: https://www.umutinsaat.com.tr/