SECURITY

The following security guidelines must be followed by applicants who visit the iDATA visa application offices. Visa applicants may not use or carry the following items within iDATA offices in accordance with the security requirements of the represented Diplomatic Missions:

  • Mobile phones must not be used including for taking photos and/or record audio or video;
  • All flammable substances and sharp objects;
  • Weapons or objects similar to weapons or any explosive materials;
  • Animals (due to potential allergic reactions of others);
  • Sealed envelopes or packages;
  • Food and beverage;
  • Bags or suitcases larger than a cabin size suitcase.

* The list is including but not limited to the items listed.

  • Security guards and office personnel are authorized to deny access to suspicions individuals or prevent the introduction in the iDATA visa application centers of objects not mentioned in the list. Security guards are authorized to check the bags of applicants at any stage of the visa application process;
  • For security reasons, friends, relatives or business contacts accompanying visa applicants may not enter the application center (Only the applicant or the person applying on behalf of the applicant may enter iDATA offices.). Only one person shall be accepted to accompany physically handicapped applicants or illiterate applicants;
  • Applicants may not enter areas other than common visitors areas within iDATA offices such as personnel working areas, toilets, etc.;
  • iDATA offices do not have a designated place to store the before mentioned forbidden items. Applicants are kindly requested to find alternative ways to store these items before entering the visa application centers;
  • iDATA offices are monitored by cameras on a 7/24 basis as per our security policy.


GENERAL INFORMATION ON THE PROTECTION AND PROCESSING OF PERSONAL DATA

As iDATA ("iDATA" or the "Company"), we show utmost sensitivity to the security of your personal data. With this awareness, the personal data of real persons with whom the Company interacts are subject to the Law on Protection of Personal Data No. 6698 (“Law”), secondary regulations (regulation, notification, circular) and binding. We attach great importance to the preservation and processing in accordance with the decisions taken and to be taken by the Personal Data Protection Board. With the full understanding of this responsibility, we process your personal data as "Data Supervisor" as defined in the Law, as explained below and within the limits ordered by the legislation.

1. Information on Data Supervisor

In accordance with the law, registered with the Istanbul Trade Registry with the registration number 388952, having the MERSIS number 0465005122300019, Ergenekon Mah. Cumhuriyet Cad. Çelik Apt. No: 141 D:5 Şişli - İstanbul, iDATA DANIŞMANLIK VE HİZMET DIŞ TİCARET A.Ş. is “Data Supervisor”.

2. Purposes of Processing Personal Data

Your personal data by our Company; In order to carry out the commercial activities carried out by the Company in accordance with the legislation and Company policies, the necessary studies should be carried out by the business units of the Company and the activities carried out in this direction, the determination, planning and implementation of the commercial policies of the Company in the short, medium and long term, In order to fulfill the obligations arising from the relevant legislation, to manage customer relations and corporate communication processes, and to ensure the commercial and legal safety of real and legal persons with whom the Company has business relations, within the limits specified in the Law, in accordance with the law, honesty rules and always connected with these purposes and processed in a limited and measured way.

3. Transfer of Personal Data

Your personal data, within the scope of the above-mentioned purposes, in accordance with the conditions specified in Articles 8 and 9 of the Law, primarily to legally authorized public institutions, judicial and administrative authorities, private law legal and real persons allowed in other legislation, institutions and organizations authorized to audit the Company, are transferred to the contracted payment institutions in order to fulfill the payments and financial obligations, to the business partners from whom services are received or cooperated for the execution and development of the Company's activities, and to the Company's suppliers only when necessary, by taking the data security measures specified in the Law.

4. Method and Legal Ground of Collecting Personal Data

Your personal data is collected by the authorized units and employees of the Company through automatic and non-automatic methods, verbally, in writing or electronically. In this context, personal data in the category of identity, communication, location, legal transaction, customer transaction, transaction security, risk management, finance; It is mandatory to process the personal data of the parties to the contract due to the fact that it is directly related to the establishment or performance of a contract indicated in the second paragraph of Article 5 of the Law, the data processing is mandatory for the data controller to fulfill its legal obligation, the data subject has been made public by himself and the data subject is fundamental. Provided that it does not harm your rights and freedoms, data processing is mandatory for the legitimate interests of the Company, based on legal reasons.

