.png)
Home
PDPL Policy
PDPL Policy
- About
- Products
&
Solutions
Hevi AI offers revolutionary artificial intelligence-based solutions in the healthcare sector. Our product range includes specially designed systems such as hStroke, hProstate, hChestX and hBreastMMG. Each contributes to enhancing medical imaging and diagnostic processes, aiding in achieving faster and more accurate results.
- News Book a Demo
- About
-
Product & Solutions
Hevi.ai offers revolutionary artificial intelligence-based solutions in the healthcare sector. Our product range includes specially designed systems such as hStroke, hProstate, hChestX and hBreastMMG. Each contributes to enhancing medical imaging and diagnostic processes, aiding in achieving faster and more accurate results.
- News
- Book a Demo
PDPL Policy
Document Name: Personal Data Protection and Processing Policy of HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ
Target Audience: All natural persons other than the employees of HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ whose personal data are processed by HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ
Prepared by: Personal Data Protection Committee of HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ
Version: 1.0
Approved by: It is approved by HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ.
Effective Date: 23.08.2022
In case of any discrepancy between the prepared version of the Personal Data Protection and Processing Policy of HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ in Turkish and its translation in any foreign language, the Turkish text shall be taken into consideration
© HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ
This document may not be reproduced or distributed without the written permission of the HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ.
PERSONAL DATA PROTECTION AND PROCESSING POLICY OF HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ
1. INTRODUCTION
HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ (HEVI AI) attaches importance to the protection of personal data and considers it among its priorities. HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ’s Personal Data Protection and Processing Policy (Policy) explains the basic principles adopted for HEVI AI's compliance with the personal data processing principles regulated by the Personal Data Protection Law No. 6698 (Law). In accordance with these principles, HEVI AI provides the necessary transparency by informing personal data owners. Personal data are processed and protected in line with the procedures and principles of the Policy, with the high-level responsibility and awareness of HEVI AI.
1.1. Purpose
This policy is intended to be harmonized with the HEVI AI Act and effectively implemented in its activities. The following "ANNEX 1 - Personal Data Processing Objectives" will require all administrative and technical measures to be taken by HEVI AI for the processing and protection of personal data, necessary internal procedures to be established, and all training needed for raising awareness. All measures necessary for stakeholders, officials, employees and partners to comply with the Code procedures will be taken and appropriate and effective control mechanisms will be established.
1.2. Scope
All personal data that is automatically processed by people other than HEVI AI workers or via non-automatic means that are part of any data recording system are covered by the Policy. Information on individual data holders is counted in the Policy supplement "ANNEX 2 - Personal Data Holders".
HEVI AI operates the personal data protection of employees through HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ 's Employees Personal Data Protection and Processing Policy, as defined by policy guidelines
1.3. Basis
The applicable legislation on the processing and protection of personal data of the HEVI AI will apply the corresponding Policy in accordance with these regulations. In the event of a mismatch between the applicable legislation and the Policy, the applicable legislation is applied. The regulations foreseen by the relevant legislation are transformed into policy and HEVI AI practices.
1.4. Definitions
RELEVANT PERSON
Persons who process personal data within the organization of the data controller or in accordance with the authorization and instruction received from the data controller, except for the person or unit responsible for the technical storage, placement and backup of the data.
DISPOSAL
Deletion, destruction or anonymization of personal data.
RECORDING MEDIUM
Any medium containing personal data that is fully or partially automated or processed by non-automated means, provided that it is part of any data recording system.
PERSONAL DATA
Any information relating to an identified or identifiable natural person.
PROCESSING OF PERSONAL DATA
Any operation performed on personal data such as obtaining, recording, storing, retaining, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data by fully or partially automatic means or by non-automatic means provided that it is part of any data recording system.
ANONYMIZATION OF PERSONAL DATA
Making personal data impossible to be associated with an identified or identifiable natural person under any circumstances, even by matching with other data.
