CLARIFICATION TEXT FOR COOKIES
As Galaksiya Bilişim Teknolojileri ve Danışmanlık Yayıncılık Sanayi ve Ticaret Limited Şirketi ("Company"); we care about the privacy and security of your personal data.
Personal data means any information that makes your identity identified or identifiable. The website you visit ("Website"), which belongs to the Company, is a website that uses cookies. A cookie is a low-size small text file, mostly consisting of combinations of letters and numbers, that allows the device in question to be detected by being stored on the terminal devices in use. The purpose of this Cookie Clarification Text is to inform you in accordance with Article 10 of the Personal Data Protection Law No. 6698 ("KVKK") regarding the processing of your personal data obtained automatically through cookies used on our Website, specifying what types of cookies we use for what purposes and how you can manage these cookies.
A. COOKIES USED, PURPOSES OF USE AND LEGAL REASON
Cookies are not directly placed on the device by the visited website or the Company. The cookies that are being used are the ones placed on the device by a third party in cooperation with the Company, such as an advertiser.
Our website uses cookies belonging to third parties such as Google Analytics, Google Ads, Meta Ads, Linkedin Ads., and the Company does not keep any data that might be used to personally identify the data owners via these cookies.
Your personal data collected through cookies is processed based on the legitimate interests of the data controller and the legal reason of giving explicit consent.
B. THE TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES AND/OR OVERSEAS TERRITORIES
The personal data you have shared with the Company with your explicit consent during your visit to our website may be shared domestically with our business partners and suppliers.
Although your personal data is not transferred abroad directly by the Company, your personal data is indirectly transferred abroad due to the fact that the Server/Hosting services where the Website and the cookies of the third parties are being stored at are located abroad.
C. CONTROLLING COOKIES
Based on the type of your browser, you can manage your cookie preferences using the following methods:
1. Google Chrome
By clicking the "lock sign" located at the address bar of your browser, you can allow or block cookies from the "cookies" tab.
2. Internet Explorer
You can manage cookies by clicking the security tab from the "Tools" section at the top right of your browser, instructing to "allow" or "do not allow"
3. Mozilla Firefox
Click the "open menu" tab at the top right corner of your browser.. By clicking the "Options" image and using the "Privacy and Security" button, you can manage the cookies.
4. Opera
You can manage cookies from the "Cookies" section by selecting "Advanced" in your browser's "Preferences" menu.
5. Safari
After selecting the "safari" tab in the "Settings" section of your phone, you can manage all your cookies from the "Privacy and Security" section.
In addition to the options above; for information about all cookies and managing the cookies: you can visit https://www.allaboutcookies.org, https://www.youronlinechoices.eu/ .
D. TECHNICAL AND ADMINISTRATIVE MEASURES TAKEN FOR DATA SECURITY
Personal data shared with our Company is under the supervision and control of the Company. As the data controller, in accordance with the provisions of the relevant legislation in force, the Company has undertaken the responsibility to establish the necessary organization and to take and adapt technical measures for the purpose of preserving the privacy and integrity of the information. Being aware of our obligation in this regard;
1. Network security and application security are provided.
2. In transmissions of personal data through network, a closed system network is used.
3. Security measures are taken within the scope of supply, development and maintenance of information technology systems.
4. There are disciplinary regulations that comprise data security provisions for the employees.
5. Training and awareness studies on data security are carried out periodically for employees.
6. An authority matrix has been created for employees. 7. Access logs are kept regularly.
8. Corporate policies on access, information security, usage, storage, and disposal have been prepared and implemented.
9. If necessary, the data masking measure is applied.
10. Confidentiality commitments are made.
11. The relevant authorities of employees whose positions have changed or who have quit the job, are canceled.
12. Updated anti-virus systems are being used.
13. Firewalls are being used.
14. The signed agreements comprise provisions of data security.
15. For the personal data that has been submitted by paperwork, extra security measures are taken and the relevant document is sent in a confidential level document format.
16. Personal data security policies and procedures have been designated.
17. Issues regarding personal data security are being reported instantly.
18. The tracking of the personal data security is being made.
19. The necessary security measures regarding the entrance to and exit from physical environments which comprise personal data, are taken.
20. The security of the physical environments which comprise personal data against external risks (fire, flood, etc.) is ensured.
21.The security of the environments which comprise personal data is ensured.
22.The personal data is reduced to the maximum extent possible.
23. Personal data is backed up and the security of the backed up data is also ensured.
24. The user account management and the authorization control system are being applied and tracked.
25. Periodical and/or random in-house inspections are made and ordered to be made.
26. The log records are kept in isolation from any user intervention.
27. Existing risks and threats have been determined.
28. Protocols and procedures related to the sensitive personal data security have been determined and are being implemented.
29. If the sensitive personal data is to be sent by e-mail, it is definetely sent in an encrypted form and via registered e-mail address (KEP) or corporate e-mail account.
30. Attack detection and prevention systems are being used.
31. Cyber security measures are taken and their implementation is tracked continuously.
32.Encryption is being made.
33. The sensitive personal data which are transferred through portable memory devices, CDs and DVDs are transferred in an encrypted form.
34. The periodical inspection of the data processing service providers regarding data security is ensured.
35. The awareness of the data processing service providers regarding data security is ensured.
36. Data loss prevention software is being used.
E. THE RIGHTS OF THE PERSON WHOSE PERSONAL DATA IS PROCESSED
For the purpose of exercising the rights mentioned below, you can submit your requests regarding the processing of personal data by writing or by any other means that shall be designated by the Personal Data Protection Authority, by filling out the Personal Data Owner Application form which you can reach by clicking the URL https://www.galaksiya.com/documents/personel_data.pdf and by sending it to the Company address "Erzene Mahallesi Ankara Caddesi No: 172/67 Bornova İZMİR" or to the registered e mail address (KEP) galaksiya@hs03.kep.tr . Depending on the nature of the request, the Company resolves the requests within the application in shortest possible time and in maximum thirty days, free of charge; However, if the transaction necessitates any extra cost, the fee included in the price list which is designated by the Data Protection Authority may be collected. Within this scope, as personal data owners (Relevant Persons), you are entitled to;
- Find out if your data is processed or not,
- Request relevant information in case they have been processed,
- Find out the purpose of processing your personal data and whether they have been used in line with this purpose or not,
- Know about the domestic or overseas third parties who received the data
- Demand the correction of the personal data in case it is processed incomplete or inaccurate,
- Demand deletion or disposal of your personal data within the framework of the conditions anticipated in the Law on Protection of Personal Data (KVKK),
- Demand that the transactions made pursuant to the abovementioned rights of correction, deletion and disposal are notified to the third parties to whom the personal data has been transferred,
- Object the consequences against you arising from the exclusive analysis of your personal data through automated systems.
- Request the compensation of the damage that you have suffered due to the illegal processing of your personal data.
F. ABOUT THE CLARIFICATION TEXT
Within the framework of the amendments that might be made in the applicable legislation, the Company always reserves the right to update this Clarification Text on Protection of Personal Data.