5. Storage of Personal Data

By contacting iDATA at any time;

  • Getting information as to whether the personal data has been processed or not,
  • If the personal data has been processed, requesting information related to this,
  • Getting information as to the purpose of processing the personal data and as to whether they are used in compliance with the relevant purpose,
  • Getting information about third persons to whom the personal data were transfered domestically and abroad,
  • In case personal data were processed incompletely or wrongly, requesting their correction,
  • Despite the fact that they have been processed in accordance with the provisions of the Law and other relevant Law, requesting the deletion or elimination of personal data in case the reasons requiring their processing are removed, and getting information about third persons to whom personal data are transfered for the transaction to be made in this scope,
  • Objecting to any consequence arising against the person himself/herself, through the analysis of the data processed, exclusively by means of automatic systems,
  • Requesting the removal of damages in case of any damages due to the processing of personal data contrary to the Law,

In order to execute your rights mentioned above, you may forward your request, which includes your necessary identifying information as well as your explanations about the right you request to execute; by completing the form at the address www.idata.com.tr, or you may forward a signed copy of the form along with your identifying documents personally to the address Ergenekon Mah. Cumhuriyet Cad. Çelik Apt. No: 141 D:5 Şişli - İstanbul, or send it through a notary public or by other methods stated in the Law, or forward the relevant form to the address veri_koruma@idata.com.tr.

iDATA, if the requests within this scope are to be answered in writing, up to ten pages without charge; will respond by charging 1 Turkish Lira transaction fee for each page over ten pages. If the response to the application is given in a recording medium such as a CD or flash memory, the fee that may be requested by the Company will not exceed the cost of the recording medium.

As iDATA ("iDATA" or the "Company"), we show utmost sensitivity to the security of your personal data. With this awareness, the personal data of real persons with whom the Company interacts are subject to the Law on Protection of Personal Data No. 6698 (“Law”), secondary regulations (regulation, notification, circular) and binding. We attach great importance to the preservation and processing in accordance with the decisions taken and to be taken by the Personal Data Protection Board. With the full understanding of this responsibility, we process your personal data as "Data Supervisor" as defined in the Law, as explained below and within the limits ordered by the legislation.

1. Information on Data Supervisor

In accordance with the law, registered with the Istanbul Trade Registry with the registration number 388952, having the MERSIS number 0465005122300019, Ergenekon Mah. Cumhuriyet Cad. Çelik Apt. No: 141 D:5 Şişli - İstanbul, iDATA DANIŞMANLIK VE HİZMET DIŞ TİCARET A.Ş. is “Data Supervisor”.

2. Purposes of Processing Personal Data

Along with the fact that your personal data may vary depending on the service rendered by iDATA and the commercial activities of iDATA, they may be collected verbally, in written form or electronically by means of automatic or non-automatic methods, through iDATA units and offices, website, social media, mobile applications, which may be introduced in the future, and similar means. Your personal data may be created, updated and processed as long as you benefit from the products and services offered by iDATA.

Furthermore, when you use our call center or website page in order to benefit from the iDATA services, when you visit the iDATA offices or our website, your personal data may be processed.

Your collected personal data, our business units to carry out the necessary work to benefit you from the products and services offered by iDATA, to determine and implement iDATA's commercial and business strategies, to ensure the execution of iDATA's quality standard policies, to carry out communication activities, to conduct appointment service sales processes, In order to carry out contract processes and to fulfill iDATA's obligations arising from the relevant legislation, personal data is processed in a limited and measured manner in accordance with the law, honesty rules and for these purposes, within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law.