DELETION OF PERSONAL DATA
Making personal data inaccessible and non-reusable in any way for the Relevant Users.
DISPOSABLE OF PERSONAL DATA
The process of making personal data inaccessible, non-retrievable and non-reusable by anyone in any way.
BOARD
Personal Data Protection Board
SENSITIVE PERSONAL DATA
Data on race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership to foundations or trade unions, health, sexual life, criminal conviction and security measures, and biometric and genetic data.
PERIODICAL DISPOSAL
In the event that all of the conditions for processing personal data specified in the Law disappear, the deletion, destruction or anonymization process to be carried out ex officio at recurring intervals specified in the personal data retention and destruction policy.
DATA OWNER/CONCERNED
The real person whose personal data is processed.
DATA RESPONSIBLE
The natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.
2. PERSONAL DATA PROTECTION ISSUES
2.1. Ensuring the Security of Personal Data
HEVI AI takes the necessary measures envisioned in Article 12 of the Law to prevent unlawful disclosure, access, transfer of personal data, or other forms of security problems. HEVI AI is conducting audits and taking measures to ensure the necessary level of personal data security in accordance with the guidelines published by the Personal Data Protection Council.
2.2. Protection of Sensitive Personal Data
Measures taken for the protection of data on race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership of associations, foundations or trade unions, health, sexual life, criminal convictions, security measures and biometric and genetic data of individuals, which are of private nature, are carefully implemented and necessary audits are carried out.
Detailed information on the processing of sensitive personal data is provided in Article 3.3 of the Policy.
2.3. Raising Awareness on Protection and Processing of Personal Data
HEVI AI provides the training needed to develop the awareness of legal processing, accessing personal data, protecting data and using rights.
HEVI AI creates the necessary business processes, providing assistance from consultants if needed in order to raise employee awareness of personal data protection. The outcome of implementation shortfalls and training is evaluated by HEVI AI management. Further training can be conducted if changes to the legislation governing this assessment are needed.
3. PERSONAL DATA PROCESSING
3.1. Processing Personal Data in Compliance with the Legislation
Personal data is processed in accordance with the legislation in line with the following principles
i. Processing in accordance with the Law and Good Faith
HEVI AI processes personal data to the extent required by its business activities, limited to these, in a manner that does not harm the fundamental rights and freedoms of individuals, in accordance with the general rule of trust and honesty.
ii. Ensuring that Personal Data is Up-to-Date and Accurate
HEVI AI takes necessary measures and operates systems to keep the personal data it processes up-to-date and accurate.
iii. Processing for Specific, Explicit and Legitimate Purposes
HEVI AI processes personal data for the identified and described legitimate purposes in the course of its business activities.
iv. Being relevant, limited and proportionate to the purpose for which they are processed
HEVI AI collects personal data to the extent and quality required by its business activities, and processes it limited to the specified purposes.
v. Storage for as Long as Necessary
HEVI AI retains personal data for the minimum period stipulated in the relevant legislation and required for the purpose of processing. First of all, if a period of time is stipulated in the relevant legislation for the retention of personal data, HEVI AI keeps personal data for this period; if not, personal data are kept for the period required for the purpose for which they are processed. At the end of the retention periods, personal data are destroyed by appropriate methods (erasure, destruction or anonymization) in accordance with periodic destruction periods or data subject application.
3.2. Terms of Processing of Personal Data
Personal data may be processed based on only one or more of the following conditions except for the explicit consent of the personal data owner. The processing of sensitive personal data is based on the conditions regulated in Article 3.3 of the Policy (Processing of Sensitive Personal Data).
i. Explicit Consent of the Personal Data Owner
Processing of personal data is done with the explicit consent of the data subject. Explicit consent of the personal data owner: It is realized by informing thereto on a specific subject and obtaining date owner’s free will. Personal data may be processed without the explicit consent of the data subject if any of the following conditions are met.
