1. Clarification Notice on the Protection of Personal Data
We would like to inform you about the processing conditions of your personal data and your rights in accordance with the Personal Data Protection Law No. 6698 (“KVKK”). A part of your personal data, CFS Uluslararası Eğitim Turizm A.Ş. (the ‘Company’) as a data controller. “Processing your personal data” means the acquisition, recording, storage, preservation of this data in order to inform real persons, including our visitors, customers, potential service recipients, employee candidates, employees, business partners, website users and other third parties, pursuant to KVKK, We have prepared this clarification text for the purpose of informing about all kinds of operations performed on data such as changing, rearranging, explaining, transferring, taking over, making it available, classifying or preventing its use.
Which of Your Data is Collected and What is the Purpose of Collecting the Data?
We collect the following data within the scope of our company activities:
1. Credentials
2. Contact Information
3. Information of Family Members
4. Authentication, Security and Tracking Information
5. Financial Information
6. Personal Information
7. Education Information
8. Other Data
| Data Category | Credentials |
| Description | Data related to the identification of the person. |
| Who is it collected from? | Identity information; we collect from our employee candidates, employees, customers, potential service buyers, platform users, Business Partners and visitors. |
| Contents | Name, surname, gender, T.C. ID number, SSI registration number, nationality, marital status, date of birth, place of birth, passport number, driver’s license number, vehicle license information, identity card / photocopy of ID, photocopy of driver’s license, photocopy of passport. |
| Purpose of data collection | Our employees’ identity information about work and social security, tax, etc. We collect it within the scope of our obligations arising from the legislation. We collect the identity information of our customers in accordance with the legislation we are subject to and in order to provide support services, to fulfill our obligations arising from commercial requirements and laws and our obligations in contracts, if any, for advertising and marketing purposes, for audit processes and for security purposes. We collect identity information from our platform users in order to fulfill our legal obligations. We collect the identity information of our visitors in order to ensure security at the entrance and exit of the building and due to the service relationship that may be established in the future. We collect the identity information of our Business Partners in accordance with the legislation we are subject to and in order to provide support services, commercial requirements such as the issuance of invoices, audit processes, joint business follow-up, and to fulfill our obligations arising from the laws and contracts. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. We also collect identity information due to the contractual relationship between us and the relevant persons. Sometimes we collect identity information in accordance with our legitimate interests and our Company policies. |
| Data collection method | We collect data through printed forms, sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Contact Information |
| Description | Personal data that enables communication with the person. |
| Who is it collected from? | Identity information; we collect from our employee candidates, employees, customers, potential service buyers, platform users, Business Partners and visitors. |
| Contents | Data such as e-mail address, residence address, postal address, workplace address, workplace name and title, home phone number, mobile phone number, other phone and fax number. |
| Purpose of data collection | We collect the contact information of our employee candidates in order to carry out human resources activities for the position applied for. We share the contact information of our employees with work and social security, tax, etc. We collect it within the scope of our obligations arising from the legislation. We collect the contact information of our customers in accordance with the legislation we are subject to and in order to provide support services, to fulfill our obligations arising from commercial requirements and laws and our obligations in contracts, if any, for advertising and marketing purposes, for audit processes and for security purposes. We collect contact information from our platform users in order to fulfill our legal obligations. We collect the contact information of our visitors for the purpose of ensuring security at the entrance and exit of the building and due to the service relationship that may be established in the future. We collect the contact information of our Business Partners in accordance with the legislation we are subject to and in order to provide support services, commercial requirements such as the issuance of invoices, audit processes, joint business follow-up, and to fulfill our obligations arising from the laws and contracts. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. We also collect identity information due to the contractual relationship between us and the relevant persons. We sometimes collect contact information in accordance with our legitimate interests and Company policies we adopt. |
| Data collection method | We collect data through printed and online forms, and sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Information About Family Members |
| Disclosure | Personal data belonging to the family members of the person concerned. |
| Who is it collected from? | We collect family members’ data from our customers and employees. |
| Content | Name, surname, gender of family members, T.C. Identity number, marital status information, number of children, education status, income status and financial information, contact information, health information and medical information, photocopy of marriage certificate, birth certificate of children, and proof of birth certificate. |
| Purpose of data collection | Information belonging to family members of our employees, working and social security, tax, etc. We collect it within the scope of our obligations arising from the legislation. We collect the information of our customers’ family members in accordance with the legislation we are subject to and in order to provide support services, to fulfill our obligations arising from commercial requirements and laws and our obligations in contracts, if any, for advertising and marketing purposes, for audit processes and for security purposes. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. In addition, we collect information about family members due to the contractual relationship between us and the relevant persons. Sometimes we collect this data in accordance with our legitimate interests and Company policies, for example, to communicate in an emergency. |
| Data collection method | We collect data through printed forms, sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Authentication, Security and Tracking Information |
