KARASH YAZILIM PERSONAL DATA POLICY INFORMATION FORM PREPARED IN ACCORDANCE WITH THE PERSONAL DATA PROTECTION LAW NO. 6698

PERSONAL DATA POLICY

General Information About the Personal Data Law;

Personal Data Protection Law No. 6698 (hereinafter referred to as KVKK) was accepted on 24 March 2016 and published in the Official Gazette No. 29677 dated 7 April 2016. Some of the KVKK entered into force on the date of publication, and some on October 7, 2016.

Information as Data Controller;

In accordance with KVKK No. 6698 and as the Data Controller, your personal data is within the framework explained on this page; will be recorded, stored, updated, disclosed/transferred to third parties where permitted by the legislation, classified and processed in the ways listed in KVKK.

How Your Personal Data May Be Processed;

In accordance with KVKK No. 6698, your personal data that you share with our Company may be obtained, recorded, stored, changed, rearranged, in short, in whole or in part, automatically, or by non-automatic means provided that it is part of any data recording system, and is subject to all kinds of operations performed on the data. can be processed by us. Any operation performed on data within the scope of KVKK is considered "processing of personal data".

Purposes and Legal Reasons for Processing Your Personal Data;

Personal data you share,
• In order to fulfill the requirements of the services we provide to our customers in accordance with the requirements of the contract and technology, and to improve our products and services;
• The Law on the Regulation of Electronic Commerce No. 6563, the Law on Consumer Protection No. 6502 and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated 26.08.2015, prepared on the basis of these regulations, and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce dated 27.11.2014 and No. 29188. To record the identity, address and other necessary information to determine the information of the transaction owner within the scope of the Distance Contracts Regulation published in and other relevant legislation;
• To organize all records and documents that will be the basis for payment systems, electronic contracts or paper transactions that are mandatory in the field of Banking and Electronic Payment; To comply with the information storage, reporting and information obligations required by the legislation and other authorities;
• In order to provide information to prosecutors' offices, courts and relevant public officials on matters related to public security and legal disputes, upon request and in accordance with the legislation;

HOW YOUR PERSONAL DATA IS COLLECTED

Your personal data,
• With information such as name, surname, TR ID number, address, telephone, business or private e- mail address through the forms on our company's website and mobile applications; Data including preferences on the pages accessed using the username and password, IP records of the transactions performed, cookie data collected by the browser and browsing time and details, in the form of location data;
• Verbally, in writing or electronically through our channels such as our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing and call center;
• In a physical or virtual environment, face to face or distance, orally or in writing, received from people who share their personal data through business cards, CVs, bids and other means for purposes such as establishing commercial relations with our company, applying for a job, making an offer. also electronically;
• In addition, data obtained indirectly from different channels, (micro) websites and social media used for websites, blogs, contests, surveys, games, campaigns and similar purposes, e-bulletin reading or clicking movements, data provided by public databases data comes from profiles and data that can be shared on social media platforms; can be processed and collected.

Your Personal Data Obtained Before KVKK Comes into Force;

Your personal data obtained lawfully through membership, electronic message permission, product/service purchase and other means before April 7, 2016, the effective date of KVKK, is also processed and stored in accordance with the terms and conditions set out in this document.

Transfer of Your Personal Data Abroad;

Your personal data collected by any of the above-mentioned methods, to be processed in Turkey or to be processed and stored outside Turkey, will be processed abroad, provided that it remains within the scope of KVKK and in accordance with the contractual purposes (to countries that are accredited by the Personal Data Board and where there is adequate protection for the protection of personal data). It can also be transferred to intermediaries.

Keeping Personal Data Updated and Accurate;
v In accordance with Article 4 of the KVKK, our Company has the obligation to keep your personal data accurate and up-to-date. In this context, in order for our Company to fulfill its obligations arising from the current legislation, our Customers are required to share their accurate and up-to-date data or update it via the website / mobile application.

Rights of the Personal Data Owner in accordance with KVKK No. 6698; Article 11 of KVKK No. 6698 came into force on 07 October 2016, and in accordance with the relevant article, the rights of the Personal Data Owner after this date are as follows: Personal Data Owner can apply to our Company (data controller) to;

• Learning whether personal data is processed or not,
• Requesting information if personal data has been processed,
• Learning the purpose of processing personal data and whether they are used for their intended purpose,
• Knowing the third parties to whom personal data is transferred domestically or abroad,
• Requesting correction of personal data if they are incomplete or incorrectly processed,
• Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK,
• In case of correction, deletion or destruction of personal data, requesting that these transactions be notified to third parties to whom personal data have been transferred,
• Objecting to the emergence of a result that is unfavorable to the person by analyzing the processed data exclusively through automatic systems,
• Requesting compensation for the damage in case of damage due to illegal processing of personal data, has the rights.

Karash Yazılım is the Data Controller within the scope of KVKK. The Data Controller Representative to be appointed by our company will be announced in the Data Controllers Registry and on the website where this document is located, once the legal infrastructure is provided. Personal Data Owners can direct their questions, opinions or requests to any of the following communication channels:

EMAIL: info@karash.biz