Our Disclosure and Privacy Policy for Academic Staff and Employees

Pursuant to Law No. 6698 on the Protection of Personal Data ("Law No. 6698"), the Data Controller is Feyziye Mektepleri Foundation Işık University.

As Işık University, we are obliged to

a) Process data based on the relevant law and good faith,

b) Strive to ensure accuracy and currency,

c) Process data for specific, explicit, and legitimate purposes,

d) Be relevant, limited and proportionate to the purpose for which data are processed,

e) We have adopted the principle of retaining them for the period stipulated in the legislation or required for the purpose for which they are processed.

In line with our activities as Işık University, the private and general personal data of our academicians, employees / prospective employees, and interns are processed due to data responsibility obligations such as the establishment, protection, use of the right, our legal responsibility as data controller, the performance of the contract, in accordance with our legitimate interests and the corporate principles we have adopted, provided that it is deliberate and limited in line with the data processing conditions specified in Articles 5 and 6 of the Personal Data Protection Law No. 6698.

Based on this awareness, we pay great attention to the processing (storage, deletion, destruction, backup, etc.) of private and general personal data belonging to the academics, staff, and job applicants who apply for a job at Işık University in accordance with the Law No. 6698 on the Protection of Personal Data, the secondary regulations (regulations, announcements, circulars) that have been and will be put into force in accordance with the Law, and the binding decisions are taken and to be taken by the Personal Data Protection Board. 

The personal data that can be processed in the recruitment and subsequent business processes belonging to persons applying as academicians, employees or prospective employees are as follows, however, one or more of these data may be processed depending on the title of academician, employee, or prospective employee:

Identity Information: All identity information, nationality, marital status, place, and date of birth, T.R. identity number, gender, signature information, social security number

Contact Information: Data such as phone number, phone number of a backup person to contact, when necessary, address information, e-mail address

Education Information: Data such as certificate of graduation, education status, certificate, courses and seminars, foreign language knowledge, training and performance information during career, degree information, CV information

Financial Information: Data such as financial and salary details, bonus list, enforcement proceedings and debt information, bank information, minimum living allowance information

Visual Data: Photographs, camera recordings

Auditory Data: Audio recordings

Sensitive Personal Data: Disability status, health reports, health declaration document, pregnancy information, occupational disease records, employment examination form, daily patient complaints and records, blood type information, HES code, criminal record, information on legal proceedings, religion information in the identity card (previous),

Sensitive personal data are not processed without explicit consent.

Employment Data: Registration number, position name, unit, title, last date of employment, dates of employment, dates of employment and termination, insurance entry/pension, social security number, flexible working hours, travel status, courses given, number of working days and working performance data, assignment information in other educational institutions, national and international projects, academic publications, data on promotional activities, training, meetings, conferences attended and letters and certificates obtained from them, consultancy data, internet and internal access logs,

Leave Data: Leave seniority base date, leave seniority additional days, leave group, departure/return date, day, reason for leave,

Other: Data such as military service status, vehicle license plate, family notification, and parent information

Your collected personal data will be processed within the personal data processing conditions and objectives specified in Articles 5 and 6 of Law No. 6698 for the following purposes:

To evaluate your application requests that enable you to disclose your personal data to us, 

To conduct and finalize recruitment and other processes within the framework of the policies of the Human Resources Department of our organization and to contact you within this scope, 

To fulfill social, financial, and personal rights,

 To be able to keep the records required in accordance with the relevant legislation, 

To be able to carry out the necessary work so that real and/or legal persons (academicians, employees) who are affiliated with the University can benefit from the services provided by the University and/or units of the University, 

To carry out legal processes with the security of life and property of real and / or legal persons in the University and / or units affiliated with the University, 

To be able to conduct commercial transactions, 

To ensure occupational health and safety, 

To fulfill the legal and regulatory requirements arising / that may arise from all relevant laws and secondary regulations and to take the necessary measures in this context, 

To carry out the auditing and/or regulatory duties to be carried out by the authorized public institutions and organizations and professional organizations in public institutions, 

To manage the disciplinary investigation processes held / that may be held against academic and administrative staff, 

To provide health services to academic staff and staff at the university, 

To support academic staff and staff in career planning, monitoring their achievements, creating an academic network, benefiting from the studies, activities and organizations carried out under the umbrella of the university, 

To meet information and document requests by judicial bodies and/or administrative authorities, 

To be able to improve the products and services offered at the University and/or all units affiliated to the University, to increase satisfaction, to make the necessary changes in this context and to produce statistical and scientific information, 

To be able to contact directly through the communication channels shared with the University to conduct market research, promotion, and necessary information regarding products and services, and to evaluate complaints and suggestions, academic training, scientific research, seminars, etc. 

To process project applications, requests for participation in organizations, applications, transfers, etc. regarding the rights under the Law on Intellectual and Artistic Works and the Industrial Property Law,

To identify, develop and implement the legal compliance processes of the university's strategies, 

To ensure cooperation for educational and research purposes developed with similar institutions operating abroad, training programs, personnel exchanges, joint events and activities with the countries and country representative offices of international employees, 

To carry out support and precautionary activities for information processing and data security, listing, reporting, verification, analysis, and evaluations, generating statistical and scientific information, to analyze the way you use our website, mobile applications, and other communication channels and to make customized development for you,

To determine and implement the University's commercial and business strategies, market research and social responsibility activities, procurement operations, contract execution, managing emergency processes, ensuring physical security, 

To monitor and execute legal affairs, communication activities, logistics activities, performance evaluation activities, execution of financial and accounting affairs, and the security of data controller operations.

