Skip to main content

Clarification Text for Business Partners on the Protection and Processing of Personal Data

This clarification text has been prepared within the scope of Article 10 of the Law on the Protection of Personal Data No. 6698 (“KVKK”) and the Communiqué on the Procedures and Principles to be Followed in the Fulfillment of the Obligation to Inform. 

No: 62 A Ümraniye/Istanbul  (hereinafter referred to as “SmartMessage”) in the processing and protection of personal data, as ODC İş Çözümleri Danışmanlık Ticaret A.Ş. (hereinafter referred to as “SmartMessage”), we attach importance to the fact that all kinds of personal data are within the scope of the Personal Data Protection Law No. 6698 (“KVK Law”) and that they are processed and stored in accordance with this law. In this context, our Company processes the data of our potential customers, employees, interns, employee candidates, shareholders, officials, suppliers, consultants, companies we cooperate with and their employees, shareholders, officials, visitors and people who are in contact with our company, including but not limited to our customers who benefit from our products and services, as “Data Controller”. 

For What Purpose and Based On What Legal Reason Is Your Personal Data Processed: 

Conducting and concluding negotiations on offers and contracts within the scope of establishing and/or executing the commercial relationship; ensuring business continuity and carrying out other communication activities related to services; audit / internal audit management; partner satisfaction and loyalty management; execution of marketing activities, information security management; requests / complaint management; storage and archive management; organization and event management; It is collected for the purposes and legal reasons of processing your personal data categories and your personal data categories processed within the scope of the execution of legal affairs, including the fulfillment of legal obligations and the making of mandatory legal notifications. 

  • Your Identity Information: Name and surname, information on the front of the identity card, tax number, signature; 
  • Your Contact Information: Address information, e-mail, phone number; 
  • Your Financial Information: Bank account and card information, invoice and debt information, 
  • Your Legal Transaction Information: Information in correspondence with judicial authorities, information in the case file, 
  • Your Professional Experience Information: Information on professional competence. 
  • Request and complaint data, 
  • Physical Space Security Information (Entry-exit registration information, camera image and audio recordings),
  • Transaction information (Audio recordings, pricing, customer reviews and chat information).

Note: We would like to remind you that sensitive personal data (e.g. religion and blood group information) of business partners and/or employees included in the signature circular and other documents that may be requested during the negotiation, conclusion and performance of the contract should not be transmitted to our Company or should be transmitted by obfuscation. 

Transfer of Your Processed Personal Data: 

Your personal data, 

  • To the IYS, which is an Authorized Private Law Legal Person, to the Authorized Public Institutions and Organizations for the purposes of carrying out the activities in accordance with the legislation within the scope stipulated by the legal regulation, informing the authorized persons, institutions and organizations and carrying out the permit processes.  
  • Your personal data collected, based on your explicit consent, during your visit to our site or during the business / commercial relationship, by us by physical and electronic methods for the purposes written here or based on your explicit consent, in the country (SmartMesassage databases in Turkey) and/or abroad (Google’s databases in Western Europe, Microsoft Azure’s databases in the Netherlands, HubSpot database in Ireland), WordPress data in the USA It is collected at the bases. 

It will be transferred in accordance with the rules in Article 8 of the KVKK regarding the transfer of personal data and the legal reasons for the processing of personal data stipulated in Articles 5 and 6 of the KVKK and by taking the necessary technical and administrative measures. 

Legal Reason for Processing Your Personal Data and Method of Collection: 

Within the scope of your business relationship with SmartMessage, your personal data is processed directly by you, the company from which we receive procurement services or with which you are a business partner, and legal authorities, via internet, telephone, e-mail and physical, written, verbal and electronic channels, for the above-mentioned purposes, based on the reasons for compliance with the law listed in the provisions of Articles 5 and 8 of the KVKK and stated below, by automatic and non-automatic means. 

