PRIVACY AND PROTECTION AND PROCESSING OF PERSONAL DATA

Before visiting or in any way using the www.sirketsepeti.net website (Website) operated by Searchtrends Advertising and Consulting Services Ltd. (Company), and/or before filling out the Contact Form, this document should be read.

As a Company, we do not share information transmitted to us via the contact form with third parties without specifying or without the knowledge or contrary instruction of the users. We also don't use it for any non-operational commercial purpose or sell it.

As a Company, we ensure that the content we create and/or share complies with the law. If you think that a content is illegal or if you have any other problems related to the Website, you can notify us at sirketsepeti@sirketsepeti.net.

The Website is not responsible for the content links and/or referrals. We do not accept any responsibility for the accuracy or reliability of the content or site accessed in this manner.

The Website is protected in accordance with relevant legislation. We reserve the right to take legal action in case of infringement of the website and brand rights.

We may occasionally change the content of the Website or the structure of its services without prior notice to you, and/or make some services or features paid, or temporarily or permanently terminate them. If there are services we offer for a fee, we may change the fee if deemed necessary.

We do not have any responsibility for the software used by the Website and the Company. We are not responsible for any damage to the software and hardware elements you use due to any software on this site.

We make utmost effort to ensure that our site does not contain viruses or other harmful content; however, due to technical issues and other reasons, there's a possibility that a virus might transfer to your computer. Although it's assumed that an average computer user takes basic precautions, such as using antivirus software, we are still not responsible for any damages you may incur, including (but not limited to) damage to your computer or programs.

For terms of use on the Website, we carefully review the feedback and suggestions you send to sirketsepeti@sirketsepeti.net, independent of any commercial concerns.

Law on the Protection of Personal Data

The Law on the Protection of Personal Data No. 6698 (hereinafter referred to as LPPD) was adopted on 24 March 2016 and published in the Official Gazette numbered 29677 on 7 April 2016. Some parts of the LPPD came into effect on the date of its publication, while others came into force on 7 October 2016.

Informing in the capacity of the Data Controller

 In accordance with the Law No. 6698 and in the capacity of the Data Controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties where permitted by law, categorized, and processed in the ways listed in the LPPD, within the scope described on this page.

Deletion, Destruction or Anonymization of Personal Data PRINCIPLES

ARTICLE 7 – (1) In the event that all of the personal data processing conditions specified in the 5th and 6th articles of the Law are no longer met, the personal data must be deleted, destroyed, or anonymized either by the data controller on its own initiative or upon the request of the related person. (2) In deleting, destroying, or anonymizing personal data, it is mandatory to act in accordance with the general principles in Article 4 of the Law, technical and administrative measures that must be taken within the scope of Article 12, the provisions of the relevant legislation, the decisions of the Board, and the personal data storage and destruction policy. (3) All procedures related to the deletion, destruction, and anonymization of personal data are recorded, and these records are kept for at least three years, excluding other legal obligations. (4) The data controller is obligated to explain the methods it applies for the deletion, destruction, or anonymization of personal data in its policies and procedures. (5) Unless a contrary decision is taken by the Board, the data controller chooses the appropriate method from the methods of automatic deletion, destruction, or anonymization of personal data. If requested by the related person, the data controller selects the appropriate method by explaining its reasons.

Deletion of Personal Data

ARTICLE 8 – (1) The deletion of personal data refers to the process of making personal data inaccessible and irretrievable for related users. (2) The data controller is obligated to take all necessary technical and administrative measures to ensure that deleted personal data is inaccessible and irretrievable for the related users.

Destruction of Personal Data

ARTICLE 9 – (1) The destruction of personal data refers to the process of making personal data inaccessible, irretrievable, and unusable by anyone. (2) The data controller is obligated to take all necessary technical and administrative measures related to the destruction of personal data.

Anonymization of Personal Data

ARTICLE 10 – (1) Anonymization of personal data refers to making personal data unidentifiable and non-associable with an identified or identifiable individual, even when matched with other data. (2) For personal data to be considered anonymized, it should be impossible to associate it with an identified or identifiable individual, even when the appropriate techniques for the recording medium and the relevant activity area, such as reversing the data or matching it with other data, are used by the data controller, recipient, or recipient groups. (3) The data controller is obligated to take all necessary technical and administrative measures related to the anonymization of personal data.

Automatic Deletion, Destruction, or Anonymization Periods of Personal Data

ARTICLE 11 – (1) A data controller that has prepared a personal data storage and destruction policy must delete, destroy, or anonymize personal data in the first periodic destruction process following the date on which the obligation to delete, destroy, or anonymize personal data arises. (2) The interval at which periodic destruction will be performed is determined in the personal data storage and destruction policy by the data controller. This period cannot exceed six months under any circumstances. (3) A data controller, who does not have an obligation to prepare a personal data storage and destruction policy, must delete, destroy, or anonymize personal data within three months following the date on which the obligation to delete, destroy, or anonymize the personal data arises. (4) The Board can shorten the periods specified in this article in cases of the occurrence of irreparable or impossible damages and evident illegality.