Your personal data collected by Işık University may be transferred to all relevant legal parties for which we are authorized, students, suppliers (insurance companies, financial institutions, catering, car rental, operator companies, etc.), legally authorized public institutions and private persons, limited to the purposes specified in Articles 5 and 6 of Law No. 6698. Within these limits, your personal data may be transferred for the purposes of planning and executing the human resources policies and processes of our organization, and carrying out the necessary operational activities by our business units to ensure that the activities carried out by our organization are carried out in accordance with the relevant legislation and corporate procedures. 

In addition, due to the lack of domestic and national equivalents of the platforms we use in parallel with distance education and examination activities, the storage and technical infrastructures of the relevant applications are mostly located abroad; therefore, if the platforms are used in education and exams, they are inevitably included in the scope of data transfer abroad.

The important factor in transferring data abroad is the provision of adequate protection. If adequate protection is not provided, countries that provide adequate protection according to the European Commission are preferred.

Your personal data may be collected verbally, in writing, or electronically in accordance with the processing conditions set out in Articles 5 and 6 of the Law in the following ways:

through direct and indirect interactions from all kinds of service points,

through the communication channels you reach us, application forms, websites and e-mails, mobile applications, forms, and minutes collected, your CV, application form and personality inventory form, promotion unit employees, promotion applications, health reports, health codes, Presidency Information Center, Student Selection and Placement Center, Citizenship Office, Council of Higher Education, Enlistment Office, and integrated systems of public institutions,

through university and course management systems, remote communication platforms, education and examination platforms, university and course management systems, remote communication platforms, educational software platforms, contracts, applications, audio, and video systems,

through interactions with domestic and foreign educational institutions arising from academic requirements, 

through cookies and similar channels used on computers during website visits, 

through registration units and other employees, administrative and academic units, secretariat, reception, security units, the university's domestic and international school and program partners and the companies from which it receives services.

As Işık University, we process your personal data collected in accordance with Law No. 2547 on Higher Education, Regulation on Foundation Higher Education Institutions, Higher Education Personnel Law No. 2914, Law No. 2809 on the Organization of Higher Education Institutions, Law No. 4483 on the Prosecution of Civil Servants and Other Public Officials, Law No. 5746 on Supporting Research and Development Activities, Distance Education Circular, Civil Servants Law No. 657, Vocational Education Law No. 3308, Labor Law No. 4857, Turkish Commercial Code No. 6102, Social Security and General Health Insurance Law No. 5510, Turkish Code of Obligations No. 6098, Law No. 6563 on the Regulation of Electronic Commerce, 30998 Regulation on Commercial Communication and Commercial Electronic Messages, Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed through These Publications, Occupational Health and Safety and Tax, within the framework of obligations and other relevant legislation, provided that they are evaluated and limited to the personal data processing conditions and purposes specified in Articles 5 and 6 of Law No. 6698.

As personal data owners, if you submit your requests regarding your rights to our institution through the methods set out in the Işık University Clarification Text, our institution will finalize the request free of charge within thirty days at the latest, depending on the nature of the request. However, if a fee is stipulated by the Personal Data Protection Board, the fee in the tariff determined by the Personal Data Protection Board will be charged by our institution. In this context, personal data owners have the following rights:

To learn whether personal data is processed or not,

To request information on whether their personal data has been processed,

To learn the purpose of processing personal data and whether they are used for their intended purpose,

To learn the third parties to whom personal data are transferred domestically or abroad,

To request correction of personal data that is incomplete or incorrectly processed, and to request that third parties to whom personal data has been transferred be notified of the correction made within this scope,

Although it has been processed in accordance with the provisions of Law No. 6698 and other relevant laws, in the event that the reasons requiring its processing end, to request the deletion or destruction of personal data and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,

To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,

In the case of damage due to unlawful processing of personal data, to demand compensation for the damage.

All necessary technical and administrative measures are taken for the security of all personal data collected by Işık University. Based on this, we take physical, technical, organizational and managerial measures against unauthorized access, misuse, disclosure or alteration in accordance with the requirements of the Personal Data Security Guide published by the Personal Data Protection Board, the Information and Communication Security Guide of the Presidency of the Republic of Turkey, ISO/IEC 27001 Information Security, ISO/IEC 27017 Cloud Services Information Security, ISO/IEC 27701 Privacy Information Management standards, and the European Union General Data Protection Regulation GDPR. 

1. The applicant can personally fill out the "Application Form" at the Işık University address and deliver it to our relevant central location with a handwritten report in a sealed envelope and a note "Request for Information in Pursuance of the Personal Data Protection Law" on the envelope.

2. The applicant may send a notification to the address of Işık University through a notary public, but the note "Request for Information Pursuant to the Personal Data Protection Law" must be added to the notification envelope.

3. With the "Secure Electronic Signature" defined in the Electronic Signature Law No. 5070, the applicant can personally apply to the Institution Registered Electronic Mail isikuniversitesi@hs01.kep.tra with the note "Information Request in Pursuance of the Personal Data Protection Law" in the subject line.

You can access our application form regarding your rights mentioned above here.

Changes to our Privacy Notice:

If we change our Privacy Notice, we will post the revised notice here, along with the updated revision date. If we make material changes to our Privacy Notice that would materially change our privacy practices, we may notify you before the changes become effective, such as by sending you an e-mail or by posting a notice on our corporate website and/or social media accounts.