PROCOM TECHNOLOGY

Privacy Policy

EXPLANATION AND PRIVACY POLICY ON THE PROTECTION OF PERSONAL DATA.

1-GOAL

The main purpose of this Policy is to store, control and delete personal data processed by PROCOM TECHNOLOGY as a result of the personal data processing activity carried out by PROCOM TECHNOLOGY in accordance with the Law on the Protection of Personal Data No.6698 (“Law “) and its sub-regulations. It has been prepared for the purpose of destroying by destroying and anonymizing it, and determining and defining the working methods related to the aforementioned processes.

2-SCOPE

This Policy; It relates to the processes of storing all personal data processed by PROCOM TECHNOLOGY automatically or by non-automatic means provided that it is a part of any data recording system, and the processes of destruction by deletion, destruction and anonymization.

This Policy also covers the suppliers, partnerships and / or affiliates serving PROCOM TECHNOLOGY and PROCOM TECHNOLOGY.

This Policy applies to PROCOM TECHNOLOGY customers, potential customers, employees, employee candidates, shareholders, visitors in a business relationship (support service, independent audit, consultancy, service, procurement, cooperation, solution partnership, etc.) It is applied to all personal data of institutions and organizations where it is located, their employees, shareholders and officials, and third parties, which are processed automatically or by non-automatic means provided that they are part of any data recording system.

3-REFERENCES

  • Regulation on deletion, destruction or anonymization of personal data
  • Personal Data Protection Law No. 6698

4-DEFINITIONS

Explicit consent: Consent on a specific subject, based on information and declared with free will,

Recipient group: The real or legal person category to which personal data is transferred by the data controller,

Anonymization: Making personal data unrelated to an identified or identifiable natural person under any circumstances, even by matching with other data,

Personal Data Owner / Relevant Person: Non-customer potential customers, employees, employee candidates, shareholders, visitors whose personal data are processed within the framework of a contract signed with him (support service, independent audit, rating, consultancy, service, purchase, cooperation, solution companies and organizations with which they have a business relationship and their employees, shareholders and officials and third real persons,

Destruction: Deletion, destruction or anonymization of personal data,

Law: Law No.6698 on Protection of Personal Data,

Recording medium: Any medium containing personal data that is fully or partially automated or processed non-automatically provided that it is a part of any data recording system,

Personal data: All kinds of information regarding an identified or identifiable natural person,

Special quality personal data: Race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, dress code, association foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic information,

Registry: Registry of data controllers kept by the Personal Data Protection Authority,

Processing of personal data: Obtaining, recording, storing, preserving, changing, rearranging, disclosure, transferring, taking over, making available, by means of non-automatic means, provided that personal data are fully or partially automated or are part of any data recording system, All kinds of operations performed on data such as classification or prevention of use,

Personal data processing inventory: Personal data processing activities carried out by data controllers depending on the business processes; the inventory they have created by associating with the personal data processing purposes, the data category, the recipient group and the data subject group, and elaborated by explaining the maximum period required for the purposes for which personal data are processed, the personal data foreseen to be transferred to foreign countries and the measures taken regarding data security

Board: The Personal Data Protection Board,

Authority: The Personal Data Protection Authority,

Periodic destruction: The process of deletion, destruction or anonymization to be carried out ex officio at repetitive intervals specified in the personal data storage and destruction policy in the event that all the conditions for the processing of personal data in the law are eliminated.

Data processor: Real or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller,

Data recording system: The recording system in which personal data are structured and processed according to certain criteria,

Relevant User: Except for the person or unit responsible for the technical storage, protection and backup of the data, the persons who process personal data within the organization of the data controller or in accordance with the authority and instruction received from the data controller,

Business / Service Partners: Within the framework of a contract concluded with PROCOM TECHNOLOGY (support service, independent audit, consultancy, service, procurement, cooperation, solution partnership, etc.), the institutions and organizations with which they have business relations and their employees , shareholders and officials and third parties refers to the real person

5-ISSUES ON THE PROTECTION OF PERSONAL DATA

PROCOM TECHNOLOGY takes technical and administrative measures according to technological possibilities and application costs in order to ensure that personal data are processed legally.