Periods of Deletion and Destruction of Personal Data Upon the Request of the Data Subject

ARTICLE 12 – (1) When the data subject applies to the data controller pursuant to Article 13 of the Law, requesting the deletion or destruction of their personal data: a) If all conditions for processing personal data no longer exist, the data controller shall delete, destroy, or anonymize the personal data in question. The data controller shall finalize the request of the data subject within thirty days at the latest and inform them. b) If all conditions for processing personal data no longer exist and the personal data in question has been transferred to third parties, the data controller notifies the third party of this situation and ensures that the necessary actions under this Regulation are taken by the third party. c) If all conditions for processing personal data have not ceased to exist, this request can be rejected by the data controller pursuant to the third paragraph of Article 13 of the Law. The rejection is communicated to the data subject in writing or electronically within thirty days at the latest.

How Personal Data Can Be Processed

In accordance with Law No. 6698 (KVKK), the personal data you share with our Company can be obtained, recorded, stored, modified, rearranged, in short, subjected to any kind of processing, entirely or partially, automatically or, if part of any data recording system, through non-automatic methods. Every operation performed on data within the scope of the KVKK is deemed "processing of personal data.”

Methods of Collecting Personal Data

 Your personal data, through our company's website and mobile applications, including information such as name, surname, Turkish ID number, address, phone, business, or private email; preferences on pages accessed using usernames and passwords, IP records of transactions, cookie data collected by browsers, and data including navigation duration and details, and location data; Through channels such as our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing, and call centers, orally, in writing, or electronically; From individuals who share their personal data for purposes such as establishing a commercial relationship with our company, applying for a job, or submitting a proposal, through business cards, resumes (CVs), offers, and other methods, in a physical or virtual environment, face-to-face or remotely, verbally or in writing or electronically; Additionally, data obtained indirectly from various channels, from websites, blogs, contests, surveys, games, campaigns, and other purpose-specific (micro) websites and from social media, e-newsletter reading or click actions, data offered by public databases, profiles, and data shared from social media platforms; can be processed and collected.

Transfer of Personal Data Abroad

Personal data that is processed in Turkey or processed outside Turkey for the purpose of being stored, collected through any of the methods mentioned above, can be transferred to service providers located abroad (to countries accredited by the Personal Data Protection Board and where adequate protection for personal data exists), provided it remains under the scope of KVKK and in accordance with contractual purposes.

Storage and Protection of Personal Data

 Your personal data will be stored confidentially in the database and systems of our company in accordance with Article 12 of the KVKK; it will not be shared with third parties in any way other than legal obligations and regulations specified in this document. Our company is obliged to protect the systems and databases where your personal data is hosted from unauthorized access and to prevent unlawful processing of personal data, taking measures such as access management and physical security measures. Should the unauthorized acquisition of personal data be detected, the situation will be promptly reported to the Personal Data Protection Board in writing, in accordance with the legal regulations.

Keeping Personal Data Accurate and Updated

In accordance with Article 4 of the KVKK, our company has an obligation to keep your personal data accurate and up-to-date. In this context, it's essential for our customers to share their correct and up-to-date data or update it via the website/mobile application to fulfill our obligations arising from current legislation.

Rights of the Personal Data Subject According to the Law No. 6698

 Article 11 of the Law No. 6698 (KVKK) came into effect on October 7, 2016, and as per this article, the rights of the Personal Data Subject after this date are as follows. The Personal Data Subject has the right to:

1.    Learn whether personal data relating to him/her is being processed;

2.    Request information if his/her personal data has been processed;

3.    Understand the purpose of processing the personal data and whether they are used in accordance with their purpose;

4.    Know the third parties to whom personal data is transferred domestically or abroad;

5.    Request correction if personal data is processed incompletely or inaccurately;

6.    Request the deletion or destruction of personal data within the framework of the conditions set forth in Article 7 of the KVKK;

7.    Request the correction, deletion, or destruction of personal data to be notified to third parties to whom personal data has been transferred;

8.    Object to any unfavorable result that emerged when processed data is analyzed exclusively through automated systems;

9.    Request compensation for the damage suffered due to the unlawful processing of personal data.

Special and/or Sensitive Personal Data We Process

Our website and/or service does not aim to collect data about website visitors under the age of 16 without the consent of a parent or guardian. However, we cannot verify whether a visitor is older than 16. Therefore, to prevent the collection of data regarding children without parental consent, we recommend parents to supervise their children's online activities. If you are certain that we have collected personal information about a minor without this permission, please contact us at sirketsepeti@sirketsepeti.net to have the information deleted.

 

Our details as the Data Controller are as follows:

(Searchtrends Advertising and Consultancy Services Ltd. Co.)

Searchtrends Reklam ve Danışmanlık Hizmetleri Ltd. Şti.

Address: Merkez Mah. Sıra Cevizler Cad. 142/1 Şişli /İstanbul

 T.C. Istanbul Chamber of Commerce Directorate Announcement /  T.C. İstanbul Ticaret Sicili Müdürlüğü

Serial No: 137802

Tax No: 7570897939

MERSIS No: 0757089793900001

 Trade Registry/File No: 321761-5

 E-mail: sirketsepeti@sirketsepeti.net