Website Terms of Use

SİNEKLİKDEPOSU.COM

Thank you for visiting our website wodehk.com. Please read the Terms and Conditions contained in this document carefully as any use of this website constitutes your agreement to the Terms and Conditions set out herein.

Throughout this website, the terms “we”, “our” and “company” refer to wodehk.com. “You” refers to those who access and/or use this website.

This Agreement (hereinafter referred to as the “Agreement”) is an official agreement concluded between you, the user of our Website, and the COMPANY, and constitutes an agreement on the following points.

Company trading name: wodehk.com

Postal address:   : TURGUT REİS MAHALLESİ YEŞİLKENT SOKAK NO:12/A

Mersis                    : 

Relevance: Website Terms of Use,

The Company acknowledges that by using the website of the Republic of Turkey, currently serving at the address wodehk.com (hereinafter referred to as the “Site”) and as stated below, by using any of the services offered through this Site, you are a user of the Site and as such. and as long as you continue to benefit from the services offered on the Site, you accept that you are bound by the terms of use set out in this Agreement and undertake to comply with them.

The use of some of the services offered on the site may be regulated by some additional rules, and in such cases, you may be asked to declare that you accept these additional rules while accessing the relevant services. The aforementioned additional rules will come into force as soon as you start using the relevant service and are an integral part of this Agreement. In addition, the company’s Privacy Policy is an integral part of this Agreement and regulates our collection of the information you share with the company during your use of the Site and the company’s rights over this information. Therefore, you must read this Privacy Policy before using the Site and benefiting from the services offered.

IF YOU DO NOT AGREE TO BE BOUND BY THIS AGREEMENT AND THE TERMS SET FORTH IN THE PRIVACY POLICY, WHICH IS AN INTEGRAL PART OF IT, YOUR BENEFIT FROM THE SITE AND THE SERVICES OFFERED MAY BE RESTRICTED.

The Company reserves the right to make changes to the services it offers, to offer new services and/or to remove existing services, and this Agreement will remain valid for all added, changed and/or removed services.

This Agreement and the Privacy Policy, which is an integral part of it, may be changed at any time and at the unilateral will of the company, with or without notice. If changes are made as specified, different updated texts of this Agreement and its integral part, the Privacy Policy, will be published on the home page of the Site and the changes will come into force on the date of publication. Continuing to use the Site and benefit from the services offered after the changes are published will mean that you accept these changes and declare that you are bound by them. Please confirm the last update date of the Agreement and its integral part, the Privacy Policy, by looking at the end of the texts. In order for you to follow the update dates, the company will indicate the last change date at the end of the Agreement and its integral part, the Privacy Policy. Therefore, in order to be informed about the current texts, you must regularly follow the Agreement and Privacy Policy on the Site.

USE OF THE SITE AND SERVICES

Site users and users who have shared their information with us to benefit from the services offered accept and undertake the following:

Password and Security: In order to benefit from some services on the site, you must share your contact information, and it is the responsibility of the users to ensure the confidentiality of this contact information and other information. It is especially important for your information security that you do not share your e-mail password with anyone and that you choose a strong password. Again, for this purpose, it is especially important to log out after each use.

The following cannot be determined for the information to be shared with us on the Website:

Name, surname and other personal data of a third person for the purpose of impersonating him,

A right belonging to anyone and/or information regarding that right,

Information, notes and shares that are illegal, illegitimate and/or will disturb a third party and disclose the personal data of such third parties without their consent and violate the personal data security of the relevant persons.

The user who is the owner of the said sharing is responsible for any damage that the company and/or third parties may suffer as a result of sharing personal data of third parties without their permission.

Users using shared computers accept and undertake to close their e-mail user accounts through which they can contact us after their use is completed but before leaving the Site.

On the other hand, if you think that the security of your e-mail account is in danger and/or you suspect that your login information such as your password or our correspondence with you has been obtained by third parties, you must inform the company of this situation without delay.

Your notification about unauthorized access is not sufficient to require the company to take action, and you are responsible for all risks that may arise due to unauthorized use of your account. Site users accept and undertake that the company is not responsible for any damage that may arise as a result of their actions contrary to this article and/or the use of their personal data against their consent as a result of third parties obtaining their passwords or personal data.

Geographical Restrictions: The site and the services offered are prepared for use within the borders of the Republic of Turkey. Users accept and undertake to comply with this Agreement and all local, national and international laws and regulations. If it is prohibited, it is not possible to use the Site and benefit from the services. Users should not use the Site and services unless use of the services is permitted in their own legal system.

Registered Information: Users are solely responsible for the following:

Information and content submitted to the site by the user,

Information published, transferred, sent and otherwise made accessible by the user during the use of the services (hereinafter referred to as “Sent Information”).

Notification of Violations: In case of violation of this Agreement by all third parties, including registered users, you must notify the company without delay.

Restriction of Use of the Site and Services: At the sole discretion of the company, the company may prohibit activities that it may deem inappropriate and/or may constitute an illegal action or are prohibited by the laws applicable to this Website.

Users accept and undertake that they will absolve the company from any liability if they engage in content and information transfer and activities on the following issues, including but not limited to the following, and that the company has no liability for these activities:

Personal data belonging to third parties and used without permission,

The Site will not be accessed through services/programs containing viruses, time bombs, Trojan horses, cancelbots (programs or bots that run on a web server and automatically send unwanted messages to groups on the internet), worms and other harmful or corrupt codes, components or devices,

Information and content that uses scripts, bots or other automated technologies to access the site and services,

Information and content that uses the site and services to send chain mails, unnecessary and anonymous emails,

Links that use any activities such as spam, spim (a type of SPAM used in IM services), phishing, trolling (trying to attract users to a site on the internet),

Violating copyright and trademark rights, trade secrets, patents or other intellectual rights, including, but not limited to, using copyrighted content or trademarks of third parties without their appropriate consent, or violating third party information (regardless of whether or not it is protected as a trade secret) Information and content that is used or disseminated in violation of

Disseminate or transmit any worms, viruses or other harmful, destructive or disruptive code or programs;

Information and content that violates legal legislation, regardless of whether it is intentional or not (this legal legislation includes the law applicable to this Agreement, the legal order where the users’ service provider and computer are located, and the law of the place where the persons whose personal data are shared are located),

Forges Internet Protocol (IP) headers to disguise its own identity information or otherwise uses it to manipulate cookies,

Misleading, false and incomplete information and content provided by the company, including job applications,

Information and content that prevents or disrupts the Site, services, service providers and the internet networks to which the Site is connected, or is contrary to any requirements, agreements or regulations of the internet networks to which the Site is connected,

Content that collects and accumulates information about other users,

Information and content that enables participation in any activity that violates the private lives of third parties, including but not limited to collecting and distributing information of other internet users, except where permitted by applicable law,

Uploading or publishing to the COMPANY servers or network any software containing viruses or any computer code, file or any program that blocks, destroys or limits the working functions of any computer software, hardware or communication device,

Using this Website to insult or slander the company, its employees or other persons, or to take any other action that may tarnish the reputation of the company,

Posting or transmitting to this Website any unauthorized materials, including but not limited to the above, that, in our opinion, may cause discomfort or damage or violate the system or network security of the company or a third party, are defamatory, obscene, threatening, pornographic or otherwise unlawful in any way.

It is the user’s responsibility to compensate for any damages arising from the violation of this article, and the damages suffered by the company’s business partners or managers, executives, employees and other persons will be fully and completely compensated. This liability of users is absolute.

Prohibition of Untrue Information: Users accept and undertake not to provide false, misleading or untrue information to the company. If the information transferred to the company later becomes false, misleading or untrue, the change in question will be immediately notified to the company.

Honesty and Single Profile: Users who want to benefit from the services offered on the site can make a single application simultaneously. Different applications cannot be made in a way that would be false or misleading.

Prohibition of Harassing Company Employees and Representatives: Users accept and undertake that they will not harass the company’s employees and representatives assigned for the services provided, and that they will not engage in disturbing, intimidating and threatening behavior.

Legal and Legitimate Disclosure: Users accept and declare that the information they transmit may be disclosed by the company in the following cases, unilaterally and without the need for permission, if prescribed by the applicable legislation:

To comply with the law and to fulfill the requirements for the implementation of laws and legal procedures;

To protect the rights and property of the company or third parties;

To ensure the health and/or safety of anyone (including users) when they are threatened with harm or violence;

In case of processing conditions listed in the 2nd paragraph of Article 5 and the 3rd paragraph of Article 6 of the Personal Data Protection Law.

Exclusion of Warranty: Although we use all reasonable efforts to ensure that all information on this Website is accurate and complete, we cannot be held responsible if the information on this Website is not accurate or complete. Any reliance you place on the material on this Website is at your own risk. You acknowledge that it is your responsibility to monitor any changes to the materials and information contained on this Website. This section shall be applicable to the broadest extent permitted by the applicable legislation. The company provides the services on an “as is” and “as available” basis, and does not give any warranty, implied or express, contractual or otherwise, regarding the commercial or individual use of the services and the site (including the information contained therein) and against violations. Since the company does not provide any guarantee regarding connection and access to the services, it is not under any liability.

In addition, any ideas, proposals, statements and other information or content that are not directly offered by the Company but can be accessed through the services belong entirely to the publisher and cannot be claimed against the Company. Those who publish this content and information bear all responsibility.

The company and its contracted parties may use various methods to verify the information provided by users. However, none of these methods are perfect and users acknowledge and agree that the Company and its contractors are not responsible for the accuracy of the information provided.

Trial Functions: From time to time, the company may test its users’ experience of using the services with new “trial” (beta) versions and functions. These versions and functions are only for the purpose of improving the experience and are not promised in any way and can be changed or removed at any time at the unilateral will of the Company. The provisions of this section of this Agreement titled “Exemption from Warranty” remain valid and enforceable for such trial versions and functions.

Non-Liability for Actions That Do Not Belong to the Company: Within the broadest limits stipulated by the applicable legislation, the Company is not liable under any circumstances and conditions for any direct or indirect, general, special, recurring or compensatory damages arising from users and/or other persons benefiting from the services. Liability that may be claimed for objections, losses and damages arising from the behavior of users who have registered with false statements and/or who aim to manipulate or harm other users is also subject to this provision.

