Your views
As Kosmos Visa Services, we aim to provide the best possible level of service to our customers.
Your views are important to us. To continue to improve our service we need your help. We thank you for sharing your views with us.
We keep a record of your feedback and, if you request a response, we aim to reply in 2 working days.
You may contact us by filling the Survey Form or by Sending Us Email
This is the Security Announcement for applicants whom visit Kosmos Visa Application Centre;
Due to Security reasons, the following actions or items will not be permitted or used inside the Visa Application Centre:
- • Cameras, audio/voice records, video records, (i.e. mp3, laptop, recording devices etc.),
- • Bags, suitcases or back packs, suitcases, zip folders larger than a cabin size bag, (Only a plastic bag containing your application related papers would be permitted.
*The list provided above is not restricted.
- • Inflammable items (such as matchboxes/ lighters/ fuel etc.) and any sharp objects (such as scissors, pen knives or nail filers.)
- • Weapons or similar objects, explosive material of any kind.
- • Pets (Due to potential of allergic reactions of third parties),
- • Sealed envelope or packages
- • Food or Beverages,
- • Security Guards or Kosmos Personnel have the right to prevent admission of suspicious individuals or items in to the office.
- *The list provided above is not restricted. Security Guards may prohibit other items based on his/her discretion.
- • Due to security reasons, entrance will only be permitted to the main applicant, their interpreter or if accompanying a physical handicapped applicant. Permission for entry by friends, relatives, business contacts of the main applicant is prohibited.
There is no facility available at Kosmos Visa Application Centre to store prohibited items. We request applicants to make alternative arrangements to store the listed items before entering to the Visa Application Centre. Kosmos Visa Application centre is monitored by cameras on a 7/24 basis based on the security procedures.
PROCESSING PERSONAL DATA CLARIFICATION TEXT
Law No. 6698 on the Protection of Personal Data (PDPA) published in the Official Gazette dated April 7, 2016 and numbered 29677, in order to protect the fundamental rights and freedoms of individuals, especially the privacy of individuals, in the processing of personal data and to determine the obligations of real and legal persons processing personal data. As Kosmos Visa Services Limited, we would like to inform you in the capacity of ‘data responsible’ in accordance with Article 10 of the Law titled ‘’Clarification Obligation of the Data Officer’’.
DATA RESPONSIBLE AND REPRESENTATIVE
As Kosmos Visa Services Limited, in the capacity of data responsible, we may use your personal data for the purposes described below; we will be able to process, record, store, classify, updat
e, and disclose to third parties where permitted by law for the purpose which they are committed.
YOUR PROCESSED PERSONAL DATA
Within the scope of your use of our company's products and services, the following personal data are processed:
• Your Identity Information (Your identity data by which we can identify you, such as your name, surname, T.R. identity number, name of your parents, place of birth and date of birth, gender, marital status),
• Your Contact Information (Your address, mobile phone, e-mail address and other communication data),
• Your Financial Data (Bank account number, IBAN number, credit card information, payment information, billing information, financial data such as assets)
• Customer Transaction (Order and request information, information on box office receipts)
• Professional Experience (Vocational knowledge, educational knowledge, etc.)
• Your Audio Visual Recordings (such as your photo and call center audio recording)
• Marketing (Shopping history information, survey, cookie records, etc.)
• Transaction Security (such as website navigation information, IP address, website login/logout information, password and password information)
• Health (Blood group information)
• Biometric Data (Fingerprint information)
• Your other personal data that you personally transmit within the framework of your requests, suggestions and complaints.
• Other (Your data such as insurance policy information, passport information, wage and payroll information, travel information, accommodation information, signature, travel document type, travel document number, school information, other destination countries)
PURPOSE OF PERSONAL DATA PROCESSING
İn order to benefit from the services we offer as Kosmos Visa Services Limited Company, your personal data is processed in accordance with the basic principles set out in the KVKK and the relevant legislation, your explicit consent and / or the legal legislation that we are subject to KVKK art. 5/2. When considering the services offered by Kosmos Visa Services Limited, your personal data, for you to benefit from these services:
- In the process of meeting the demands of authorized third parties, in particular the implementation and demands of the Foreign Mission,
- Fulfilment of the provisions of domestic and foreign supervisory and regulatory authorities, relevant public institutions, labour law and other relevant legislation,
- In recruitment and human resources processes,
The above-mentioned data processing activities are carried out in order to continue our commercial activities.
