PRIVACY AND PROTECTION AND PROCESSING OF PERSONAL DATA
Before visiting or in any way using the www.sirketsepeti.net
website (Website) operated by Searchtrends
Advertising and Consulting Services Ltd. (Company), and/or before filling out
the Contact Form, this document should be read.
As a Company, we do not share information transmitted to us via
the contact form with third parties without specifying or without the knowledge
or contrary instruction of the users. We also don't use it for any
non-operational commercial purpose or sell it.
As a Company, we ensure that the content we create and/or share
complies with the law. If you think that a content is illegal or if you have
any other problems related to the Website, you can notify us at sirketsepeti@sirketsepeti.net.
The Website is not responsible for the content links and/or
referrals. We do not accept any responsibility for the accuracy or reliability
of the content or site accessed in this manner.
The Website is protected in accordance with relevant legislation.
We reserve the right to take legal action in case of infringement of the
website and brand rights.
We may occasionally change the content of the Website or the
structure of its services without prior notice to you, and/or make some
services or features paid, or temporarily or permanently terminate them. If
there are services we offer for a fee, we may change the fee if deemed
necessary.
We do not have any responsibility for the software used by the
Website and the Company. We are not responsible for any damage to the software
and hardware elements you use due to any software on this site.
We make utmost effort to ensure that our site does not contain
viruses or other harmful content; however, due to technical issues and other
reasons, there's a possibility that a virus might transfer to your computer.
Although it's assumed that an average computer user takes basic precautions,
such as using antivirus software, we are still not responsible for any damages
you may incur, including (but not limited to) damage to your computer or
programs.
For terms of use on the Website, we carefully review the feedback
and suggestions you send to sirketsepeti@sirketsepeti.net,
independent of any commercial concerns.
Law on the Protection of Personal Data
The Law on the Protection of Personal Data No. 6698 (hereinafter
referred to as LPPD) was adopted on 24 March 2016 and published in the Official
Gazette numbered 29677 on 7 April 2016. Some parts of the LPPD came into effect
on the date of its publication, while others came into force on 7 October 2016.
Informing in the capacity of the Data Controller
In accordance with the Law
No. 6698 and in the capacity of the Data Controller, your personal data will be
recorded, stored, updated, disclosed/transferred to third parties where
permitted by law, categorized, and processed in the ways listed in the LPPD,
within the scope described on this page.
Deletion, Destruction or Anonymization of Personal Data
PRINCIPLES
ARTICLE 7 – (1) In the event that all of
the personal data processing conditions specified in the 5th and 6th articles
of the Law are no longer met, the personal data must be deleted, destroyed, or
anonymized either by the data controller on its own initiative or upon the
request of the related person. (2) In deleting, destroying, or anonymizing
personal data, it is mandatory to act in accordance with the general principles
in Article 4 of the Law, technical and administrative measures that must be
taken within the scope of Article 12, the provisions of the relevant
legislation, the decisions of the Board, and the personal data storage and
destruction policy. (3) All procedures related to the deletion, destruction,
and anonymization of personal data are recorded, and these records are kept for
at least three years, excluding other legal obligations. (4) The data
controller is obligated to explain the methods it applies for the deletion,
destruction, or anonymization of personal data in its policies and procedures.
(5) Unless a contrary decision is taken by the Board, the data controller
chooses the appropriate method from the methods of automatic deletion,
destruction, or anonymization of personal data. If requested by the related
person, the data controller selects the appropriate method by explaining its
reasons.
Deletion of
Personal Data
ARTICLE 8 – (1) The deletion of personal
data refers to the process of making personal data inaccessible and
irretrievable for related users. (2) The data controller is obligated to take
all necessary technical and administrative measures to ensure that deleted
personal data is inaccessible and irretrievable for the related users.
Destruction of
Personal Data
ARTICLE 9 – (1) The destruction of
personal data refers to the process of making personal data inaccessible,
irretrievable, and unusable by anyone. (2) The data controller is obligated to
take all necessary technical and administrative measures related to the
destruction of personal data.
Anonymization
of Personal Data
ARTICLE 10 – (1) Anonymization of
personal data refers to making personal data unidentifiable and non-associable
with an identified or identifiable individual, even when matched with other
data. (2) For personal data to be considered anonymized, it should be
impossible to associate it with an identified or identifiable individual, even
when the appropriate techniques for the recording medium and the relevant
activity area, such as reversing the data or matching it with other data, are
used by the data controller, recipient, or recipient groups. (3) The data
controller is obligated to take all necessary technical and administrative measures
related to the anonymization of personal data.
Automatic
Deletion, Destruction, or Anonymization Periods of Personal Data
ARTICLE 11 – (1) A data controller that
has prepared a personal data storage and destruction policy must delete,
destroy, or anonymize personal data in the first periodic destruction process
following the date on which the obligation to delete, destroy, or anonymize
personal data arises. (2) The interval at which periodic destruction will be
performed is determined in the personal data storage and destruction policy by
the data controller. This period cannot exceed six months under any
circumstances. (3) A data controller, who does not have an obligation to
prepare a personal data storage and destruction policy, must delete, destroy,
or anonymize personal data within three months following the date on which the
obligation to delete, destroy, or anonymize the personal data arises. (4) The
Board can shorten the periods specified in this article in cases of the
occurrence of irreparable or impossible damages and evident illegality.