Transfer: Any non-personal correspondence or material such as data, questions, comments, suggestions that you transmit to this Website by e-mail or other means will be considered non-confidential and non-proprietary.

Anything you transmit or post becomes the property of the Firm and may be used for any purpose, including, but not limited to, reproduction, disclosure, transmission, publication, broadcast and posting. Additionally, the Company is free to use any ideas, artwork, inventions, developments, suggestions or concepts contained in any correspondence you send to this Website for any purpose (including, but not limited to, developing, manufacturing, advertising and marketing services). Such usage information does not give the submitting party the right to compensation. By submitting information, you warrant that you own the material/content you submit, that it is not defamatory and that its use by the Company will not violate the rights of any third party or expose you to the violation of applicable laws. The company is not obliged to use the information sent.

Intellectual Property Rights: All copyrights, trademarks and other intellectual property rights in any text, images and other materials on this Website belong to the Company or are included on the site with the permission of the relevant owner.

You may browse the contact@wodehk.com Website and reproduce extracts by printing or downloading to a hard disk or for transmission to other parties. This may be done only provided that you do not infringe any copyright or patent notices and provided that the following trademark appears on such reproductions. Nothing reproduced from this Website may be sold or distributed for commercial gain, nor may it be modified or incorporated into any other work, publication or website of any kind.

®wodehk.com is a registered trademark.

The trademarks, logos, characters and service marks displayed on this Website (collectively, the “Trademarks”) are owned by the company. Nothing contained on this Website should be construed as granting any license or right to use any Trademark displayed on the site. You are strictly prohibited from using or in any case misusing the Trademarks or any other content displayed on this Website, except as provided in these Terms and Conditions. In addition, it is clearly stated here that the company will protect its intellectual property rights to the fullest extent permitted by law, when necessary, both legally and criminally, and will take all legally possible and valid measures to protect them.

Prohibition of Use of Confidential Information: Users;

Personal Data of third parties,

Confidential Information,

Other copyrighted content, trademark, proprietary information that may be obtained through the services,

They accept and undertake not to publish, copy, transfer, disclose, share with the public, create any derivative works from them, disseminate them, use them for commercial purposes and/or make copies of them, unless there is the prior consent of the company or the owner of this information.

Links to Other Websites: The site may contain links (links) to websites of third parties that are not owned by the company, such as advertisers, etc., and in this case, the company does not accept any responsibility for the content of these other websites, the accuracy of the information provided or the function of these sites. The links are provided in good faith and the company cannot be held responsible for any subsequent changes made to other websites to which we link. Linking to other websites does not mean that these sites are supported by the company.

Your participation in advertisements linked to our site or sweepstakes or promotions organized by sponsors, your individual or commercial relations with these sites (including the delivery and payment of services, any personal information you voluntarily provide to these advertisers and sponsors, any rules and conditions you undertake to them). and contractual statements) are entirely your responsibility. Users accept and undertake that the company is in no way responsible for any damages or grievances that may arise due to such relationships, information sharing with advertisers and sponsor companies, and links to these people on our service pages. We recommend that you be aware of the legal and privacy notices of all other websites you visit and read them carefully.

Warranties and Disclaimers: You may use this Website at your own risk. This Website is provided to you on an “As Is” and “As Available” basis. Therefore, the company warrants that the material on this Website is complete, accurate, reliable, up-to-date and does not violate the rights of third parties; that access to this Website will be uninterrupted or error-free; It makes no warranty of any kind, whether express, implied, statutory or otherwise (including implied warranties of merchantability or satisfactory performance and fitness for a particular purpose) that this Website will be secure, and all representations and warranties to that effect are hereby disclaimed.

Please note that certain jurisdictions may not allow the exclusion of implied warranties, so this exclusion may not apply to you. Please check local laws. In these cases, our limitation of liability shall apply to the maximum extent permitted by local legislation.

Liabilities: The Company and/or any other party working on our behalf to create, produce or distribute this Website is liable for any damages arising from your access to this Website, your use of the Website, your inability to use the Website, any change in the content of the Website or any other website you access through a link on this Website. accepts no liability or responsibility for any direct, incidental, indirect or punitive damages, costs, losses or compensation arising from anything we do or fail to do as a result of e-mail messages you send to us.

In addition, the company is not responsible in any way for any losses that may occur due to viruses that may infect your computer equipment or any other property due to your accessing, using or downloading any content on this Website. If you decide to download any material from this Website, you do so at your own risk.

You expressly waive any and all rights you may have arising from using or accessing this Website to the fullest extent permitted by applicable law.

The Company reserves the right to restrict, suspend or terminate your access to this Website or any feature or part thereof at any time without notice.

The Company and/or any party involved in creating, producing or distributing this Website has no responsibility to maintain the materials and services provided on this Website or to release any corrections, updates or releases in connection therewith. Any material provided on this Website is subject to change without notice.

Jurisdiction and Applicable Law: wodehk.com makes no representation that the materials and information contained on the Website are appropriate or available in all national laws or languages.

You and the company agree that any dispute or lawsuit arising from or related to the use of this Website is subject to Turkish law.

Communication and Privacy: In order to notify users about changes in the services or special offers and to communicate about the services, the company may reach the users by phone or send an e-mail to the e-mail addresses provided by the users, if notified with their consent. If users do not want to be contacted by e-mail, telephone or through any commercial communication channel notified by consent, they can change their preferences in the ways specified in the Privacy Policy.

Validity and Termination of the Agreement: This Agreement will automatically come into force as soon as the users use the Site or services and will remain in force as long as your use does not end. The company reserves the right to immediately suspend or terminate its users’ access to the services, with or without giving any reason and without notice. In addition, the company reserves the right to remove its users’ account information or data from services and any archives upon its unilateral will.

Cancellation of Applications at Any Time: Users may request that their registrations and/or sharing of any service, such as a job application, request for proposal or opinion statement, and the information they provide in this process be revised or terminated at any time. Users can contact us via the e-mail address contact@wodehk.com for these requests.

In order to fulfill this request, our IT Unit employees may ask you to verify your identity information and other details, including your personal identifying information, before taking any action regarding your request.

Severability: If some regulations of this Agreement are found invalid by the competent authorities, users accept and undertake that the invalid regulation in question will be replaced with regulations that are most in line with the will of the parties and least likely to eliminate the liability of the parties, and will not prejudice the validity of the remainder of this Agreement.

Contract Integrity: This Agreement is the main contract between the users and the company that regulates the users’ use of the Site and benefit from the services, and replaces other contracts previously issued and concluded for the same purpose.

Prohibition of Cooperation: Users accept and declare that they do not establish any cooperation, partnership, business relationship or agency between them and the company due to this Agreement and the use of the Site and services.

Continuity: Unless expressly stated otherwise, termination of users’ access to the services will be carried out within the framework of the provisions of this Agreement.

Prohibition of Waiver: The Company’s failure to exercise the rights and powers granted to it by this Agreement does not mean that it has waived such rights and powers.

Side Headings: The side headers of this Agreement are written only for the purpose of indicating the content of the Agreement and do not have any contractual or legal effect.

Force Majeure: The Company may terminate the services it offers on the Website due to circumstances beyond its control and, but not limited to, force majeure, government action (including cancellation or denial of any necessary license), war, rebellion or destruction of network tools, providers and other reasons. or has the right to suspend it and is not responsible for any damage incurred as a result.

Updated Date:

This Agreement was updated on 30/ 05/ 2021.

Personal Data Storage and Destruction Policy

WODEHK.COM 

PERSONAL DATA STORAGE AND DESTRUCTION POLICY

1. PURPOSE OF THE POLICY

The purpose of this policy is; Articles 5 and 6 of the Regulation on Deletion, Destruction or Anonymization of Personal Data (Regulation), which was issued based on the Law No. 6698 on the Protection of Personal Data (Law) and published in the Official Gazette No. 30224 on 28.10.2017. To determine all the rules, roles and responsibilities to be applied throughout WODEHK.COM (COMPANY) in order to fulfill the obligations regarding the storage and destruction of personal data in accordance with the articles and other obligations specified in the Regulation.

2. SCOPE OF THE POLICY

The policy covers personal data defined by the Law and special personal data kept throughout the company, all company employees, managers, consultants and, in all cases where personal data sharing is involved, its affiliates, external service providers and other real and legal persons with whom the company has legal relations. It covers.

The Policy covers personal data contained in systems where data is processed by fully or partially automated means or by non-automatic means provided that it is part of any data recording system, as specified in the Law.

Unless otherwise stated in this Policy, personal data and special personal data will generally be referred to as “Personal Data”.

3. DEFINITIONS

3.1.Anonymization: Making personal data impossible to associate with an identified or identifiable natural person in any way, even if it is matched with other data,

3.2. Destruction: Deletion, destruction or anonymization of personal data,

3.3.Personal Data: Any information regarding an identified or identifiable natural person,

3.4.Personal Data Storage Table: The table showing the periods during which personal data will be kept by the company,

3.5.Personal Data Processing Inventory: Personal data processing activities carried out by data controllers depending on their business processes; The inventory they create by associating personal data with the purposes of processing personal data, data category, transferred recipient group and data subject person group, and detailing the maximum period required for the purposes for which personal data are processed, the personal data envisaged to be transferred to foreign countries and the measures taken regarding data security,

3.6. Deletion of Personal Data: The process of making personal data inaccessible and unusable for the relevant users in any way,

3.7. Destruction of Personal Data: The process of making personal data inaccessible, irretrievable and unusable by anyone in any way,

3.8. Personal Data of Special Qualification: Data regarding individuals’ race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and attire, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric data and genetic data,

3.9. Periodic destruction: The process of deleting, destroying or anonymizing personal data specified in the personal data retention and destruction policy and to be carried out ex officio at recurring intervals in case all of the processing conditions for personal data specified in the law are eliminated.

3.10. Data recording system: The recording system in which personal data is structured and processed according to certain criteria,

Direct identifiers: Identifiers that, on their own, directly reveal, disclose and make distinguishable the person with whom they are associated.

