E-CATALOG

KVKK

PERSONAL DATA PROTECTION
Since its establishment, we, Zensa Granit Mermer San. Tic. Ltd. Şti., have been attaching great importance to the Personal Data Protection and our current efforts in this area follow norms in parallel with the “Personal Data Protection Law (KVKK)”. In this context, you may find below definitions of some terms and phrases in the aforementioned law and, also, information about our data processing processes designed to fulfil our obligations.
What is KVKK?
The Personal Data Protection Law (KVKK) came into effect after it was enacted by the Turkish Grand National Assembly on 24.03.2016 and published on the Official Gazette dated 07.04.2016 and numbered 29677.
Purpose of the Law is to assure compliance of all data processor persons and organizations within the framework of primary goals such as assuring confidentiality of personal data, protecting personal data and preventing unauthorized use of personal data. Our Company, just like any other organization, must comply with this Law and the personal data processed with all our company processes comply with this Law.
What is personal data?
All data or data sets that can be directly or indirectly used to identify a person is/are accepted as personal data. Data that is directly related to a person such as name, surname, place/date of birth, phone number, resume, photograph and voice records or identifying information created regarding a person are examples of personal data.
What is Data Processing?
All kinds of procedures performed on the personal data are accepted as “data processing”. Therefore, the term data processing covers archiving, storing, changing, editing, disclosing, transferring, analysing and classifying data.
Who is Related Person / Data Subject?
“Related person” or “data subject” is one of the phrases commonly used in the Law and in our company policies. This phrase refers to the natural persons whose personal data is processed.
Who is Data Controller?
The Data Controller is a natural person or legal entity that determines purposes and methods of personal data processing and that is responsible for establishing and managing a data recording system. Here, our company (Zensa Granit Mermer San. Tic. Ltd. Şti) is the Data Controller of the data related to our customers, visitors and employees.
Who is Data Processor?
The data processor is a natural person or legal entity that processes data for the data controller. These parties might be a separate natural person or legal entity authorized by the data controller for processing personal data.
Conditions for Data Processing
A data controller has the authority to process data only under the following conditions or if the data subject explicitly consents to the data processing:
Clearly permitted by the laws,
Directly related to conclusion or performance of a contract,
Required by the data controller for fulfilling its legal obligations,
Data anonymized personally by the data subject,
Data processing is necessary for granting, exercising or protecting a right,
Legitimate interests of the data controller.
Meeting Requests of Data Subject
According to KVKK, the data subjects have the right to make requests to learn which personal data is being processed with which processes and current status of such data. After receiving such requests from the data subjects, we must respond to them within 15 days.
Article 13 of the Personal Data Protection Law numbered 6698 regulates “Applications to the Data Controller” and, accordingly, a related person/data subject must submit written requests to a data controller for exercising its rights under the Law. Therefore, if you have a request to be reviewed, you must file a written application to our company.
The Law requires the data controllers or data processors to inform the data subjects about the personal data being processed by them.
CLARIFICATION TEXT ON PROCESSING OF PERSONAL DATA
Zensa Granit Mermer San. Tic. Ltd. Şti., as the data controller, might process your personal data according to the Personal Data Protection Law numbered 6698 (“Law Nr. 6698”) and within the following context.
Collecting, Processing and Storing Personal Data
As the Data Controller, Zensa Granit Mermer San. Tic. Ltd. Şti collects personal data of the customers through its website zensa.com.tr. The data collection is restricted to the contact us form available on our website and includes name, surname, place/date of birth, phone number, e-mail address, resume and message of the person filling out the form. Our company stores such information for processing the requests and suggestions received through our website. The data is not shared with third parties outside our company. The personal data collected by our company is processed and stored in connection with, to the extent permitted by and limited to the purpose of complying with the KVKK law, and we assure security of your personal data.   
Sharing Persona Data
Your collected personal data shall not be shared with any third party, excluding our company.
Cookie Policy
Our website uses cookies.
Rights granted to personal data subjects according to Article 11 of the Law Nr. 6698:
If you, as the data subject, have any request related to your rights, you must submit your request to Zensa Granite and Marble using the methods indicated in the Personal Data Protection and Processing Policy issued by Zensa Granit Mermer Sanayi Ticaret Limited Şirketi and announced to the public on zensa.com.tr, and depending on the nature of such request, your request shall be handled and finalized for free as soon as possible and within maximum fifteen days. However, if the procedure requires any additional costs, Zensa Granite and Marble shall charge the fees determined by the Personal Data Protection Board. Accordingly, the data subjects have the following rights:    
To learn if his/her personal data is processed or not,
To demand information if his/her personal data was actually processed,
To learn the purpose of the personal data processing and whether the data is used for the intended purpose or not,
To know the identity of domestic and foreign third parties that received the personal data; to request rectification of personal data processing incompletely or incorrectly, if any, and to request notification of third parties that received personal data after the aforementioned procedures,
To request deletion or destruction of personal data, which was initially processed in accordance with the Law Nr. 6698 and other related provisions of the law, since the reasons requiring data processing are not relevant anymore, and to request notification of the third parties that received the personal data after the aforementioned procedures,  
To object to any outcome against the interests of the data subject if the data processing is done exclusively with automated systems,
To claim compensation for damages, if any, arising from unlawful processing of his/her personal data.