  • It is clearly stipulated in the laws, 
  • Provided that it is directly related to the establishment or performance of a contract, it is necessary to process the personal data of the parties to the contract, 
  • It is mandatory for the data controller to fulfill its legal obligation, 
  • Provided that it does not harm the fundamental rights and freedoms of the data subject, data processing is mandatory for the legitimate interests of the data controller, 
  • It has been made public by the data owner, 
  • Explicit consent. 

Method of Personal Data Collection and Storage Period 

If a period of time is determined for the storage of your personal data in the law or relevant legislation, the data in question must be stored for at least this period. If a period of time is not stipulated in the law or relevant legislation; It is kept in connection with the purposes of processing, limited and measured, as stipulated in the legal relationship established with you due to your participation in the event, program and/or project, and for the required period of time. 

KVKK Article 11. Your Rights and Methods of Application to Us 

We would like to point out that in accordance with Article 11 of the Law on the Protection of Personal Data, you have the following rights: 

  • To learn whether your personal data is processed or not, 
  • If your personal data has been processed, requesting information about it, 
  • To learn the purpose of processing your personal data and whether they are used in accordance with their purpose, 
  • To know the third parties to whom your personal data is transferred at home or abroad, 
  • Requesting correction of your personal data in case of incomplete or incorrect processing and notifying third parties that the transaction made within this scope has been transferred to your personal data, 
  • Although your data has been processed in accordance with the relevant provisions of the law and other regulations, the reasons requiring processing disappear or it is requested to be destroyed, to request the deletion of your personal data and to notify third parties in case of processing of your personal data transferred in this context, 
  • Objecting to the emergence of a result against you by analyzing your processed data exclusively through automated systems, 
  • Requesting the compensation of the damage in case of damage due to unlawful processing of your personal data. 

How can you exercise your rights as a data subject? 

Application Method 

If you wish, you can submit your applications and requests regarding your personal data through the Relevant Person Application Form ; 

  • By sending an e-mail to  address from the e-mail address you registered for the Announcement Group List, 
  • By personally applying in person to SmartMessage’s Fatih Sultan Mehmet Mahallesi Balkan Cad. No: 62 A Ümraniye/Istanbul address and physically delivering your application by having a valid identity document with you in a way that allows us to verify your identity, 
  • By sending a wet signed signature declaration (if you have previously submitted a document confirming your signature within the scope of any relationship, you do not need to submit a signature declaration) to Fatih Sultan Mehmet Mahallesi Balkan Cad. No: 62 A Ümraniye/Istanbul by registered receipt or similar method, 
  • By signing with a mobile signature or secure electronic signature and sending  e-mail to the address, 
  • You can send it to us via KEP to address. 

Pursuant to the Communiqué on the Procedures and Principles of Application to the Data Controller, the application of the Relevant Person must include the name, surname, signature if the application is in writing, T.R. identification number (nationality if the applicant is a foreigner, passport number or identification number, if any), residential or workplace address for notification, e-mail address, telephone number and fax number, if any, and information about the subject of the request. 

The person concerned must clearly and understandably state the requested matter in the application, which includes explanations regarding the right he/she will make and request to use in order to exercise the above-mentioned rights. Information and documents related to the application must be attached to the application. 

Although the subject of the request must be related to the applicant’s person, if the applicant is acting on behalf of someone else, the applicant must be specifically authorized in this regard and this authority must be documented (power of attorney). In addition, the application must include identity and address information and documents confirming the identity must be attached to the application. 

Requests made by unauthorized third parties on behalf of someone else will not be evaluated. 

How Long Does It Take to Respond to Your Requests Regarding the Processing of Your Personal Data? 

Your requests regarding your personal data are evaluated and answered as soon as possible and within 30 days at the latest from the date of receipt to us. If your request is accepted or rejected by explaining the reason, our response will be sent to you by mail or e-mail to the address you specified in the application, and if possible, in the same way as your request. 

This Clarification Text will be valid as of the date it is published by SmartMessage. SmartMessage may amend this Privacy Notice at any time, if necessary. The changes to be made become effective upon the publication of the Clarification Text on the corporate web address of the