GDPR and Privacy Policy
General information about the Personal Data Law
The Law on Protection of Personal Data No. 6698 (hereinafter referred to as KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 dated April 7, 2016. Some parts of the KVKK entered into force on the date of publication, and some parts on October 7, 2016.
Information as Data Controller
Pursuant to KVKK No. 6698 and as the Data Controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties in cases permitted by legislation, classified, and processed in the ways listed in the KVKK, as explained on this page.
How your personal data can be processed
Pursuant to KVKK No. 6698, your personal data shared with our Company may be processed by us, entirely or partially, automatically, or non-automatically by obtaining, recording, storing, modifying, reorganizing, in short, by subjecting it to any kind of processing on the data, provided that it is part of any data recording system. Any operation performed on data within the scope of KVKK is considered "processing of personal data".
Purposes and legal reasons for processing your personal data
Your shared personal data,
To fulfill the requirements of the services we provide to our customers in accordance with the contract and technology, and to improve our products and services;
To record identity, address, and other necessary information for the identification of the transaction owner within the scope of the Law on Regulation of Electronic Commerce No. 6563, the Law on Consumer Protection No. 6502, and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated 26.08.2015, the Regulation on Distance Contracts published in the Official Gazette No. 29188 dated 27.11.2014, and other relevant legislation;
To arrange all records and documents that will form the basis of the transaction in payment systems, electronic contracts or paper media that are mandatory in the field of Banking and Electronic Payment; to comply with information retention, reporting, and notification obligations stipulated by legislation and other authorities;
To be able to provide information to prosecutor's offices, courts, and relevant public officials upon request and as required by law, in matters related to public safety and in legal disputes;
It will be processed in accordance with KVKK No. 6698 and relevant secondary regulations. Information about third parties or organizations to which your personal data may be transferred For the purposes mentioned above, the persons / organizations to which your personal data shared with our Company may be transferred are; primarily IdeaSoft Yazılım San. ve Tic. A.Ş., which provides our Company's e-commerce infrastructure, as well as suppliers, cargo companies and other related persons and organizations, program partner organizations with whom we cooperate and/or receive services as Data Processor, domestic/international organizations and other 3rd parties.
Method of collecting your personal data
Your personal data,
Through the forms on our Company's website and mobile applications, with information such as name, surname, TR ID number, address, phone, business or private e-mail address; preferences on pages accessed using username and password, IP records of transactions performed, cookie data collected by the browser and data including browsing time and details, location data;
Through our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing and call center channels, verbally, in writing or electronically;
From individuals who share their personal data for purposes such as establishing a commercial relationship with our Company, applying for a job, making an offer, through business cards, resumes (CVs), making an offer and other means, in a physical or virtual environment, face-to-face or remotely, verbally or in writing or electronically;
In addition, data obtained indirectly from different channels, from (micro) websites and social media used for purposes such as websites, blogs, contests, surveys, games, campaigns and similar purposes, e-newsletter reading or clicking actions, data provided by publicly available databases, public profile and data shared on social media platforms; can be processed and collected.
Your personal data obtained before KVKK came into force
Before April 7, 2016, the effective date of KVKK, your personal data obtained legally through membership, electronic communication permission, product/service purchase and other means are also processed and stored in accordance with the terms and conditions set forth in this document.
Transfer of your personal data abroad
Your personal data collected by any of the methods listed above, to be processed in Turkey or to be processed and stored outside Turkey, may also be transferred to service agents located abroad (to countries accredited by the Personal Data Board and where there is adequate protection for the protection of personal data) provided that it remains within the scope of KVKK and in accordance with the purposes of the contract.
Storage and protection of personal data
Your personal data will be kept confidential in the database and systems within our Company in accordance with Article 12 of the KVKK; it will not be shared with third parties under any circumstances, except for legal obligations and the regulations specified in this document. Our Company is obliged to prevent unlawful processing of personal data, to prevent unauthorized access, and to take software measures such as access management and physical security measures, as required by Article 12 of the KVKK, for the systems and databases where your personal data is stored. If it is learned that personal data has been obtained by others through unlawful means, the situation will be immediately reported to the Personal Data Protection Board in accordance with legal regulations and in writing.
Keeping personal data up-to-date and accurate
In accordance with Article 4 of the KVKK, our Company has the obligation to keep your personal data accurate and up-to-date. In this context, for our Company to fulfill its obligations arising from the current legislation, our Customers must share or update their accurate and up-to-date data via the website / mobile application.
Rights of the personal data owner pursuant to KVKK No. 6698
Article 11 of KVKK No. 6698 entered into force on October 7, 2016, and in accordance with the relevant article, the rights of the Personal Data Owner after this date are as follows: The Personal Data Owner, by applying to our Company (data controller), regarding themselves;
To learn whether personal data is processed,
To request information if personal data has been processed,
To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
To know the third parties to whom personal data is transferred domestically or abroad,
To request correction of personal data if it is incomplete or incorrectly processed,
To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK,
To request that the correction, deletion, or destruction of personal data be notified to third parties to whom personal data has been transferred,
To object to the emergence of a result against the person by analyzing the processed data exclusively through automated systems,
To request compensation for damages if personal data is processed unlawfully,
has the rights. [................] [Full company name], registered with the Chamber of Commerce of [................] under registration number [..........................], with MERSİS number [.............................], located at [.......................................................................], is the Data Controller under the KVKK. The Data Controller Representative to be appointed by our Company will be announced in the Data Controllers Registry and on the website where this document is located when the legal infrastructure is provided. Personal Data Owners can direct their questions, opinions, or requests to any of the following communication channels: E-mail: [.........................] Phone: [.........................] Fax: [.............................]