Birlik Sünger Kimya San. ve Tic. A.Ş. (“Birlik Sünger” or “Company”) undertakes to meticulously carry out all processes regarding the processing, storage, protection, and destruction of personal data within the scope of the Law on the Protection of Personal Data No. 6698 (“KVKK”). This policy covers the principles and tenets for the processing of personal data of our employees, employee candidates, customers, suppliers, visitors, and third parties in relationship with Birlik Sünger.

1. Purposes of Processing Personal Data Birlik Sünger processes personal data for the following purposes: Execution of company activities, Provision of products and services, management of after-sales support processes, Execution of supplier, customer, and business partner relations, Management of human resources processes, Execution of recruitment processes, Execution of finance, accounting, and contract processes, Ensuring physical space security, Keeping visitor entry-exit records, Fulfillment of legal obligations, Corporate communication, information, and reporting activities, Execution of processes for quality, environment, OHS, and other management systems.

2. Collection of Personal Data and Legal Grounds Personal data may be collected through automated or non-automated methods via channels such as our website, e-mail correspondence, human resources application forms, camera security systems, visitor records, contracts and official documents, supplier and customer forms. Personal data are processed based on legal grounds stipulated in Articles 5 and 6 of the KVKK, such as: Explicit consent, Being clearly provided for in the laws, Establishment or performance of a contract, Fulfillment of legal obligations, Legitimate interest, Actual impossibility.

3. Transfer of Personal Data Collected personal data may be transferred within the country within the framework of Articles 8 and 9 of the KVKK to: Authorized public institutions and organizations, Business partners, solution partners, and suppliers, Legal advisors for the purpose of executing legal processes, Relevant official authorities when a legal obligation arises. Birlik Sünger does not transfer personal data abroad without obtaining explicit consent.

4. Storage and Security of Personal Data Birlik Sünger stores personal data only for the period required by the purpose of processing. Eliminates personal data that has become unnecessary through periodic destruction, deletion, or anonymization methods. Takes necessary technical and administrative measures for data security: Authority management, Access restrictions, Firewall and network security, Camera and physical security, Confidentiality agreements, PDPL awareness training for employees.

5. Rights of the Data Subject Pursuant to Article 11 of the KVKK, everyone whose personal data is processed has the following rights by applying to Birlik Sünger: Learning whether personal data is processed, Requesting information if processed, Learning the purpose of processing and querying whether it is used appropriately, Knowing the third parties to whom personal data is transferred within the country, Requesting correction of incomplete or incorrectly processed data, Requesting deletion or destruction of data, Requesting notification of these operations to third parties, Objecting to the occurrence of a result against the person by analyzing the processed data exclusively through automated systems, Requesting compensation in case of damage due to unlawful processing of data.

6. Validity and Updating of the Policy This policy enters into force on the date it is published by Birlik Sünger. The policy may be regularly updated in line with changes in legal regulations and corporate needs.