It is stored in physical and electronic environment for a suitable period in accordance with the purpose of processing. For this reason, Kosmos Visa Services Limited acts in compliance with its obligations stipulated in all legal regulations, particularly KVKK.
COLLECTION METHOD OF PERSONAL DATA AND LEGAL REASON
Your personal data will be collected by our Company for the purposes listed above and in any oral, written or electronic environment (physical documents, contracts and printed forms; and in the electronic environment through the corporate website, in-house software, complaint management systems, video and audio recording systems). Your collected personal data may be processed and
transmitted for the purposes specified in this Clarification Text within the scope of personal data processing conditions, such as explicit consent in article 5 of the Law, explicitly stipulated in laws, the establishment and execution of the contract, the fulfilment of our legal obligation and the achievement of legitimate interests.
Your personal data will be processed by our employees so that you can apply for a visa and perform the service we provide. Your shared personal data and visa applications will be transferred to and kept at the Mission we work with. All your personal data, including those with special qualifications, will be protected in accordance with the regulations governing the mission.
PARTIES THAT PERSONAL DATA PROVIDED TO AND PURPOSE OF TRANSFER
Your personal data processed for the purposes above may be transferred to; Foreign Mission, domestic and foreign supervisory and regulatory authorities, relevant public institutions, labour law, other persons and organizations that are allowed by the provisions of the relevant legislation, within the scope of legal authority for the purpose requested by limited, legally authorized public and private legal entities, our company's consultants, our auditors and service providers in accordance with the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law no. 6698.
Kosmos Visa Services Limited is required to keep records and documents relating to transactions performed with its customers within the scope of legal regulations for a certain period of time; if you want your personal data to be deleted or destroyed or anonymized, your request may be fulfilled by Kosmos Visa Services Limited after a period of time specified by legal regulations; however, your personal data will not be processed by Kosmos Visa Services Limited during this period and will not be shared with third parties except for the obligations arising from national and international laws, regulations and agreements.
RIGHTS OF THE PERSON WHOSE PERSONAL DATA IS PROCESSED
In the event that the party to this Agreement is a natural person, if the customer is official, the customer must be a legal entity, as a personal board of directors, there are provisions of KVKK, Kosmos Visa Services:
· Learn whether personal data is processed,
· Request information if personal data is processed,
· Learning the purpose of processing personal data and whether they are used in accordance with their purpose,
· Knowing the third parties to whom personal data is transferred at domestic or overseas,
· To request correction of personal data in case of incomplete or incorrect processing,
· Requesting deletion or destruction of personal data,
· In case of correcting, deleting or destroying personal data, requesting that these transactions be notified to the third parties to whom the personal data are transferred to,
· Object to the occurrence of a result against the person by analysing the processed data exclusively through automated systems,
· Request for compensation in case of damage due to unlawful processing of personal data
Requests submitted within this scope; will be finalize by Kosmos Visa Services Limited for free of charge within thirty days at the latest. However, if a fee is foreseen by the Personal Data Protection Board, the fee in the tariff determined by our Company will be charged.
IF YOU WISH TO CONTACT US FOR YOUR REQUESTS
If you want to contact us within the coverage of Law no. 6698, for feedback or asking questions, you can deliver personally to the address by hand or you can reach us through the notary with documents supporting your identity and your petition containing your request Kosmos Visa Services Co. Ltd. – ‘’Astoria AVM, Esentepe Mah. Büyükdere Cad No 127 Astoria B1 kati M32 Esentepe/Şişli/İstanbul’’ In this context, written applications to be made on the subject will be accepted following the authentication by us and the related parties will be returned within the legal period.
If a request is made electronically:
By signing the KVKK Application Form with an electronic or mobile signature with a "secure electronic signature" certificate defined in the Electronic Signature Law No. 5070, it can be sent to our Company's Registered Electronic Mail (KEP) address: "kosmos@hs03.kep.tr". , or you can send it to the e-mail address “info@kosmosvize.com” by using the e-mail address you have previously notified our Company and registered in our systems.
(We may request additional verifications (such as sending a message to your registered e-mail address or calling you) in order to determine whether the application belongs to you and to protect your rights. If the application is made by third parties on behalf of personal data owners, the person who will apply will be notarized by the data owner. A specially authorized power of attorney is required.)