3.11. Indirect identifiers: Identifiers that, when combined with other identifiers, reveal, reveal and make distinguishable the person they are in a relationship with,

3.12. Law: Personal Data Protection Law No. 6698 published in the Official Gazette No. 29677 dated 07.04.2016,

3.13. Regulation: Regulation on Deletion, Destruction or Anonymization of Personal Data published in the Official Gazette No. 30224 dated 28.10.2017.

3.14. Board: Personal Data Protection Board,

3.15. Recording medium: Any environment containing personal data processed by fully or partially automatic or non-automatic means, provided that it is part of any data recording system,

3.16. Policy on Processing and Protection of Personal Data: The policy that determines the procedures and principles regarding the management of personal data held by the company, which can be accessed at wodehk.com.

3.17. Data recording system: It refers to the recording system in which personal data is structured and processed according to certain criteria.

4. RECORDING MEDIA REGULATED BY THE POLICY

Any environment where personal data is processed, whether fully or partially automatic or non-automatic, provided that it is part of any data recording system, is within the scope of recording environment.

4.1. ENVIRONMENTS WHERE PERSONAL DATA IS STORED

Personal data stored by the company is kept in a recording environment appropriate to the nature of the relevant data and our legal obligations.

The recording media used to store personal data are generally listed below. However, some data may be located and kept in a different environment than those shown here due to their special characteristics or our legal obligations. The Company acts as the data controller and processes and protects personal data in accordance with the Law, the Personal Data Processing and Protection Policy and this Personal Data Storage and Destruction Policy.

4.2. ENSURING THE SECURITY OF THE ENVIRONMENTS

The company takes all necessary technical and administrative measures in accordance with the characteristics of the relevant personal data and the environment in which it is kept, in order to store personal data securely and to prevent unlawful processing and access.

These measures include, but are not limited to, the following administrative and technical measures to the extent appropriate to the nature of the relevant personal data and the environment in which it is kept.

4.2.1. Technical Measures

The company takes the following technical measures in accordance with the characteristics of all environments where personal data is stored, the relevant data and the environment where the data is kept:

4.2.1.1. Only up-to-date and secure systems that comply with technological developments are used in environments where personal data is kept. Security systems are used for environments where personal data is kept.

4.2.1.2. Security tests and research are carried out to detect security vulnerabilities on information systems, and current or potential risks identified as a result of the tests and research are eliminated.

4.2.1.3. Access to the environments where personal data is kept is restricted and only authorized persons are allowed to access these data, limited to the purpose of storing personal data.

4.2.1.4. The company has sufficient technical personnel to ensure the security of the environments where personal data is kept.

4.2.2. Administrative Measures

The company takes the following administrative measures in accordance with the characteristics of all environments where personal data is stored, the relevant data and the environment where the data is kept:

Efforts are being made to raise awareness of all Company employees who have access to personal data on information security, personal data and privacy of private life.

Legal and technical consultancy services are received to follow the developments in the field of information security, privacy of private life and protection of personal data and to take the necessary actions.

If personal data is transferred to third parties due to technical or legal requirements, protocols are signed with the relevant third parties to protect personal data, and all necessary care is taken to ensure that the relevant third parties comply with their obligations in these protocols.

4.2.3. Internal Audit

In accordance with Article 12 of the Law, the Company carries out internal audits regarding the implementation of the provisions of the Law and this Personal Data Storage and Destruction Policy and the Personal Data Processing and Protection Policy.

If deficiencies or defects regarding the implementation of these provisions are detected as a result of internal audits, these deficiencies or defects will be corrected immediately.

If it becomes clear during the audit or otherwise that personal data under the responsibility of the company has been obtained by others through illegal means, the company shall notify the relevant person and the Board of this situation as soon as possible.

5. DUTIES AND AUTHORITIES OF THE PERSONAL DATA PROTECTION COMMITTEE

The Personal Data Protection Committee is responsible for announcing the Policy to the relevant business units and monitoring the fulfillment of its requirements by the COMPANY units.

The Personal Data Protection Committee makes the necessary announcements and notifications so that the relevant business units can follow up on situations such as legislative changes regarding the protection of personal data, regulatory actions and decisions of the Board, court decisions or changes in processes, applications and systems and, if necessary, update their business processes,

Personal Data Protection Committee; It determines the processes for examining, evaluating, monitoring and finalizing the law and its secondary regulations, the Board’s decisions and regulations, court decisions and other competent authorities’ decisions and/or requests, and announces them to the relevant units.

6. WHAT WILL BE DONE IN CASE THE CONDITIONS FOR PROCESSING PERSONAL DATA ARE DISSOLVED

6.1. If the purpose for processing personal data disappears, explicit consent is withdrawn, or all of the conditions for processing personal data set out in Articles 5 and 6 of the Law disappear, or if there is a situation where none of the exceptions in the mentioned articles apply, the processing conditions are no longer valid. Personal data is deleted, destroyed or anonymized by the relevant business unit, taking into account business needs, within the scope of Articles 7, 8, 9 or 10 of the Regulation, and by explaining the justification of the method applied. However, in case of a final court decision, the destruction method ordered by the court decision must be applied.

6.2. All users and the data owner company that processes or stores personal data. Units will review the data recording environments they use within six-month periods at the latest, whether the conditions related to processing have been eliminated. Upon the application of the personal data owner or the notification of the Board or a court, the relevant users and units will conduct this review of the data recording environments they use, regardless of the periodic audit period.

6.3. As a result of periodic reviews or if it is determined that the data processing conditions have been eliminated at any time, the relevant user or data owner will decide to delete, destroy or anonymise the relevant personal data from the recording environment under his/her own responsibility, in accordance with this policy. In cases of doubt, action will be taken by obtaining the opinion of the relevant data owner business unit. When it is necessary to make a decision regarding the destruction of personal data with multi-stakeholder data ownership in the Central Information Systems, the opinion of the Personal Data Protection Committee will be taken and the relevant data owner will decide whether to store or delete, destroy or anonymize the personal data in accordance with this policy. It will be decided by the business unit.

6.4. All transactions regarding the deletion, destruction or anonymization of personal data are recorded and these records are kept for at least three years, excluding other legal obligations.

In accordance with Article 7.4 of the Regulation, the methods applied for the deletion, destruction and anonymization of personal data will be published and explained after the Policy comes into force.

6.5. In deleting, destroying or anonymizing personal data, it is mandatory to act in accordance with the general principles in Article 4 of the Law, the technical and administrative measures to be taken within the scope of Article 12, relevant legislative provisions, Board decisions and court decisions.

6.6. When a natural person who owns personal data applies to the company pursuant to Article 13 of the Law and requests the deletion, destruction or anonymization of his or her personal data, the relevant data owner business unit examines whether all the conditions for processing personal data have been eliminated. If all processing conditions are eliminated; deletes, destroys or anonymizes the personal data subject to the request. In this case, the details are specified in the Data Destruction Procedure in the ISO 27001:203 Information Security Management System; The request is finalized within thirty days from the date of application and the relevant person is informed through the KVKK team appointed by the KVKK Officer. If all the conditions for processing personal data are eliminated and the personal data subject to the request is transferred to third parties, the relevant data owner business unit immediately notifies the third party to whom the transfer was made and ensures that the necessary actions are taken within the scope of the Regulation before the third party.

6.7. In cases where all the conditions for processing personal data are not eliminated, the requests of personal data owners for the deletion or destruction of their data may be rejected by the company by explaining the reason in accordance with the 3rd paragraph of Article 13 of the Law. The rejection response will be notified to the relevant person in writing or electronically within 30 days at the latest.

6.8. Requests for deletion or destruction of personal data will only be evaluated provided that the identity of the person concerned has been identified. In requests made outside the mentioned channels, the relevant persons will be directed to channels where identification or verification can be made.

7. ENFORCEMENT OF THE POLICY, VIOLATION CASES AND SANCTIONS

7.1. This Policy will enter into force by being announced to all employees and on the COMPANY website, and will be binding on all business units, consultants, customers, insurance companies, external service providers and anyone else who processes personal data within the COMPANY.

7.2. It will be the responsibility of the supervisors of the relevant employees to monitor whether the company’s employees fulfill the requirements of the Policy. When behavior contrary to the policy is detected, the issue will be immediately reported by the relevant employee’s superior to his/her superior. If the discrepancy is significant, the Personal Data Protection Committee will be informed by the superior immediately.

7.3. Necessary administrative action will be taken against the employee who acts contrary to the policy, after the evaluation by Human Resources.

8. PERSONS WHO WILL BE INVOLVED IN THE STORAGE AND DESTRUCTION PROCESS OF PERSONAL DATA AND THEIR RESPONSIBILITIES

8.2. REASONS FOR STORAGE AND DISPOSAL

8.2.1. Reasons for Storage

Personal data held within the company is stored in accordance with the Law and our Personal Data Policy (you can access the relevant policy at wodehk.com), for the purposes and reasons stated here.

8.2.2. Reasons for Destruction

Personal data within the company is deleted, destroyed or anonymized upon the request of the relevant person or if the reasons listed in Articles 5 and 6 of the Law are eliminated, ex officio, in accordance with this destruction policy. The reasons listed in Articles 5 and 6 of the KVKK Law consist of the following:

8.2.2.1. It is clearly prescribed by law.

8.2.2.2. It is necessary for the protection of the life or physical integrity of the person or someone else who is unable to express his/her consent due to actual impossibility or whose consent is not given legal validity.

8.2.2.3. It is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.

8.2.2.4. It is mandatory for the data controller to fulfill its legal obligation.

8.2.2.5. It has been made public by the person concerned.

8.2.2.6. Data processing is mandatory for the establishment, exercise or protection of a right.

8.2.2.7. It is necessary to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned.

8.3. DISPOSAL METHODS

The Company deletes, destroys or ex officio deletes or destroys the personal data it stores in accordance with the Law and other legislation and the Personal Data Processing and Protection Policy, upon the request of the relevant person or within the periods specified in this Personal Data Storage and Destruction Policy, in case the reasons requiring the processing of data disappear. makes it anonymous.

The deletion, destruction and anonymization techniques most commonly used by the company are listed below:

8.3.1.1 Deletion Methods 

To anonymize personal data, the company uses one or more of these anonymization methods, depending on the nature of the relevant data. When using these anonymization methods, the Company may use Anonymity, Diversity and Proximity statistical methods.