Periods of
Deletion and Destruction of Personal Data Upon the Request of the Data Subject
ARTICLE 12 – (1) When the data subject
applies to the data controller pursuant to Article 13 of the Law, requesting the
deletion or destruction of their personal data: a) If all conditions for
processing personal data no longer exist, the data controller shall delete,
destroy, or anonymize the personal data in question. The data controller shall
finalize the request of the data subject within thirty days at the latest and
inform them. b) If all conditions for processing personal data no longer exist
and the personal data in question has been transferred to third parties, the
data controller notifies the third party of this situation and ensures that the
necessary actions under this Regulation are taken by the third party. c) If all
conditions for processing personal data have not ceased to exist, this request
can be rejected by the data controller pursuant to the third paragraph of
Article 13 of the Law. The rejection is communicated to the data subject in
writing or electronically within thirty days at the latest.
How Personal
Data Can Be Processed
In accordance
with Law No. 6698 (KVKK), the personal data you share with our Company can be
obtained, recorded, stored, modified, rearranged, in short, subjected to any
kind of processing, entirely or partially, automatically or, if part of any
data recording system, through non-automatic methods. Every operation performed
on data within the scope of the KVKK is deemed "processing of personal
data.”
Methods of
Collecting Personal Data
Your personal data, through our company's
website and mobile applications, including information such as name, surname,
Turkish ID number, address, phone, business, or private email; preferences on
pages accessed using usernames and passwords, IP records of transactions,
cookie data collected by browsers, and data including navigation duration and
details, and location data; Through channels such as our sales and marketing
department employees, branches, suppliers, other sales channels, paper forms,
business cards, digital marketing, and call centers, orally, in writing, or
electronically; From individuals who share their personal data for purposes such
as establishing a commercial relationship with our company, applying for a job,
or submitting a proposal, through business cards, resumes (CVs), offers, and
other methods, in a physical or virtual environment, face-to-face or remotely,
verbally or in writing or electronically; Additionally, data obtained
indirectly from various channels, from websites, blogs, contests, surveys,
games, campaigns, and other purpose-specific (micro) websites and from social
media, e-newsletter reading or click actions, data offered by public databases,
profiles, and data shared from social media platforms; can be processed and
collected.
Transfer of
Personal Data Abroad
Personal data
that is processed in Turkey or processed outside Turkey for the purpose of
being stored, collected through any of the methods mentioned above, can be
transferred to service providers located abroad (to countries accredited by the
Personal Data Protection Board and where adequate protection for personal data
exists), provided it remains under the scope of KVKK and in accordance with
contractual purposes.
Storage and
Protection of Personal Data
Your personal data will be stored
confidentially in the database and systems of our company in accordance with
Article 12 of the KVKK; it will not be shared with third parties in any way
other than legal obligations and regulations specified in this document. Our
company is obliged to protect the systems and databases where your personal
data is hosted from unauthorized access and to prevent unlawful processing of
personal data, taking measures such as access management and physical security
measures. Should the unauthorized acquisition of personal data be detected, the
situation will be promptly reported to the Personal Data Protection Board in
writing, in accordance with the legal regulations.
Keeping
Personal Data Accurate and Updated
In accordance
with Article 4 of the KVKK, our company has an obligation to keep your personal
data accurate and up-to-date. In this context, it's essential for our customers
to share their correct and up-to-date data or update it via the website/mobile
application to fulfill our obligations arising from current legislation.
Rights of the
Personal Data Subject According to the Law No. 6698
Article 11 of the Law No. 6698 (KVKK) came
into effect on October 7, 2016, and as per this article, the rights of the
Personal Data Subject after this date are as follows. The Personal Data Subject
has the right to:
1. Learn whether
personal data relating to him/her is being processed;
2. Request
information if his/her personal data has been processed;
3. Understand the
purpose of processing the personal data and whether they are used in accordance
with their purpose;
4. Know the third
parties to whom personal data is transferred domestically or abroad;
5. Request
correction if personal data is processed incompletely or inaccurately;
6. Request the
deletion or destruction of personal data within the framework of the conditions
set forth in Article 7 of the KVKK;
7. Request the
correction, deletion, or destruction of personal data to be notified to third
parties to whom personal data has been transferred;
8. Object to any
unfavorable result that emerged when processed data is analyzed exclusively
through automated systems;
9. Request
compensation for the damage suffered due to the unlawful processing of personal
data.
Special
and/or Sensitive Personal Data We Process
Our website and/or service does not aim to collect data about
website visitors under the age of 16 without the consent of a parent or
guardian. However, we cannot verify whether a visitor is older than 16.
Therefore, to prevent the collection of data regarding children without
parental consent, we recommend parents to supervise their children's online
activities. If you are certain that we have collected personal information
about a minor without this permission, please contact us at sirketsepeti@sirketsepeti.net
to have the information deleted.
Our details as the Data Controller are as follows:
(Searchtrends Advertising and Consultancy Services Ltd. Co.)
Searchtrends
Reklam ve Danışmanlık Hizmetleri Ltd. Şti.
Address: Merkez Mah. Sıra Cevizler Cad. 142/1 Şişli
/İstanbul
T.C. Istanbul Chamber of
Commerce Directorate Announcement / T.C. İstanbul Ticaret Sicili Müdürlüğü
Serial No: 137802
Tax No: 7570897939
MERSIS No: 0757089793900001
Trade Registry/File No:
321761-5
E-mail: sirketsepeti@sirketsepeti.net