HEALTH, SAFETY & SOCIAL, ENVIRONMENT POLICY
Akdeniz Demirkaya Senior Management, in all of its company operations covering corporate processes and projects undertaken that are carried out in the light of its vision to be one of the best, safest and innovative companies among the engineering and construction companies serving worldwide, and in line with its mission to design, build and deliver safe and incident-free construction projects with minimized environmental impact, is committed to establish, implement and continuously develop an effective occupational health, safety and environment management system in order to achieve health, safety and environment goals and targets, to ensure occupational health and safety leadership is demonstrated effectively throughout all levels within the organization, to ensure the sustainability of health and safety as well as the preservation of environment in the products and services it offers, to conduct business activities with risk based thinking approach, to ensure the prevention of occupational incidents and occupational illnesses, to provide safe working environment, to ensure root causes of all incidents are investigated and proper necessary actions are taken, to minimize the environmental impacts resulting from activities in accordance with relevant requirements, to ensure that the processes are carried out effectively, to ensure that the processes produce the expected results, to meet national and international health, safety and environment management requirements, to create an infrastructure for employee training and development in order to ensure the competency of its employees, and to meet the needs and expectations of its customers-employees and stakeholders.
The health & safety policy developed for this purpose will provide the following primary requirements:
1. Leadership & Commitment
Dedication to zero incident, environmental pollution, work-related illnesses, and social dispute
Keep health, safety, environment and social responsibility as a value
Ensure top-down HSSE commitment
Promote continual improvement
Ensure employee participation is achieved
Define and communicate roles and responsibilities
Allocate required resources
Ensure non-discriminatory and respectful working environment
Ensure safe working environment is provided
Being accountable for health, safety, environment, and social responsibility
Assess internal and external issues
Evaluate risks and opportunities
Comply with all applicable laws, regulations and requirements
Protect environment and affected communities
Appropriate planning to achieve objectives and KPIs
3. Risk Management
Maintain risk based thinking
Promote proactive approach
Identify, eliminate and minimize all hazards, risks, environmental and social impacts
Identify potential emergency and crises situations
Reduce risk of emergency
Execute work activities in complies with HSSE management systems
Use natural resources efficiently
Manage emergency situations, perform drills to test emergency response
Provide safe tools & equipment
Ensure correct documentation and effective reporting in place
Involve subcontractors into HSSE management system
Inform employees on HSSE policy
Provide HSSE trainings
Consult with employees regarding HSSE management systems
Foster HSSE awareness of employees
Implement behavioral H&S programs
6. Objective & Key Performance Indicators
Define smart HSSE targets based on applicable requirements, risk & opportunities and consultation with employees
Inform subcontractors about HSSE objectives and targets
Communicate and update HSSE targets appropriately
7. Monitoring & Review
Monitor HSSE KPIs and objectives
Assess compliance with HSSE management systems
Conduct management review regularly
Share lessons learned and best practices
Evaluate & monitor subcontractors HSSE performances
Improve HSSE management systems incorporating outputs of management review
8. Social Responsibility
Establish good relations with project affected communities & neighbors
Implement fair and transparent recruitment process
Ensure equal opportunities and worker welfare
Raising HSSE awareness in project affected communities
Akdeniz Demirkaya Senior Management, in all of its company operations covering corporate processes and projects undertaken that are carried out in the light of its vision to be one of the best and innovative companies among the engineering and construction companies serving worldwide, and in line with its mission to design, build and deliver safe, high-quality and cost-effective construction projects, is committed to establish, implement and continuously develop an effective quality management system in order to achieve the strategic goals of the company, to ensure the sustainability of the quality of the products and services it offers, to ensure work efficiency, to do the work good and correctly, to complete the works on time, on budget and on performance, to ensure that the processes are carried out effectively, to ensure that the processes produce the expected results, to meet international quality standards, to create an infrastructure for employee training and development, and to meet the needs and expectations of its customers-employees and stakeholders.