3. Processed and Collected Personal Data

The term "Personal Data", as used in this Policy, shall mean information such as name, middle name, surname, date of birth, nationality, passport no, passport expiry date, Turkish ID number, flight departure date, flight return date, fixed telephone, mobile phone, e-mail address, residential address, account information, billing address, if you call our call center or are called by us, your voice recording recorded in accordance with quality standards, If you request to apply by proxy, identity and contact data such as the name, surname, telephone number, identity number and e-mail address of the authorized by you may also be collected which may be used for determining your identity. iDATA reserves the right to request further data and information due to any practices and inquiries of the relevant countries’ Embassies and Consulates.

4. Processing and Collection of Your Personal Data in Visa Applications

Your personal data listed above will be processed for the purposes stated above, in your personal or proxy applications to iDATA for a visa from the German Embassy/Consulate General and the Italian Consulate General in Istanbul. During the process from the visa application to the delivery of your passport to you or your representative, your personal data will be processed primarily by our Visa Consultant employees to fulfill the service we offer you. Afterwards, your personal data shared with the Consulate will be kept within the Consulate until your visa applications are finalized. Since both the German and Italian Embassies/Consulate Generals are the representatives of the countries party to the EU General Data Protection Regulation (EU General Data Protection Regulation 2016/679), all your personal data, including the special ones, will be protected by the relevant institutions.

iDATA will keep your personal data within its own software for the period specified in the 7th heading of this inform text. You can take photos that you will use in visa applications with the photo booths in our offices. Your photos will be printed without being recorded. If you request the application form to be filled with the additional service we offer you, your personal data will be processed in manual ways without being a part of the data recording system.

In case of need for visa applications for Germany and Italy, your fingerprints, which are in the status of special personal data, are taken at iDATA offices. Your fingerprints, which are needed for visa applications for Germany and Italy, are taken based on the international legal regulations to be registered in the Visa Information System implemented in accordance with the EU's Visa Information System Regulation (VIS Regulation) dated 09.07.2008 and numbered 767/2008. Although your fingerprints are taken at iDATA offices, your collected personal data is transmitted to the information systems of the German Consulate without being kept within iDATA. Your pictures are also taken during the fingerprint process, which is also applied by the German Consulate, based on the above-mentioned regulation.

5. To Whom and for What Purposes the Processed Personal Data may be Transfered

Your collected personal data; Carrying out the necessary work by our business units to benefit you from the products and services offered by iDATA, ensuring the legal and commercial security of real and legal persons in business relationship with iDATA, determining and implementing iDATA's commercial and business strategies, and executing iDATA's quality standard policies. Name, surname, gender, date of birth, TR identity number, telephone number, e-mail address for the creation of the travel health insurance policy, in case you do not have travel health insurance and you give your explicit consent to the relevant transfer, to our business partners, suppliers, agencies for the purpose of providing travel health insurance. Your parent/guardian/representative's name, surname and identity number type data is sent to the related organization, if your request is forwarded by your parent/guardian/representative, to the relevant company for data security and server hosting services. If you give your explicit consent due to the fact that the servers of the company, iDATA officials, company shareholders are abroad, it can be transferred abroad and to legally authorized public institutions and organizations within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law.

Your passports, whose visa procedures are completed, will be shipped to the address you have given by our contracted cargo company in accordance with the instructions you will give both online and from iDATA offices. The cargo instruction is completely optional and will be shared with the relevant institution in accordance with the Postal Services Law in order to carry out the cargo service correctly.

6. Method and Legal Ground of Collecting Personal Data

Your personal data are obtained, through all kinds of verbal, written or electronic media, in order to enable the presentation of the products and services, which we, as iDATA, offer, within the legal framework determined and to enable iDATA to fulfill its liabilities arising out of the contract and the Law completely and accurately, in accordance with the above mentioned objectives. Your personal data collected for this legal reason may be processed and transfered in the scope of the personal data processing conditions and objectives stated in articles 5, 6, 8 and 9 of the Law.

7. Periods for Storage of Personal Data

Personal data collected from Applicants verbally, in written form or by social media, through iDATA units and offices, website, social media, any applications to be introduced in the future and similar means, shall be stored only for the period foreseen in the relevant regulations or, in case there isn’t any duration foreseen in the regulations, for the period required by the data processing objective. The stored data shall be deleted, eliminated or anonymized after the purpose for processing the data is not applicable any longer.