Your requests submitted to our company will be answered in writing or electronically as soon as possible and within thirty days at the latest, depending on the nature of your request
KOSMOS VISA SERVICES LIMITED COMPANY
Address: “Astoria AVM, Esentepe Mah. Büyükdere Cad No 127 Astoria B1 floor M32 Esentepe/Şişli/İstanbul”
Tel: (0850) 474 20 21
Email : info@kosmosvize.com
Attachment: KVKK Application Form
As employees of Kosmos Visa Services Limited, to manage all kind of risk towards our business continuity and information assets;
- •To document, certify and continuously improve our information security management system in compliance with the requirements of ISO 27001 standard,
- •Protecting our information assets against all kinds of threats,
- •Preparing, maintaining and testing business continuity plans,
- •Comply with all legal regulations and conventions related to information security,
- •Systematically managing risks to our information assets,
- •Ensuring that confidential information of customers is protected and maintained with precision,
- •Conducting trainings to develop competencies to increase awareness on information security,
We pledge to be a pioneering and exemplary organisation in our sector.
1. INTRODUCTION
The principles adopted in the execution of personal data processing activities carried out by Kosmos Vize Hizmetleri Limited Şirketi (hereinafter referred to as “Kosmos”) within the framework of this Personal Data Protection and Processing Policy (“Policy”) and Kosmos data processing activities are regulated in the Personal Data Protection Law No. 6698. (the “Law”) explains the basic principles adopted in terms of compliance with the regulations and informs the personal data owners about the legal provisions and general principles adopted by our Company.
With full awareness of our responsibility in this context, your personal data is processed and reasonably protected within the scope of this Policy.
2. PURPOSE OF THE POLICY
The main purpose of this Policy is to set forth the principles of personal data processing and the protection of personal data, carried out in accordance with the law by Kosmos, and to ensure transparency by enlightening and informing the persons whose personal data are processed by our company.
3. THE SCOPE OF THE POLICY
This Policy; Regarding your personal data processed by Kosmos; The principles of the processing of personal data and personal health data, the purposes and conditions of the processing of this data, the transfer and destruction of this data in the country and abroad, and the practices and principles regarding your rights on the processed data are notified to you below.
4. ACCESS AND UPDATE
The policy is published on the website of our Company and made available to the relevant persons upon the request of the personal data owners and updated when necessary. (Your personal data that we collect and process must be accurate and up-to-date when necessary in accordance with Article 4 of the Personal Data Processing Law No. 6698. Therefore, in case of any change in your personal data, you can report your current and accurate personal information with the methods described in the Clarification Text on our website. .)
Our company reserves the right to make changes in the Policy in line with the legal regulations.
In case of conflict between the current legislation, especially the Law, and the regulations included in this Policy, the provisions of the legislation shall apply.
5. DEFINITIONS
Definitions used here in this Policy are as follows:
Explicit consent
|
Consent on a particular topic, based on information and stated by free will
|
Anonymization
|
Personal data to be rendered in such a way that even when matched with other data will by no means be associated with a person whose identity is apparent or can be identified
|
Personal data
|
All kinds of information regarding a person whose identity is apparent or can be identified
|
Processing of personal data
|
All kinds of processes performed on data acquired by non-automated means where the personal data is automated in whole or partially or is part of any data registry system, such as registration, storing, keeping, changing, rearranging, expounding, transferring, taking over of this data, making it available, categorizing it or preventing it from being used
|
PDP Law
|
Law No; 6698 Personal Data Protection Law
|
PDP Board
|
Personal Data Protection Board
|
PDP Institution
|
Personal Data Protection Institution
|
Sensitive private data
|
Data regarding race of people, ethnic origin, political view, philosophical view, religion, sect or other faith, raiment, membership in association, foundation or union, health, sexual life, criminal convictions, security measures, and biometric and genetic data
|
Data Handler
|
Real or legal person who processes personal data based on the authority given by the data officer on behalf of the data officer.
