As TGS Uluslararası Belgelendirme Teknik Kontrol ve Gözetim Hizmetleri Ltd. Şti. (COMPANY), we would like to inform you about your personal data in accordance with the “Law No. 6698 on the Protection of Personal Data” (KVKK), which was prepared and entered into force in order to protect fundamental rights and freedoms, especially the privacy of private life.

Your personal data are processed for the period stipulated in the relevant legislation or required for the purpose for which they are processed within the framework of the method, basis, purpose and conditions specified below, and all necessary administrative and technical measures are taken by our company for their protection.

1.Data Controller and Representative:
TGS International Certification Technical Control and Surveillance Services Ltd.Şti. is the “data controller” for your personal data received on behalf of our company by our Head Office Location, affiliated units and our suppliers, business partners, independent auditors.

2.Method of Collection of Personal Data:
Your personal data may be collected automatically or non-automatically, in written, verbally or electronically through our Company's Head Office (Istanbul), Human Resources, Finance, Financial Affairs, Sales, Marketing and Corporate Communications, Certification service delivery, website, social media accounts, parties from which our company receives services that are complementary or extension of our company's activities, contracted organizations, business partners, independent auditors, suppliers and sub or supercarriers and other similar channels.3.Legal Reasons for Collecting Personal Data and Processing Purposes:
The COMPANY may collect personal data in categories such as identity information, contact information, customer information, customer information, customer transaction information, transaction security information, financial information, legal transaction and compliance information and marketing sales information from parties such as customers, employees, potential customers, employee candidates, independent auditors, business partners, accreditation institutions/organizations and suppliers.

3.1.Customer Data:
There are various legislative provisions regarding the collection of personal data of our customers, including special Laws regulating the conformity assessment sector in which we operate. 

As a result of the Agreement issued regarding these services:
Full title of the legal entity, tax identification number or MERSIS number, open address, telephone number, as well as the name-surname, Turkish ID number, open address, telephone number, signature, e-mail address of the authorized real person of the legal entity.

3.2.Visitor Data:
Our Company may provide internet access to our visitors who request it during your stay in our Buildings and Facilities. In this case, log records regarding your internet access are recorded in accordance with the Law No. 5651 and the mandatory provisions of the legislation regulated in accordance with this Law; These records are processed only upon request by authorized public institutions and organizations or in order to fulfill our legal obligation in the audit processes to be carried out within the Company.

3.3. Party and Supplier Data Received within the Scope of Commercial Business Relationship:
Within the scope of our Company's commercial business relationship with third parties such as purchase of goods and services, Certification Service, Training service Marketing and Sales, etc., the necessary professional information such as name-surname, T.R. ID No., identity document, signature circular, contact information, title / business department, qualification certificate, professional chamber information and financial information such as license plate no. information, account no. depending on the nature of the situation, can be obtained for the purpose of negotiation, establishment, execution and proof of the contract. Since the type of business relationship may differ from person to person, not all of the above-mentioned information will be relevant for every real person, and will vary according to the nature of the business.

3.4. The purpose for which Personal Data will be processed:
- Fulfillment of our legal obligations arising from the legislation, 
- To provide you with the services of our Company, to fulfill our obligations to you, to organize records and documents, to comply with the information retention, reporting, disclosure, tax and other obligations stipulated by local and international legal legislation, 
- Fulfillment, execution, performance, proof and development of transactions regarding our obligations, reporting to customers, fulfillment of the contracts you have concluded and / or we have concluded; statistics, customer satisfaction studies, 
- Ensuring information security, developing commercial and business strategies, analyzing the services provided, compliance with domestic and international legislation; 

- To communicate with you in order to provide you with the necessary information about IT requirements, system structure, the necessity of IT support services received, and the necessary information regarding these services and products,
- Measuring and increasing customer satisfaction, complaint management, receiving your opinions and suggestions regarding new services and products, receiving your problem-error notifications, informing you about products and services, complaints and requests,
- Receiving your requests, performing your payment transactions, performing our services in cooperation with third parties, measuring and improving service quality, communication, optimization, audit, risk management and control, analysis, marketing, sales, advertising, communication,
- Statistical analysis for sales and marketing activities,

- Your personal data is processed in order to comply with the information storage, reporting and information obligations stipulated by the Internal Affairs, Transportation, Treasury and Finance, Family and Labor, SGK, GİB, BTK, MASAK and other authorities, to carry out promotional, marketing and campaign activities for these services and products, to develop services and products suitable for you and to maintain this uninterruptedly.

Pursuant to the KVKK, it is possible to process personal data of general nature without seeking your explicit consent in the presence of one of the conditions listed in the Law; 
a) Explicitly stipulated in the law, 
b) It is mandatory for the protection of the life or physical integrity of the person who is unable to disclose his consent due to actual impossibility or whose consent is not legally valid, or of another person 
c) Provided that it is directly related to the conclusion or performance of a contract, it is necessary to process personal data of the parties to the contract 
d) It is mandatory for the COMPANY to fulfill its legal obligation as the data controller, 
e) It has been made public by the person concerned, 
f) Data processing is mandatory for the establishment, exercise or protection of a right 
g) Data processing is mandatory for the legitimate interests of our Company, provided that it does not harm the fundamental rights and freedoms of the data subject.

4.Persons/Organizations to whom Personal Data may be Transferred:
- Business partners, shareholders, affiliates of the COMPANY, 
- Persons or organizations permitted by the Tax Procedure Law, Social Security Institution legislation, Law on Prevention of Laundering Proceeds of Crime, Turkish Commercial Code, Code of Obligations and other legislation provisions, 
- TÜRKAK (Turkish Accreditation Agency) Foundation,
- To IAS International Accreditation Services Company (United States of America),
- It may be transferred to legally authorized public institutions and organizations, administrative authorities and legal authorities, real or legal persons from whom we receive services and cooperate in the comparison, analysis, evaluation, advertising and realization of the above-mentioned purposes of our services, to the institutions we have contracted to send the messages we send to our customers, to the companies involved in the delivery of the services and / or part of the services provided to you within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of Law No. 6698.

5.Rights of the Personal Data Owner:
Pursuant to Article 11 of the KVKK, you have the following rights regarding your personal data;
- To learn whether personal data is processed or not,
- Request information if personal data has been processed,
- To learn the purpose of processing personal data and whether they are used for their intended purpose,
- To know the third parties to whom personal data are transferred domestically or abroad,
- To request correction of personal data in case of incomplete or incorrect processing, to request notification of the transactions made to third parties to whom personal data is transferred,
- To request the deletion or destruction of personal data within the framework of the conditions stipulated in the KVKK, to request notification of the transactions made to third parties to whom personal data is transferred,
- To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,
- In case of damage due to unlawful processing of personal data, to demand compensation for the damage.