5.1.1 Personal Data Storage Environments

5.1.1. Technical Measures

The main technical measures taken by PROCOM TECHNOLOGY to ensure the legal processing of personal data are listed below:

  • Personal data processing activities carried out within PROCOM TECHNOLOGY are audited by established technical systems.
  • The technical measures taken are periodically reported to the relevant person in accordance with the internal audit mechanism.
  • Departments on technical issues have been established and knowledgeable personnel are employed in this regard.

5.1.1.1 Technical Measures Taken to Store Personal Data in Safe Environments

  • Systems suitable for technological developments are used to keep personal data in secure environments.
  • Expert personnel are employed in technical matters.
  • Technical security systems are established for the hiding areas and the technical measures taken are produced.
  • In order to ensure the safe storage of personal data, backup programs are used in accordance with the law.
  • Access to data storage areas with personal data is logged and made inappropriate
  • Access or access attempts are instantly transmitted to those concerned.
  • PROCOM TECHNOLOGY servers are periodically reported to the relevant person in accordance with the internal audit mechanism,
  • Necessary technological solution by re-evaluating the risk factors
  • Personal data originating from customers, employees and suppliers can be found in contracted service provider data centers and / or PROCOM TECHNOLOGY servers.
  • The complete list of these applications is kept up to date in the Data Inventory.

5.1.2. Administrative Measures

Administrative measures taken by PROCOM TECHNOLOGY for the legal processing of personal data:

  • PROCOM TECHNOLOGY employees, dealers and authorized service employees are informed and trained on the protection of personal data and the processing of personal data in accordance with the law.
  • All personal data processing activities carried out by PROCOM TEKNOLOJİ; It is carried out in accordance with the personal data inventory and its annexes created by analyzing all business units in detail.
  • Personal data processing activities carried out by the relevant departments within PROCOM TECHNOLOGY; The obligations to be fulfilled in order to ensure that these activities comply with the personal data processing conditions sought by the KVKK are bound by written policies and procedures by PROCOM TECHNOLOGY, and each business unit has been informed about this issue and the specific issues to be taken into consideration have been determined.
  • The control and management of the departments within PROCOM TECHNOLOGY regarding personal data security are organized by the Information Security Committees. Awareness is created in order to meet the legal requirements determined on the basis of the business unit, and the necessary administrative measures are implemented through in-house policies, procedures and trainings to ensure the supervision of these issues and the continuity of the implementation. 
  • Service contracts and related documents between PROCOM TECHNOLOGY and employees are recorded and additional protocols are made, including information about personal data and data security. Efforts have been made to create the necessary awareness for employees on this issue. 
  • PROCOM TEKNOLOJİ carries out a system that ensures that personal data processed in accordance with Article 12 of the Law on KVK are obtained by others illegally, and this situation is reported to the relevant personal data owner and the KVK Board as soon as possible. If deemed necessary by the KVK Board, this may be announced on the website of the KVK Board or by any other method. 

PROCOM TEKNOLOJİ makes the assessment according to the Privacy Impact Analysis PR.12 Risk Assessment Procedure in the following cases:

  • In new projects and business processes involving personal data
  • Before the selection of the supplier to whom personal data is transferred
  • Before the activities to be carried out within the scope of marketing activities
  • In case of any change in the activities mentioned above

Privacy Impact Analysis is subject to the approval of PROCOM TECHNOLOGY Data Protection Officer.

5.1.3 Supervision of the Measures Taken for the Protection of Personal Data

PROCOM TEKNOLOJİ has a Personal Data Privacy Manager. Personal Data Privacy Manager, on behalf of PROCOM TECHNOLOGY, which is the data controller, performs the necessary audits in order to ensure the implementation of the provisions of the Law in his institution or organization, and has it done by receiving support from competent organizations when necessary.

According to the results of this audit, detected violations, negativities and nonconformities are reported to the Information Security Management Representative, and the Information Security Management Representative takes the necessary measures regarding these issues. In the event that PROCOM TECHNOLOGY receives an external service due to technical requirements regarding the storage of personal data, the relevant companies and the persons to whom the personal data is transferred will take necessary security measures in order to protect the personal data and additional contracts that contain provisions to ensure compliance with these measures in their own organizations. is carried out.