a. Explicitly Regulated in Laws
Personal data may be processed without the consent of the data subject if there is a clear regulation on the processing of personal data in the laws.
b. Failure to Obtain the Explicit Consent of the Relevant Person Due to Actual Impossibility
The personal data of the data subject may be processed if it is mandatory to process the personal data of the person who is unable to disclose his consent due to actual impossibility or whose consent cannot be recognized as valid, in order to protect his or another person's life or physical integrity.
c. Direct Relevance to the Establishment or Performance of the Contract
If the processing of personal data is directly related to the establishment or execution of a contract to which the data owner is a party, then the personal data of the data owner may be processed on the condition that the data is.
d. HEVI AI's Fulfillment of its Legal Obligation
HEVI AI may process the personal data of the data subject if personal data processing is necessary to fulfill its legal obligations.
e. Publicization of Personal Data by the Personal Data Owner
Personal data of data subjects who publicize their personal data may be processed limited to the purpose of publicization.
f. Mandatory Data Processing for the Establishment or Protection of a Right
If data processing is mandatory for the establishment, exercise or protection of a right, the personal data of the data subject may be processed.
g. Mandatory Data Processing for the Legitimate Interest of HEVI AI
The personal data of the data owner may be processed if data processing is mandatory for the legitimate interests of HEVI AI, provided that it does not harm the fundamental rights and freedoms of the personal data owner.
3.3. Processing of Sensitive Categories of Personal Data
HEVI AI processes sensitive categories of personal data in accordance with the principles set out in the Law and the Policy, by taking all necessary administrative and technical measures with the methods to be determined by the Board, under the following conditions:
i. Sensitive personal data other than health and sexual life may be processed without the explicit consent of the data subject if there is an explicit provision in the laws regarding the processing. Explicit consent of the data subject shall be obtained in cases not explicitly stipulated in the laws.
ii. Sensitive personal data relating to health and sexual life may be processed by persons or authorized institutions and organizations under the obligation of confidentiality: for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, without seeking the explicit consent of the data subject. Otherwise, the explicit consent of the data subject shall be obtained.
3.4. Enlightening the Personal Data Owner
HEVI AI informs personal data subjects in accordance with the relevant legislation about the purposes for which their personal data is processed, with whom it is shared for what purposes, with whom it is shared, by what methods it is collected, its legal reason and the rights of data subjects in the processing of their personal data.
3.5. Transferring Personal Data
HEVI AI may transfer personal data and sensitive personal data to third parties (third party companies, group companies, third real persons) in accordance with the purposes of personal data processing, by taking the necessary security measures, in accordance with the law. HEVI AI performs the operations in accordance with the document "ANNEX 4- Third Parties to whom Personal Data are Transferred and the Purposes of Transfer" attached to the Policy in order to carry out AI transfer operations in accordance with the regulations stipulated in Article 8 of the Law.
i. Transferring Personal Data
Although the explicit consent of the personal data owner is required for the transfer of personal data, personal data may be transferred to third parties by taking all necessary security measures, including the methods stipulated by the Board, based on one or more of the following conditions.
a. Clearly stipulated in the laws,
b. Directly related to and necessary for the conclusion or performance of a contract,
c. Being necessary for HEVI AI to fulfill its legal obligation,
d. Limited for the purpose of publicizing, provided that the personal data have been made public by the data owner,
e. Being mandatory for the establishment, exercise or protection of the rights of HEVI AI or the data subject or third parties,
f. Being obligatory for the provision of HEVI AI legitimate interests, provided that it does not harm the fundamental rights and freedoms of the data subject,
g. Being obligatory for the protection of the life or bodily integrity of the person who is unable to disclose person’s consent due to actual impossibility or whose consent is not legally valid.