|
Personal data owner
|
Real person whose personal data is processed and is deemed to be “relevant person” in PDP Law,
|
Data Officer
|
Real or legal person who identifies the purposes and means of processing personal data, responsible for the establishment and management of the data recording system
|
Registry of Data Officers
|
Data officers’ registry kept by the Presidency under the supervision of Personal Data Protection Board (VERBIS)
|
Data Inventory
|
The inventory created by correlating and detailing the personal data processing activities implemented in line with the business processes of Kosmos Visa Services Limited Company; with personal data processing purposes, with the recipient group to which the personal data is transferred and with the related personal data owner
|
6. PERSONAL DATA INVENTORY AND CATEGORIZATION OF PERSONAL DATA
Before the Kosmos; In line with the legitimate and lawful personal data processing purposes of Kosmos, based on and limited to one or more of the personal data processing conditions specified in Article 5 of the KVK Law, in particular the principles specified in Article 4 regarding the processing of personal data, Personal data owners (Product and Service User, Potential Product and Service Buyer, Employees, Employee Candidates, Visitors, Supplier Employees, Supplier Authorities, Shareholders/Partners, Employees' Relatives, Consultants, Trainers, Inviting Persons and Reference Persons);
• Fulfilling the information sharing, reporting and informing obligations of public institutions and authorized third parties, especially the applications and requests of the relevant Mission,
• Ensuring that our company activities are carried out in accordance with company procedures or relevant legislation,
• Execution of customer relationship management processes,
• Execution of contract processes,
• Execution / supervision of business activities,
• Execution of communication activities,
• Evaluation of requests and complaints,
• Fulfillment of information and document retention obligations arising from legal legislation,
• Execution of finance and accounting works,
• Managing our legal processes,
• In order to provide you with uninterrupted better and reliable service, personal data will be processed in accordance with the processing conditions and purposes specified in Articles 5 and 6 of the Law No. 6698.
Kosmos has created a personal data inventory in accordance with the Data Controllers Registry Regulation issued by the Personal Data Protection Authority. This data inventory includes data categories, data source, data processing purposes, data processing process, recipient groups to which the data is transferred, and retention periods.
In this context, the following types of data categories exist in Kosmos, but are not limited to these types;
Identity Information
|
- Written in your identity card; Name, surname, mother's name, father's name, place of birth, date of birth, marital status, religion, blood group, registered province, district and neighborhood and the information written on your identity card without being limited to these.
|
Contact Information
|
- Requested or given by you in order to be able to communicate with you; your contact data such as home phone number, mobile phone number, residential address or other address information, e-mail address.
|
Personal Information
|
- Copy of identity card,
- For example the population Register,
- Certificate of residence,
- Health report,
- Diploma copy,
- Criminal record,
- Passport photograph,
- Document stating the family status,
- Military status document,
- Employment Contract / Service Contract
- SSI employment entry declaration,
- Your criminal record (criminal record),
- • Information and documents related to your health status.
|
Professional Experience
|
- Diploma information, courses attended, vocational training information, certificates, etc.
|
Bank Account Information (Finance)
|
- Bank account number, IBAN number, other information regarding the bank card.
|
Curriculum Vitae Information
|
- Your education information, school information about your education, certificate information, education status and information about your education, which is written in your CV or requested by Kosmos or given by you,
- Place, date and duration information about your work experience, which is written in your CV or requested by Kosmos or given by you, information about your previous job and task, any information about your work experience,
- Your photo in your CV or requested by Kosmos or given by you,
- Your driver's license written in your CV or requested by Kosmos or given by you, and the information in your driver's license,
- Your references and information about your references written in your CV or requested by Kosmos or given by you.
|
Location
|
- Location information of the current location
|
Physical Venue Security (Visitor Information)
|
- Camera recording, internet access information of visitors to the company,
|
Health Data
|
- All kinds of health information and data (disability information, blood type information, personal health information,)
|
Criminal Conviction Data
|
- Criminal record information obtained while creating the personal file,
|
Customer Transaction
|
- Invoice, promissory note, check information, information in box office receipts, order information, request information,
|
Legal Action
|
- Information in correspondence with judicial authorities, such as information in the case file,
|
Marketing
|
- Historical service information, survey, cookie records, information obtained through campaign work.
|
Transaction Security
|
- IP address information, website login and exit information, password and password information,
|
Audio-Visual Recordings
|
|
Biometric Data
|
- Biometric fingerprint information,
|
Other
|
- Information such as education status, document number, signature in the signature circular of the relative working in the AGI process.
|
7. GENERAL PRINCIPLES ON THE PROCESSING OF PERSONAL DATA
7.1. Legal Compliance
Our company carries out its personal data processing activities in accordance with the law and honesty rules, in accordance with the Constitution, the KVK Law and the relevant legislation. In this context, our Company takes action by determining the legal grounds that will require the processing of personal data, takes into account the requirements of proportionality, does not use personal data outside of what is required for the purpose, and does not perform any processing activities without the knowledge of individuals.
7.2. Accurate and up-to-date data when necessary
Our company; It ensures that the personal data it processes are accurate and up-to-date, taking into account the fundamental rights of personal data owners and their own legitimate interests, and takes the necessary measures in this direction. In this context, data on all categories of persons are tried to be kept up-to-date, and all kinds of administrative and technical measures are taken to ensure accuracy and up-to-date.