The Quality policy developed for this purpose will provide the following primary requirements:
1. Customer Focus & Feedback
Align with customer on requirements and metrics
Engage frequently with customer on quality performance
Respond quickly to customer concerns & ideas
Focus on enhancing customer satisfaction
Satisfy applicable requirements
2. Leadership & Management
Support individuals who identify quality issues
Maintain open environment
Provide resources needed for the QMS
Take accountability for the effectiveness of QMS
Promote the use of process approach and risk-based thinking
3. Pride & Empowerment
Quality not sacrificed for cost or schedule
Employees show pride in and have accountability for work quality
Employees empowered to report quality concerns and provide feedback
4. Processes & Procedures
Employ effective procedures, processes and training
Adherence to processes embedded in culture
Improve procedures in timely manner
Encourage feedback to improve processes
Continual improvement of QMS
5. Open Environment
Have a questioning attitude
Address issues in transparent manner
Pause/stop work encouraged if quality is questionable
Employees encouraged in identifying & resolving quality issues
6. Monitor & Communicate
Aggressively seek out and report problems
Resolve issues in timely manner
Monitor quality metrics
Share lessons learned, best practices to make them institutionalized
7. Knowledge & Sustainability
Protect and sustain organizational knowledge
Maintain the company culture
Value and protect Akdeniz Demirkaya assets
Address risks and opportunities that can affect QMS
Promote competency and career development
INFORMATION SECURITY Policy
The Information Security Management System (ISMS) was established to protect the confidentiality, integrity and accessibility of information within Akdeniz Demirkaya by applying asset and risk management processes and to assure the interested parties of managing the risks properly. ISMS is a part of Akdeniz Demirkaya’s corporate processes and general management structure. Information security processes were taken into consideration in the design and controls of information systems and scaled in accordance with Akdeniz Demirkaya’s needs.
Akdeniz Demirkaya has taken the ISO 27001: 2013 standard as reference in accordance with its scope of ISMS. This standard is used effectively in company processes to demonstrate the ability of Akdeniz Demirkaya to meet the information security requirements for the internal and external stakeholders. The Corporate Information Security Policy refers to the requirements, definitions, rules, practices, responsibilities and workflows that are prepared according to the related laws and standards based on the business requirements compatible with and supports Akdeniz Demirkaya corporate business objectives.
In this regard, Akdeniz Demirkaya Senior Management, in all of its company operations that are carried out in the light of its vision to be one of the best and innovative companies among the engineering and construction companies serving worldwide, and in line with its mission to design, build and deliver safe, high-quality and cost-effective construction projects, has made a commitment to ensure the security of the information of Akdeniz Demirkaya and its stakeholders, to protect information assets, to meet information security requirements and expectations within the scope of applicable requirements and international standards, to improve information security performance by systematically managing risks, to ensure infrastructure and operational security, and to assure that all employees will operate within the framework of the company information security policies and procedures.
The information security policy developed for this purpose will provide the following primary requirements:
1. Context of the Organization
Determine internal and external issues
Evaluate interested parties and external issues
Ensure compliance with legal and regulatory requirements and contractual obligations
2. Leadership & Management
Define information security objectives
Provide protection of corporate knowledge
Support continual improvement in information security
Establish the information security organization
Plan how to achieve information security objectives
Evaluate the effectiveness and risks of activities
Manage and take precautions to primary risks
Allocate the necessary resources for the establishment, implementation and continous improvement of the information security management system
Promote trainings for the development of competencies that may affect the information security performance
Raise the awareness of Akdeniz Demirkaya employees and stakeholders responsibility of information security management system (ISMS)
Provide management of documents and records containing corporate information
Ensure that the processes are performed as planned
Review the risks and controls as a result of the planned changes
Protect the information assets in both electronic and physixal environments
6. Assessment & Improvement
Monitor and measure the performance, adequact, conformity and efficiency of ISMS
Monitor, report and evaluate information security event
Perform regular audits
Build an ISMS structure which will not allow the recurrence of non-conformities
Perform the monitoring, measuring, evaluation and reviewing activities
Meet the requirements of ISO 27001 Standard
Please be advised that Akdeniz Demirkaya İnşaat ve Sanayi A.Ş., with its address at Balmumcu Mahallesi, Zincirlikuyu Yolu No. 10 Besiktas, 34349, Istanbul, Turkey, together with its subsidiaries, as detailed further at the end of this Privacy Notice (together “Akdeniz Demirkaya”) recognizes and respects your rights regarding usage of your personal data, and is committed to and does its best for the protection thereof.
