Personal Data Protection and Processing Policy
PERSONAL DATA PROTECTION AND PROCESSING POLICY
The purpose of this Personal Data Protection and Processing Policy (hereinafter “Policy”)is to outline the procedure and conditions of use of personal data submitted by users / members / visitors (hereinafter “data subject”) with the ANTEBİ DESİGN TEKSTİL SAN. VE TİC. A.Ş. (hereinafter “Company”) on shop.antebies.com and / or www.antebies.com and / or on Applications (hereinafter “Site”).
The company is aware of the importance of protecting personal data and respects their privacy.
The data subject declares that she/he is fully enlightened in accordance with the Personal Data Protection and Processing Policy and Article 11 of the Personal Data Protection Act No. 6698 ( hereinafter: “Act No. 6698”) regarding the processing of her/his personal data and that she/he consents to the use of her/his personal data as specified herein.
Under this heading, the data processed by the company and data that qualify as personal data according to Act No. 6698 are listed. Unless expressly stated otherwise, the term "personal data" in this Policy includes the following information.
The Company collects the following data provided digitally by the data subject during membership entry and payment.
- Name, surname, etc. ID information
- Address, business or private E-Mail address, telephone number, etc. contact information Company Information,Sector Information, Number of Employees
- Password and similar security and transaction information used for authentication and account access
- Payment info
- Product / Service Usage Information
- Transaction Security Information
- Financial Information
The company may obtain information using cookies, which are text files with small pieces of data, during the use of the website by the data subject. IP information is collected via cookies in order to determine the access and usage habits of the services offered on the website.
In accordance with Articles 3 and 7 of Act No. 6698, data that are irreversibly anonymized will not be considered as personal data in accordance with the provisions of the aforementioned law and the processing activities related to these data will be carried out without being bound by the provisions of this Policy.
ACCESS TO PERSONAL DATA
The Company may transfer the personal data of the data owner and new data obtained through the use of this personal data to business partners, shareholders, suppliers , employees and company executives only for the purpose of providing services.
The company may share data with third parties such as outsourcing service providers, hosting service providers, law firms, event organizers, research companies and call centers in order to improve the data subject’a experience (including improvement and personalization), to ensure the security of the data owner's data, determine fraudulent or not authorized use, investigate the operational assessment, correct errors in connection with site services and fulfill one of the purposes stated in this Policy.
The data subject accepts that the aforementioned third parties may store the personal data of the data subject on their servers anywhere in the world, provided that it is limited to the purposes stated above, and that he / she consents to this in advance.
THE PURPOSE OF USAGE OF THE PROCESSED DATA
The Company will use the personal data provided by the data subject for the purpose of registering membership and providing services available on the Site. The Company may also process the aforementioned personal data in order to improve the services it offers, to improve the service and to inform the Company or the data subject in this context and to fulfill the obligations arising from the nature of the services it provides. Such personal information may be used to contact the Company or the data subject or to improve the experience of the Company and the data subject on the Site (such as improving existing services, creating new services and providing personalized services), as well as being used within the scope of Company reporting and business development activities. It may also be used for the purposes of making various statistical evaluations, creating a database and engaging in market research without revealing the identity of the data subject. If the data subject gives his consent, the relevant information may be processed, stored and passed on to third parties by the company and its business partners for direct marketing purposes. The data subject may be contacted in order to introduce various applications, products and services, to make notifications regarding maintenance and support activities.
The Company will also be able to process and share the data with third parties in accordance with Articles 5 and 8 of Act No. 6698 and / or in the presence of conditions in the relevant legislation, without obtaining the consent of the data subject. The main situations in which the data subject’s information may be processed without obtaining explicit consent are as follows:
- it is clearly provided for by the laws
- it is mandatory for the protection of life or physical integrity of the person or of any other person who is bodily incapable of giving his consent or whose consent is not deemed legally valid
- processing of personal data belonging to the parties of a contract, is necessary provided that it is directly related to the conclusion or fulfilment of that contract
- it is mandatory for the controller to be able to perform his legal obligations
- the data concerned is made available to the public by the data subject himself
- data processing is mandatory for the establishment, exercise or protection of any right
- it is mandatory for the legitimate interests of the controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject
THE RIGHTS OF THE DATA SUBJECT
Each person has the right to apply to the controller and (Act No. 6698)
- to learn whether his personal data are processed or not,
- to request information if his personal data are processed
- to learn the purpose of his data processing and whether this data is used for intended purposes
- to know the third parties to whom his personal data is transferred at home or abroad
- to request the rectification of the incomplete or inaccurate data, if any,
- to request the erasure or destruction of his personal data under the conditions laid down in Article 7, to request notification of the operations carried out in compliance with subparagraphs (d) and (e) to third parties to whom his personal data has been transferred
- to object to the processing, exclusively by automatic means, of his personal data, which leads to an unfavourable consequence for the data subject
- to request compensation for the damage arising from the unlawful processing of his personal data
The data subject will be able to send the above-mentioned requests to firstname.lastname@example.org in writing. In accordance with the above-mentioned requests, the company may give its reasoned positive / negative response in written or digital media. In principle, no fees are charged fort he procedure regarding to the requests. However, if the transactions require a cost, it is possible to charge a fee based on the tariff determined by the Personal Data Protection Board in accordance with Article 13 of Act No. 6698.
The data subject undertakes that the information subject to the Personal Data Protection and Processing Policy is complete, accurate and up-to-date, and will update them immediately in case of any change in this information. If the data subject does not provide up-to-date information, the Company wont take any responsibility.
The data subject declares that she/he may not be able to fully benefit from the operation of the Site in the event that he / she makes a request that will result in the inability of any personal data to be used by the Company, and declares that all kinds of responsibility arising in this context will belong to her/him.
The Company will keep the personal data provided by the data subejct for the duration of the services provided, in order for the data subject to benefit from the Site and to provide the services subject to the Site, in order to fulfill the obligations specified in this Policy and the Sales Agreement and arising from the nature of the Site and related services. In addition, in the event of any conflict that may arise between the data subejct and the Company, the Company will be able to store personal data for the duration of the limitation period determined in accordance with the relevant legislation, limited to the purpose of making the necessary defenses within the scope of the dispute.
MEASURES AND OBLIGATİONS REGARDING DATA SECURITY
The Company undertakes to take the necessary technical and administrative measures to ensure the appropriate level of security in order to ensure the protection of personal data and to carry out the necessary audits in order to ensure that
- personal data are not processed unlawfully,
- personal data are not accessed illegally
- the protection of personal data
The Company cannot disclose the personal data obtained about the data subject to anyone in violation of the provisions of this Personal Data Protection and Processing Policy and the law, and cannot use it for purposes other than processing.
In case of linking to other applications through the site, the Company does not bear any responsibility for the privacy and personal data protection and processing policies and contents of the applications.
AMENDMENTS IN POLICY
The Company may amend the provisions of the Personal Data Protection and Processing Policy at any time within the scope of the legislation. The Current Policy becomes effective on the date it is submitted to the data subject by any method.