7.3. Definite, Legitimate and Clear Purpose
Our company; It processes personal data only for clearly and precisely determined legitimate purposes and does not process data other than these purposes. The purpose for which personal data will be processed by our company is determined before the processing activity and is also processed in the "Personal Data Inventory".
7.4. Relating to the Purpose for which Data are Processed, Limited and Measured
Personal data is processed by our company to the extent necessary to achieve the determined purposes. Data processing is not carried out with the assumption that it can be used later. In this context, processes are constantly reviewed and the principle of reducing personal data is tried to be implemented.
7.5. Retention of Personal Data as Necessary and Deletion Afterward
Our company retains personal data only for as long as required by the relevant legislation or for the purpose for which they are processed. In this context, our Company first determines whether a period is foreseen for the storage of personal data in the relevant legislation, if a period is determined, it acts in accordance with this period. In the event that the period expires or the reasons requiring its processing disappear, personal data is deleted, destroyed or anonymized in accordance with our Company's "Data Destruction Policy".
8. TERMS OF PROCESSING PERSONAL DATA
Personal data may only be collected, processed or used within the scope of the legal bases set out below.
8.1. Open Consent
Explicit consent in Article 3 of the Law; It is defined as “consent on a certain subject, based on information and expressed with free will”. In addition, in the 3rd paragraph of Article 20 of the Constitution, it is stipulated that personal data can only be processed in cases stipulated by the law or with the explicit consent of the person. Explicit consent is stipulated in Law No. 6698 as the main reason for compliance with the law in terms of both sensitive personal data and non-private personal data. Accordingly, the Law, respectively,
• In paragraph 1 of Article 5, “Personal data cannot be processed without the express consent of the person concerned”,
• In paragraph 2 of Article 6, “Processing of personal data of special nature is prohibited without the express consent of the person concerned”,
• In paragraph 1 of Article 8, “Personal data cannot be transferred without the explicit consent of the person concerned”,
• In paragraph 1 of Article 9, “Personal data cannot be transferred abroad without the explicit consent of the person concerned”
Personal data is processed by obtaining explicit consents (written, electronically or recorded verbally) declared with free will and obtained in a provable manner in this direction by our company. In case of processing of personal data of special nature, express consent will be obtained in writing when necessary.
Process managers who process personal data are obliged to control the existence and validity of the explicit consent of the relevant data owner when collecting the personal data they process. If it is determined that there is no explicit consent (with the exceptions below), data processing will not be done.
8.2. Processing of Personal Data without Explicit Consent
In the presence of one of the following conditions, it is possible to process personal data without seeking the explicit consent of the data subject:
8.2.1 expressly stipulated in laws,
8.2.2 The person who is unable to express his consent due to actual impossibility or whose consent is not given legal validity is compulsory for the protection of himself or someone else's life or physical integrity,
8.2.3 It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.
8.2.4 It is mandatory for the data controller to fulfill its legal obligation,
8.2.5 It has been made public by the data owner himself,
8.2.6 Data processing is mandatory for the establishment, exercise or protection of a right,
8.2.7 Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data owner,
In such cases, it can be processed without express consent.
8.3. Processing of Private Personal Data
Our company shows special sensitivity in the processing of special quality personal data, which is believed to be of more critical importance for data owners from various aspects. In this context, provided that adequate measures determined by the Board are taken, such data are not processed without the explicit consent of the data owners. However, special categories of personal data other than health and sexual life data can also be processed without the explicit consent of the data owner in cases stipulated by law. However, data related to health and sexual life can be processed without obtaining explicit consent, provided that adequate precautions are taken and in the presence of the following reasons:
• Protection of public health,
• Preventive medicine,
• Medical diagnosis,
• Carrying out treatment and care services,
• Planning and management of health services and its financing.
In all cases where sensitive personal data needs to be processed, the KVKK Committee will be informed.
9. TRANSFER OF PERSONAL DATA
Your personal data, Relevant Mission, domestic and foreign supervisory and regulatory authorities and relevant public institutions as stated in the clarification text of the relevant mission, to legally authorized public and private legal entities, our company's consultants, our auditors and service providers, limited to the purpose requested within their legal authority. to our providers within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law No. 6698.
Your personal data; In order to continue our company's activities and business processes, our suppliers, insurance companies, notaries, banks and financial institutions, legal, financial consultancy, tax, etc. to our consultancy firms, legally authorized public institutions and private individuals that we receive support in similar fields, to domestic and/or abroad storage, archiving, information technology support (server, hosting, software, cloud computing, etc.) that process personal data on behalf of our company. Personal data processing conditions specified in Articles 8 and 9 of the Law no.
