Privacy Policy

As the Humanitarian Relief Foundation (IHH), the protection of personal data and the security of information assets obtained within the scope of our humanitarian activities are of great importance to us. This privacy policy explains our approach to protecting your personal data and ensuring information security.

1. Data Controller

In accordance with the Law on the Protection of Personal Data No. 6698 (KVKK), the data controller is the IHH Humanitarian Relief Foundation. The Foundation is registered with the Istanbul 1st Regional Directorate under registration number 3772. Headquarters address: Büyük Karaman Cad. Taylasan Sk. No:3 34083 Fatih / Istanbul.

2. Purposes of Processing Personal Data

Your personal data is processed by IHH for the execution of humanitarian aid activities, fulfillment of legal obligations, management of donor and volunteer processes, providing support to beneficiaries, planning educational and health projects, ensuring security processes, and compliance with relevant legislation.

3. Transfer of Personal Data

Your personal data may be transferred, only to the extent permitted by law, to competent public authorities, judicial and administrative authorities, law enforcement agencies, business partners, consultancy and IT service providers, and national or international organizations with which we cooperate in humanitarian aid activities.

4. Methods of Collecting Personal Data

Data is collected through donation forms, volunteer registrations, contracts, electronic forms, emails, telephone, surveillance systems, log records, and other written, verbal, or electronic methods.

5. Categories of Processed Data

Donors: Identity, contact, financial information, log records
Volunteers: Identity, contact, health information, education and work experience, criminal record
Beneficiaries: Identity, contact, family information, health data, legal documents
Supplier representatives: Identity, contact, financial and tax data
Visitors: Identity, entry-exit records, security camera recordings

6. Our Information Security Policy

IHH manages information security in compliance with the ISO/IEC 27001:2022 Information Security Management System. In this context:

The confidentiality, integrity, and availability of personal and institutional data are protected.
Technical and administrative measures are taken against unauthorized access.
Risks related to information assets are systematically managed.
Employees and volunteers are regularly trained to increase awareness.
Processes are continuously improved.

7. Rights of Data Subjects

Under the KVKK, data subjects have the following rights:

Learn whether their data is processed,
Request information on the purpose of processing,
Request correction if incomplete or inaccurate,
Request deletion or destruction,
Learn the third parties to whom data has been transferred,
Object to results arising against them from automated processing,
Request compensation for damages due to unlawful processing.

8. Application Methods

You may exercise your rights by applying to IHH through the following methods:

By submitting a signed petition to Büyük Karaman Cad. Taylasan Sk. No:3 34083 Fatih / Istanbul,
Via registered electronic mail (KEP) to insani@hs01.kep.tr,
By filling in the form available at ihh.org.tr.

Applications are answered within 30 days at the latest. If an additional cost arises, the fee schedule determined by the Personal Data Protection Board will apply.

9. Updates

IHH reserves the right to update this privacy policy in line with applicable legislation and information security requirements. Updates will take effect as of the date they are published on our website.