For the purposes of applicable data protection and privacy laws, one or more of our Akdeniz Demirkaya entities is the data controller responsible for your personal information. For further information about this, please contact us using the details below.
Akdeniz Demirkaya is dedicated to protecting the confidentiality and privacy of information entrusted to us in accordance with the Turkish Personal Data Protection Law no. 6698, EU General Data Protection Regulation (GDPR), and UK Data Protection Act 2018 including its applied GDPR provisions (DPA 2018). Please read this Privacy Notice to learn about your rights, what information we collect, how we use and protect it.
This website is operated by and on behalf of Akdeniz Demirkaya İnşaat ve Sanayi A.Ş., a Turkish entity, including a UK limited liability partnership, its affiliates, divisions, business units and subsidiaries.
1. Who we are
Akdeniz Demirkaya İnşaat ve Sanayi A.Ş. is a global engineering and construction firm headquartered in Istanbul, Turkey. Since 1957, Akdeniz Demirkaya has been providing comprehensive services in design and engineering, procurement, construction, commissioning, operation, maintenance and project management phases of all sorts of construction projects in Turkey and around the world with its human resources of more than 20,000. Akdeniz Demirkaya provides services through its subsidiaries in the following main areas:
Engineering & Construction
2. How do we collect personal data?
Directly: We may obtain personal data directly from individuals in a variety of ways, including obtaining personal data from individuals who provide us with their business card(s), complete our online forms, upload information to our Website, contact us, subscribe to our newsletters, provide us with feedback, register for webinars, attend meetings or events we host, visit our offices or for recruitment purposes. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract, or through our hosted software applications.
Indirectly: We may obtain personal data indirectly about individuals from a variety of sources, including recruitment services, credit reference agencies, customer due diligence providers, analytics providers, subscription and business card(s). We may use such personal data to better serve our subscribers and individuals, satisfy a legal obligation, or pursue our legitimate interests.
Automated technologies or interactions: As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns. You are allowed to manage and limit the cookies we collect on our Website. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
3. What categories of personal data do we collect?
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). A data subject is the individual who the personal data relates to.
We may obtain the following categories of personal data about individuals through direct interactions with us, or from information provided through client engagements, from applicants, our suppliers and through other situations including those described in this Privacy Notice.
Personal data: Here is a list of personal data we commonly collect to conduct our business activities.
Contact details (e.g., name, company name, job title, work and mobile telephone numbers, email and postal addresses, IP address).
Internet (e.g., browsing history, search history, and information regarding your interaction with our Website).
Professional details (e.g., job and career history, educational background and professional memberships).
Family and beneficiary details for insurance and salary planning services (e.g., names and dates of birth).
Financial information (e.g., taxes, bank details).
Transaction data, including details about products and/or services that you have purchased from us.
CCTV at our offices or jobsites may collect images of visitors. Our policy is to automatically overwrite CCTV footage within thirty (30) days.
Marketing and communications information, including your preferences in receiving marketing from us.
Sensitive personal data (or ‘special category’ personal data): We typically do not collect sensitive or special categories of personal data about individuals other than our own employees. In some circumstances it is necessary for Akdeniz Demirkaya to process sensitive personal data of our employees and other third parties. Other than where such personal data is disclosed by the individual themselves, or we have the individual’s explicit consent, such processing would only be undertaken as necessary for Akdeniz Demirkaya to exercise its rights and obligations as an employer (including for occupational health purposes), protect the vital interests of individuals, establish or defend legal claims or with the explicit consent of the individual(s) concerned. Examples of sensitive personal data we may obtain, or otherwise hold, include:
Personal identification documents that may reveal race, religion or ethnic origin, possibly biometric data of private individuals, beneficial owners of corporate entities, or applicants.
