Data Controller: Voltla Elektrikli Araçlar Bilişim Reklam ve Tanıtım Hizmetleri Ticaret Anonim Şirketi ("Voltla") (Address: Ahmet Yesevi Mah. Kerem Sk. No: 9 İç Kapı No: 201 Pendik / Istanbul; Website: www.voltla.co Email: destek@voltla.co; Trade Registry No: 456928) has prepared this information notice to inform users and customers about the principles and procedures to be followed in the protection of personal data in their relationships with our institution in accordance with the Personal Data Protection Law No. 6698 ("PDPL") and the Regulation on Procedures and Principles to be Followed in Fulfilling the Obligation of Illumination under the PDPL ("Regulation").
PDPL Article 10: "During the collection of personal data, the data controller or the authorized person must inform the data subjects about: the identity of the data controller and, if any, its representative, the purpose for which personal data will be processed, to whom and for what purpose the processed personal data may be transferred, the method and legal reason for collecting personal data, and other rights as specified in Article 11."
Personal Data: “Any kind of information relating to an identified or identifiable natural person.”
Processing of Personal Data: “Any kind of operation performed on personal data, whether entirely or partially automated, or by non-automated means as long as it is a part of any data recording system, including obtaining, recording, storing, preserving, altering, reorganizing, disclosing, transferring, taking over, making them obtainable, classifying, or preventing their use.”
Data Controller: “The natural or legal person responsible for determining the purposes and means of processing personal data, as well as establishing and managing the data recording system. In the context of this text, the data controller is Voltla Elektrikli Araçlar Bilişim Reklam ve Tanıtım Hizmetleri Ticaret Anonim Şirketi, located at Ahmet Yesevi Mah. Kerem Sk. No: 9 İç Kapı No: 201 Pendik / Istanbul.”
Data Recording System (VERBİS): “The system where personal data is processed in a structured manner according to specific criteria.”
Explicit Consent: “Informed and freely given consent related to a specific subject matter.”
Board: It refers to the Personal Data Protection Board.
Our organization may process personal data relating to users in accordance with the purposes and processing conditions stated in this document. The personal data subject to processing includes:
a. Identity Data: Name, surname, mother's and father's names, date of birth, Turkish identification number, gender, marital status, identity card serial number, nationality information, passport details, job title, and information about family members.
b. Contact Data: Phone number, email address, address information, company internal contact details (company phone number, extension number, corporate email address, registered email address).
c. Financial Data: Bank IBAN number, payroll information, file and debt details related to execution proceedings.
d. Professional Experience Data: Educational background, in-service training information, certificate and diploma details, language skills, attended courses, education and skills, work experience, transcript information.
e. Visual and Audio Data: Photographs belonging to the individual, camera recordings.
f. Biometric Data: Physiological biometric data such as fingerprints, retinas, palm prints, hand shape, iris.
g. Personnel Data: Payroll information, disciplinary inquiries, employment and termination records, curriculum vitae information, performance evaluation reports, insurance information, criminal record, leave start and return dates, military service status information, department and unit.
h. Health Data: Health report, blood type, personal health information, health and birth permit documents, information about disability status, details of used devices and prostheses.
i. Other Data: IP address information on corporate computers, website login and exit records on corporate computers, vehicle license plate numbers, accommodation and travel information, handwriting and signature, request-complaint information.
