Personal Data Protection (KVKK) Disclosure Text
Last updated: May 2026
1. Data Controller
As Kuzey Ege Makina San. ve Tic. Ltd. Sti. ("NKT Humidity Control Technologies"), in our capacity as data controller under the Turkish Personal Data Protection Law No. 6698 ("KVKK"), we process your personal data as described below and within the limits permitted by legislation.
2. Purposes of Processing Personal Data
Your personal data is processed for the following purposes: • Conducting goods and service sales processes • Managing quotation preparation and pricing processes • Customer relationship management and communication activities • Providing technical service, maintenance, and repair services • Providing information to authorized persons, institutions, and organizations • Following legal processes and fulfilling obligations • Conducting occupational health and safety activities • Planning and executing information security processes • Improving services offered through the website
3. Categories of Personal Data Processed
• Identity information: Name, surname, title • Contact information: Email address, phone number, address • Customer transaction information: Order, quotation, service and maintenance records • Physical space security: Security camera recordings (during facility visits) • Transaction security: IP address, log records, cookie information • Professional experience: Company name, position, industry information
4. Data Collection Method and Legal Basis
Your personal data is collected through: • Contact and quotation forms on our website • Email, phone, and face-to-face communications • Security cameras during facility visits • Cookies and similar technologies Processing is based on the legal grounds specified in Article 5 of KVKK: • Direct relation to the establishment or performance of a contract (Art. 5/2-c) • Necessity for the data controller to fulfill legal obligations (Art. 5/2-ç) • Necessity for the legitimate interests of the data controller (Art. 5/2-f) • Your explicit consent (Art. 5/1)
5. Transfer of Personal Data
Your personal data may be transferred for the purposes stated above to: • Authorized public institutions and organizations in case of legal obligation • Our business partners (TFT S.p.A. Italy, Neptronic Inc. Canada) for technical support purposes • Our legal advisors and financial consultants • Our information technology service providers Transfers are made within the conditions specified in Articles 8 and 9 of KVKK.
6. Rights of the Data Subject
Pursuant to Article 11 of KVKK, as a data subject you have the following rights: a) To learn whether your personal data is being processed b) To request information if your personal data has been processed c) To learn the purpose of processing and whether they are used in accordance with their purpose d) To know the third parties to whom your personal data has been transferred domestically or abroad e) To request correction if your personal data has been processed inaccurately or incompletely f) To request deletion or destruction of your personal data under the conditions stipulated in Article 7 of KVKK g) To request that operations under (e) and (f) be notified to third parties to whom your personal data has been transferred h) To object to a result against you arising from the analysis of processed data exclusively through automated systems i) To claim compensation for damages arising from the unlawful processing of your personal data
7. Application Method
To exercise the above rights, you may apply to us through the following methods: Written Application: Kuzey Ege Makina San. ve Tic. Ltd. Sti. Icerenkoy Mah. Kurtulus Cad. Kalender Is Merkezi No: 2/4 34752 Atasehir - Istanbul Email Application: [email protected] Your applications will be concluded free of charge as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. If the process requires additional cost, the fee determined by the Personal Data Protection Board tariff may be charged.
8. Data Security Measures
Our company takes necessary technical and administrative measures to ensure an appropriate level of security in order to prevent unlawful processing of personal data, prevent unlawful access to data, and ensure data preservation. In this context: • SSL/TLS encryption protocols are used • Access authorizations are restricted and regularly audited • Firewall and intrusion detection systems are employed • Personal data is regularly backed up • Our employees are informed about personal data protection