Clarification Text

1. Purpose and Scope of the Disclosure Regarding Data Protection

This Clarification Text (“Disclosure Regarding Data Protection”) has been prepared by Salyangoz Teknoloji Anonim Şirketi (“Company”) as the data controller within the scope of Article 10 of the Law on Protection of Personal Data No. 6698 and the Communiqué on the Procedures and Principles to be Complied with in Fulfilling the Obligation to Clarify.

This Clarification Text has been prepared with the intention to inform the real persons (“Customer”) who are the users of our product called Yengec, an e-commerce process automation, the representatives of the legal entities that are the users (“Customer Representative”) and the potential users (“Potential Customer”), and to enable them to exercise their rights effectively.

2. Principles of Processing Personal Data

Your personal data is processed in compliance with the law and honesty rules by our Company; accurate and up-to-date where necessary; for specific, explicit and legitimate purposes; connected, limited and restrained for the purpose for which they are processed; in accordance with the rules of storage for the period required for the purpose for which they are processed or stipulated in the relevant legislation and in accordance with the purposes specified in the 4th article of this Clarification Text.

3. Processing Personal Data

• Identity (name, surname, identity numbar, tax number etc.)
• Contact (phone number, e-mail address, address etc.)
• Marketing (cookie records, packages that the customer has previously subscribed to, information obtained through promotion, campain work, user movements within the panel etc.)
• Audio Visual Recordings (call center audio recordings, customer screen shots etc.)
• Customer Transaction (order information, billing information, credit card information etc.)
• Transaction Security (ip address information, location information, system entry and exit information, user name, password/password information etc.)

4. Purposes of Processing Personal Data

Your personal data are processed in accordance with the personal data processing conditions specified in Articles 5 and 6 of the Law. Within the scope of our activities such as creating a membership, carrying out the pre-accounting registration and transition to e-invoice processes, providing support to our customers with the call center and web request system, executing sales, marketing and data analysis activities by our company, executing access activities and managing database storage processes:
• Execution of contract processes,
• Execution of product/service sales processes,
• Carrying out communication activities with the customer,
• Addressing the customer correctly,
• Managing user/member activation processes (sms or e-mail activation processes),
• Invoicing of internet sales made by the user/member,
• Providing information to authorized persons, institutions and organizations (regarding online sales sending invoices to the Chief Revenue Administration),
• To follow up the application status of transition to e-invoice,
• Management of marketing processes (making calls, sending sms-mails),
• Management of advertisement/campaign/promotion/information processes (making calls, sending sms-mails),
• Conducting marketing analysis studies (product development, optimization, increasing customer satisfaction, identifying the needs of potential customers in similar segments, optimizing new customer acquisition),
• Follow-up of requests/complaints,
• Carrying out product/service after-sales support services,
• Carrying out activities for customer satisfaction,
• Receiving the payment for the product/service sold,
• Managing information security processes,
• Execution of storage and archive activities
are processed.

5. Transfer of Personal Data

As a rule, your personal data is not transferred to third parties without your “Explicit Consent”. Your personal data is shared with third parties in the following exceptional cases:

• In cases stipulated by the relevant legislation; to the authorized public institutions and organizations for the purpose of resolving legal disputes and/or meeting this demand, if requested,
• To our business partners, solution partners and suppliers that we receive support in order to be able to carry out our activities related to our product.
During the transfer of personal data, the principles stipulated in Article 8 of the Law are complied with.