8. Measures Related to the Personal Data Protection

iDATA is liable to take all technical and administrative measures required against the unauthorized access to personal data collected from Applicants and from all legal porsens, whose personal data are processed by iDATA, against the loss of information, their misuse, disclosure, amendment or unauthorized disposal. iDATA shall not be kept liable for any damages incurred to data subjects because of severe destruction of its servers, despite the fact that all measures arising from the Law related to the protection of personal data were taken, due to any circumstances such as any unforeseeable and unpreventable cyber attack, the breakdown of the data recording system, cases of force majeure such as earthquake, flood, fire, etc.

9. Keeping Personal Data Accurately and Updated​​​​​​​

Pursuant to Article 4 of the Law, iDATA is liable to keep the personal data, which it has collected from you, accurately and updated. The entire responsibility arising from the fact that any personal data which you have delivered to iDATA verbally, in written form or electronically through iDATA units and offices, website, social media, mobile applications, which may be introduced in the future, and similar means, was not accurate and updated, shall be born by you. You may realize any amendments and/or updating related to your personal data processed by iDATA by means of the application which you may forward to iDATA by electronical or physical media.

10. Legal Rights of the Personal Data Subject Arising from the Law​​​​​​​

In case you, as personal data subjects, deliver your claims related to your rights to iDATA by the methods arranged below, iDATA shall conclude your claim according to its nature within 30 (thirty) days the latest, free of charge. However, in case any fee is foreseen by the Law and the Personal Data Protection Board, you shall be charged with the fee in the tariff determined by iDATA. In this scope, the rights of the personal data subjects pursuant to Article 11 of the Law are as follow;

  • Getting information as to whether the personal data has been processed or not,
  • If the personal data has been processed, requesting information related to this,
  • Getting information as to the purpose of processing the personal data and as to whether they are used in compliance with the relevant purpose,
  • Getting information about third persons to whom the personal data were transfered domestically and abroad,
  • In case personal data were processed incompletely or wrongly, requesting their correction,
  • Despite the fact that they have been processed in accordance with the provisions of the Law and other relevant Law, requesting the deletion or elimination of personal data in case the reasons requiring their processing are removed, and getting information about third persons to whom personal data are transfered for the transaction to be made in this scope,
  • Objecting to any consequence arising against the person himself/herself, through the analysis of the data processed, exclusively by means of automatic systems,
  • Requesting the removal of damages in case of any damages due to the processing of personal data contrary to the Law,

You may submit your request related to the execution of your rights stated above. You can submit your requests regarding your rights and the implementation of the Law to Ergenekon Mahallesi Cumhuriyet Cad. No:141 D:5 Şişli / İSTANBUL via notary public, registered mail or with your personal application or after signing the application form filled in electronically with your mobile signature, secure electronic signature and send your KEP address or e-mail already registered in iDATA's data recording system. You can forward it to veri_koruma@idata.com.tr using your address. iDATA, if the requests within this scope are to be answered in writing, up to ten pages without charge; It will respond by charging 1 Turkish Lira transaction fee for each page over ten pages. If the response to the application is given in a recording medium such as CD or flash memory, the fee that may be requested by iDATA will not exceed the cost of the recording medium.

11. Amendments to be made on the Personal Data Protection Policy​​​​​​​

iDATA always reserves the right to make any amendments on this Policy. Amendments to be made on the Policy and the updated Policy text shall promptly enter into force upon its publication in the website of iDATA. For this purpose, it is suggested that this Policy text is reviewed periodically by everyone, whose personal data is processed by iDATA, mainly the Applicants.

iDATA DANIŞMANLIK VE HİZMET DIŞ TİCARET A.Ş.

Please click here for the text of the EU Data Protection Regulation.

Click here for information request form.

iDATA DANIŞMANLIK VE HİZMET DIŞ TİCARET A.Ş. (iDATA CONSULTANCY AND FOREIGN TRADE SERVICE INC.)