9. PERSONAL DATA STORAGE AND DESTRUCTION PERIOD

The Table Showing the Storage and Destruction Periods of Personal Data is included in Annex 1. These storage and destruction periods will be taken into account in periodic destruction or destruction upon request. Table Showing Personal Data Storage and Destruction Periods will be updated by the business units that own the processes that will be included in the company’s personal data inventory, in case of doubt, by taking the evaluations of the Personal Data Protection Committee.

9.1. Storage Periods

* A longer period of time may be required in accordance with the legislation or statute of limitations, limitation periods, retention periods, etc. in accordance with the legislation. If a longer period is stipulated for storage, the periods in the legislation are considered as the maximum storage period.

9.2. Destruction Periods

The Company deletes and destroys personal data in the first periodic destruction process following the date on which the obligation to delete, destroy or anonymize the personal data for which it is responsible in accordance with the Law, relevant legislation, the Personal Data Processing and Protection Policy and this Personal Data Storage and Destruction Policy arises. or anonymizes it.

When the relevant person applies to the Company pursuant to Article 13 of the Law and requests the deletion or destruction of his personal data;

• If all the conditions for processing personal data have been eliminated; The company deletes, destroys or anonymizes the personal data subject to the request using an appropriate destruction method, explaining the reason within 30 (thirty) days from the day it receives the request. In order for the company to be deemed to have received the request, the relevant person must have made the request in accordance with the Personal Data Processing and Protection Policy. In any case, the company informs the relevant person about the transaction.
• If all the conditions for processing personal data have not been eliminated, this request may be rejected by the company by explaining the reason in accordance with the third paragraph of Article 13 of the Law, and the rejection response will be notified to the relevant person in writing or electronically within thirty days at the latest.

10. PERIODIC DESTRUCTION PERIOD

In case all of the conditions for processing personal data in the KVKK Law No. 6698 are eliminated; The company deletes, destroys or anonymizes personal data whose processing conditions have been eliminated, through a process specified in this Personal Data Storage and Destruction Policy, which will be carried out ex officio at recurring intervals.

Periodic destruction processes start for the first time on 01.06.2021 and repeat every 6 (six) months.

10.1. INSPECTION OF THE LEGALITY OF THE DISPOSAL PROCESS

The Company carries out the destruction processes, both upon request and ex officio during periodic destruction processes, in accordance with the Law, other legislation, the Personal Data Processing and Protection Policy and this Personal Data Storage and Destruction Policy.

The company takes a number of administrative and technical measures to ensure that destruction operations are carried out in accordance with these regulations.

10.1.1. Technical Measures

• • The company provides technical tools and equipment suitable for each destruction method included in this policy.
  • The company ensures the security of the place where destruction operations are carried out.
  • The company keeps access records of the people who carry out the destruction.
  • The company employs competent and experienced personnel to carry out the destruction process or receives services from competent third parties when necessary.

10.1.2. Administrative Measures

• The company works to increase the awareness of its employees who will perform the destruction process, on information security, personal data and privacy of private life.
• The company receives legal and technical consultancy services to follow the developments in the field of information security, privacy of private life, protection of personal data and safe destruction techniques and to take the necessary actions.
• In cases where the company outsources destruction to third parties due to technical or legal requirements, it signs protocols with the relevant third parties to protect personal data, and takes all necessary care to ensure that the relevant third parties comply with their obligations in these protocols.
• The Company regularly checks whether the destruction processes are carried out in accordance with the law and the terms and obligations specified in this Personal Data Storage and Destruction Policy, and takes the necessary actions.

All transactions regarding the deletion, destruction and anonymization of personal data are recorded and these records are kept for at least three years, excluding other legal obligations.

11. ENFORCEMENT

• The policy will come into force as of the publication date.
• It is the responsibility of the Personal Data Protection Committee to announce the policy throughout the company and make the necessary updates.

12.UPDATE AND COMPATIBILITY

The Company reserves the right to make changes to the Personal Data Processing and Protection Policy or this Personal Data Storage and Destruction Policy due to changes made in the Law, in accordance with the decisions of the Institution or in line with developments in the sector or the field of informatics.

Changes made to this Personal Data Storage and Destruction Policy are recorded in the text without delay and explanations regarding the changes are announced at the end of the policy.

KVKK Information Text

WODEHK.COM

INFORMATION TEXT ON THE PROCESSING OF PERSONAL DATA

Your privacy and safe shopping are important to us, your security rights are our principle.

1- Purpose of the Information Text and Our Company’s Position as Data Controller:

It is an important issue for the protection of personal data. As the data controller of WODEHK.COM (COMPANY), this Clarification Text aims to inform the customers about the personal data processing activities carried out by wodehk.com in accordance with the said Law in order to comply with the Personal Data Protection Law No. 6698 (“KVK Law”) and their personal data. It is made accessible to real persons (“Relevant Person”).

2- Definition of Data Controller, Data Collection Method and Legal Reason:

WODEHK.COM (COMPANY) as the data controller, partially or completely collects the personal data transferred to it by the relevant persons filling in the specified fields while making purchases on the wodehk.com website, by cookies on the site, and by filling in the specified fields when becoming a member, if the relevant persons wish to become members of the site. It can be collected verbally, in writing or electronically by automatic methods, through our website, social media channels, parties with whom we have business relations and/or from which we receive services as a complement to our activities, contracted organizations and other similar channels, and processed as the data controller.

Your personal data may also be processed and shared within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the Law and in line with the legal reasons and purposes specified in Article 2 of this Information Text.

In this context, the company carries out its commercial activities, fulfills the orders of those who shop on the company’s website, executes the sales contract, ensures the rights and obligations arising from the sales contract, ensures the fulfillment of the services offered to the members on the site, makes suggestions to the members on the site according to their special habits when they enter the site, It processes the member’s personal data to design the member-specific page and shares it with the relevant recipient group. The company processes personal data to increase the use of the website, to ensure the security of the services offered on the site, and also stores site traffic information to fulfill its obligations within the framework of Law No. 5651.

These data processing activities are based on legal reasons such as the necessity of processing personal data of the parties to the contract, provided that it is directly related to the establishment or execution of a contract, data processing is mandatory for the establishment, exercise or protection of a right, and the storage of traffic information is clearly stipulated by law.

If the relevant person also gives electronic commercial communication permission, the company transmits the relevant campaign information to the preferred contact address for marketing purposes through a third party solution partner to ensure this communication.

Video monitoring is carried out with cameras at the facility of wodehk.com to ensure the safety of staff and customers. This data processing activity is based on the legal reason that data processing is mandatory for the establishment, exercise or protection of a right.

Personal data of website visitors are used to determine Company marketing strategies and develop planned recommendations based on member habits. For this purpose, there are also explanations in the Company’s cookie policy. Site visitors can delete the cookies they want at any time using the methods specified in the Cookie policy.

3-Collected Personal Data

Name, surname, TR ID number, address, contact information of the people who will shop on wodehk.com, name and surname, address, date of birth, gender, contact information, shopping history, customer transaction information (product purchased, delivery) of the people who will become members of the site. format, transaction date, preferred payment type), comments made by site members on product pages, and evaluations of products.

4-Purpose of Processing Personal Data of Customers:

In order to serve you better, and in particular the Personal Data Protection Law No. 6698, the Law No. 5651 on the Regulation of Publications Made on the Internet and Combating Crimes Committed through These Publications, and the relevant secondary legislation, the Law No. 6563 on the Regulation of Electronic Commerce and the relevant secondary legislation, Within the framework of the legal obligation arising from the Turkish Penal Code No. 5237 and relevant legislation; It requests your personal data to enable it to fulfill this purpose and legal obligations. Based on your express consent, this personal data is used to plan, monitor and develop the processes of providing, selling and contract execution, marketing, promotion and after-sales support services of the products and services offered by our company, to provide you with various advantages and to provide you with advertising, promotion and sales that are personally suitable for you. , marketing, event management, information, promotion, campaign notification, customer relations management, design and/or execution of membership transactions, design and/or execution of advertising and/or promotion and/or marketing activities in digital and/or other media, corporate communication activities, customer relationship management processes, surveys and customer satisfaction research and all kinds of communication for the purpose of providing services within this scope,

In order to ensure the legal and commercial security of people who have a business relationship with our company, for job applications and human resources applications, and to provide services within this scope.

– In accordance with the law and the rules of honesty,

-Accurate and up to date when necessary,

-For specific, clear and legitimate purposes,

-related to the purpose for which they are processed, limited and proportionate, and

-Provided that they are kept for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed,

Personal data is processed within the framework of the processing conditions and purposes specified in Articles 5 and 6 of the Law.

5-To whom and for what purpose the processed personal data can be transferred:

Personal data of customers are processed in accordance with Articles 8 and 9 of the Law, including carrying out the necessary work by business units to benefit the relevant persons from the products and services offered by obirayakkabi.com and carrying out the relevant business processes, planning and execution of commercial and/or business strategies. Personal data may be shared with natural persons or private law legal entities, our business partners, suppliers, legally authorized public institutions and organizations within the framework of the personal data processing conditions and purposes specified in the articles.

6-Personal Data Recipient Groups

The company, with the relevant departments that provide services to continue the company’s activities and business processes, in line with the above-mentioned purposes and to the extent required by these purposes, taking into account the reasons for data processing,

Article 6698 of Law No. 6698 applies to domestic and/or international service providers who process personal data on behalf of the Company, in line with the above-mentioned purposes and by paying attention to the reasons for data processing. 8 and m. Within the framework of the personal data processing conditions specified in Article 9 (logistics companies, call center companies providing customer services, database and infrastructure provider companies, companies providing SMS and e-mail sending services), personal data specified in Articles 8 and 9 of the KVK Law It can be transferred within the framework of the transfer conditions and purposes.

The company can transfer data in accordance with the proper requests of the courts and administrative and judicial authorities that are legally authorized to request information from it (consumer arbitration committees, courts, etc.).

The personal data collected by the company through its website is stored in a secure cloud database located abroad on the servers of the third-party solution partner.

The company transmits the name, surname and contact information of the data owners who allow commercial communication with it to the third party solution partner to ensure this communication.

