Privacy Notice Regarding the Processing of Personal Data

As BASF Türk Kimya Sanayi ve Ticaret Limited Şirketi ("BASF Türk" or "Company"), we have prepared this information notice to inform you about the personal data we process within the scope of our activities in accordance with the Personal Data Protection Law No. 6698 (“PDPL”) and related legislation.

What Personal Data is Processed, for What Purpose, and on What Legal Grounds?

If you have visited BASF Türk's website:

Website Visitors
Processed Personal Data	Legal Basis	Purpose of Processing
Identity Data	Legitimate Interest of the Data Controller	Tracking Requests/Complaints via the Contact Form Execution of Customer Relationship Management Processes
Communication Data	Data Controller's Legitimate Interest	Tracking Requests/Complaints via the Contact Form Execution of Customer Relationship Management Processes
Request/Complaint Information	Data Controller's Legitimate Interest	Tracking Requests/Complaints via the Contact Form Execution of Customer Relationship Management Processes
Transaction Security Data	Legal Obligations of the Data Controller	Conducting Activities in Compliance with Legislation Execution of Information Security Processes Provision of Information to Authorized Persons, Institutions, and Organizations Monitoring and Execution of Legal Affairs

In addition to our website, you can find information about individuals whose personal data is processed by our Company below:

Our Customers
Processed Personal Data	Legal Basis	Purpose of Processing
Identity Data	Establishment or Performance of a Contract	Execution of Goods/Services Sales Processes Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Business Continuity Activities Execution of Post-Sales Support Services for Goods/Services Execution of Customer Relationship Management Processes
	Legitimate Interest of the Data Controller	Execution of Storage and Archiving Activities Execution of Customer Relationship Management Processes Implementation of Activities Aimed at Customer Satisfaction Organization and Event Management Tracking Requests/Complaints Conducting Customer Visits
	Legal Responsibilities of the Data Controller	Conducting Tax Audits Related to Company Activities Ensuring Activities are Conducted in Compliance with Legislation Monitoring and Execution of Legal Affairs Providing Information to Authorized Persons, Institutions, and Organizations
	Explicit Consent	Execution of Advertising/Campaign/Promotion Processes and Execution of Product/Service Marketing Processes
Communication Data	Establishment or Performance of the Contract	Execution of Goods/Services Sales Processes Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Business Continuity Activities Execution of Post-Sales Support Services for Goods/Services Execution of Customer Relationship Management Processes
	Legitimate Interest of the Data Controller	Execution of Storage and Archiving Activities Execution of Customer Relationship Management Processes Implementation of Activities Aimed at Customer Satisfaction Organization and Event Management Tracking Requests/Complaints Conducting Customer Visits
	Legal Responsibilities of the Data Controller	Conducting Tax Audits Related to Company Activities Ensuring Activities are Conducted in Compliance with Legislation Monitoring and Execution of Legal Affairs Providing Information to Authorized Persons, Institutions, and Organizations
	Explicit Consent	Execution of Advertising/Campaign/Promotion Processes Execution of Product/Service Marketing Processes
Financial Data	Establishment or Performance of the Contract	Execution of Contract Processes Execution of Finance and Accounting Operations Execution of Goods/Services Sales Processes
Financial Data	Legal Obligations of the Data Controller	Conducting Finance and Accounting Operations Conducting Activities in Compliance with Legislation Provision of Information to Authorized Persons, Institutions, and Organizations Monitoring and Execution of Legal Affairs
Visual and Audio Recordings	Explicit Consent	Taking Customer Photos at Events and Activities and Sharing Them on Company Social Media Accounts
Customer Transaction Data	Establishment or Performance of the Contract	Execution of Goods/Services Sales Processes Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Business Continuity Activities Execution of Post-Sales Support Services for Goods/Services Execution of Customer Relationship Management Processes
	Explicit Consent	Execution of Advertising / Campaign / Promotion Processes Execution of Product/Service Marketing Processes
	Legal Obligations of the Data Controller	Conducting Audit/Ethical Activities Conducting Activities in Compliance with Legislation Monitoring and Execution of Legal Affairs Providing Information to Authorized Persons, Institutions, and Organizations
Employees/Authorized Persons of Our Corporate Customers
Processed Personal Data	Legal Basis	Purpose of Processing
Identity Data	Establishment or Performance of a Contract	Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Goods/Services Sales Processes Execution of Post-Sale Support Services for Goods/Services
Identity Data	Legitimate Interest of the Data Controller	Execution of Storage and Archiving Activities Execution of Customer Relationship Management Processes Execution of Activities Aimed at Customer Satisfaction Tracking Requests/Complaints Conducting Customer Visits Organization and Event Management
Communication Data	Establishing or Fulfilling Contracts	Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Goods/Services Sales Processes Execution of Post-Sale Support Services for Goods/Services
Communication Data	Legitimate Interest of the Data Controller	Execution of Storage and Archiving Activities Execution of Customer Relationship Management Processes Execution of Activities Aimed at Customer Satisfaction Tracking Requests/Complaints Conducting Customer Visits Organization and Event Management
Visual and Audio Recordings	Explicit Consent	Taking Customer Photos at Events and Sharing Them on Company Social Media Accounts
Customer Transaction Data	Establishment or Performance of the Contract	Opening a Customer Current Account Conducting/Monitoring Business Activities Execution of Finance and Accounting Operations Execution of Goods/Services Sales Processes Execution of Post-Sales Support Services for Goods/Services
Customer Transaction Data	Legitimate Interest of the Data Controller	Execution of Storage and Archiving Activities Tracking Requests/Complaints
Our Potential Customers
Processed Personal Data	Legal Basis	Purpose of Processing
Identity Data Contact Data	Legitimate Interest of the Data Controller	Conducting Potential Customer Visits Conducting Business Development Activities Conducting Goods/Services Sales Processes
Identity Data Contact Data	Explicit Consent	Conducting Advertising/Campaign/Promotion Processes Conducting Product/Service Marketing Processes
Our Visitors
Processed Personal Data	Legal Basis	Purpose of Processing
Identity Data and Physical Location Security Data	Legitimate Interest of the Data Controller	Ensuring Physical Premises Security In the Event of Conduct Violating Occupational Health and Safety Legislation, Creation of a File of Evidence Related to Such Conduct and Analysis of the Incident
Identity Data and Physical Location Security Data	Legal Obligation of the Data Controller	Conducting Occupational Health and Safety Activities Conducting Activities in Compliance with Legislation Providing Information to Authorized Persons, Institutions, and Organizations
Transaction Security Records	Legal Obligations of the Data Controller	Implementation of Information Security Processes in the Context of Connecting to the Wi-Fi Network Conducting Activities in Compliance with Legislation Providing Information to Authorized Persons, Institutions, and Organizations