6-RIGHTS AND REQUESTS OF THE PERSONAL DATA OWNER

PROCOM TECHNOLOGY, as the data controller against the requests of the data subject in accordance with the 13th article of the KVK Law, the Personal Data Application and Response Procedure, which is an annex to the personal data inventory, and the procedures for referring to the written template for the applications that do not meet the application conditions specified in the law. Technical preparations have been made in order to carry out the necessary actions in accordance with these procedures. There is a systemic infrastructure within PROCOM TECHNOLOGY to ensure the implementation of this procedure.

Requests of personal data owners regarding the rights listed below; by submitting ID, by personal application, by written or registered electronic mail (KEP) address, secure electronic signature, mobile signature or by using the e-mail address previously notified to PROCOM TECHNOLOGY by the person concerned and registered in PROCOM TECHNOLOGY’s system, or PROCOM TECHNOLOGY will respond to the request free of charge within thirty days at the latest, depending on the nature of the request, if they transmit their identities to PROCOM TECHNOLOGY in a verifiable manner through a software or application developed for the purpose of application. Detailed explanation on this issue is given below in article 20 of this policy.

Personal data owners will be able to claim all rights in the relevant article of the law, including all processing processes, purposes and transfer information of their personal data, with their application in accordance with this procedure.

Personal data owners submit their requests regarding their rights listed below to PROCOM TEKNOLOJİ in writing.

PROCOM TEKNOLOJİ provides the request free of charge within thirty days at the latest, depending on the nature of the request.

Concludes.

Personal data owners;

  • Learning whether personal data is processed,
  • If their personal data has been processed, to request information regarding this,
  • Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
  • To know the third parties in the country to whom personal data are transferred,
  • To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data have been transferred,
  • Although it has been processed in accordance with the provisions of the KVK Law and other relevant laws, to request the deletion or destruction of personal data in the event that the reasons for its processing disappear, and to request notification of the transaction made within this scope to third parties to whom personal data has been transferred,
  • To object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems,
  • In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.

7-PROTECTION OF SPECIAL QUALITY PERSONAL DATA

With the Law on KVK, special importance has been attached to certain personal data due to the risk of unlawful processing of individuals or causing discrimination. These data; Biometric and genetic data regarding race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, attire, association, foundation or union membership, health, sexual life, criminal conviction and security measures.

PROCOM TEKNOLOJİ acts sensitively in the protection of personal data of special nature, which are determined as “special quality” by the KVK Law and processed in accordance with the law. In this context, technical and administrative measures taken by PROCOM TECHNOLOGY for the protection of personal data are carefully applied in terms of special quality personal data and necessary inspections are provided within PROCOM TECHNOLOGY. 

In this context, the health data of employees are processed within PROCOM TECHNOLOGY, the necessary training is given to the personnel who can access these special quality personal data, the scope and duration of the access authorization of these personnel are determined, periodic audits are carried out and confidentiality agreements are signed. In the event that the relevant personnel leaves their job, their access authorization is immediately revoked. Physical files containing personal health data physically stored in employees’ health files are locked.  

8-PERSONAL DATA CATEGORIZATION

Identity Information : Clearly belonging to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; data containing information about the identity of the person; Documents such as name-surname, TR identity number, nationality information, mother’s name-father’s name, place of birth, date of birth, gender, driver’s license, identity card and passport, and information such as tax number, SGK number, signature information, vehicle plate, etc. 

Communication information

Clearly belonging to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; phone number, address,

Information such as e-mail address, fax number, IP address.

Physical Space Security Information

Clearly belonging to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system ; Personal data regarding the records and documents received at the entrance to the physical space, during the stay in the physical space; camera recordings, fingerprint recordings and records taken at the security point, etc.

Financial Information

Clearly belonging to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; Personal data, such as bank account number, IBAN number, credit card information, financial profile, assets data, income information, as well as the processed personal data regarding all kinds of financial results, documents and records created according to the type of legal relationship established by Koç Holding with the personal data owner. data

Audio / Visual Information

It is clear that it belongs to an identified or identifiable real person; photo and camera recordings (excluding recordings within the scope of Physical Space Security Information), voice recordings on servers and data contained in documents that are copies of documents containing personal data

Personal Information

Clearly belonging to an identified or identifiable natural person; processed partially or fully automatically or non-automatically as part of the data recording system; All kinds of personal data processed to obtain information that will be the basis of the personal rights of real persons who are in a working relationship with PROCOM TECHNOLOGY . 