| Explanation | Personal data such as passwords of the relevant person, CCTV Records, Physical Access and Entry and Exit Records. |
| Who is it collected from? | We collect Authentication, Security and Tracking data from our customers, parents or guardians of underage trainees/students or participants, and our visitors. |
| Content | Data collected within the scope of authentication, security and tracking data; data such as passwords of the person, CCTV Records, Physical Access and Entry and Exit Records. |
| Purpose of data collection | We collect Authentication, Security and Tracking data to fulfill our contractual obligations, for advertising and marketing purposes, for audit processes and for security purposes. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. In addition, we collect information about family members due to the contractual relationship between us and the relevant persons. Sometimes we collect this data in accordance with our legitimate interests and Company policies, for example, to communicate in an emergency. |
| Data collection method | We collect data through printed forms, and sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Financial Data |
| Description: | Data such as bank account information, credit card information, billing information. |
| Who is it collected from? | We collect financial information from potential service buyers, our employees, and our customers. |
| Content | Data such as bank account information, bank card information, credit card information, signature circular, income information, assets information, payroll information, minimum income reduction information, information about disability tax liability, financial deductions such as salary lien. |
| Purpose of data collection | We share the financial information of our employees with work and social security, tax, etc. We collect it within the scope of our obligations arising from the legislation. We collect the financial information of our customers in accordance with the legislation we are subject to and in order to provide support services, to fulfill our obligations arising from commercial requirements and laws and our obligations in contracts, if any, for advertising and marketing purposes, for audit processes and for security purposes. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. We also collect financial information due to the contractual relationship between us and the relevant persons. Sometimes, we collect financial information in accordance with our legitimate interests and Company policies, for example, to involve our employees in campaigns or promotions provided by our partner banks or other financial institutions. |
| Data collection method | We collect data through printed and online forms, and sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Personal Data |
| Description | This is the information necessary for the smooth continuation of the business relationship. |
| Who is it collected from? | We collect personal data from our employee candidates, employees and visitors. |
| content | Position/title information, diplomas and certificates, work history and details, curriculum vitae, education status, SGK employment statement, SGK dismissal statement, blood type, employment health report, criminal record, disability report, ex-convict report, administrative and data such as annual leave information, other health reports, photographs, insurance data, military status information. |
| Purpose of data collection | We collect the contact information of our employee candidates in order to carry out human resources activities for the position applied for. Employees’ personal data, service contract with them, employment and social security, tax, etc. We collect it within the scope of our obligations arising from the legislation to which we are subject and in accordance with our legitimate interests. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. In addition, we collect personal information due to the contractual relationship between us and the relevant persons. Sometimes we collect this data in accordance with our legitimate interests and our Company policies, for example, for the purposes of placing employees in suitable positions. |
| Data collection method | We collect data through printed forms, and sometimes directly through internal company common areas and electronic devices in electronic media. |
| Data Category | Other Data |
| Disclosure: | Other data collected within the scope of our company activities. . |
| Who is it collected from? | This data; We collect from our visitors. |
| Content | Data such as the person visited, the reason for the visit, the day and date visited. |
| Purpose of data collection | Visitors’ visit information is collected in order to identify potential service buyers. We also collect this data for security reasons. |
| Legal reason for data collection | The main reason for collecting the said data is the obligations in the relevant legislation. Sometimes we collect this data in accordance with our legitimate interests and our Company policies, for example, to improve the quality of the service provided or for purposes such as security. |
| Data collection method | We collect data through printed forms, and sometimes directly through internal company common areas and electronic devices in electronic media. |
Do We Transfer Your Personal Data to a Third Party?
Due to the legal regulations in our country, identity information, contact information and many other personal data listed above; It is shared with the places expressly authorized in the legislation, periodically or upon the request of the authorized authorities. In addition, it is shared with the authorized person or institution upon the request of a court decision and an administrative authority expressly authorized by law. Apart from this, your personal data can be shared with third parties that provide support services (such as IT service providers, hosting or operating our sites; service providers that analyze data, service providers that help deliver products and services to you, provide customer services, manage payments). service providers, etc.). Relevant third parties provide the right of access to the relevant personal data necessary to perform the said service. In this case, these third parties will only use your information to serve on behalf of the company, and they will be under the obligation to keep this information confidential and not to use it for any other purpose within the framework of their contractual obligations.
Do We Transfer Your Personal Data Abroad?
Your personal data only;
- with your express consent,
- Where the situations stipulated in the KVKK exist and there is sufficient protection in the country to which the data will be transferred, and
- Although the conditions stipulated in the KVKK exist and there is not sufficient protection in the country to be transferred, adequate protection is committed by the relevant country and the Personal Data Protection Board (“Board“) has permission.
