Rental Vehicle Form Privacy Notice

Data Controller: Aras Kargo Yurt İçi Yurt Dışı Taşımacılık Anonim Şirketi Rüzgarlıbahçe Mahallesi Yavuz Sultan Selim Caddesi Aras Plaza No:2, 34820 Kavacık/Beykoz/İstanbul

This privacy notice herein, regarding the processing, storage, and transfer of your personal data during the rental of your commercial vehicle by Aras Kargo, has been Prepared by Aras Kargo Yurt İçi Yurt Dışı Taşımacılık A.Ş. (“Aras Kargo”) within the scope of the Personal Data Protection Law No. 6698 (“KVKK”) and the relevant legislation.

Which of Your Personal Data are Processed and What are the Purposes, Legal Grounds, and Collection Methods of Your Personal Data?

As part of the process, your identity (surname, first name), contact (mobile phone number, home phone number, city, and district), personal (vehicle data), and transaction data (the content of the message) are processed via online electronic forms.

Your personal data is processed to a limited extent for the purposes of executing/monitoring business activities, executing logistics activities, executing contractual processes, and executing goods/services production and operational processes.

Your personal data falling under the categories of identity, communication, person, and transaction processed in the process-specific categories are processed on the basis of the legal ground "It is necessary to process personal data of the contracting parties where this is directly related to the establishment or performance of a contract" as in subparagraph (c) of paragraph 2 of Article 5 of the KVKK (Personal Data Protection Law).

If the vehicle to be used belongs to another person, it falls to the applicant to obtain the details of the vehicle owner, or if the vehicle belongs to the applicant but a third person is indicated as the driver, it falls to the applicant to obtain and transmit to Aras Kargo the details of the person she/he shares in accordance with the legislation.

To Whom and For What Purposes Can Your Personal Data Be Transferred?

By no means will your personal data be transferred to any recipient group.

What are your rights as the data subject?

Regarding your personal data, pursuant to Article 11 of the KVKK, you are entitled:

To learn whether your personal data is being processed or not,
To request information if your personal data has been processed,
To learn the purpose of processing personal data and whether they are used in accordance with their intended purpose,
To request information on the third parties to whom your personal data are transferred domestically or abroad,
To request correction of your personal data in case of incomplete or incorrect processing,
To request the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVKK legislation,
To request that this situation be notified to third parties to whom personal data is transferred, in case you request the correction of incomplete or incorrect data and the deletion or destruction of your personal data,
To object to the result in case an unfavourable result arises by analysing the processed data exclusively through automated systems and
To demand compensation in case of damage due to unlawful processing of personal data.

How Can You Exercise Your Rights?

You can submit your requests and enquiries regarding your personal information to Aras Kargo by using the Data Subject Request Form or by submitting a written request:

By sending it to Rüzgarlıbahçe Mahallesi Yavuz Sultan Selim Caddesi Aras Plaza No:2, 34820 Kavacık/Beykoz/İstanbul with a wet signature and documents certifying your identity,
By applying to Aras Kargo in person with a valid identity document,
By sending it to Aras Kargo's araskargo@hs02.kep.tr registered e-mail address by using a registered electronic mail (KEP) address and secure electronic signature or mobile signature,
By sending an e-mail to kisiselveri@araskargo.com.tr by using your e-mail address previously notified to Aras Kargo and registered in Aras Kargo's system (In this application, Aras Kargo reserves the right to request additional identity authentication depending on the subject of the request).

According to the Communiqué on the Procedures and Principles for Requests to the Controller, the data subject's request must include the data subject's first name, last name, signature if the request is made out in writing, Turkish identity card number (passport number if the applicant is a foreigner), home or work address for notification, e-mail address for notification, telephone number and, if applicable, fax number, as well as information on the subject of the request.

The data subject shall set out the subject matter of the request in a clear and comprehensible manner, including explanations of the right she or he will invoke to exercise the above rights and the right she or he is requesting to exercise. The application shall be accompanied by information and documents relating to the application.

Although the subject matter of the application must be related to the person of the applicant, if the applicant is acting on behalf of another person, she or he must be specially authorised to do so and this authorisation must be documented (special power of attorney). Furthermore, the application must contain information on the identity and address, and documents confirming the identity must be attached to the application.

Applications submitted by unauthorised third parties on behalf of another person will not be assessed.

How long does it take for your requests regarding the processing of your personal data to be answered?

Your requests regarding your personal data will be examined and answered within 30 days of receipt at the latest. If your request is assessed negatively, reasons for refusal will be sent by e-mail or by post to the address you provided in the request, in particular by one of the methods selected in the request form for the person concerned.