9-STORAGE PERIOD OF PERSONAL DATA

PROCOM TECHNOLOGY keeps personal data for the period specified in these regulations, in case it is stipulated in the relevant laws and regulations. If a period of time is not regulated in the legislation regarding how long the personal data should be stored, the personal data are stored for the period required by PROCOM TECHNOLOGY according to the practices of PROCOM TECHNOLOGY and the industry practices, depending on the activity of PROCOM TECHNOLOGY while processing that data, then PROCOM in accordance with the nature of the data. It is deleted, destroyed or anonymized in accordance with the relevant policy created by TEKNOLOJİ . 

Although it has been processed in accordance with the provisions of the relevant law as regulated in Article 138 of the Turkish Penal Code and Article 7 of the KVK Law , personal data will be deleted upon the decision of PROCOM TEKNOLOJİ or upon the request of the personal data owner , in case the reasons for processing disappear . destroyed or made anonymous. 

If the purpose of processing personal data has ended and the storage periods determined by the relevant legislation and PROCOM TECHNOLOGY have come to an end, the personal data can only be stored for the purpose of providing evidence in possible legal disputes or to assert the right related to the personal data or to establish a defense. In the establishment of the periods here, the retention periods are determined based on the examples in the requests made to PROCOM TECHNOLOGY on the same issues before, although the time-out periods and the time-out periods for the claiming of the mentioned right have passed . In this case, the stored personal data is not accessed for any other purpose, and access to the relevant personal data is provided only when it is required to be used in the relevant legal dispute. Here too, after the aforementioned period expires, personal data are deleted, destroyed or anonymized.

10-PROCESSING OF PERSONAL DATA

In buildings and workplaces, PROCOM TECHNOLOGY carries out personal data processing activities for monitoring guest entrances and exits with security cameras in office and work areas in its buildings and facilities in order to ensure security.

PROCOM TECHNOLOGY conducts personal data processing by using security cameras and recording guest entrance and exits. Camera surveillance is carried out in accordance with the Law on Private Security Services and the relevant legislation, and necessary technical and administrative measures are taken to ensure the security of personal data obtained as a result of camera surveillance.

PROCOM TECHNOLOGY enters into a contractual relationship with the Dealer within the scope of its activities, and the personal data of a significant portion of PROCOM TECHNOLOGY customers from the subscription transactions are obtained from the real persons who have the data through the Dealers by fulfilling the disclosure obligation and with the consent and transferred to PROCOM TECHNOLOGY. In order to carry out the work, these data are only processed by PROCOM TECHNOLOGY. In the event that the relationship between PROCOM TECHNOLOGY and the personal data sharing occurs in the form of personal data transfer from the data processor to the data controller within the scope of the KVK Law, it enlightens the person that these personal data can be sent to PROCOM TECHNOLOGY during the collection of the personal data of the relevant Dealer or the relevant person. PROCOM TECHNOLOGY evaluates the personal data collection on its behalf, informs the Dealers on this issue, provides the necessary trainings and ensures that the contracts prepared in accordance with the KVKK regulating the rights and obligations of the parties are signed.

Storage of Records Regarding Internet Access Provided to Visitors

For the purpose of ensuring security by PROCOM TECHNOLOGY and for other purposes specified in this Policy, internet access can be provided to visitors who request during their stay in buildings and facilities. In this case, the log records regarding internet access are kept in accordance with the provisions of Law No. 5651 and the governing provisions of the legislation regulated according to this Law, these records are only processed if requested by the authorized public institutions and organizations or in order to fulfill the relevant legal obligation in the audit processes to be carried out within PROCOM TECHNOLOGY.