In order to identify improvements in the services offered through the electronic commerce site and to determine customer satisfaction, the company delivers e-mails containing satisfaction surveys to site users through a third-party solution partner located in the country.

Marketing via Electronic Message

To determine personalized discounts or point campaigns by analyzing the data owner’s shopping habits and personal data, to identify the product that suits the customer’s liking, to match this information with the name, surname and contact information, to transfer this content to the person’s contact address through a third-party solution partner. Explicit consent is obtained.

If the relevant person gives electronic commercial communication permission, the company transmits the relevant campaign information to the preferred contact address for marketing purposes through the companies from which it receives services in this regard.

Your rights in accordance with Article 11 of the Personal Data Protection Law No. 7-6698;

By applying to wodehk.com, your personal data;

1. a) learning whether it has been processed or not,
2. b) request information if processed,
3. c) learning the purpose of processing and whether it is used in accordance with its purpose,
4. c) knowing the third parties to whom it is transferred domestically/abroad,
5. d) Request correction if it has been processed incompletely/incorrectly,
6. e) Requesting deletion/destruction within the framework of the conditions stipulated in Article 7 of the Personal Data Protection Law No. 6698,
7. f) Requesting notification of the transactions made in accordance with paragraphs (d) and (e) above to third parties to whom it has been transferred,
8. g) objecting to a result that is unfavorable to you due to being analyzed exclusively by automatic systems,
9. g) If you suffer damage due to illegal processing, you have the right to demand compensation for the damage.

In your application regarding your personal data in accordance with Article 11 of the Personal Data Protection Law No. 8-6698;

1. a) Your name, surname and signature if the application is written,
2. b) For citizens of the Republic of Turkey, T.R. your identification number, your nationality if you are a foreigner, your passport number or your identification number, if any,
3. c) Your residence or workplace address subject to notification,
4. d) Your notification e-mail address, telephone and fax number, if any,
5. d) Your subject of request,

It is mandatory to include information and documents regarding the subject, if any, which must be added to the application.

– You can submit your applications in writing, attaching the necessary documents, to the attention of the Human Resources department, as the data controller, at the address wodehk.com Turgut Reis District Yesilkent Street No 12/a Sultanbeyli/Istanbul. You can access the application form here.

– You can send an e-mail from your KEP address to the Registered Electronic Mail (KEP) address registered on our company’s website,

– You can send an e-mail to contact@wodehk.com with a secure electronic signature or from your e-mail address that you have provided to our company and registered in our system.

Your application must be made in accordance with the 2nd paragraph of the 5th article titled “Application Procedure” of the “Notification to the Data Controller on the Application Procedures and Principles”. Your application will be evaluated by our company and, depending on the nature of your request, will be finalized free of charge within 30 (thirty) days at the latest; However, if the process requires an additional cost, you may be charged according to the tariff determined by the Personal Data Protection Board.

9-Measures for the Protection of Personal Data

Protection of personal data is an important issue for wodehk.com. www.buluttabul.com takes the necessary precautions to protect personal data against unauthorized access or loss, misuse, disclosure, alteration or destruction of this information, to keep your personal data confidential and to take all necessary technical and administrative measures to ensure confidentiality and security. and undertakes to exercise due care. Despite taking the necessary information security measures within the scope of this commitment, in the event that personal data is damaged or obtained by third parties as a result of attacks on the website and system,wodehk.com will immediately notify you and the Personal Data Protection Board of this situation.

10-Keeping Your Personal Data Accurate and Up to Date

User(s) acknowledge that it is important for the information they share on the website to be accurate and kept up-to-date, in terms of their ability to exercise their rights over their personal data within the meaning of the Personal Data Protection Law No. 6698 and other relevant legislation, and that the responsibilities arising from providing incorrect information will be entirely their own, and they declared.

11-Deletion, Destruction or Anonymization of Your Personal Data

Your personal data processed for the purposes specified in these “Terms of Use and Privacy/Personal Data Protection Policy and Information Text”; When the purpose requiring processing in accordance with Article 7/f.1 of Law No. 6698 is eliminated and the periods determined by other legislation have passed, it can be deleted/destroyed/anonymized and will continue to be used by us.

12- Changes to be Made in the Privacy/Personal Data Protection Policy and Information Text

wodehk.com may make changes to this “Information Text Regarding the Processing of Personal Data”. These changes take effect immediately when the new modified text is posted on www.buluttabul.com.

13- Update Period:

The Company may make changes to this “Information Text in accordance with the Personal Data Protection Law” at any time in line with the economic and commercial decision of the Company or the principle decisions of the Personal Data Protection Board.

Dear Contact Person / Data Owner;

After reading this Clarification text, you can download the next “EXPRESS CONSENT STATEMENT” document to your computer and submit your request to our company in accordance with the instructions.

KVKK Policy

WODEHK.COM

PERSONAL DATA PROCESSING AND PROTECTION POLICY

• ENTRANCE

With the Personal Data Protection Law, the protection of the data of the people whose data is processed has become a basic necessity for every company. For this reason, we show utmost care, especially regarding access to people’s private lives and information, and take effective and deterrent measures in this regard. In addition, during all these transactions, our customers, potential customers, visitors, company officials, all the parties and institutions we cooperate with, in short, our company, directly or indirectly. The main goal of our company data policy is to be transparent to every person whose data we process. With this Policy, our company WODEHK.COM (COMPANY) determines and implements our rules for the processing of personal data within the framework of the principles of transparency and openness.

1.2. PURPOSE AND SCOPE OF THE POLICY

The main purpose of this policy is to protect the fundamental rights and freedoms of the persons whose data are processed, especially the privacy of private life, in the processing of personal data and, in this sense, to ensure the transparency of every activity carried out by our company through public disclosure. The scope of this policy provisions includes all personal data of the persons whose data we process directly or indirectly.

1.3. IMPLEMENTATION OF THE LEGISLATION

In case of incompatibility between the legislation in force and our policy, the legislation in force will be applied first, and if there is another policy or regulation on the same subject for more specific purposes other than this basic policy, articles containing special provisions will be applied first. Provisions of other policies and documents that conflict with this policy and relevant legislation do not apply.

SECTION 2: ISSUES RELATED TO THE PROCESSING OF PERSONAL DATA

2.1. GENERAL PRINCIPLES IN THE PROCESSING OF PERSONAL DATA

2.1.1 Compliance with Law and Honesty Rules

When processing personal data, the data must be obtained and processed in accordance with the law and the rules of honesty. Our company processes personal data with maximum sensitivity and control, in accordance with the law and the rules of honesty.

2.1.2 Be Accurate and Up to Date When Necessary

The data processed must be accurate and up-to-date when necessary to update individuals’ data. My company checks the accuracy of the processed personal data at every processing level and makes the necessary preparations to keep it up to date when necessary.

2.1.3 Processing for Specific, Clear and Legitimate Purposes

During the processing of data, it must be clear which data is processed, how much of it is processed, and for what purpose it is processed, and it must be lawful, i.e. legitimate. Our company processes data only for legitimate purposes and takes care to ensure that the data obtained during this processing is specific. Our company processes data in a clear and open manner to ensure that the information obtained is not used for different purposes and does not cause misunderstanding.

2.1.4 Being Related to the Purpose for Processing, Limited and Proportionate

Data must be processed in a controlled manner that is faithful to the purpose of processing, limited to that purpose, and proportionate to that purpose. When processing data, our company processes the data of data owners in a measured manner, only in accordance with and limited to the purpose for which they are processed.

2.1.5 Preservation for the Period Envisaged in the Relevant Legislation or Necessary for the Purpose for which they are Processed

Processed personal data must be acted with the intention of maximum protection in accordance with the period in the relevant legislation or the period specified in the relevant purpose. In this context, our Company primarily retains personal data within a limited period of time if a period of time is stipulated in the relevant legislation for the storage of personal data. If a period is not specified in the legislation or there is no legal reason requiring the data to be kept for a longer period of time, our Company stores personal data for the period necessary for the purpose for which they are processed. Thus, the security of data owners is ensured at the maximum level. (For detailed information, see Section 6.4). Our employees, who are data processors in accordance with this policy and all relevant legislation, are obliged to keep confidentiality regarding personal data for an unlimited period of time.

2.2 CONDITIONS FOR PROCESSING PERSONAL DATA

2.2.1 Conditions for Processing Personal Data

Our company processes the data of data owners in accordance with the law and the terms of the relevant legislation below.

2.2.2. Conditions for Processing General Personal Data

Concept of General Data: All kinds of personal data processed by our Company that do not fall into the category of special data specified in this section constitute the category of general personal data.

General Condition: Personal data cannot be processed without the explicit consent of the relevant person.

Exceptions: If one of the following conditions exists, it is possible to process personal data without the explicit consent of the relevant person:

1. a) It is clearly prescribed by law.
2. b) It is necessary for the protection of the life or physical integrity of the person or someone else who is unable to express his/her consent due to actual impossibility or whose consent is not given legal validity.
3. c) It is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.

ç) It is mandatory for the data controller to fulfill its legal obligation.

1. d) It has been made public by the person concerned.
2. e) Data processing is mandatory for the establishment, exercise or protection of a right.
3. f) It is mandatory to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned.

2.2.3. Conditions for processing special personal data

Concept of Special Qualified Data: Data regarding people’s race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, as well as biometric and Genetic data is special personal data.

General Condition: It is prohibited to process special personal data without the explicit consent of the person concerned.

Exceptions and Special Situations: Personal data other than health and sexual life listed in the first paragraph may be processed without the explicit consent of the relevant person in cases stipulated by law.

• Our company obtains the explicit consent of the relevant data owners when processing and storing special data regarding the keeping of records of private health problems.

Personal data regarding health and sexual life can only be used by persons under the obligation of confidentiality or authorized institutions and organizations for the purpose of protecting public health, preventive medicine, medical diagnosis, execution of treatment and care services, planning and management of health services and their financing, without the express consent of the relevant person. can be processed.

Personal Data Protection Authority Board Conditions: In the processing of special personal data, it is also necessary to take adequate measures determined by the Board.