Domestic Transfer of Personal Data;
In accordance with Article 8 of the KVK Law, the domestic transfer of personal data will be possible provided that one of the conditions (processing conditions) specified in the 8th section of this Policy, titled "Personal Data Processing Conditions" (processing conditions) are met.
9.1 Transfer of Personal Data Abroad;
In accordance with Article 9 of the KVK Law, in case personal data is transferred abroad without express consent, one of the following conditions is sought in addition to fulfilling the conditions for domestic transfers:
• The country to be transferred is counted among the countries with adequate protection declared by the Board,
or
• In the absence of adequate protection in the country to which the transfer will be made, the data controllers in Turkey and in the relevant foreign country must undertake in writing an adequate protection and have the permission of the Board.
9.2 Transfer of Private Personal Data Abroad
Our company, by taking the necessary security measures and taking the adequate measures prescribed by the KVK Board; In line with the legitimate and lawful personal data processing purposes, it can transfer the sensitive data of the personal data owner to the Foreign Countries where the Data Controller has Sufficient Protection or Undertakes Sufficient Protection in the following cases.
• If the personal data owner has express consent, or,
• If there is no explicit consent of the personal data owner;
(a) Private personal data other than the health and sexual life of the personal data owner (race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, dress, association, foundation or union membership, criminal conviction and security measures, biometric and genetic data), in cases stipulated by law,
(b) Persons or authorized persons, who are under the obligation to keep confidential, for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, and sensitive personal data related to the health and sexual life of the personal data owner. within the scope of processing by institutions and organizations.
The relevant employee who transfers is responsible for ensuring compliance with the obligations to be complied with during the transfer of sensitive data.
10. RIGHTS OF RELATED PERSONS
10.1 Kosmos will respond within 30 days to the requests of the persons whose personal data it processes, within the scope of the following rights:
(1) Learning whether personal data is processed or not,
(2) If personal data has been processed, requesting information about it,
(3) Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
(4) To know the third parties to whom personal data is transferred in the country or abroad,
(5) Requesting correction of personal data in case of incomplete or incorrect processing and requesting notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
(6) Requesting the deletion or destruction of personal data in the event that the reasons requiring its processing cease to exist even though it has been processed in accordance with the provisions of the KVK Law and other relevant laws, and requesting the notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
(7) Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
(8) To request the compensation of the damage in case of loss due to unlawful processing of personal data.
10.2 Data owners can apply within the scope of the above-mentioned rights with the information and documents that will determine their identities and with the KVKK application form on the website with the methods specified below or other methods determined by the Personal Data Protection Board.
11. PRIVACY AND DATA SECURITY PRECAUTIONS;
All of the personal data processed within Kosmos is confidential, as specified in Article 12 of the Law;
a) To prevent the unlawful processing of personal data,
b) To prevent unlawful access to personal data,
c) To ensure the protection of personal data,
takes all necessary technical and administrative measures to ensure the level of security appropriate for its purpose.
11.1 Technical Measures Taken to Ensure Legal Processing of Personal Data and to Prevent Unlawful Access to Personal Data
Kosmos has taken all kinds of technical and technological security measures to protect your personal data and protects your personal data against possible risks. E.g;
• Network security and application security are provided.
• Security measures are taken within the scope of procurement, development and maintenance of information technology systems.
• Access logs are kept regularly.
• The authorizations of employees who have a change in duty or quit their job in this field are removed.
• Current anti-virus systems are used.
• Firewalls are used.
• Personal data security is monitored.
• Necessary security measures are taken regarding entry and exit to physical environments containing personal data.
• The security of physical environments containing personal data against external risks (fire, flood, etc.) is ensured.
• The security of environments containing personal data is ensured.
• Personal data is backed up and the security of the backed up personal data is also ensured.
• User account management and authorization control system is implemented and these are also followed.
• Log records are kept without user intervention.
• Intrusion detection and prevention systems are used.
• Encryption is done.
11.2 Administrative Measures to Ensure Legal Processing of Personal Data and to Prevent Unlawful Access to Personal Data
• A management framework has been established to initiate and control information security operation and implementation within the organization.
a. KVKK Committee and Liaison person have been appointed and their job descriptions have been determined.
b. KVKK Application channels have been determined.
c. Violation, claim/complaint management workflows have been determined.