Adverse information about potential or existing applicants that may reveal criminal convictions or offences information.
Health data where the processing is necessary to monitor entry into workplace and provide a safe environment for our staff, clients and suppliers.
Child data: This website is not intended for children and Akdeniz Demirkaya does not intend to collect any personal data of any users below 18 years of age.
Location-based data: We may process geographical locations you enter when seeking an office near you.
Technical and Usage data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Website. Usage data includes information about how you use our Website, products and services.
4. What lawful reasons do we have for processing personal data?
We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our products and services:
Contract: We may process personal data in order to perform our contractual obligations owed to (or to enter into a contract with) the relevant individuals.
Consent: We may rely on your freely given consent at the time you provided your personal data to us.
Legitimate interests: We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced and your interests and fundamental rights do not override those interests. These may include: managing and developing our relationship with you and the organization that you represent, protecting the security and integrity of our premises, Website and other information technology systems (including protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity), responding to and communicating with you about your requests, questions and comments, operating, evaluating and improving our business, comply with our corporate and corporate social responsibility commitments.
Legal obligations: We may process personal data in order to meet our legal and regulatory obligations or mandates. Also, for protecting ourselves and our employees and business counterparties against fraud and other criminal activity, and co-operating with law enforcement and other regulatory agencies.
Public interest: We may process personal data in order to perform a specific task in the public interest or in the exercise of official authority vested in us.
Vital interests: We may process personal data to protect the vital interests of the individual or another natural person.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Akdeniz Demirkaya does not trade, sell or rent personal data but may collect or provide aggregate statistics about its Website and their users to other parties who do not provide services directly to Akdeniz Demirkaya.
5. Why do we need personal data?
Please be assured that Akdeniz Demirkaya will act responsibly and with due diligence in handling any data and information about yourself either given by you to us or made available to and collected by us on the occasion of your visit to our Website. You should also be advised that any data and information made available to and collected by Akdeniz Demirkaya on the occasion of your visit to its Website, may be stored, processed or transferred by it for the purpose of:
protecting the rights, titles and security of Akdeniz Demirkaya or of any third parties;
complying with legal or regulatory obligations;
collecting and/or providing statistical bulk data and information about the Website or the visitors or users thereof;
sharing news bulletins and financial reports of Akdeniz Demirkaya.
However, Akdeniz Demirkaya is committed not to use, or sell or lease to third persons, your personal data for commercial purposes without your explicit consent.
In addition to the information above, please be also advised that visitors of the Akdeniz Demirkaya Website are required, for accessing financial news bulletins of the Company or for forwarding their general wishes and demands to authorized company representatives, to enter their forenames, surnames and e-mail addresses into the electronic form on the relevant web page.
We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes:
Providing our products and services to you and for customer service-related purposes.
Administering, maintaining and ensuring the security and efficiency of our information systems, applications and Website.
Complying with legal and regulatory obligations relating to anti-money laundering, terrorist financing, fraud and other forms of financial crime.
Carrying out our duties described under Legitimate Interests given above.
Compiling health and safety data (directly or indirectly) following an incident or accident. Indirect data can take many forms including an incident report, first aider report, witness statements and CCTV footage.
Collecting health data to assess, monitor and control spread of infectious diseases and to provide a safe environment for our employees, clients and suppliers.
We ask visitors to our regional offices to show some form of ID, but this will not be recorded anywhere and is purely for ID verification.
You may receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.
We may use your personal data to send you updates (by email, text message, telephone or post) about our products and services, including exclusive offers, promotions or new products and services.
You have the right to opt out of receiving marketing communications at any time. Please contact us if you wish to do so.
7. Do we share personal data with third parties?
We store personal data on servers located in Antalya, Turkey.
