top of page

Privacy and Disclosure Statement

 

Data Controller: Fil Danışmanlık Eğitim Ltd. Şti.

Headquarters Address: Tulumtas Mah Cinarli Cad Kargen Kon Yap Koop Sitesi Sıra Ev1B No 27 Golbasi 06830 Ankara

Email: info@coresupply.com.tr Phone: +90 533 542 2673

Data Protection Officer (DPO): Hicri Akın Aksu, info@coresupply.com.tr, +90 533 542 2673

 

Processing Purposes and Legal Basis

 

Core Supply processes your personal data for the following purposes:

  • Service Provision and Contract Management; legal basis: performance of a contract.

  • Quotation, Sales, and Invoicing Procedures; legal basis: performance of a contract and legal obligation.

  • Customer Communication and Support; legal basis: legitimate interest or contract.

  • Marketing and Information (e-mail, SMS, event invitations); legal basis: explicit consent or legitimate interest in accordance with KVKK/GDPR (depending on preference and country legislation).

  • Human Resources Processes (job applications, employee relations); legal basis: employment contract, legal obligation.

  • Website and Application Use Analytics, Security; legal basis: legitimate interest and/or user consent.

  • Fulfillment of Legal Obligations and Compliance with Official Authority Requests; legal basis: legal necessity.

 

Categories of Personal Data Processed and Collection Methods

 

  • Identification Data: Name, Last Name, Turkish ID number (where necessary). Collection method: quotation forms, contracts, job applications.

  • Contact Data: e-mail, telephone, address. Collection method: contact forms, contracts.

  • Professional and Financial Data: company title, position, invoice details, bank details (for invoicing). Collection method: contract and invoice documents.

  • Transaction and Communication Records: e-mail correspondence, call records (in compliance with legal limits). Collection method: customer services, contract process.

  • Website Data: IP address, cookie data, user behavior, session information. Collection method: web cookies, server logs, analysis tools.

  • Special Categories of Personal Data: Special categories of data such as health or criminal records are collected only with explicit consent or in case of legal necessity, and separate consent is obtained.

 

Explicit Consent, Approval, and Cookie Policy

 

Explicit consent is obtained for marketing communication and non-essential cookies; consent may be withdrawn at any time. Cookie preferences can be changed via the cookie banner or your account; essential cookies cannot be rejected, but personalization functions may be limited. Consent records are stored in a version-updated manner, along with identity verification, and retained for a period of 10 years for evidence.

 

Data Subject's Rights and Application Procedures

 

The rights you possess under the KVKK are as follows:

 

  • Be informed on whether your personal data is being processed.

  • Request additional information if your personal data has been processed.

  • Request to rectify your data.

  • Request to erase or wipe out data.

  • Request to place restrictions on processing.

  • Object to the processing.

  • Request data transference.

Application Method: Sending an e-mail with the completed application form to info@coresupply.com.tr or sending a written application via postal mail to Fil Danışmanlık Eğitim Ltd. Şti., Tulumtas Mah Cinarli Cad Kargen Kon Yap Koop Sitesi Sıra Ev1B No 27 Golbasi 06830 Ankara. Applications are concluded within a maximum of 30 days; in case of a request for additional information, further notification regarding any extension will be made. The fee policy for responding to applications: provisions stipulated in KVKK shall apply.

Retention Periods, Transfer, and Security Measures

 

Retention Principle: Data is stored only for the period connected to the purpose and for the necessary duration; general retention periods: quotation and contract records for 10 years, marketing consents for 5 years, web analytical data for 2 years. The periods may be extended pursuant to legislation or contractual obligations.

Domestic and International Transfers: Data may be shared with business partners (cloud provider, accounting firm, communication services, etc.); sharing with third parties is restricted by a written Data Processing Agreement (DPA). In case of international transfer, appropriate safeguards (standard contractual clauses or equivalent protection mechanisms) are implemented.

Security Measures: Access control, role-based authorization, data encryption (in transit and at rest), regular backups, incident management, access logs, and annual security tests are applied. In the event of a data breach, notification is made to the relevant parties and the KVKK Board within the periods stipulated in the legislation.

 

Changes, Audits, and Communication

 

This text may be updated from time to time; Any updates will be published on our website, and relevant parties will be informed of significant changes.

For related complaints, audit requests, or further information, please apply to info@coresupply.com.tr.

Within the scope of your legal rights, you may apply to our Institution (Data Controller) or file a complaint with the Board (KVKK Board).

bottom of page