• Main Principles, policies and procedures regarding the processing and protection of personal data have been determined.
a. Data Processing and Retention Policy Has Been Established.
b. A Policy on the Processing and Protection of Personal Data has been established.
c. A Policy Regarding the Security of Special Quality Personal Data has been established.
• Existing risks and threats have been determined within the scope of processed personal data.
• Training and awareness activities are carried out for employees on personal data security.
• Roles, responsibilities and job descriptions regarding data security have been determined in order to ensure that employees and contractors are aware of and fulfill their information security responsibilities.
• Confidentiality commitments are made.
• Employee, customer, supplier etc. Clarification text has been published for
• Processes requiring explicit consent are determined and implemented.
• In-house periodic and/or random audits are conducted and made. It eliminates privacy and security vulnerabilities that arise as a result of audits.
• Whether there is a need for the aforementioned personal data for the purpose of processing is evaluated and personal data is reduced as much as possible.
• If the data is obtained by others illegally, necessary measures are taken by the employees to inform the relevant person and the Board as soon as possible.
11.3 Measures to be Taken in Case of Unlawful Disclosure of Personal Data
In case the processed personal data is obtained by others illegally, our Company will notify the relevant data owner and the Board as soon as possible (within 72 hours maximum).
12. DISPOSAL (DELETE, DESTRUCTION AND ANONYMIZATION) CONDITIONS OF PERSONAL DATA
In accordance with Article 138 of the Turkish Penal Code, Article 7 of the KVK Law and the "Regulation on the Deletion, Destruction and Anonymization of Personal Data" issued by the Institution; Despite the fact that it has been processed in accordance with the provisions of the relevant law, in the event that the reasons requiring its processing are eliminated, personal data is deleted, destroyed or anonymized upon Kosmos' own decision or upon the request of the personal data owner. Kosmos has created a Policy in accordance with the provisions of the regulation on this subject and in accordance with this Policy, destruction is made according to the nature of the data. In accordance with this regulation, periodic destruction dates have been determined by Kosmos, and a calendar has been established according to which periodic destruction will be carried out at various intervals with the commencement of the obligation.
13. EXECUTION
A management structure has been established to ensure that Kosmos complies with the regulations of the KVK Law in the execution of this Policy.
14. EFFECTIVE DATE OF THE POLICY
This Policy entered into force on 07.01.2022.
"Https://www.kosmosvize.com.tr/" website called domain ( "Website"), "Astoria AVM, Esentepe Mah. Büyükdere Cad No 127 Astoria B1 kati M32 Esentepe/Şişli/İstanbul" in the address "Kosmos Visa Services Limited Company ”(hereinafter referred to as“ Kosmos Vize ”). Kosmos Vize, as the data controller, is responsible for determining the purposes and means of processing personal data, establishing and managing the data recording system.
Article 3 of the Law titled "Definitions", including but not limited to the collection, storage and transfer of your personal data obtained in connection with your use of the Website, in accordance with the Personal Data Protection Law No.6698 ("Law") We would like to inform you about the processing of the said processing and the procedures and principles of the said processing.
1. Purpose of Processing Personal Data:
Personal data, according to Article 3 titled "Definitions" of the Law, personal data; It refers to "all kinds of information regarding an identified or identifiable real person". Within this data, your name, address, e-mail address or telephone number, etc. there may be information. In addition, information / data collected through the use of cookies that do not directly allow the identification of your identity (such as how you use the Website, which parts of the site you visit), if these are based on an identity assigned to the user / visitor, and therefore individually collected and stored. and if evaluated, it can be qualified as personal data.
We process the personal data of internet users and visitors using the Website in order to facilitate the use of the Website through cookies and to customize the Website in line with the interests and needs of users and visitors. In addition, we process anonymous and aggregated statistical data that enable us to understand how Website users and visitors use the Website and to help us improve the structures and contents of the Website. This data is not information that can enable us to identify you.
2. To Whom and For What Purpose Personal Data Can Be Transferred:
Your collected personal data can be shared with these authorities to the extent required by the authorities authorized by law in order to fulfill our legal obligation as Kosmos Visa, pursuant to Articles 8 and 9 of the Law.
3. Method and Legal Reason for Collecting Personal Data:
Personal data related to current and potential internet users and visitors, provided that Kosmos Vize can carry out the activities of Kosmos Vize by placing cookies on the Website and providing the products subject to the activity and the legitimate interest of Kosmos Visa, provided that it does not harm the fundamental rights and freedoms of data owners It is collected based on the legal reason.
4. Network Server Data Logging:
When you log in to the Website, your web browser is set to automatically transfer the following data to our internet server, then saves the following information / data in the data records.
