Personal Data Security

Personal Data Security

General Clarification Text

  in accordance with the Law on Protection of Personal Data


  1. Identity of Data Controller

As Efe Alkollü İçecekler Ticaret Anonim Şirketi (“Efe Alkollü” or “the Company”), we acknowledge the importance of the security and privacy of your personal data. With this purpose and in accordance with Law No. 6698 Protection of Personal Data (“Law”), as data controller, we submit our clarification text  in respect to the received personal data:

  1. Processing of the Personal Data and Purpose of the Processing

The Company process the following personal data in order to provide the best products or services concerning commercial activities or services provided by Efe Alkollü. Within this framework:

In case you are an employee/official/partner of our Company’s natural person or legal person merchant customers or if you are a guarantor for a customer; Identity, communication, legal transaction, transaction security, risk management, financial data (in case the old format of the identity card/driving license isshared, religious information and blood type information may be indirectly processed), execution of the Company’s business operation and its inspection, execution of contracts and legal transaction, production of the products and providing services, sales, post-sales services, sponsorship, financing and accounting, telecommunications, auditing, information assurance, supply chain management, security assurance for movable objects and resources, execution of logistics activities,  meeting the demands of official agencies and institutions,

In case you are an employee/official/business partners of our Company’s natural or legal merchant suppliers/sub-employers/business partners/ service acquired companies;

identity, contact information, personnel information (statement of employment, payment of insurance premium, HSE training certificate), location information, risk management and also in case  you and your employer share your personal data, sensitive personal information such as a statement of health, religious information, type of blood  (it may be indirectly processed  from a shared identity card/driving license) execution of the Company’s business operation and its inspection, execution of  receiving goods and  services, execution of contracts and legal transaction, execution of financing and accounting, execution of training activities, execution of inspection process, information security, HSE training, risk management, meeting the demands of official agencies and institutions, security assurance for movable objects and resources, logistics,  supply chain management, hotel and flight reservations, event management including visa processes, execution of communication activities


  • In case of participation  to Efe Akademi events;  identity, contact information, emergency contact information and statement of health (nutrition, alergetics information), event, and travel, event registration, execution of marketing, communications, advisement, special offers, and free gifts, execution of information security process,
  • In the event of a visit to the Company and/or business offices; identity, physical location security data, keeping the visitor register book, providing the physical location security,
  • In case of visiting our Website, process security data and by using the Company’s Wi-Fi; identification, contact information, your process security data, fulfilling the legal obligations set out in Law No. 5651, storing of electronically kept logs, execution of information security process,

The above-stated activities are only processed  limited to the purposes of conducting business activities in line with the Law and the Company’s policies and procedures. Your personal data will be transferred to a physical archive and information systems, and will be stored in physical and digital archives.

  1. To Whom and for Which Purposes the Processed Personal Data Can Be Transferred

Obtained personal data may be transferred on limited and casual purposes outlined in Article 2 of this document and in accordance with the Law to government agencies and institutes, banks, audit firms, firms that provide technological services, firms that we benefit from their provided services and firms that we contractually cooperate upon their requests; for the purposes of the Company’s policies and procedures, execution of operational processes and support, data may be transferred to a group company, and their joint used information systems.

  1. Method and Legal Reason for Obtaining Personal Data

The purposes stated in Article 2 hereby information note and principles prescribed by Article 5 of the Law, your personal data may be obtained at the point of clearly defined by Law, at the drawing up a contract and performance of a contract, legal obligations of the data controller, establishment, exercise and protection of a right, limited and on the legal basis of legitimate interests of the data controller; with automated or non-automated procedures, physically or electronically, verbal or written data transmitted by you to the Company via e-mail, Website, telephone as part of the Company’s business operation by used application and software with the closed-circuit video surveillance system.

  1. The Rights Regarding Protection of Personal Data

You may send your requests personally or by other means stated in Communiqué with the form at the link [●], pursuant to The Article 11 of the Law regulating rights of the data subject, in accordance with “Communiqué on The Principles and Procedures for the Request to Data Controller” to [ ], in writing and confirming your identity by all available means.

Back to top of page