In accordance with Article 10 of the Personal Data Protection Law (PDPL) and Article 5 of the Regulation, user personal data may be processed by Voltla in compliance with the processing conditions specified in Article 4 of the PDPL for the following purposes:
Receiving and evaluating suggestions for improving business processes,
Providing information about changes in our service terms and conditions,
Resolving user complaints and processing data access or correction requests,
Preparing all records and documents that may serve as a basis for processing in electronic (internet/mobile, etc.) or physical environments,
Providing information to public officials upon request and in accordance with legal regulations regarding public safety matters,
Fulfilling legal obligations and exercising rights arising from current legislation,
Complying with mandatory legal obligations and responding to requests from relevant authorities in the context of judicial and administrative investigations,
Conducting business activities,
Conducting internal audit activities,
Providing information to authorized individuals, institutions, and organizations,
Conducting communication activities,
Managing accounting and financial matters,
Organizing and managing events,
Managing information security processes,
Conducting storage and archival activities,
In addition to the aforementioned and without limiting these, your personal data may be processed and collected for purposes such as establishing a commercial relationship with our company, making job applications, submitting offers, sharing personal data through channels such as business cards, resumes (CVs), providing offers, and other means, both physically and virtually, in face-to-face or remote, verbal, written, or electronic forms, through our company's website and mobile applications via forms containing information such as name, surname, Turkish identification number, address, phone number, business or personal email address; as well as preferences on pages accessed using a username and password, IP records of transactions performed, cookie data collected by the browser, navigation time and details, location data, traffic data, data obtained through verbal, written, or electronic means from individuals who share their personal data with our company for purposes such as establishing a commercial relationship with our company, making job applications, and submitting offers through channels such as sales and marketing department employees, suppliers, other sales channels, paper forms, business cards, digital marketing, and call center, in physical or virtual environments, in-person or remote, verbal or written, or electronic means, and indirectly from different channels; data obtained from (micro) websites used for purposes such as website, blog, competition, survey, game, campaign, and similar, as well as data obtained from social media, reading or clicking on e-newsletters, publicly available database data, publicly shared profiles and data from social media platforms. These data may be processed and collected for the purpose of establishing contracts and providing relevant services.
In order to report and take necessary actions for charging station failures experienced during the use of services, the collection and processing of personal data including name, surname, email address, phone number, location data, and information related to the malfunction may be collected and processed to protect the interests of Voltla and yourself, without violating fundamental rights and freedoms.
The personal data shared by the data subject may be processed for the following purposes, in compliance with the requirements of the services provided, the contract, and technological necessities, as well as in accordance with the Electronic Commerce Regulation Law No. 6563, the Consumer Protection Law No. 6502, the Electronic Commerce Service Providers and Intermediary Service Providers Regulation published in the Official Gazette dated 26.08.2015 with the number 29457, 3 the Distance Contracts Regulation published in the Official Gazette dated 27.11.2014 with the number 29188, and other relevant legislation: to record the data subject's information, including identity, address, and other necessary information, for the purpose of identifying the transaction holder; to prepare all records and documents that are mandatory in the field of banking and electronic payments and serve as a basis for transactions, to comply with information storage, reporting, and notification obligations required by legislation and other authorities; to provide information to public prosecutors, courts, and relevant public officials upon request and in accordance with legal regulations in cases related to public security and legal disputes; to ensure legal and commercial security, regulation and compliance, management of legal processes, determination and execution of human resources policies, execution of support services and obligations, management of corporate communication activities, planning and execution of corporate sustainability, corporate governance, strategic planning, and information security processes, preparation of applications, monitoring of financial matters, execution of lawsuits and enforcement proceedings in which our company is a party, establishment, operation, and backup of information technology and network operating system infrastructure, ensuring the security and control of our company's locations, and conducting purchasing, selling, tender, and sales transactions.
Personal data can be obtained directly from the data subject, third parties, and legal authorities during the establishment of a legal relationship. Within this scope, personal data can be collected through verbal, written, or electronic means via communication channels such as email, application forms, and through verbal, written, or electronic means through verbal, written, or electronic means.
In accordance with Article 5 of the Personal Data Protection Law (PDPL), personal data cannot be processed without the explicit consent of the data subject. The law specifies exceptions where explicit consent is not required. When there is a clear provision in the law, when it is directly related to the establishment or performance of a contract and it is necessary to process the personal data of the parties to the contract, when it is necessary for the fulfillment of the legal obligations of the company, when the data subject has made the data publicly available, when data processing is necessary for the establishment, exercise, or protection of a right, when data processing is necessary for the legitimate interests of the data controller provided that it does not harm the fundamental rights and freedoms of the data subject, personal data may be processed by our company without requiring explicit consent.
For Voltla to continue its activities, personal data processing conditions and purposes specified in Articles 5 and 6 of the PDPL, as well as the principles and procedures stipulated by other relevant regulations, are applied. Personal data may be processed for the purposes mentioned in this Information Text and for the fulfillment of legal obligations with the legal reasons mentioned above.
The personal data of users, with the aim of ensuring the fulfillment of the purposes mentioned above and in compliance with the data transfer and processing conditions specified in Articles 8 and 9 of the Law, and in accordance with the security and confidentiality principles stipulated by the legislation, may be shared and transferred to: suppliers, shareholders, authorized dealers, private legal entities providing services (in the fields of security, education, auditing, events and organizations, health, occupational safety, legal matters, etc.), independent audit organizations, financial institutions, domestic and international business partners, including direct and indirect subsidiaries, domestic and international companies providing storage, archiving, and information technology support (servers, hosting, software, cloud computing), legally authorized public institutions, and private legal entities, and may be transferred abroad.