Personal data subject to any of the above-mentioned conditions may be transferred to foreign countries declared by the Board to have adequate protection as "Foreign Country with Adequate Protection". Personal data may be transferred to data controllers in Turkey and foreign countries where there is no adequate protection to those in the status of "Foreign Country Where the Data Controller Committed to Adequate Protection" who undertake an adequate protection in writing and have the permission of the Board, according to the conditions stipulated in the legislation.
ii. Transfer of Sensitive Personal Data
Sensitive personal data may be transferred under the following conditions by taking all necessary administrative and technical measures, including the methods to be determined by the Board, in accordance with the principles set out in the Policy:
a. Sensitive personal data other than health and sexual life, in the event that there is an explicit provision in the laws regarding the processing of personal data, without seeking the explicit consent of the data subject, otherwise in the event that the explicit consent of the data subject is obtained.
b. Sensitive personal data related to health and sexual life, for the protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing, without seeking explicit consent by persons or authorized institutions and organizations under the obligation of confidentiality, otherwise, if the explicit consent of the data subject is obtained.
Personal data may be transferred to those in the status of "Foreign Country with Adequate Protection" in the presence of any of the above conditions, in the absence of adequate protection, personal data may be transferred to those in the status of "Foreign Country where the Data Controller Committed to Adequate Protection" according to the data transfer conditions regulated in the legislation.
4. CATEGORIZATION OF PROCESSED PERSONAL DATA AND PURPOSES OF PROCESSING
The purpose of HEVI AI in processing personal data is to inform the relevant persons in accordance with Article 10 of the Law and other legislation, based on and limited to at least one of the personal data processing conditions specified in Articles 5 and 6 of the Law, in accordance with the general principles set out in the Law, in particular the principles set out in Article 4 of the Law regarding the processing of personal data.
HEVI AI processes personal data of shareholders and officials to fulfill legal obligations arising from the Turkish Trade Code, Tax Procedure Law, Business Law and related miscellaneous legislation.
HEVI records the data of those who carry out activities with AI in order to ensure that they act in accordance with the specified rules, to ensure performance in accordance with the contract in case of breach of obligations, to draw notices, to apply for enforcement and litigation remedies and to take other measures. Personal data of the branches are obtained through lease agreements, addendums, additional agreements, protocols, e-mail correspondence.
HEVI AI records the information of suppliers who provide goods/services to HEVI AI in order to check whether they fulfill their responsibilities and to ensure the order of activities. Personal data of suppliers are obtained through e-mails sent and received as a result of communication with them, phone calls, business cards and website information.
HEVI AI requests and processes the personal data of its employees and candidate employees in order to complete the mandatory documents to be included in the personnel file of the persons within the scope of the applicable Labor Law, Occupational Health and Safety Law in order to make the SSI registration. This personal data is obtained through the curriculum vitae they submit with their explicit consent during the recruitment and job application phase, job application forms, resume viewing methods offered by human resources software programs (such as Kariyer.net, LinkedIn) that provide candidate pool services, and the answers they give to the questions asked to them during the interview and answered with their consent. HEVI AI requests and processes personal data from natural persons who apply for a job in order to communicate with the person for interview purposes during the recruitment process and to determine whether the qualifications and experience of the person during the interview are compatible with the open position to be recruited. The personal data mentioned hereinabove are obtained by the applicants sending their resumes to the human resources department with their own explicit consent, answering the questions asked during the interview with their own consent, or by resume viewing methods offered by human resources software programs (such as Kariyer.net, LinkedIn) that provide advertisement publishing and candidate pool services.
HEVI AI records the data of employees and authorized natural persons of the business partners with whom it cooperates within the framework of the purposes for which the business partnership was established.
The Supplier records personal data for the purpose of providing goods/services necessary to fulfill HEVI AI's commercial activities and for the purpose of supervision. This personal data is obtained from signed contracts, invoices sent, device delivery records, e-mail correspondence, telephone and other means of communication and business cards.
Detailed information on the categories of personal data processed is provided in the document "Annex 3- Personal Data Categories" attached to the Policy; detailed information on the purposes of personal data processing is provided in the document "Annex 1- Purposes of Personal Data Processing" attached to the Policy.