11-TRANSFER OF PERSONAL DATA

PROCOM TECHNOLOGY can transfer personal data and special quality personal data of the personal data owner to official institutions by taking the necessary security measures in line with the legal personal data processing purposes . The reasons for the transfer are explained below: 

  • If there is an explicit regulation in the laws that personal data will be transferred,
  • If it is necessary to transfer personal data belonging to the parties of the contract provided that it is directly related to the establishment or execution of a contract, if the personal data transfer is mandatory for PROCOM TECHNOLOGY to fulfill its legal obligation,
  • If the transfer of personal data is mandatory for the establishment, use or protection of a right,
  • If personal data transfer is mandatory for the legitimate interests of PROCOM TECHNOLOGY, provided that it does not harm the fundamental rights and freedoms of the personal data owner.

12-ENLIGHTENING AND INFORMING THE PERSONAL DATA OWNER

PROCOM TECHNOLOGY; In accordance with Article 10 of the KVK Law, it enlightens personal data owners during the acquisition of personal data. In this context, PROCOM TECHNOLOGY, the identity of the data controller, the identity of the representative, if any, the purpose for which personal data will be processed, to whom and for what purpose the processed personal data can be transferred, the method and legal reason of collecting personal data and the nature of the data owner and the data processing process. according to the lighting. In this context, lighting clauses have been added to dealer, customer, employee and related party contracts . . Along with this policy, the customer clarification text and application form have also been published on the PROCOM TECHNOLOGY website .  

13-TERMS OF DELETING, DESTRUCTION AND ANONYMIZATION OF PERSONAL DATA

In accordance with Article 138 of the Turkish Penal Code, Article 7 of the KVK Law and the “Regulation on the Deletion, Destruction and Anonymization of Personal Data” issued by the Board, PROCOM has been processed in accordance with the provisions of the relevant law, in case the reasons requiring its processing are eliminated. Personal data are deleted, destroyed or anonymized based on the decision of TEKNOLOJİ or upon the request of the personal data owner . PROCOM TECHNOLOGY has created a policy in this regard in accordance with the provisions of the regulation, and in accordance with this policy, it destroys according to the nature of the data. In accordance with this regulation, periodic destruction dates have been determined by PROCOM TECHNOLOGY, and a calendar has been established according to the periodic destruction at various intervals with the commencement of the obligation.   

The most commonly used deletion or destruction techniques by PROCOM TECHNOLOGY are listed below: 

  • Physical Destruction : Personal data can be processed in non-automatic ways, provided that it is a part of any data recording system. While such data is deleted / destroyed, a system of physical destruction of personal data in a way that cannot be used later is implemented. 
  • Secure Deletion from Software : While the data that is processed in fully or partially automatic ways and stored in digital media is deleted / destroyed; Methods for deleting data from the relevant software in a way that cannot be recovered again are used.

14-RIGHTS OF PERSONAL DATA OWNERS; EXERCISE OF THESE RIGHTS

PROCOM TEKNOLOJİ informs the personal data owner about the rights of the personal data owner in accordance with Article 10 of the Law on KVK, and guides the personal data owner on how to use these rights regulated in Article 11, and PROCOM TEKNOLOJİ evaluates the rights of personal data owners and provides the necessary information to personal data owners. carries out the necessary channels, internal operation, administrative and technical regulations in accordance with Article 13 of the KVK Law.

14.1 Rights of Data Owner and Exercise of These Rights 

  • Personal data owners have the following rights:
  • Learning whether personal data is processed,
  • If their personal data has been processed, to request information regarding this,
  • Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
  • To know the third parties to whom personal data are transferred domestically or abroad,
  • To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data have been transferred,
  • Although it has been processed in accordance with the provisions of the KVK Law and other related laws, to request the deletion or destruction of personal data in the event that the reasons requiring its processing disappear, and to request notification of the transaction made within this scope to third parties to whom personal data have been transferred,
  • To object to this result in the event of a result against the person himself by analyzing the processed data exclusively through automated systems,
  • In case of damage due to unlawful processing of personal data, requesting the compensation of the damage

14.2 Data Owner’s Use of These Rights 

Personal data owners will be able to submit their requests regarding their rights specified in this Policy to PROCOM TECHNOLOGY free of charge by filling and signing the Application Form with the information and documents that will identify their identity and the methods specified below or other methods determined by the Personal Data Protection Board.

