Personal Data and General Confidentiality Agreement

Personal Data and General Privacy Policy

Last Updated: 20 September 2017

TemaTürk-Alix Trade Yazılım San ve Ticaret Ltd.Şti. (It is referred to as “TemaTürk” for short.) Users' personal data transmitted to them electronically via www.tematurk.com ("Website") or mobile applications, "6698 Except as described in the Law on the Protection of Personal Data No. ”and General Data Protection Regulation (GDPR), it will not share, sell or make use of it for different purposes.

TemaTürk's "Personal Data and General Privacy Policy" is given below.

IP Numbers: TemaTurk determines and uses the IP address of the users when necessary, in order to identify the problems related to the system, to fix the problems that may arise on the website / mobile applications immediately and to make legal notifications according to the legal procedures and principles. IP addresses can also be used to identify users in a general (anonymous) manner and collect comprehensive demographic information.

Anonymous Data: Information requested by TemaTurk or information provided by the user or information about transactions made through the Website / Mobile Application, various statistical evaluations anonymously by Sitemio and its collaborators (without disclosing the identity of the user), creating a database, personalized can be used in package / offers and market research.

Linking to other sites: TemaTurk may link to other sites within the Website / Mobile Application. TemaTurk does not bear any responsibility for the privacy practices and contents of the sites accessed via the link.

Bank / Credit Card Information: TemaTurk uses an SSL certificate (green bar), which provides information security with 256 bit encryption algorithm in data transmission. The bank / credit card information of the users is used only by the bank or payment institution during the purchase process and is not kept in the database in any way. TemaTurk can provide an infrastructure where card information can be stored through PCI DSS certified institutions to facilitate users' next purchases. The information contained in the bank / credit cards as a result of Card Storage Services, which has a PCI DSS standard and licensed by BRSA, facilitates the steps of Authentication and Authoziation, allowing bank / credit card holders to use a secure and easy payment tool.

Cases where user data can be disclosed: The personal data of the user include name-surname, address, phone number, e-mail address and all kinds of information to identify the user. TemaTurk will not disclose any of its personal data to other third parties, except for affiliated companies, in which TemaTurk is in cooperation, unless stated otherwise in this privacy policy. In the following cases, TemaTurk may disclose the information of the users to third parties by going beyond the provisions of this privacy policy. These situations are;

Law, Decree Law, Regulation etc. to comply with the obligations imposed by applicable legal rules issued by the competent legal authority;

The fulfillment of the requirements of the agreements signed by TemaTurk with users and their implementation;

These are cases where it is necessary to request information about the users and to provide information in order to protect the rights or security of the Users in order to conduct a duly conducted research or investigation by the competent administrative and judicial authority.

TemaTurk is committed to keeping confidential information strictly private and confidential, to consider it a secret confidentiality obligation, and to take all necessary precautions to ensure and maintain confidentiality, to prevent all or any part of the confidential information from entering the public domain or unauthorized use or disclosure to a third party. is committed to showing.

Data collected in surveys, contests and similar situations: The information requested by the users who respond to periodic surveys and contests organized by TemaTurk within the Website, is used by TemaTurk and collaborators to directly market to these users, make statistical analysis and create a database.

E-newsletter submissions and announcements: TemaTurk sends weekly e-newsletters to inform its users about economic developments, agenda and their own fields. It may send Campaign / Proposal / Package announcements with promotional and informative content when it deems necessary or in agreement with 3rd party partners. When you create an account on our system for the first time, you accept e-mail and sms transmissions as standard. Users can prevent these emails from reaching them by clicking on the specified link, as described at the bottom of the email. In addition, there are possibilities to prevent them in your user panel. If you want to unsubscribe from our daily e-mailing list at any time, you can easily unsubscribe from the e-bulletin by clicking the "Please click to exit our e-bulletin list" link at the bottom of the e-mails we send.

General information about the Personal Data Law
Law No. 6698 on Protection of Personal Data was adopted on 24 March 2016 and published in the Official Gazette No. 29677 dated April 7, 2016. The European Union Data Protection Directive (GDPR) came into force on 25 May 2018. As a data controller under the Law No. 6698 on Protection of Personal Data and the European Union Data Protection Directive (GDPR), we will record, classify, process, store, update, and provide regulatory rules and data for your valued customers. It can be disclosed to individuals and we inform you about our mutual rights and obligations within the scope of this legal regulation.

Notification as a data controller
As TemaTurk, whose detailed corporate information is published below, in accordance with the laws mentioned above, in the capacity of Data Responsible, your personal data within the framework described below; it will be recorded, stored, updated, disclosed / transferred, classified and processed to third parties where permitted by legislation.

Definition of Personal Data Under the Law
Information about your identity (name, surname, date of birth, TC identity number, etc.), communication, methods used during access to products (IP, mobile wire brand-model, browser type, version, social media information, movements on screens etc.) It expresses all kinds of information that will enable you to be decisive or identifiable.

How your personal data can be processed
Pursuant to KVKK and EU General Data Protection Regulation - GDPR No. 6698, your personal data that you share with our company is obtained, saved, stored, modified, and rearranged, in whole or in part, by non-automatic means provided that it is part of any data recording system; provided that security and confidentiality is provided within the scope of the legislation: by disclosing, transferring, taking over, making it available, classifying or preventing its use, in short, it can be processed by us as a subject for any transaction performed on the data. Any transaction performed on the data within the scope of the above-mentioned laws is considered as the "processing of personal data".