Data processors are natural or legal persons who process data on behalf of the data controller. These individuals or entities can also be separate natural or legal persons authorized by the data controller to process personal data. In collaborations established by Voltla, we may authorize third parties as data processors to fulfill the information obligation. Persons/organizations to whom/which your personal data may be transferred for the purposes mentioned above include suppliers, shipping companies, and individuals and organizations related to the services provided, as well as program partner organizations with whom we collaborate as service recipients or as data processors, both domestically and internationally, and other third parties.
In accordance with the provisions of the PDPL, your personal data processed for the purposes specified in this 'Personal Data Processing Information Text' will be deleted, destroyed, or anonymized by us in accordance with the Personal Data Storage and Destruction Policy when the purpose requiring processing under Article 7/f.1. of the PDPL ceases to exist and/or when the statutory retention periods for processing your data have expired.
Voltla reserves the right to unilaterally make changes to policies and procedures related to personal data.
The data subject has the following rights: to learn whether their personal data is processed, to request information if their personal data has been processed, to learn the purpose of processing personal data and whether they are used in accordance with that purpose, to know the third parties in the country or abroad to whom personal data is transferred, to request correction of personal data if it is incomplete or incorrect, to request the deletion or destruction of personal data within the framework of the conditions set out in the PDPL and other related laws, to request that the correction, deletion, or destruction of personal data be notified to third parties to whom it has been transferred if requested by the data subject, to object to the occurrence of a result against the individual by analyzing the processed data exclusively through automated systems, to request the compensation of damages in case of damage due to the unlawful processing of personal data.
In accordance with Article 28/2 of the law, except for the right to request the compensation of damages, data subjects will not be able to exercise the rights specified in Article 11 of the law in the following cases:
When the processing of personal data is necessary for the prevention of a crime or for the investigation of a crime,
Processing of personal data that has been made public by the data subject themselves.
The data subject can apply to Voltla in accordance with the application methods prescribed in the Regulation on Procedures and Principles of Application to the Data Controller for their requests related to the rights mentioned above.
Requests within the scope of the rights listed in Article 11 of the Law on Protection of Personal Data No. 6698 can be made through one of the methods described below in accordance with Article 5 of the Regulation on Procedures and Principles of Application to the Data Controller, as required by Article 13/1 of the PDPL.
Applications submitted to the company will be answered within 30 days from the date the request reaches the company, depending on the nature of the request, in accordance with Article 13/2 of the PDPL. Responses to the application will be sent to the data subject in writing and electronically, in accordance with Article 13 of the PDPL.
1. Written Application:
Application Method: Personally with a Signature or through a Notary
Address to be Applied: Ahmet Yesevi Mah. Kerem Sk. No: 9 İç Kapı No: 201 Pendik / İstanbul
Required Information: On the envelope/notice, 'Information Request under the Personal Data Protection Law' will be written.
2. Voltla Mail Address:
Application Method: By using the email address registered in the Voltla system
Address to be Applied: destek@voltla.co
Required Information: In the subject line of the email, 'Personal Data Protection Law Information Request' will be written.
3. Voltla Mail Address (non-registered)
Application Method: By using an email address that includes a mobile signature/e-signature, which is not found in the Voltla system
Address to be Applied: destek@voltla.co
Required Information: In the subject line of the email, 'Personal Data Protection Law Information Request' will be written.
Your application must include the following information as stated in the Regulation:
Full name and signature if the application is in writing,
Turkish Republic citizens must provide their Turkish ID number, and foreigners must provide their nationality, passport number, or ID number if available,
Registered residential or business address for notification purposes,
If available, the email address, telephone, and fax number for notification, and
The subject of the request
If the request is accepted or rejected with a justification, the response will be communicated to the applicant electronically or in writing. If the request is accepted, the necessary actions will be taken by our company promptly.
Fee: In case the response to the application is provided in writing, a fee may be charged in accordance with the tariff determined by the Personal Data Protection Authority. If the response is provided in a recording medium such as a CD or flash drive, a fee may be requested, not exceeding the cost of the recording medium.
I declare and acknowledge that I have read and understood This Information Notice Regarding The Protection Of Personal Data.
