Centre For Islamic Studies (İSAM) Privacy Statement

Dear Visitor!

ISAM would like to inform you within the scope of Personal Data Protection Law. 
Islamic Research Center (ISAM), affiliated organization with the Türkiye Religious Foundation , at Altunizade Mh. İcadiye Bağlarbaşı Cd. No: 38. Üsküdar/Istanbul, has the title of “Data Controller” within the scope of the Turkish Personal Data Protection Law No. 6698.
In accordance with the 10th article of the specified law, the Centre for Islamic Studies (İSAM) fulfills the obligation to inform individuals whose data is obtained with this information text. 
The processing of personal data includes all kinds of transactions carried out on the data, such as obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, classifying, or preventing the use of data.
İSAM collects personal data of individuals receiving services in accordance with the mandatory reasons specified in Article 5, clauses (e) and (f). The clauses (e) and (f) stipulates that "Data processing is necessary for the establishment, exercise or protection of any right,” and “Processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject”. Except for the e-mail announcement subscription service in which subscription can be done with explicit consent. The collected data is processed in physical and digital platforms.
İSAM ensures the security of data within the framework of the law and "being related, limited, and proportionate to the purpose for which they are processed" as specified in the law. This is done within the periods prescribed by the law and regulations. İSAM reserves the right to make changes to this text in order to comply with possible changes in the relevant laws and regulations or to clarify any points that may remain unclear. The protection of your personal data is of vital importance to us. We want to assure you that we will take all necessary measures in this regard and continue to maintain a high level of transparency.

A- Purpose of Processing Personal Data and its Transfer 
Your personal data obtained is processed by our relevant units in accordance with Law No. 6698 on the protection of personal data and relevant legislation for the purposes listed below: conducting studies, reporting, and statistical analysis; conducting the business process; ensuring the legal and commercial security of individuals with whom we have a business relationship; fulfilling the obligations of all kinds of services we provide to our visitors; ensuring the execution of Human Resources policies; conducting information communication and physical security processes. Within the framework of legal obligations arising from laws and regulations such as Tax Procedure Law, Social Security Institution Law, Labor Law, Occupational Health and Safety Law, and Environmental Management Regulation, your data may be transferred to authorized public institutions/agencies within the legal basis, legal regulations, and upon your consent.

B- Method of Collection of Your Personal Data
Your personal data is collected by the ISAM as data controller through various channels and legal grounds. It is collected through written documents/forms such as introduction forms, information forms, contact forms, other documents, and candidate application forms, either verbally, in writing, or electronically, in whole or in part, either automatically or as part of any non-automatic data recording system, depending on different legal grounds. These data will be processed within the conditions and purposes of personal data processing specified in Articles 5 and 6 of the Personal Data Protection Law. In cases where it is necessary, your personal data will only be processed if you give your explicit consent. However, in accordance with the conditions specified in the second clause of Article 5, your personal data may be processed without obtaining your explicit consent. The personal data collected by İSAM is processed based on the legal obligation of the data controller to fulfill its legal obligation and the legitimate interest of the data controller.

C- Measures Taken for the Security of Data Subjects' Personal Data
In accordance with Article 12 of the Law on the Turkish Data Protection Law No. 6698, necessary technical and administrative measures are taken by İSAM to ensure the security of personal data. These measures include preventing the unlawful processing of personal data, preventing unauthorized access to personal data, and ensuring the preservation of personal data.

D- Rights of Data Subjects
Personal Data Protection Law obliges the data controller to inform individuals whose data is collected about their rights. The rights of individuals are mentioned in Article 11 of the Law: 
a) Learning whether personal data is processed, 
b) Requesting information if personal data has been processed, 
c) Learning the purpose of processing personal data and whether they are used in accordance with their purpose, 
ç) Knowing the third parties to whom personal data are transferred, domestically or abroad, 
d) Requesting correction of personal data if it is incomplete or incorrectly processed, 
e) Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7, 
f) Requesting the notification of the transactions made pursuant to clauses (d) and (e) to third parties to whom personal data have been transferred, 
g) Objecting to the occurrence of a result against the individual by analyzing the processed data exclusively through automated systems, 
ğ) Requesting compensation for damages in case of damage due to the illegal processing of personal data.
Each person has the right to request to the data controller about him/her;
a) to learn whether his/her personal data are processed or not,
b) to demand for information as to if his/her personal data have been processed,
c) to learn the purpose of the processing of his/her personal data and whether these personal
data are used in compliance with the purpose,
ç) to know the third parties to whom his personal data are transferred in country or abroad,
d) to request the rectification of the incomplete or inaccurate data, if any,
e) to request the erasure or destruction of his/her personal data under the conditions referred to in Article 7,
f) to request reporting of the operations carried out pursuant to clauses (d) and (e) to third parties to whom his/her personal data have been transferred,
g) to object to the occurrence of a result against the person himself/herself by analyzing the data processed solely through automated systems,
ğ) to claim compensation for the damage arising from the unlawful processing of his/her personal data
As the data subject, you need to submit your rights requests to İSAM as data controller providing the necessary documents to identify your identity. In this context, to handle your requests efficiently and promptly within the framework of Article 11 of the Law, it is essential to utilize the "data subject information request form”. You can submit your application either via email or registered mail, along with the necessary documents that may be requested based on your specific inquiry and the required identification documents to verify your identity.

ISAM's policy on the collection areas, as well as the methods of collecting and processing this data, can be found in detail under the relevant headings in this text.

E.1. – The security of İSAM Campus 
İSAM records 24-hour audio and video footage within the İSAM Campus, in front of the guest parking lot, and around the outer door based on the mandatory reasons specified in the (c) and (f) clauses of Article 5 of the Personal Data Protection Law. These data, which are not shared with third parties without an official request, are stored by the relevant units of İSAM for specified periods.
İSAM also stores the identity information of non-library member visitors coming to the campus for the periods deemed necessary based on the legal obligation mentioned above. Additionally, entry and exit records of visitor cards as well as library member cards are kept within the periods stipulated in laws and regulations.

E.2. - İSAM Library Membership
İSAM processes the personal information of library members based on the requirements specified in the (c), (e), and (f) clauses of Article 5 of the Personal Data Protection Law. During library membership, information is provided about the processing of this data, and members are included in the email announcement network based on explicit consent. The data of the relevant persons are not shared with third parties.

E.3 - İSAM Education Unit Activities
İSAM processes personal data based on the conditions specified in the (c), (e), and (f) clauses of Article 5 of the Personal Data Protection Law for the training programs and scholarship programs it organizes. The collected data is limited to information necessary for the processing of activities and is not shared with third parties.

E.4 - İSAM Email Announcement Network
The mail newsletter subscription created to inform about İSAM activities is carried out based on explicit consent obtained during Library membership of İSAM.

E.5 - Website Cookies
İSAM's website (isam.org.tr) uses essential analytical cookies for operation and management. The collected data is processed for tracking website traffic as anonymous statistics.

F- Retention Period of Personal Data
Your personal data collected for the purpose of creating and tracking visitor records is processed within the periods stipulated by laws and regulations and is then destroyed, not stored. Data collected for the purpose of ensuring physical space security and viewing work accidents is stored for limited periods specified in regulations after the termination of the legal relationship. After the expiration of the period, your personal data will be deleted, destroyed, and/or anonymized by İSAM through methods within the scope of the Turkish Data Protection Law and relevant regulations. Except for data that must be processed by law, you can always withdraw your consent for the processing of personal data other than data processed by law.

Updated at February 29, 2024