SECTION 3: PROTECTION OF PERSONAL DATA

3.1. SECURITY OF PERSONAL DATA

Our company complies with the 12th article of the Personal Data Protection Law. In accordance with the article, all kinds of technical and administrative measures are taken according to technological possibilities and implementation costs to ensure the lawful processing of personal data. Personal data learned by data controllers and data processors,

1 ARTICLE 12 – (1)Data controller;

1. a) To prevent unlawful processing of personal data,
2. b) To prevent unlawful access to personal data,
3. c) It must take all necessary technical and administrative measures to ensure the appropriate level of security to ensure the preservation of personal data. It cannot be disclosed to others in violation of the provisions of this law and cannot be used for purposes other than processing.

Necessary training has been provided to company personnel regarding technical issues; Employee awareness on this issue is created and inspections are carried out. Thus, knowledgeable personnel have been employed within our company. The relevant department of our company and our contracted legal consultancy company work in coordination on this issue.

3.1.1. Measures Taken to Ensure Lawful Processing of Data

The main technical and administrative measures taken by our company to ensure the lawful processing of personal data:

• Personal data processing activities carried out within our company are audited by technical systems and reported to the relevant persons.
• Personal data processing activities carried out by our company’s business units; The requirements to be fulfilled to ensure that these activities comply with the personal data processing conditions required by Law No. 6698 are determined specifically for the activities carried out by each department and relevant unit.
• Ensuring compliance with the law and compliance with the procedure prepared for the relevant departments are implemented through administrative measures, internal policies and training.

3.1.2. Measures Taken to Prevent Unlawful Access

Our company takes technical and administrative measures, depending on the nature of the data to be protected, to prevent imprudent or unauthorized disclosure, access, transfer, or any other form of unlawful access of personal data.

The main technical and administrative measures taken by our company to prevent unlawful access to personal data:

• Employees are informed that they cannot disclose the personal data they have learned to anyone else or use it for purposes other than the purpose of processing, contrary to the provisions of the Personal Data Protection Law and all other relevant legislation, and that this obligation will continue after they leave office, and the necessary commitments are taken from them in this regard.
• Contracts concluded by our company with persons to whom personal data is transferred in accordance with the law; Provisions stating that the persons to whom personal data are transferred will take the necessary security measures to protect personal data are added and/or mutual understanding texts are signed.

3.1.3. Precautions Taken for Storing Personal Data in Secure Environments

Our company takes the necessary technical and administrative measures to store personal data in secure environments and to prevent their destruction, loss or alteration for unlawful purposes.

The main technical and administrative measures taken by our company to store personal data in secure environments:

• Systems compatible with technological developments are used to store personal data in secure environments.
• Backup programs are used in accordance with the law to ensure that personal data is stored safely.
• Non-digital data will be kept in locked cabinets and can only be accessed by authorized persons.

 3.2. AUDIT

In accordance with the 3rd paragraph of Article 12 of the Personal Data Protection Law, the data controller is obliged to carry out the necessary inspections or have them carried out in his own institution or organization in order to ensure the implementation of the provisions of this law.

3.2.1. Control of Precautions to be Taken to Protect Personal Data

Our company carries out and/or has the necessary inspections carried out in order to establish the data security described above and to ensure the regularity and continuity of the measures taken.

2(3) The data controller is obliged to carry out the necessary inspections or have them carried out in his own institution or organization in order to ensure the implementation of the provisions of this Law.

These audit results are reported to the relevant department or management within the scope of our company’s internal functioning, and the necessary activities to improve the measures taken are carried out in accordance with the Personal Data Protection Law and other legislation and this company policy.

3.3. SECURITY

Our company takes all necessary precautions, within the scope of possibility and according to the nature of the personal data to be protected, in order to prevent the disclosure and transfer of personal data in violation of the provisions of the law and policies, access to these data and transactions resulting from other security deficiencies that may occur.

If technology allows, necessary precautions are taken in personal data processing activities and it is essential to update and improve the measures taken. The relevant department of our company and our contracted legal consultancy company work in a coordinated manner in carrying out and supervising these  3.4. UNAUTHORIZED DISCLOSURE OF PERSONAL DATA

In terms of crimes related to unauthorized disclosure of personal data, the provisions of Articles 135 to 140 of the Turkish Penal Code No. 5237 and all relevant legislation apply. Our company notifies employees and relevant persons of the provisions of all relevant legislation. Illegal recording of personal data, illegally giving, disseminating or seizing personal data to someone else, not destroying data within the system even after the periods specified by law have passed, and in violation of Article 7/3 of the Personal Data Protection Law; Natural persons who do not delete or anonymize personal data despite the disappearance of the legitimate reasons for storing or processing personal data are punished with imprisonment according to Article 138 of the Turkish Penal Code. The procedures and principles regarding the deletion, destruction or anonymization of personal data are regulated by the regulation.

According to the regulations made in the Turkish Penal Code, the person who unlawfully gives personal data to someone else, illegally disseminates or obtains this data is punished with imprisonment from two to four years, and the person who commits this crime by taking advantage of the convenience provided by a certain profession or art. The person is punished for the qualified form of the punishment. Any company employee who commits the crime of viewing, obtaining or hacking personal data without authorization to process personal data will be reported to the personal data owner, the prosecutor’s office and the relevant authorities without delay, and the necessary proceedings will be carried out against him and he will be punished for the qualified nature of the crime.

In accordance with the provision regulated under the title of Misdemeanors in the Personal Data Protection Law, administrative fines are also imposed on those who do not fulfill their obligation to inform or their obligations regarding data security, those who do not comply with the decisions made by the Board, or those who act contrary to the obligation to register and notify the Data Controllers Registry.

SECTION 4: COMPANY ORGANIZATIONAL MEASURES FOR PROTECTION OF PERSONAL DATA

According to the Data Controllers Registry Regulation, our company has limited the function of the contact person as the point of contact, ensuring that the requests of the relevant persons to the data controller are answered quickly and effectively. In this way, it is aimed to respond to the problems or questions of data owners whose personal data are processed in the fastest and most descriptive way, but the contact officer is not legally authorized to represent the data controller. For this reason, other than providing information, our Company has no duty or authority other than to answer the questions of the person contacting the company and the data owner or the contact person in accordance with the law and to inform our Company on this matter.

As soon as our company is informed by the contact person, the authorized department or institution assigned by our company will take action regarding the problem as soon as possible and the necessary procedure will be carried out. During these transactions, the personal data owner or relevant person will be informed about all these transactions and procedures, and if necessary, interviews will be conducted with the personal data owner or relevant person by the authorized department or institution of our Company.

SECTION 5: THIRD PARTIES TO WHICH PERSONAL DATA IS TRANSFERRED AND THE PURPOSES OF TRANSFER

In accordance with Articles 8 and 9 of the KVK Law (see Section 2/Heading 2.1.5), our company may transfer the personal data of data owners managed by the policy to the categories of persons listed below:

Our company;

(i) To business partners,

(ii) To its suppliers,

(iii) To its shareholders,

(iv) To its officials,

(v) Legally Authorized public institutions and organizations

(vi) To legally authorized private legal persons

The scope of the above-mentioned persons to whom the transfer is made and the purposes of data transfer are stated below.

ARTICLE 10-(1)-c) To whom and for what purpose the processed personal data can be transferred,

CHAPTER 6: DELETION OF PERSONAL DATA, RETENTION PERIOD AND DATA INVENTORY

6.1. OUR COMPANY’S LIABILITY

Our company, personal data that has been processed in accordance with the explanations in Article 7 of the Personal Data Protection Law No. 6698 and Article 138 of the Turkish Penal Code No. 5237 and whose purpose of processing and storage has subsequently been eliminated, has the rights arising from the Turkish Commercial Code, all relevant legislative provisions. With the decision to be made based on the rights and the principles set out in this policy (see section 2.2.1(e) and (f)) or upon the express request of the data owner in a way that will not harm the interests in commercial life, our Company deletes or destroyed or anonymized.

6.2. DELETION OF PERSONAL DATA, RETENTION PERIOD AND DATA INVENTORY

6.2.1. Deletion and Destruction of Personal Data

Deletion of personal data is defined in Article 8 of the regulation as “the process of making personal data inaccessible and unusable for the relevant users in any way”. Destruction of personal data is defined in Article 9 of the regulation as “the process of making personal data inaccessible, irretrievable and unusable by anyone”.

6.2.2. Methods for Deleting Personal Data

1. a) Application as a Service Type Cloud Solutions (Office365, Salesforce, etc.)

The data in the cloud system is deleted by giving the delete command. While the mentioned process is taking place, the relevant user does not have the authority to restore deleted data on the cloud system.

1. b) Personal Data on Paper

Personal data on paper is deleted using the blackout method. The blackout method is done by cutting off the personal data on the relevant document where possible, and in cases where it is not possible, by making the relevant users invisible by using fixed ink in a way that is irreversible and unreadable with technological solutions.

1. c) Office Files on the Central Server

It is the deletion of the file with the delete command in the operating system or the removal of the relevant user’s access rights to the file or the directory where the file is located.

1. c) Personal Data on Portable Media

Personal data in flash-based storage media is stored encrypted and deleted using software suitable for these media.

1. d) Databases

The relevant lines containing personal data are deleted with database commands. The relevant person who performs the mentioned operation is not the database administrator.

6.2.3. Personal Data Destruction Methods) Physical Destruction

1. 1. a) Personal data can also be processed by non-automatic means, provided that it is part of any data recording system. When destroying such data, personal data is physically destroyed so that it cannot be used later.
2. b) De-magnetization

It is the process of making the data on the magnetic media unintelligible and unreadable by passing it through a special device and exposing it to a high magnetic field.

1. c) Paper Media

The destruction processes in this environment are the method of destroying papers by bringing them to incomprehensible sizes with shredding and clipping machines.

6.2.4. Anonymization of Personal Data

Anonymization of personal data is defined in Article 10 of the regulation as “making personal data impossible to associate with an identified or identifiable natural person in any way, even if they are matched with other data.”

6.2.4.1. Methods of Anonymization of Personal Data a) Masking Method

It is a method of anonymization by removing or deleting the distinctive attributes or characteristics of the data owners whose data is being processed.

1. b) Data Shuffle Method (DataShuffling, Permutation)

With this method, it is aimed to make the data anonymous by relocating some of the information of the data owners who have data in the system.