In the presence of one of the conditions, it can be transferred abroad. For example, if the service is provided by a company abroad, the information must be transferred abroad in order to fulfill the contract and to perform the said service. For this reason, if the said transfer is not consented to, the performance of the contract, which is the subject of the service mentioned in the first sentence, will become impossible.
How Long Is Your Personal Data Retained?
The retention period of your personal data is as follows:
- If a period is determined for the storage of data in the law or the relevant legislation, the said data must be kept for at least this period. The storage period of data is determined by adding a period of 6 months to 1 year to the periods stipulated in the legislation for the storage of your data, taking into account the possibility that a possible court request or an administrative authority authorized by law arrives at us late, or a dispute that we may be a party to occurs, and At the end of the specified period, the data in question is deleted.
- If the legislation does not foresee a period for the storage period of the data we process, your data will be stored for the period determined in the contract made with you and as a requirement of the relationship between us. After the end of this relationship or after the period specified in the contract, your data will be deleted, destroyed or anonymized without your request.
- If you request the deletion of your data, the retention period of which is determined in the legislation, before the stipulated periods, your request will not be fulfilled.
- If you make a request for the deletion of your data, which is not specified for a period of time in the legislation regarding the storage period and does not have the purpose of processing, it will be deleted immediately or within 6 months at the latest.
What Are Your Rights Regarding Your Personal Data?
Regarding your personal data;
- Learning whether your personal data is processed or not,
- If your personal data has been processed, requesting information about it,
- Learning the purpose of processing personal data and whether they are used in accordance with the purpose,
- Knowing the third parties to whom your personal data is transferred, in the country or abroad,
- Requesting correction of your personal data if it is incomplete or incorrectly processed,
- Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVKK legislation,
- When you request the deletion or destruction of your personal data with the correction of incomplete or inaccurate data, requesting that this situation be notified to the third parties to whom we have transferred your personal data,
- Objecting to the result if a result arises against you by analyzing the processed data exclusively through automated systems, and
- If you suffer damage due to unlawful processing of personal data, requesting the removal of this damage
you have the rights.
How Can You Exercise Your Rights?
The Relevant Person requests his/her personal data;
- wet signed and written petition or CFS KVK Application Formwith a photocopy of your identity card, Bagdat Caddesi No126/3 Fenerbahce Kadıköy Istanbul by sending it to your address,
- A written petition with wet signature, by personally applying to the Company with a valid identity document orCFS AŞ KVK Application Formthrough,
- By sending it to our registered e-mail address wpcodeself by using a registered e-mail (KEP) [bilgi@geleceginyildizlari .com]address and a secure electronic signature or mobile signature,
will be able to forward it to the Company. In accordance with the Communiqué on the Procedures and Principles of Application to the Data Controller, the name, surname, if the application is written, signature, T.C. identification number, (passport number if the applicant is a foreigner), domicile or workplace address for notification, e-mail address, telephone number and fax number for notification, if any, and information on the subject of the request. The Relevant Person must clearly and comprehensibly state the subject requested in the application, which includes explanations regarding the right he/she will make and request to use the above-mentioned rights. Information and documents related to the application must be attached to the application. Although the subject of the request must be related to the person of the applicant, if acting on behalf of someone else, the applicant must be specifically authorized in this regard and this authority must be documented (special power of attorney). In addition, the application must contain identity and address information, and documents confirming identity must be attached to the application. Requests made by unauthorized third parties on behalf of someone else will not be considered.
How Long Will Your Requests Regarding the Processing of Your Personal Data Be Answered?
Your claims regarding your personal data are evaluated and answered within 30 days at the latest from the date they reach us. In case your application is evaluated negatively, the reasons for rejection are sent to the address you specified in the application, by e-mail or postal mail, in particular, by one of the methods selected in the Relevant Person Application Form.
2. Privacy Policy
The regulations regarding the collected data are available on our website.Cookie Policy You can reach from .
- CFS AŞ Name, surname, etc. of the participants and their parents, collected orally, in writing or digitally during the study to be carried out by All personal information and content such as Confidential Information (shortly Information) falls under the definition.
- All necessary and necessary information for the participants to participate in the training will be obtained from the participants; Only CFS AŞ It will be used within the scope of training and marketing activities.
- Information is protected with high security and privacy standards; All necessary security measures are taken to prevent unauthorized access to user information.
- Name, surname, etc. received from the participant through the application. informations, CFS AŞ and will not be disclosed to third parties, except in the following cases;
- Law, Decree-Law, Regulation, etc. Complying with the obligations imposed by the legal rules in force issued by the competent legal authority,
- Requesting information about users for the purpose of an investigation or investigation carried out by the authorized administrative and judicial authority,
- If requested by legally authorized institutions and organizations, this information will be forwarded to the authorities.
