Data Policy

General information about the Personal Data Law The Law on Protection of Personal Data No. 6698 (hereinafter referred to as GDPR) was adopted on 24 March 2016 and published in the Official Gazette dated 7 April 2016 and numbered 29677. Some of the GDPR entered into force on the date of publication, and some on October 7, 2016.

Information as a data controller As the CODEOVE, whose detailed corporate information is published below, pursuant to the GDPR No. 6698 and in the capacity of Data Controller, your personal data is explained on this page; It will be recorded, stored, updated, disclosed to third parties, classified and processed in the ways listed in the GDPR, where the legislation allows.

How your personal data can be processed Pursuant to GDPR No. 6698, your personal data that you share with CODEOVE is obtained, recorded, stored, modified, rearranged, fully or partially, automatically, or by non-automatic means provided that it is a part of any data recording system, in short, on the data. may be processed by us as the subject of any transaction performed. Any operation performed on data within the scope of GDPR is considered as “processing of personal data”.

Purposes of processing your personal data and legal reasons Personal data you share,
• In order to fulfill the requirements of the services we provide to our customers in accordance with the requirements of the contract and technology, and to improve our products and services;
• The Law No. 6563 on the Regulation of Electronic Commerce, the Law on the Protection of the Consumer No. 6502 and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce, published in the Official Gazette dated 26.08.2015 and numbered 29457, prepared on the basis of these regulations. To record the identity, address and other necessary information to identify the information of the transaction owner within the scope of the Distance Contracts Regulation and other relevant legislation published in;
• To prepare all records and documents that will be the basis of payment systems, electronic contracts or paper transactions, which are mandatory in the field of Banking and Electronic Payment; To comply with the information retention, reporting and disclosure obligations stipulated by the legislation and other authorities;
• In order to provide information to prosecutors’ offices, courts and relevant public officials on matters of public security and legal disputes, upon request and in accordance with the legislation;
It will be processed in accordance with GDPR numbered 6698 and related secondary regulations.

Informing about the third parties or organizations to which your personal data can be transferred For the purposes stated above, the persons / organizations to which your personal data that you shared with CODEOVE can be transferred; our main shareholders, our direct or indirect domestic / foreign subsidiaries; Program partner organizations, domestic / international organizations that we receive service from, cooperate with, in order to carry out our activities and/or as a Data Processor, especially Member companies using the CODEOVE e-commerce infrastructure and persons and organizations related to the service provided, including but not limited to; other third parties.

How your personal data is collected Your personal data,
• Information such as name, surname, TR identity number, address, telephone, business or private e-mail address through the forms on the CODEOVE website and mobile applications and/or the websites of the Member Firms using the CODEOVE E-Commerce infrastructure; In the form of location data, data including preferences on the pages logged in using the user name and password, IP records of the transactions performed, cookie data collected by the browser, and browsing time and details;
• Verbal, written or electronic media through channels such as our sales and marketing department employees, agents, dealers, forms on paper, business cards, digital marketing and call center;
• In a physical or virtual environment, face to face or at a distance, verbally or in writing, received from people who share their personal data with business cards, CVs, bids and other ways for purposes such as establishing a commercial relationship with CODEOVE, applying for a job, making an offer. also from the electronic environment;
• In addition, data obtained from (micro) websites and social media indirectly obtained from different channels, used for websites, blogs, contests, surveys, games, campaigns and similar purposes, e-bulletin reading or click movements, publicly available databases data from profiles and data that are open to sharing from social networking sites such as social media platforms (Facebook, Twitter, Google, Instagram, Snapchat, etc.); can be processed and collected.

Your personal data obtained before the entry into force of the GDPR, your personal data obtained in accordance with the law in terms of membership, electronic message permission, product / service purchase and other forms before the effective date of GDPR, 7 April 2016, are also in compliance with the terms and conditions set forth in this document. processed and preserved.

Transfer of your personal data abroad to be processed in any country or processed and stored outside of any country provided that your personal data collected by any of the above-mentioned methods remain within the scope of GDPR and in accordance with the contractual purposes (accredited by the Personal Data Board and adequate protection for the protection of personal data) may also be transferred to service intermediaries.

Storage and protection of personal data Your personal data will be kept confidential in the database and systems of CODEOVE in accordance with Article 12 of the GDPR; Except for legal obligations and the regulations specified in this document, it will not be shared with third parties in any way.

CODEOVE prevents unauthorized persons from accessing the systems and databases where your personal data is stored, by preventing the unlawful processing of personal data in accordance with Article 12 of GDPR; It is obliged to take software measures such as hash, encryption, transaction log, access management and physical security measures in order to ensure their safekeeping. If it is learned that personal data has been obtained by others illegally, the situation will be reported to the Personal Data Protection Board immediately, in accordance with the legal regulation and in writing.

Keeping personal data up-to-date and accurate Pursuant to Article 4 of the GDPR, CODEOVE has the obligation to keep your personal data accurate and up-to-date. In this context, in order for CODEOVE to fulfill its obligations arising from the current legislation, our Customers are required to share their accurate and up-to-date data or update them via the website / mobile application.

Rights of the personal data owner in accordance with the GDPR No. 6698 Article 11 of the GDPR No. 6698 entered into force on 07 October 2016, and the rights of the Personal Data Owner after this date are as follows:

  1. Personal Data Owner, by applying to CODEOVE (data controller), about himself;
  2. Learning whether personal data is processed or not,
  3. Requesting information on personal data if it has been processed,
  4. To learn the purpose of processing personal data and whether they are used in accordance with the purpose,
  5. Knowing the third parties to whom personal data is transferred in the country or abroad,
  6. Requesting correction of personal data in case of incomplete or incorrect processing,
  7. Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the GDPR,
  8. Requesting the notification of the third parties to whom personal data has been transferred, in case of correction, deletion or destruction of personal data,
  9. Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
  10. It has the right to demand the compensation of the damage in case of loss due to the unlawful processing of personal data.

The Data Controller Representative to be appointed by CODEOVE will be announced in the Data Controllers Registry and the internet address where this document is located, when the legal infrastructure is provided.

Personal Data Owners can direct their questions, opinions or requests to any of the following communication channels:

E-mail: [email protected]

CODEOVE may give a positive/negative response to the submitted requests, in writing or digitally, provided that it is justified and responds within 30 days. It is essential that the necessary transactions regarding the requests are free of charge. However, if the transactions require a cost, CODEOVE reserves the right to charge a fee. These fees are determined by the Personal Data Protection Board over the tariff determined in accordance with Article 13 of the Personal Data Protection Law.