Our Suppliers

You can obtain detailed information regarding the processing of personal data of our suppliers and their authorized persons/employees from the Privacy Notice.

Our Employees

Detailed information regarding the processing of our employees' personal data is provided within our Company in a manner that is always easily accessible to them.

Employee and Intern Candidates

You can find detailed information about the processing of our employee and intern candidates' personal data in the Employee Candidates Privacy Notice and Intern Candidates Privacy Notice.

What Are the Methods of Collecting Your Personal Data?

The personal data specified in the categories above are collected through printed and electronic forms, cookies, website contact forms, email, software and information systems, and documents declared by the relevant person.

Do We Transfer Your Personal Data to a Third Party?

Your personal data is transferred to the following parties with the following purposes:

Authorized institutions and organizations, in order to carry out our activities in accordance with the legislation and to provide information to the authorized institutions and organizations, based on the legal reason that it is necessary for the data controller to fulfill its legal obligation in accordance with Article 5/2 (ç) of the DPL,
Local audit firms for the purposes of obtaining audit services and executing related contract processes, as well as executing risk management processes based on the legal grounds that it is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract, in accordance with Article 5/2 (c) of the DPL.
Our affiliates located abroad for the purposes of ensuring information and document management within the Company and its affiliates, and carrying out reporting and audit activities with the affiliates, based on the standard contractual clauses executed pursuant to Article 9/4(c) of the DPL. In addition, and for the above-mentioned purposes as well as for conducting information security processes, information and document management, storage and archiving processes, and the provision of communication infrastructure, personal data are transferred to the system infrastructure service provider located abroad based on the existence of standard contractual clauses executed pursuant to Article 9/4(c) of DPL.
Our domestic suppliers who provide services in fulfilling the purposes of managing supply chain processes, executing organizational and event processes, executing logistics processes, and executing finance and accounting processes, based on the legal grounds that the processing of personal data belonging to the parties to the contract is necessary, provided that it is directly related to the establishment or performance of a contract, in accordance with Article 5/2 (c) of the DPL.
Visual records are transferred to agencies and social media platforms, for the purposes of being used in content to be created for the promotion of products/services and of being shared through the Company’s social media accounts, based on Article 5/1 of the DPL.
Local SMS delivery and advertising service providers for the purpose of carrying out the marketing processes of products and services, based on Article 5/1 of the DPL.
If you have given us your consent to do so, we will process your personal data to provide you with personalized information on BASF products, events, web seminars and services we consider relevant for you and to conduct customer surveys via the communication channels you have selected.