After filling out the form available at https://www.procomteknoloji.com, you can send a copy with wet signature personally or in writing to 19 Mayıs Mah. Sumer Sok. No: 3/4 Kadıköy / İSTANBUL or personal application,  

In order for the above-mentioned application to be accepted as a valid application, in accordance with the Communiqué on Application Procedures to the Data Controller, the relevant person;

  • Name, surname and signature if application is in writing,
  • ID number for the citizens of the Republic of Turkey, nationality for foreigners, passport number or identification number, if any,
  • Place of residence or workplace address for notification,
  • If available, notification e-mail address, telephone and fax number,
  • Demand,

It is mandatory to specify the information. Otherwise, the application will not be considered as a valid application. In applications to be made without filling the application form, the matters listed here should be submitted to PROCOM TECHNOLOGY in full. In order for third parties to make an application request on behalf of personal data owners, a special power of attorney issued by the data owner through a notary public must be available for the person to apply.

14.4 Situations where Personal Data Owner Cannot Claim His Rights

Personal data owners cannot claim their rights listed in 20.1.1 on these issues, since the following situations are excluded from the scope of the KVK Law in accordance with Article 28 of the KVK Law:

  • Processing personal data for purposes such as research, planning and statistics by anonymizing them with official statistics,
  • Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that they do not violate national defense, national security, public security, public order, economic security, privacy of private life or personal rights or constitute a crime,
  • Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public security, public order or economic security,
  • Processing of personal data by judicial authorities or execution authorities in relation to investigation, prosecution, trial or execution proceedings.
  • Pursuant to Article 28/2 of the KVK Law; In the cases listed below, personal data owners cannot claim their other rights listed in 20.1.1, except the right to demand compensation for the damage:
  • Processing of personal data is necessary for the prevention of crime or for criminal investigation,
  • Processing personal data made public by the personal data owner himself,
  • Processing of personal data is necessary for the execution of supervision or regulation duties and disciplinary investigation or prosecution by the authorized and authorized public institutions and organizations and professional organizations having the status of public institutions, based on the authority granted by the law,
  • Processing of personal data is necessary for the protection of the economic and financial interests of the State regarding budget, tax and financial issues.

15-RELATIONSHIP OF PROCOM TECHNOLOGY POLICY ON PROTECTION AND PROCESSING OF PERSONAL DATA WITH OTHER POLICIES

PROCOM TEKNOLOJİ has established the principles set forth in this document based on policies regarding other data assets within PROCOM TECHNOLOGY and sub-procedures for internal use regarding the protection and processing of personal data.

16- PROCOM TECHNOLOGY PERSONAL DATA PROTECTION AND PROCESSING PROCESSES COORDINATION

A management structure has been established by PROCOM TECHNOLOGY in order to comply with the regulations of the KVK Law and to ensure the enforcement of the Personal Data Protection and Processing Policy.

The Information Security Committee has been appointed in accordance with the decision of the Company’s senior management to manage this Policy and other policies related to this Policy within the body of PROCOM TECHNOLOGY.

The duties of this Committee regarding the protection of personal data are as follows:

  • To prepare and put into effect the basic policies regarding the protection and processing of personal data and changes when necessary, and submit them to the approval of the senior management,
  • To decide how the implementation and supervision of the policies regarding the protection and processing of personal data will be carried out, and to submit the issues of internal assignment and coordination within this framework to the approval of the senior management,
  • To determine the issues to be done in order to comply with the KVK Law and the relevant legislation and to submit it to the approval of the senior management, to observe its implementation and to ensure its coordination
  • Raising awareness of the protection and processing of personal data within PROCOM TECHNOLOGY and among the institutions that PROCOM TECHNOLOGY cooperates with,
  • Identifying the risks that may occur in PROCOM TECHNOLOGY’s personal data processing activities, ensuring that the necessary measures are taken, and submitting improvement suggestions to the approval of the senior management, 
  • To organize trainings on the protection of personal data and the implementation and dissemination of policies, to ensure that personal data owners are informed about their personal data processing activities and their legal rights,
  • To decide the applications of personal data owners at the highest level,
  • To follow the developments and regulations on the protection of personal data, to receive suggestions on what should be done within PROCOM TECHNOLOGY in accordance with these developments and regulations,
  • Managing the relations with the KVK Board and Institution,
  • To perform other duties assigned by the senior management of the company regarding the protection of personal data.