• Home
  • Data Processing Policy

Data Processing Policy

Our policies and procedures for processing, storing and protecting personal data.

Last Update: 15.01.2025 Effective Date: 15.01.2025

1. Data Processing Principles

We follow and apply the following principles in our personal data processing activities:

Compliance with Law

All data processing activities are carried out in accordance with the current legislation.

Purpose Limitation

Data is processed only for specific, clear and legitimate purposes.

Data Minimization

Only the minimum amount of data required is collected and processed.

Accuracy

Data is kept accurate and up-to-date.

Retention Period

Data is kept only for the necessary period.

Security

Appropriate technical and administrative security measures are taken.

2. Data Processing Purposes

We process your personal data for the following purposes:

Service Provision

  • Providing customer services
  • Fulfilling contractual obligations
  • Providing technical support
  • Improving service quality

Communication

  • Communicating with customers
  • Sending information and announcements
  • Marketing activities
  • Conducting surveys and research

Legal Obligations

  • Legal reporting requirements
  • Control and audit activities
  • Tax and accounting
  • Legal claims

Security

  • Preventing security breaches
  • Detecting fraud
  • Ensuring system security
  • Risk management

3. Legal Bases for Data Processing

The legal bases for our personal data processing activities:

Open Consent

Open consent is obtained for marketing communications and optional services.

Contract

Data is processed for necessary activities under the service contract.

Legal Obligation

Mandatory data processing activities due to legal regulations.

Legitimate Interest

Limited data processing in the interests of the company.

4. Data Categories

The categories of personal data we process and their characteristics:

Identity Data

  • Name, surname
  • T.C. identity number
  • Date of birth
  • Nationality

Contact Data

  • E-mail address
  • Phone number
  • Address
  • Social media accounts

Professional Data

  • Company information
  • Title and position
  • Sector information
  • Work experience

Financial Data

  • Invoice information
  • Payment history
  • Bank account information
  • Tax number

5. Data Retention Periods

The retention periods applied for different data categories:

Customer Data
10 years after contract termination
Legal retention obligation
Marketing Data
Until consent is withdrawn
Open consent status
Log Records
2 years
Security and control
Financial Records
10 years
Tax legislation
Contact Records
3 years
Service quality

6. Data Security Measures

The technical and administrative measures we take to ensure the security of your personal data:

Technical Measures

256-bit SSL encryption
Security wall protection
Multi-factor authentication
Regular backups

Administrative Measures

Employee training programs
Privacy agreements
Access authorization
Regular security checks

7. Data Subjects' Rights

The rights and usage methods of data subjects under the KVKK:

Request Information

You have the right to learn whether your personal data is being processed and to request information about the processing purposes.

Request Correction

You can request the correction of your personal data if it is incorrect or incomplete.

Request Deletion

You can request the deletion of your personal data if the legal retention period has expired.

Request Processing Objection

You can object to the processing of your personal data in certain conditions.

8. Contact and Application

To contact us on data processing issues:

Email

info@formexgroup.com

Phone

+90 224 671 85 00

Address

Formex KVKK Supervisor
Tophisar, Caddesi 255/1, 16700 Karacabey/Bursa