1. c) Data Derivation Method

By adding or subtracting certain amounts of variables in the data in the system, the information becomes undetectable or unidentifiable.

1. d) Aggregation Method

It is a method of converting relevant personal data from a specific value to a general value. With this method, data is generalized and personal data is made unable to be associated with any individual. 

6.2.4.2. Our Company’s Method of Choosing the Anonymization Method

One or more of the anonymization methods described above will be selected by the committee formed by the Company to ensure the enforcement of this policy, in line with all relevant legislation and our Company’s interests in business life. Detailed information about the committee was explained in the previous section (see section 4).

The anonymization method to be chosen will be determined by the committee, taking into account the following issues:

. Nature of data

. Size of data

. The structure of data in physical environments

. Diversity of data

. Purpose of data processing

Anonymization will be carried out in parallel with the principles specified in the retention periods and personal data inventory sections of this policy.

6.3. STORAGE PERIOD

Our company stores personal data in its data inventory in accordance with the periods specified in all relevant legislation. If there is no period specified in the relevant legislation regarding these periods, our Company stores personal data within the periods determined in accordance with the interests of our Company, provided that it complies with the laws and legislation arising from the industry in which it operates. In cases where there is no need for storage, it is deleted or destroyed or anonymized in the ways explained above. If the purpose of processing and storing personal data has been eliminated and the periods determined in accordance with all relevant legislation regarding personal data and the principles determined by our Company in this policy (see section 2.2.1(e) and (f)) have passed, it can also be used in any legal disputes that may arise in the future. personal data can be stored. The personal data specified in this section is stored only for use in legal disputes and cannot be used for any other purpose. In line with the above explanations, our Company takes all foreseeable precautions and precautions.

For example, using the information in the data system to determine the employee’s residential area in order to determine the competent court in a lawsuit to be filed against the employee who left the workplace due to unfair termination of the contract can be evaluated in this context. (The scope of the above explanations is not limited to the example given.)

6.4. PERSONAL DATA INVENTORY

In accordance with the KVKK and the Regulation on the Registry of Data Controllers, the data processed separately in each department within our Company is collected and the deletion, destruction and anonymization process is carried out in accordance with the legislation and company policy as explained above, and the data (Word, excel) can be submitted to the KVK Authority when necessary. etc.) expresses.

According to the definition in the regulation, what should be included in a personal data inventory:

1. Personal data processing purposes
2. Data Category

iii. Maximum periods required for the processing of personal data created by associating it with the transferred recipient group and the data subject group of persons

1. Personal periods intended to be transferred to foreign countries
2. Measures taken regarding data security

Considering the above-mentioned criteria, information regarding the transactions to be made with personal data will be collected in the relevant inventory. Inventory content can be stored in digital media such as Word and Excel for our Company’s own benefit in accordance with the law and legislation, while content that cannot be stored in digital media can also be stored in paper media.

The deletion, destruction and anonymization of personal data described in Section 6 are carried out in the personal data inventory by our Company or by an officer authorized by the Company.

6.4.1.Preparation of Personal Data Inventory

If there is a provision in the relevant legislation regarding the preparation procedure of the Personal Data Inventory, the personal data inventory will be prepared by our Company in line with these provisions. In cases where there is no provision in the relevant legislation regarding the preparation procedure of the Personal Data Inventory, our Company is free to choose which method to prepare the personal data inventory, taking into account its own internal working discipline and business work processes.

CHAPTER 7: DATA OWNER’S RIGHTS AND RULES FOR THE USE OF THESE RIGHTS

7.1. RIGHTS OF PERSONAL DATA OWNER

Our company carries out the necessary channels, internal operation, administrative and technical regulations in accordance with Article 13 of the Personal Data Protection Law in order to evaluate the rights of personal data owners and provide the necessary information to personal data owners.

If personal data owners submit their requests regarding their rights listed below to our Company in writing, our Company finalizes the request free of charge within thirty days at the latest, depending on the nature of the request. However, if a fee is stipulated by the Personal Data Protection Board, our Company will charge the applicant the fee in the tariff determined by the Personal Data Protection Board. Personal data owners;

• Learning whether personal data is processed or not,
• Requesting information if personal data has been processed,
• Learning the purpose of processing personal data and whether they are used for their intended purpose,
• Knowing the third parties to whom personal data is transferred at home or abroad,
• Requesting correction of personal data in case of incomplete or incorrect processing and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
• Requesting the deletion or destruction of personal data in case the reasons requiring processing no longer exist, even though it has been processed in accordance with the Personal Data Protection Law and other relevant legal provisions, and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
• Objecting to the emergence of a result that is unfavorable to the person by analyzing the processed data exclusively through automatic systems,
• They have the right to demand compensation for the damage if they suffer damage due to unlawful processing of personal data.

In accordance with Article 13 of the Personal Data Protection Law, personal data owners must submit their requests to exercise their above-mentioned rights to our Company “in writing” or by other methods determined by the Personal Data Protection Board.

7.1.1. Right to Access Personal Data

Relevant persons have the right to access their personal data without incurring a fee. Our company’s interest and legitimate right to retain data is protected within the scope of the Personal Data Protection Law and relevant legislation; The right to change and delete is respected. Our company to the relevant person;

• Learning whether personal data is processed or not,
• Requesting information if personal data has been processed,
• Learning the purpose of processing personal data and whether they are used for their intended purpose,
• It informs that one has the right to request information about third parties to whom personal data are transferred at home or abroad.

7.1.2. Right to Change or Delete Personal Data

Data subjects have the right to change or delete their personal data without incurring a fee. In this context, the relevant person;

• Requesting correction of personal data if they are incomplete or incorrectly processed,
• Requesting the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear,

ARTICLE 13 – The relevant person shall convey his/her requests regarding the implementation of this Law to the data controller in writing or by other methods determined by the Board.

The data controller finalizes the requests in the application free of charge as soon as possible and within thirty days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee in the tariff determined by the Board may be charged.

The data controller accepts the request or rejects it by explaining the reason and notifies the relevant person in writing or electronically of his/her response. If the request in the application is accepted, the data controller will fulfill it accordingly. If the application is due to the error of the data controller, the fee collected will be refunded to the relevant party.

• He/she has the right to request that the above-mentioned correction, deletion or destruction procedures be notified to third parties to whom personal data have been transferred, and to object to the emergence of an adverse result by analyzing the processed data exclusively through automatic systems.

 7.1.3. Ensuring Personal Data is Up to Date

In accordance with the Personal Data Protection Law, there is an obligation to ensure that personal data is accurate and, when necessary, up-to-date. For this reason, in order to keep personal data accurate and up-to-date, the relevant party must notify our Company of current status changes. If our Company is not notified in writing of the data change by the relevant person, our Company is not responsible for any damages or sanctions that may arise or occur due to not updating the data.

7.2. RESERVATION OF DATA OWNER’S RIGHTS

12th article of the Personal Data Protection Law. In accordance with the article, the data controller;

• To prevent unlawful processing of personal data,
• To prevent unlawful access to personal data and
• It must take all necessary technical and administrative measures to ensure the appropriate level of security to ensure the preservation of personal data.

In accordance with the relevant law article, our company is jointly and severally responsible with these persons for taking the measures specified in the first paragraph, in case personal data is processed by another natural or legal person on its behalf. Our company carries out the necessary inspections to ensure the implementation of the provisions of this law in its own institution or organization.

By adding this provision to all contracts, commitments and agreements by our company, it is included in Chapter 5, 13 of this policy. It has been shared with people who can transfer data on the page; In cases where it is not possible to create a contract or memorandum of understanding due to actual impossibility or not being in line with the ordinary flow of life, this policy can be viewed on the website wodehk.com as it has been made available to the public.

 7.3. CASES WHERE THE PERSONAL DATA OWNER CANNOT ASSERVE HIS RIGHTS

In accordance with Article 28 of the Personal Data Protection Law, personal data owners cannot assert the following rights of personal data owners in these matters, since the following situations are excluded from the scope of the relevant law:

• Processing of personal data for purposes such as research, planning and statistics by anonymizing them with official statistics,
• Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defence, national security, public security, public order, economic security, privacy of private life or personal rights or constitute a crime,
• Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defence, national security, public safety, public order or economic security, and
• Processing of personal data by judicial authorities or enforcement authorities regarding investigation, prosecution, trial or enforcement proceedings.

In accordance with Article 28 of the Personal Data Protection Law; In the cases listed below, personal data owners cannot assert their other rights except the right to demand compensation for damage:

• Processing personal data is necessary for the prevention of crime or criminal investigation,
• Processing of personal data made public by the personal data owner,
• Processing of personal data is necessary for the execution of auditing or regulatory duties and disciplinary investigation or prosecution by public institutions and organizations and professional organizations that are public institutions, based on the authority granted by the law.

CHAPTER 8: PROCESSING OF PERSONAL DATA OF EMPLOYEE CANDIDATES

Personal data of employee candidates collected during the recruitment process and special personal data collected according to the nature of the job are collected by our Company; It is processed for the purposes specified and listed below:

• Evaluating the employee candidate’s qualifications, experience and interest, and their suitability for the open position,
• If necessary, to check the accuracy of the information provided by the Employee Candidate or to contact third parties and conduct research about the Employee Candidate,
• To communicate with the Employee Candidate about the application and recruitment process or, if appropriate, to contact the candidate for any position subsequently opened domestically or abroad,
• To meet the requirements of the relevant legislation or the demands of authorized institutions or organizations,
• To develop and improve the recruitment principles applied by our company. Personal data of employee candidates can be collected by the following methods and means:

Digital application form published in written or electronic format;

• CVs sent by prospective employees to our Company via e-mail, cargo, reference and similar methods;
• Employment or consultancy companies; Prospective employees will also be able to submit their requests regarding their rights arising from their ownership of data using the method described above.