• Date of entry,
• Entry time,
• URL of the application website,
Files received,
• Amount of data transmitted,
Browser type and version,
• OS,
IP address,
• Domain name of your Internet access provider.
5. Cookies
Cookies are small text files placed on your hard drive by the web page server. In this way, we automatically obtain certain data such as your IP address, browser used, operating system on your computer and your internet connection.
This Website is Google Inc. ("Google") uses Google Analytics, a web analysis service. Google Analytics uses cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the Website (including your IP address) will be transmitted to Google and stored by Google on servers located in the USA. Google will use this information to evaluate your use of the Website, to compile reports on Website activity, and to provide other services related to Website activity and internet usage.
Mandatory, functional and analytical cookies used by our site:
• It is mandatory to use the website interface and features as desired.
• It allows you to speed up the activities during your future visits.
• By enabling us to understand how the website is used by visitors, it helps us to gather statistical data and develop content in line with this data.
• Under no circumstances do we collect, store and process data that we can identify you, it does not qualify as personal data.
|
COOKIE TYPE
|
COOKIE USAGE PURPOSES
|
1.
|
REQUIRED COOKIES
|
These types of cookies allow the Website to function properly and to use all the features offered by the Website. An example is remembering the previous action when returning to a page within the same session. These cookies do not identify you. If you do not accept these cookies, you may not be able to use all the features of the Website.
|
2.
|
PERFORMANCE COOKIES
|
These types of cookies collect information about how the Website is used so that we can improve the Website. For example, it collects data / information about which pages you visit the most, time spent on the Website and error messages you encounter. The data / information collected by these cookies are stored anonymously. No information that can identify you is stored.
|
3.
|
FUNCTIONAL COOKIES.
|
These types of cookies allow us to provide you with a more personalized experience. These allow us to remember data such as your username and language preferences so that you do not have to re-enter this information on your next visit. The information that these cookies are stored in is anonymous. If you do not accept such cookies, the performance and functionality of the Website may be affected and some content on the Website may not be accessible.
|
6.Managing Cookie Settings
We recommend that you accept cookies so that you can use the Website in the most efficient way possible. You can view the Website without cookies. Internet browsers are set up to accept cookies whenever you want. You can always stop the use of cookies through your browser settings. Please use your browser's help function to learn how to change the settings to manage your cookies. Please note that some functions of our website may not work properly when you stop using cookies or change cookie settings.
7.Rights of the Data Owner
In accordance with the 11th article of the Law titled "Rights of the Related Person"; As a data owner, by applying to Kosmos Visa in writing or through other methods determined by the Personal Data Protection Board, to learn whether your personal data is being processed, to request information regarding this if your personal data has been processed, to learn the purpose of processing your personal data and whether they are used in accordance with their purpose. If your personal data is transferred to third parties in the country or abroad, to know the third parties to whom your personal data is transferred, to request correction of your personal data in case of incomplete or incorrect processing, and to request notification of your personal data to third parties to whom your personal data is transferred, Law and other relevant law. Although it has been processed in accordance with its provisions, if the reasons requiring its processing disappear, requesting the deletion or destruction of your personal data and notifying the third parties to whom the personal data has been transferred. You have the right to request the data to be processed, to object to the emergence of a result against you by analyzing the processed data exclusively through automated systems, to demand the compensation of the damage in case you suffer damage due to unlawful processing of your personal data.
Your requests in your application will be concluded free of charge by Kosmos Visa as soon as possible and within thirty days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost for Kosmos Visa, the fee in the tariff determined by the Personal Data Protection Board may be charged.
8.Exercise of Rights, Application and Communication
Your requests regarding your rights stated above within the scope of the law, by filling in the Application Form to the Data Controller and signing it with a wet signature, personally, to the address “Astoria AVM, Esentepe Mah. Büyükdere Cad No 127 Astoria B1 kati M32 Esentepe/Şişli/İstanbul” You can deliver it, send it through a notary public and other methods specified in the Law.
9.Link to other websites
The Website contains links to other websites. We have no influence over whether the administrators of these sites act in accordance with the data protection provisions. Kosmos Vize is not responsible for the contents of the sites to which it links (and the contents of the other sites to which those sites link) and does not have the authority to interfere with the contents of the sites it links to.
10.Changes
Since the Website is changing and developing depending on technological and legal developments, this Cookie Policy will also be updated from time to time in this direction, and the current version of the Cookie Policy is always available for your access by publishing at https://www.kosmosvize.com.tr/. will be kept.