Hevi AI has developed the hStroke branded product that enables early diagnosis of patients with stroke, cerebral hemorrhage, cerebral vascular occlusion in emergency conditions in hospitals by triaging them with medical imaging.
5. MEASURES TAKEN FOR THE PROTECTION OF PERSONAL DATA
HEVI AI takes the necessary technical and administrative measures to ensure the appropriate level of security in order to prevent unlawful processing of the personal data it processes, to prevent unlawful access to the data and to ensure the preservation of the data, and to carry out or have the necessary audits carried out within this scope in accordance with the conditions specified in the Law.
In the event that the processed personal data is illegally obtained by third parties, although all technical and administrative measures have been taken, HEVI AI will notify the relevant units as soon as possible.
5.1. Technical Measures
i. Technical measures are taken in accordance with the developments in technology, and the measures taken are periodically updated and renewed.
ii. Access and authorization technical solutions are implemented in accordance with the legal compliance requirements determined on a business unit basis.
iii. Access authorizations are limited and authorizations are regularly reviewed.
iv. The technical measures taken are periodically checked, issues that pose a risk are re-evaluated and necessary technological solutions are produced.
v. Software and hardware including virus protection systems and firewalls are installed.
vi. Technically knowledgeable personnel are employed and system vulnerabilities are controlled.
vii. Security scans are regularly conducted to identify security vulnerabilities in applications where personal data is collected. It is ensured that the vulnerabilities found are closed
viii. It is ensured that personal data is destroyed in a way that cannot be recycled and leaves no audit trail.
ix. Personal data is kept encrypted.
x. Communication between systems is encrypted end to end.
xi. Requests to the systems are recorded and anomaly situations are monitored.
5.2. Administrative Measures
i. Employees are trained on the technical measures to be taken to prevent unlawful access to personal data.
ii. Employees are trained on the Law.
iii. Personal data access and authorization processes are designed and implemented within HEVI AI in accordance with the legal compliance requirements for processing personal data on a business unit basis.
iv. HEVI AI has added records to all kinds of documents that regulate the relationship between HEVI AI and its personnel and contain personal data that the obligations stipulated by the Law for the lawful processing of personal data must be complied with, personal data must not be disclosed, personal data must not be used unlawfully, and the confidentiality obligation regarding personal data continues even after the termination of the employment contract with HEVI AI, and the failure of the personnel to comply with these obligations requires the application of sanctions that may lead to the termination of the employment contract
v. Employees are informed that they cannot disclose the personal data they have learned to anyone else in violation of the provisions of the Law and cannot use them for purposes other than processing, and that this obligation will continue after their resignation and necessary commitments are obtained from them in this direction.
vi. Provisions are added that the persons to whom personal data are transferred will take the necessary security measures to protect personal data and ensure that these measures are complied with in their own organizations to the contracts concluded by HEVI AI with the persons to whom personal data are transferred in accordance with the law;
vii. In the event that the processed personal data is obtained by others through unlawful means, HEVI AI shall notify the relevant person and the Board as soon as possible.
viii. HEVI AI employs personnel who are knowledgeable and experienced in the processing of personal data and provides its personnel with the necessary training within the scope of personal data protection legislation and data security.
ix. HEVI AI shall conduct and have conducted the necessary audits to ensure the implementation of the provisions of the Law within its legal entity. It eliminates the confidentiality and security weaknesses revealed as a result of the audits.
x. HEVI AI, in third parties to whom it transfers personal data, is responsible under Article 12 of the Law for fulfilling its obligations to lawfully process and retain data and to lawfully access data in accordance with the provisions of the Policy and the Law. Therefore, HEVI AI must obtain commitments that include ensuring these conditions in contracts and all kinds of arrangements to be made when transferring data to third parties and authorizing it to conduct audits. Again, HEVI AI must specifically inform all its personnel about the responsibilities arising from the processes of transferring personal data to third parties.