During the interview, in cases where interviews are conducted via tools such as video conferencing, telephone or face to face;

• Checks made to confirm the accuracy of the information provided by the employee candidate and research carried out by our Company;
• Recruitment tests that identify talents and personality traits performed by experienced experts and whose results are examined

CHAPTER 9: PERSONAL DATA PROCESSING ACTIVITIES CARRIED OUT WITHIN THE COMPANY FACILITIES AND DATA PROCESSING ACTIVITIES PERFORMED THROUGH THE WEBSITE

9.1. PERSONAL DATA PROCESSING ACTIVITIES CARRIED OUT AT BUILDING, FACILITY ENTRANCES AND WITHIN THE BUILDING FACILITY

Personal data processing activities carried out by our company at building facility entrances and within the facility are carried out in accordance with the Constitution, the Personal Data Protection Law and other relevant legislation.

In order to ensure security by our company, personal data processing activities are carried out for monitoring guest entries and exits through security cameras in our company’s buildings and facilities.

Personal data processing is carried out by the Company by using security cameras and recording guest entries and exits.

9.2. MONITORING ACTIVITY WITH CAMERA CONDUCTED AT AND INSIDE THE COMPANY’S BUILDING, FACILITY ENTRANCES

In this section, explanations will be made about our Company’s camera monitoring system and information will be given about how personal data, privacy and fundamental rights of the person are protected.

Our company, within the scope of surveillance activities with security cameras; Our company aims to protect the interests of the company and other people by ensuring their safety.

9.2.1. Legal Basis of Camera Surveillance Activity

The camera monitoring activity carried out by our company is carried out in accordance with the Law on Private Security Services and relevant legislation.

9.2.2. Carrying out monitoring activities with security cameras in accordance with the KVK Law

Our company acts in accordance with the regulations in the KVK Law in carrying out camera monitoring activities for security purposes. Our company carries out security camera monitoring activities in order to ensure security in its buildings and facilities, for the purposes stipulated in the relevant legislation in force and in accordance with the personal data processing conditions listed in the Personal Data Protection Law.

9.2.3.Announcement of Camera Monitoring Activity

Our company informs the personal data owner in accordance with Article 10 of the KVK Law. Our Company provides notifications regarding the camera monitoring activity of lighting regarding general matters through more than one method. Thus, it is aimed to prevent harm to the fundamental rights and freedoms of the personal data owner and to ensure transparency and clarification of the personal data owner.

For camera monitoring activities carried out by our company; This Policy is published on our company’s website wodehk.com (online policy regulation) and a notification letter stating that monitoring will be carried out is posted at the entrances of the areas where monitoring is carried out.

9.2.4. Purpose of Carrying Out Camera Monitoring Activity and Limitation to Purpose

In accordance with Article 4 of the KVK Law, our company processes personal data in a limited and measured manner in connection with the purpose for which they are processed.

The purpose of our company’s surveillance activities with video cameras is limited to the purposes listed in this Policy. In this regard, the monitoring areas of security cameras, their number and when they will be monitored are implemented in a way that is sufficient and limited to achieve the security goal. Persons are not subject to monitoring in areas that would reveal a person’s privacy in a way that exceeds security purposes (for example, toilets).

9.2.5.Ensuring the Security of Obtained Data

Our company complies with the 12th article of the KVK Law. In accordance with the article, necessary technical and administrative measures are taken to ensure the security of personal data obtained as a result of camera monitoring activities.

9.2.6. Storage Period of Personal Data Obtained through Camera Monitoring Activities

Detailed information about the retention period of our company’s personal data obtained through camera monitoring is included in Article 6.4 of this Policy, titled Personal Data Storage Periods.

9.2.7.Who Can Access the Information Obtained as a Result of Monitoring and To Whom This Information is Transferred

Only a limited number of our Company employees have access to live camera images and records recorded and preserved digitally. A limited number of people who have access to the records declare with a confidentiality agreement that they will protect the confidentiality of the data they access.

 9.3. MONITORING OF GUEST ENTRANCES AND EXITS AT THE ENTRANCES AND INSIDE OF COMPANY BUILDINGS, FACILITIES

By our company; Personal data processing activities are carried out to ensure security and to monitor guest entries and exits in company buildings and facilities for the purposes specified in this policy.

While the names and surnames of people who come to our Company’s buildings as guests are obtained, or through texts posted in the company or made accessible to guests in other ways, the personal data owners in question are clarified in this context. The data obtained for the purpose of tracking guest entry and exit is processed solely for this purpose and the relevant personal data is recorded in the data recording system in the physical environment.

9.4. STORAGE OF RECORDS RELATING TO INTERNET ACCESS PROVIDED TO COMPANY GUESTS AND WEBSITE VISITORS

To ensure security by our company and for the purposes specified in this policy; Log records regarding guests’ internet access during their stay in our facilities can be recorded in accordance with Law No. 5651 and the mandatory provisions of the legislation issued in accordance with this Law.

Only a limited number of our Company employees have access to the log records obtained in this context.

These records are processed and shared with third parties only upon request by authorized public institutions and organizations or for the purpose of fulfilling our legal obligations and/or protecting our legal rights and establishing our Company’s defense rights during audit processes to be carried out within the Company.

9.5. COMPANY WEBSITE VISITORS

On the websites owned by our company; To ensure that people visiting these sites carry out their visits on the sites in accordance with the purposes of their visit; Internet movements within the site are recorded by technical means (e.g. cookies) in order to show them customized content and engage in online advertising activities.

Detailed explanations regarding the protection and processing of personal data regarding these activities carried out by our company are included in the “Company’s Website Privacy Policy” texts of the relevant websites.

CHAPTER 10: ENFORCEMENT AND UPDATE

This Personal Data Processing and Protection Policy was issued by our Company and entered into force on 30/05/2021.

Updates may be made to all or part of the policy.

The Policy is published on our Company’s website, wodehk.com, and is made available to relevant persons upon the request of personal data owners.

Cookie Policy

Cookie (COOKIE) Will Be Added

Distance Selling Agreement

The agreement on this page will be valid and binding for you from the moment you start using Deniz Cam Fly Screen services. Please read this agreement carefully before using our services.

DISTANCE SALES CONTRACT

ARTICLE 1- SUBJECT

The subject of this contract covers the rights and obligations of the parties in accordance with the provisions of the Law No. 4077 on the Protection of Consumers and the Regulation on Distance Contracts, regarding the sale and delivery of the product sold by the SELLER to the BUYER, whose qualities and sales price are specified below.

 ARTICLE 2- SELLER INFORMATION

Title: wodehk.com

Address: Warehouse: Turgut Reis District Yesilkent Street No:12/A

Phone: 0 850 241 7480

Fax:

E-mail: contact@wodehk.com

Website: wodehk.com 

ARTICLE 3- BUYER (CONSUMER) INFORMATION

Name/Surname/Title:

Address:

Telephone:

E-mail:

ARTICLE 4 – PRODUCT INFORMATION SUBJECT TO THE CONTRACT

The type, quantity, brand/model, color, quantity, sales price, payment method of the Goods/Product/Service are as stated below:

Date of contract:

Product Delivery Date: ..

Amount of delivery costs: TL

Goods/Product/Service Type: Internet Services

Quantity:

Brand/Model:

Cash TL. Sales Price (Including Taxes): TL

ARTICLE 5 – GENERAL PROVISIONS

5.1.The BUYER declares that he/she has read and is informed about the basic characteristics of the product subject to the contract specified in Article 4, the sales price and payment method and all preliminary information regarding the delivery and gives the necessary confirmation electronically.

5.2.The product subject to the contract is delivered to the BUYER or the person/organization at the address indicated within the period explained in the preliminary information, depending on the distance of the BUYER’s residence for each product, provided that it does not exceed the legal 30-day period. This period can be extended for a maximum of 10 days, provided that the consumer is notified in writing.

5.3. If the product subject to the contract is to be delivered to a person/organization other than the BUYER, the SELLER cannot be held responsible if the person/organization to be delivered does not accept the delivery.

5.4.The SELLER is responsible for the delivery of the product subject to the contract in a sound, complete and in accordance with the qualifications specified in the order. Provided that it is based on a justified reason, the SELLER may supply goods or services of equal quality and price to the CONSUMER before the contractual performance obligation expires.

5.5.For the delivery of the product subject to the contract, this contract must be confirmed electronically and the price of the order subject to the contract must be paid. If the product price is not paid for any reason or is canceled in bank records, the SELLER is deemed to be free from the obligation to deliver the product.

5.6.If the SELLER cannot deliver the product subject to the contract within the deadline due to force majeure or extraordinary circumstances such as adverse weather conditions that prevent transportation or interruption of transportation, it is obliged to notify the BUYER of the situation. In this case, the BUYER may exercise one of his rights to cancel the order, replace the product subject to the contract with a comparable product, if any, and/or postpone the delivery period until the hindering situation disappears.

If the BUYER cancels the order, the amount paid will be refunded to him/her within 10 days.

5.7. If the BUYER’s payment obligation in this contract is not fulfilled in any way, the SELLER may initiate enforcement proceedings, file a receivables lawsuit and resort to other legal remedies in order to collect the uncollected product price, together with the interest to be accrued based on the price of the product on the delivery day and the interest rates stipulated in the contract.

ARTICLE 6 – RIGHT OF WITHDRAWAL

According to paragraph c of the 4th paragraph of the 7th article titled Right of Withdrawal of the Regulation on Distance Contracts; The consumer cannot exercise his right of withdrawal for goods prepared in line with the consumer’s wishes or his personal needs. In addition, the consumer does not have the right to withdraw from contracts regarding the delivery of goods that are not suitable for return due to their nature, are in danger of deterioration quickly or are likely to expire.

ARTICLE 7 – COMPETENT COURT

In the implementation of this contract, Consumer Arbitration Committees and Consumer Courts in the place of residence of the BUYER or SELLER are authorized up to the value declared by the Ministry of Industry and Trade.

Return and Exchange Policy

In accordance with the Consumer Protection Law No. 6502; Our customers have the right to cancel the purchase and return the product within 14 days from the delivery date of the product.

However, as stated in the same law;

Cosmetics and personal care products,

Products that deteriorate quickly, are disposable and may expire,

It is not possible to return unpackaged, tested, used and damaged products (except defective products).

Refunds for canceled and refunded orders will normally be made within 3 days and at most 10 business days, depending on the payment method used.

In return transactions, shipping is the responsibility of the buyer.

You can always contact us for possibilities and returns other than those mentioned above. Assinelikdeposu.com, our priority is customer satisfaction.