The purposes and legal reasons of the processing of your personal data

Personal data you share;

To be able to fulfill the requirements of the services we provide to our customers in accordance with the requirements of the contract and technology, to improve our products and services,
To be able to officially invoice all products and services we offer, after purchase,
To comply with the information retention, reporting and information obligations stipulated by the legislation and other authorities,
In order to provide information to public prosecutors, courts and relevant public officials on matters of public security and legal disputes, upon request and in accordance with legislation,
6698 numbered KVKK and EU General Data Protection Regulation - GDPR will be processed in accordance with the scope, procedures and principles.

Recording of your identity, address, tax number and other information, arrangement of information and documents that will be based on the works and transactions to be carried out in electronic environment, in order to determine the owner and interlocutor of any business and transaction that will be carried out in relation to all kinds of products and services that we will offer you, It will be processed in order to comply with the information retention, reporting and information obligations stipulated by all administrative authorities (courts, TBB, BDDK, SPK, TCMB, MASAK, BTK), to offer other products and services offered and requested as TemaTurk and to fulfill the requirements of the contracts between us.

Information about third parties or organizations to which your personal data can be transferred
For the purposes mentioned above, the persons / organizations to whom your personal data you share with our company can be transferred; our main shareholders, our direct or indirect domestic / foreign subsidiaries, and the persons and organizations related to the service provided, including but not limited to, the program partner organizations we cooperate, cooperate with, and / or Data Processor. / overseas organizations and other third parties.

In addition, we agree to send messages to our customers, to whom we receive services, to collaborate, to program partner institutions, institutions, banks, financial institutions, providers or companies, to whom we receive services in the cloud environment, to whom we receive services, in terms of product / service comparison and application application. will be transferred to institutions and other third parties within the framework of our relevant collaborations.

How your personal data is collected

Your personal data,

Through the forms on our company's website and mobile applications, name, surname, citizenship number, passport number, address, phone, business or private e-mail address, age, gender, occupation, username and password, the preferences on the pages entered, records, cookie data collected by the browser, data including navigation time and details, location data;

Through our channels such as our sales and marketing department employees, agents, dealers, forms on paper, business cards, digital marketing and call center, verbal, written or electronic media;

In a physical or virtual environment, face-to-face or distant, verbal or written or taken from people who share their personal data for business purposes, to establish business relations with our company, to apply for a job, to bid, such as business cards, resumes (cv), to bid and other means. from electronic environment;

In addition, data obtained from (micro) websites and social media that are obtained indirectly from different channels, used for websites, blogs, contests, surveys, games, campaigns and similar purposes, e-newsletter reading or click movements, data provided by public databases. From social media platforms (Facebook, Twitter, Google, Instagram, Snapchat etc) social media sites such as shared profiles and data;
can be processed and collected.

6698 numbered KVKK and EU General Data Protection Regulation - your personal data obtained before GDPR came into force
Your personal data, which was obtained before the May 7, 2016, which is the effective date of KVKK and the EU General Data Protection Regulation - May 25, 2018, which is the effective date of GDPR, are also processed and stored in accordance with the terms and conditions set out in this document.

Storage and protection of personal data
Your personal data will be kept confidential in the databases and systems in our company in accordance with KVKK No. 6698 and EU General Data Protection Regulation - GDPR; Except for legal obligations and regulations stated in this document, it will not be shared with third parties in any way. Our company prevents the unauthorized access of unauthorized persons by preventing the unauthorized processing of personal data in accordance with the systems and databases containing your personal data, KVKK No. 6698 and EU General Data Protection Regulation - GDPR; It is obliged to take software and physical security measures such as hash, encryption, transaction log, access management in order to ensure its preservation. If it is learned that the personal data is obtained by others illegally, the situation will be reported to the Personal Data Protection Board immediately, in accordance with legal regulations and in writing.

Personal data will be stored as long as the purpose of providing this information is valid. Your data will continue to be processed by us after the service you receive from us in order to determine your needs, to serve you more quickly and to meet your subsequent service requests. These limits will be respected if the data is subject to legal deadlines and to public authorities related to the legal authorities, should be kept for reporting, informational purposes or kept for longer periods in accordance with the legislation. Necessary security measures will be taken by us to ensure that the stored, recorded data is not lost, unauthorized, and illegal use is prevented.

Keeping personal data up-to-date and accurate
In accordance with Article 4 of KVKK, our Company has an obligation to keep your personal data accurate and up-to-date. In this context, in order for our Company to fulfill its obligations arising from the applicable legislation, our customers must share their correct and updated data or update them via the website / mobile application.

Rights of personal data owner in accordance with KVKK No. 6698 and EU General Data Protection Regulation - GDPR
Personal Data Owner, by applying to our Company (data controller), is related to himself;

Learning whether personal data is processed,
If personal data is processed, requesting information about it,
Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
To know the third parties to whom personal data are transferred domestically or abroad,
Requesting correction of personal data if it is incomplete or incorrectly processed,
Request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of KVKK,
In case of correction, deletion, or destruction of personal data, requesting that these transactions be notified to third parties to whom personal data are transferred,
To object to the emergence of a result against the person by analyzing the processed data exclusively through automated systems,
In the event that the personal data is damaged due to the illegal processing of the data, it has the right to demand the removal of the damage.
Garanti Information Technologies (TemaTürk), registered with the tax number 8020153964, is Data Supervisor within the scope of KDPK and EU General Data Protection Regulation - GDPR.

The Data Representative to be appointed by TemaTurk will be announced in the Data Controllers Registry and the internet address where this document is available when the legal infrastructure is provided.

Personal Data Owners may direct their questions, opinions or requests to any of the following communication channels:
e-mail: info@tematurk.com
Phone: +90 546 437 6100