In order to determine your professional needs and interests, we combine and analyse the personal data that we have collected about you in the course of your relationship with BASF as a customer or user of BASF products and services (in particular your contract and master data, the products you have purchased, samples, demos, brochures or whitepapers that you have requested or downloaded, webinars for which you have registered, surveys that you have completed, etc.).

The legal basis for the processing of your personal data for the above-mentioned purposes is your consent.

Due to the global nature of BASF’s marketing teams, BASF will share your personal data with the relevant BASF entities and therefore transmit your personal data to the BASF SE, the regional Marketing Headquarters.

In addition, BASF will share your personal data between those BASF companies which are responsible for you as a (prospective) business partner. Both of the aforementioned transfers serve the purpose of the administration of customer data across the BASF Group and the preparation of global marketing campaigns and sales-related activities.

The legal basis for this data sharing is our legitimate interest in maintaining your personal data in our company group.

We will share your personal data with other affiliated companies of the BASF Group if they provide IT services for us or if this is necessary for operational reasons, such as follow-ups from sales managers or developing personalized marketing materials and content. Furthermore, we will pass on your personal data to the technical IT service providers we use from whom we obtain services. Our IT service providers are carefully selected and regularly checked by us. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of corresponding contracts for order processing.

We store your personal data collected within the scope of your consent for the above-mentioned purposes until your consent is revoked.

You can revoke your consent at any time with effect for the future by notifying us of your revocation under our consent preference center. Each marketing mail we will send to you based on this consent will contain a separate link to revoke your consent.

You are at liberty to grant or withhold consent. This has no effect on your visit of this website and platform.

If you revoke your consent, we will no longer use your personal data for marketing purposes unless we have another legal basis for this. The revocation of your consent does not affect the legality of the data processing that has taken place up to that point.

We use essential cookies on the BASF Türk website to enable you to navigate effectively between web pages and to facilitate the use of our website. For more detailed information about cookie usage, please visit Cookie Policy. We would like to remind you that you can access the BASF SE website, to which we are affiliated, via the BASF Türk website, and that you can manage your cookie preferences on the website.

Protection of Personal Data for Minors

The services offered through the BASF Türk website and other channels are intended only for persons aged 18 and over. If it is determined that a minor has sent personal data to the Company via the website or other channels, this data will be destroyed immediately.

What are your rights regarding your personal data?

Regarding your personal data, you have the right to:

Learn whether your personal data has been processed,
Request information about the processing of your personal data if it has been processed,
Learn the purpose of the processing of your personal data and whether they are being used in accordance with that purpose,
Know the third parties to whom your personal data has been transferred within or outside the country,
Request the correction of your personal data if it has been processed incompletely or incorrectly,
Request the deletion or destruction of your personal data within the framework of the conditions stipulated in the DPL,
When you request the correction of incomplete or incorrect data or the deletion or destruction of your personal data, to request that this situation be communicated to third parties to whom we have transferred your personal data,
Object to a result that is detrimental to the individual arising from the analysis of processed data exclusively through automated systems,
Request compensation for any damage you suffer as a result of the unlawful processing of your personal data.

How Can You Exercise Your Rights?

You may submit your requests and applications regarding your personal data either by using the Data Subject Request Form at;

By applying in person to BASF Türk with a valid ID document,
By mail to our address at "Barbaros Mah. Begonya Sk. Nidakule Ataşehir Batı No: 1 İç Kapı No: 48 Ataşehir / İstanbul" with a wet signature and a copy of your ID.
You can send a petition signed with a mobile signature or secure electronic signature to BASF Türk via email to kvkk@basf.com.

In accordance with the Communication on the Procedures and Principles for Applications to the Data Controller, The Data Subject's application must include their name, surname, signature (if the application is in writing), Turkish ID number (passport number if the applicant is a foreign national), address of residence or place of work for notification purposes, email address for notification purposes (if available), telephone number, fax number, and information regarding the subject of the request.

The Data Subject must clearly and comprehensively state the subject matter of the request in the application, which must include explanations regarding the rights they wish to exercise and the rights they wish to use. Information and documents related to the application must be attached to the application. The subject matter of the request must relate to the applicant personally. If the request is made on behalf of another person, the person making the request must be specifically authorized to do so, and this authorization must be documented (special power of attorney). In addition, the request must include identity and address information, and documents verifying the identity must be attached to the request. Requests made by unauthorized third parties on behalf of others will not be considered.

How Long Does It Take to Respond to Your Requests Regarding the Processing of Your Personal Data?

Requests regarding your personal data rights will be evaluated and responded to within 30 days of the date we receive them. If your request is denied, the reasons for the denial will be sent to the address you provided in your request via one of the methods you selected, primarily by email or postal mail.