We will not share your information with any third parties for the purposes of direct marketing. Akdeniz Demirkaya entities may share your personal information between themselves, and they may disclose your personal information to technology and other service providers, including professional advisors, who hold and process the information on their behalf. Each organisation is required to safeguard personal data in accordance with our contractual obligations and data protection legislation.
Akdeniz Demirkaya may also disclose your personal information if it has a good faith belief that this is necessary for the legal and compliance purposes set out above. For these purposes, we may, for example, disclose information about you to courts and litigation counterparties, insurers, the police and other competent governmental authorities.
We only allow third parties to handle your personal data if we are satisfied they take appropriate measures to protect it. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
In any scenario, we will satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
We may also need to share personal data with external auditors to ensure compliance with legal and regulatory requirements, with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations and with potential buyers of some or all of our business or during a restructuring.
8. Do we transfer your personal data outside the UK or European Economic Area (EEA)?
If your personal information is collected or processed by an Akdeniz Demirkaya entity within the European Economic Area (the “EEA”) or the United Kingdom (the “UK”), you should be aware that the disclosures described above may include transfers of your personal information to recipients outside the EEA or the UK, including recipients in countries (such as the Turkey). Personal information transferred to Akdeniz Demirkaya entities in the Turkey is protected by the Turkish Personal Data Protection Law no. 6698, which was developed in accordance with the GDPR. Where your personal information is transferred to other Akdeniz Demirkaya entities, or to third party service providers, in countries without strict data privacy laws, the information will be protected by data transfer agreements in the appropriate form approved for this purpose by the European Commission.
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data may involve a transfer of data outside the EEA.
By law, we may not place cookies on your computer without your consent, unless they are strictly necessary to the operation of the service that we provide on the Website.
We use Google Analytics to monitor how our Website is being used so we can make improvements. Our use of Google Analytics requires us to pass to Google your IP address (but no other information) – Google uses this information to prepare site usage reports for us, but Google may also share this information with other Google services. In particular, Google may use the data collected to contextualize and personalise the ads of its own advertising network. Related information:
If you have any queries about the cookies that we use, or would like more information, please contact email@example.com.
10. What are your data protection rights?
If you would like to exercise your Data Subject Rights, you can email firstname.lastname@example.org. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.
- Access: You can ask us to verify whether we are processing personal data about you, and if so, to provide more specific information.
- Correction: You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.
- Erasure: You can ask us to erase (delete) your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected.
- Processing restrictions: You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
- Data portability: In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another company if is technically feasible.
- Right to withdraw consent: You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.
If you would like to exercise any of these rights, please contact us, providing enough information to identify yourself and letting us know which right you would like to exercise and the information to which your request relates.
11. What about personal data security?
We have put appropriate technical and organisational security policies and procedures in place to protect personal data (including sensitive personal data) from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We may apply pseudonymisation, de-identification and anonymisation techniques in efforts to further protect personal data.
If you have access to parts of our Website or use our services, you remain responsible for keeping your user ID and password confidential. Please be aware that the transmission of data via the Internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee the security of your data transmitted to our site; any transmission is at your own risk.
12. How long do we retain personal data?
We retain personal data to provide our services, stay in contact with you and to comply with applicable laws, regulations and professional obligations that we are subject to.
We will hold your personal data on our systems for the longest of the following periods: (i) as long as is necessary for the relevant activity or services; (ii) any retention period that is required by law; (iii) the end of the period in which litigation or investigations might arise in respect of the services.
Unless a different time frame applies as a result of business need or specific legal, regulatory or contractual requirements, where we retain personal data in accordance with these purposes, we retain such personal data for ten (10) years.
13. Do we link to other websites?
14. Who can you contact for privacy questions or concerns?
If you have questions or comments about this Privacy Notice or how we handle personal data, please direct your correspondence to: Akdeniz Demirkaya İnşaat ve Sanayi A.Ş., Data Privacy Office, Avsallar Mahallesi, Zafer Caddesi, 07410 Alanya, Antalya, Turkey or email email@example.com. We aim to respond within 30 days from the date we receive privacy-related communications.
15. Do we change this Privacy Notice?
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.