6. STORAGE AND DISPOSAL OF PERSONAL DATA
HEVI AI retains personal data for the period required for the purpose of processing and for the minimum period stipulated in the relevant legislation. HEVI AI primarily stores personal data in accordance with this period if a period is determined in the relevant legislation; If no legal period is stipulated, it stores personal data for the period required for the purpose of processing personal data. Personal data are destroyed at the end of the specified retention periods, in accordance with the periodic disposal periods or the data owner's application, by the specified method (deletion, destruction or anonymization).
7. RIGHTS OF PERSONAL DATA OWNERS AND EXERCISE OF THESE RIGHTS
7.1. Rights of the Personal Data Owner
Personal data owners have the following rights:
i. To learn whether personal data is being processed,
ii. To request information if personal data has been processed,
iii. To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
iv. To know the third parties to whom personal data are transferred domestically or abroad,
v. To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data is transferred,
vi. To request the deletion or destruction of personal data in the event that the reasons requiring its processing disappear and to request notification of the transaction made within this scope to third parties to whom personal data is transferred, although it has been processed in accordance with the provisions of the Law and other relevant laws,
vii. To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,
viii. To demand the compensation of the damage in case of damage due to unlawful processing of personal data,
7.2. Exercising the Rights of the Personal Data Owner
Personal data owners may submit their requests regarding their rights listed in Article 6.1. to HEVI AI by the methods determined by the Board. You can apply to HEVI AI by filling out the “HEVI AI SAĞLIK YAPAY ZEKA VE BİLİŞİM TEKNOLOJİLERİ ANONİM ŞİRKETİ Data Owner Application Form" available at www.HEVI.AI/kisisel-verilerin-korunmasi
7.3. HEVI AI's Response to Applications
HEVI AI finalizes the applications made by the personal data owner in accordance with the Law and other legislation. Requests duly submitted to HEVI AI shall be finalized free of charge as soon as possible and within 30 (thirty) days at the latest. However, if the transaction requires an additional cost, a fee may be charged in accordance with the tariff determined by the Board.
7.4. HEVI AI's Rejection of the Personal Data Subject's Application
HEVI AI may reject an applicant's application, explaining the grounds for doing so, in the following cases:
i. Processing of personal data for purposes such as research, planning and statistics by anonymizing them with official statistics,
ii. Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public safety, public order, economic security, privacy of private life or personal rights or does not constitute a crime
iii. Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public security, public order or economic security,
iv. Processing of personal data by judicial or enforcement authorities in relation to investigations, prosecutions, trials or executions,
v. Processing of personal data is necessary for the prevention of crime or criminal investigation,
vi. Processing of personal data made public by the personal data owner itself,
vii. Personal data processing is necessary for the execution of supervisory or regulatory duties and disciplinary investigation or prosecution by the authorized and authorized public institutions and organizations and professional organizations in the nature of public institutions based on the authority granted by the law,
viii. Processing of personal data is necessary for the protection of the economic and financial interests of the State in relation to budgetary, tax and fiscal matters,
ix. The request of the personal data owner is likely to impede the rights and freedoms of other persons,
x. Requests that require disproportionate effort have been made.
xi. The requested information is publicly available.
8. EXECUTION
HEVI AI Board of Directors as the data controller is responsible for the execution of the Law and Policy, and department managers are responsible for the follow-up, coordination and supervision of all works and transactions within this scope
9. ENFORCEMENT and ANNOUNCEMENT
The Policy entered into force on 23/08/2022. Changes to the Policy will be published on HEVI AI's website (hevi.ai) and made available to personal data owners and relevant persons. Policy changes enter into force on the date of announcement.
ANNEXES
ANNEX 1 - Purposes of Processing Personal Data
ANNEX 2 - Personal Data Owners
Annex 3 - Categories of Personal Data
Elimination of Human Resources Needs Termination and Dismis