6. Transfer of Personal Data Abroad

Your personal data is not transferred abroad without your “Explicit Consent”. If you give consent; in accordance with the rules in Article 9 of the Law titled “Transferring Personal Data Abroad” and By taking the necessary technical and administrative measures, in order to increase the quality of service we provide to you and to ensure service continuity, our product, service providers, suppliers operating in the field of technology and informatics and/or having servers abroad – by using the software, programs and systems provided by them by our company. – Your Identity and Communication Data, Marketing Data, Customer Transaction Data, Transaction Security Data and some Audio-Visual Records (call center voice recordings and screenshots etc.) from your personal data can be transferred. These companies chosen by our company take data security measures according to internationally accepted standards and undertake to provide the security level in accordance with these standards. In addition, many international regulations regarding personal data, especially the European Union General Data Protection Regulation (GDPR), legally ensure that these data are not processed outside of our Company’s requests and purposes. Your personal data, which we transfer abroad to be processed with Software provided by Data Processors is not shared with third parties abroad, except for the purposes stated above.

7. Personal Data Collection Method and Legal Reason

Your Personal Data, membership forms on our website, fields in the user page content that can be filled depending on your preference, your requests and applications, contracts, campaigns and third party identity verification systems, official letters from judicial and administrative authorities and other printed / electronic documents, printed / electronic documents, electronic forms, call center records, e-mails, information security systems and electronic devices, requests and messages within the web request system and internet browser are collected and processed by automatic and non-automatic methods.

From your personal data listed in article 3 of this Clarification Text;
• While the legal reason for the processing of your Identity, Communication and Marketing Data processed within the scope of Sales Marketing Processes and Data Analysis Activities is “Explicit Consent” regulated in the 1st paragraph of Article 5 of the Law,
• The legal reason for the processing of all your personal data processed within the scope of other activities is “Requirement of Processing Personal Data of the Parties to the Contract, Provided that it is Directly Related to the Establishment or Performance of a Contract”, which is included in the 2nd paragraph of Article 5 of the Law”, “Explicitly Estimated by the Law”, “Obligation of the Data Controller to Fulfill his Legal Obligation” and “Legitimate Interest of the Data Controller”.

8. Storage and Disposal of Personal Data

Detailed information about the issues of storage and destruction of your personal data, storage periods of personal data, recording media of personal data and methods of destruction from these media, technical and administrative measures taken for the preservation of personal data, destruction periods, etc. is available in our policy titled “Retention and Disposal Policy” published on our website.

9. Rights of Data Owners

Each personal data owner has the following rights;
(I) To learn whether personal data is processed by our company,
(II)To request information if personal data has been processed,
(III) To learn the purpose of processing personal data and whether they are used in accordance with its purpose,
(IV) To know the third parties to whom personal data is transferred,
(V) To request the correction of personal data, if their personal data is incomplete or incorrectly processed,
(VI) To request the deletion or destruction of personal data within the framework of the conditions stipulated in the Law,
(VII) Requesting the notification of the transactions made in accordance with the subparagraphs (v) and (vi) to the third parties to whom the personal data has been transferred,
(VIII) The emergence of a result against the person himself by analyzing his personal data exclusively through automated systems and has the right to object,
(IX) Has the right to demand the compensation of the damage suffered due to the unlawful processing of personal data.

If personal data owners want to make a request regarding their rights mentioned above, they can fill inthe Data Owner Application Form on our website and send it to us. The duly submitted requests to our company will be finalized within thirty days at the latest. In the event that the conclusion of such requests requires a separate cost, our Company may charge the applicant the fee in the tariff determined by the Personal Data Protection Board.

In cases where the application of the personal data owner is rejected in accordance with Article 14 ofthe Law, if the answer is found insufficient or if the application is not answered in due time; thepersonal data owner can complain to the Board within thirty days from the date of our company’snotification and in any case within sixty days from the date of his her/its application.

10. Data Controller Information

Trade Name: Salyangoz Teknoloji A.Ş.
Address: Şenlikköy Mah. Yeşilyurt Cad. Bora Sitesi No:14a/2 Bakırköy / İstanbul /Turkey
Tax Number: Küçükçekmece Vergi Dairesi – 7420451638
Trade Registry Number: İstanbul Ticaret Sicil Müdürlüğü – 983655
Central Registry System Number: 0742045163800011
Registered e-Mail Address: [email protected]
Phone Number: +90 212 909 01 49