Privacy And Personal Data Protection Policy

As LM Grup Sanal Mağazacılık ve Bilgi Teknolojileri San. Tic. Ltd. Şti (“Pulmulier.com”, we take the necessary measures to protect the privacy of those who visit our website and shop as a member or guest customer, as well as candidates who apply for a job, suppliers and business partners, as per the Law on the Protection of Personal Data, and the principles stipulated by the Law on the Protection of Personal Data. We would like to state that we, as “Pulmulier.com”, have taken the necessary measures regarding the security of your personal data. This "Privacy and Personal Data Processing Policy", which personal data of individual groups are processed, in which categories your personal data is processed, the method and legal reason for collecting your personal data, the purposes for which your personal data is collected, the retention periods and destruction processes of your personal data, the security of your personal data. It includes detailed information about the technical and administrative measures we take, the transfer processes of your personal data, your rights on your personal data and how to use these rights, the use and management of cookies. You can contact us for any questions you may have about our privacy policy and the processing of your personal data.

DEFINITIONS

Express Assent	Consent based on information on a specific subject and expressed with free will
Anonymization	Making the data previously associated with a person incapable of being associated with an identified or identifiable natural person in any way, even by matching them with other data.
Employee Candidate	Real persons who do not work within our company but apply to work
Personal Data	Any information pertaining to an identified or identifiable natural person
Data Owner (Relevant Person)	Natural person whose personal data is processed
Processing of Personal Data	Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data in whole or in part by automatic or non-automatic means provided that it is a part of any data recording system Any operation performed on data such as
Law	Law No. 6698 on the Protection of Personal Data
Special Qualified Personal Data	Biometric and genetic and data on race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, clothing, membership in associations, foundations or trade unions, health, sexual life, criminal convictions and security measures
Policy	LM Grup Sanal Mağazacılık ve Bilgi Teknolojileri San. Tic. Ltd. Şti Privacy and Personal Data Processing Policy
Company	LM Grup Sanal Mağazacılık ve Bilgi Teknolojileri San. Tic. Ltd. Şti.
Data Processor	Real or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller.
Data Controller	The natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system
Data Recording System	The registration system in which personal data is processed and structured according to certain criteria
Work Partners	Real and legal persons with whom the company has established partnerships with contracts created according to the scope of work carried out within the framework of commercial activities of the company.

 

1-WE WANT TO KNOW WHICH PERSONAL DATA WE USE WHILE USING OUR SERVICES

 

Your Personal Data pursuant to Law No. 6698; As the data controller, your data, categorized below, is processed by the Lm Grup Sanal Mağazacılık ve Bilgi Teknolojileri San. Tic. Ltd. Şti ( “Pulmulier.com”) in accordance with the "Personal Data Processing Conditions" specified in the 5th and 6th articles of the "Personal Data Protection Law" and within the framework of the legal reasons specified within the scope of this "Privacy and Personal Data Processing Policy".

 

PERSONAL DATA CATEGORY

MEMBER CUSTOMER DATA

a-Identity information (name, surname, date of birth, gender, Identity Number)

b-Location information (city of residence, delivery address of the shopping made)

c-Contact Information (Mobile phone, e-mail address, address, zip code, fixed phone)

d- Financial information (Tax office, invoice information)

e-Customer/Member information (Membership information, ID number, customer password)

f-Customer member transaction information (product/products purchased, shopping amount, shopping date, call center call records, commercial communication permission, campaigns used, coupons used, order information)

g- Risk management information (IP address)

h-Marketing information (cookie records, targeting information, reviews showing habits and likes)

i- Audio data (Call center records)

j- Legal transaction and compliance information (Start and end time of the data service, type of service used, amount of data transferred, message permission given by the data subject in electronic environment, membership agreement approved, corporate membership agreement, other membership and agreement enabling the use of pulmulier.com site. records)

k-Marketing information (sms for marketing purposes, e-mail messages and calls made by the call center and Instagram photos sent to us and requested to be published on the site, based on the informed consent of the person concerned)

l-Complaint notification information (complaint forms sent physically or electronically)

 

VISITOR CUSTOMER DATA

 

a-Identity information (name, surname, date of birth, gender, identity number)

b-Location information (city of residence, delivery address of the shopping made)

c-Contact Information (Mobile phone, e-mail address, address, zip code, fixed phone)

d- Financial information (Tax office, invoice information)

e- Risk management information (IP address)

f- Marketing information (cookie records, targeting information, reviews showing habits and likes)

g- Audio data (Call center records)

h- Legal transaction and compliance information (Start and end time of the data service, type of service used, amount of data transferred, message permission given by the person in electronic environment, membership agreement approved, corporate membership agreement, other membership and agreement enabling the use of pulmulier.com site. records)

i- Marketing information (sms for marketing purposes, e-mail messages and calls made by the call center and Instagram photos sent to us and requested to be published on the site)

j- Complaint notification information (complaint forms sent physically or electronically)

 

INFORMATİON OF THE PERSON TO WHOM THE ORDERED PRODUCT WİLL BE DELİVERED

 

a-Identity information (name, surname, date of birth, gender, identity number)

b-Location information (city, district, address where the shopping will be delivered)

c-Contact information (Mobile phone, e-mail address, address, zip code, fixed phone)

d-Financial information (Tax office, invoice information)

 

SELLER/SUPPLIER/SELLER EMPLOYEE/SUPPLIER EMPLOYEE

 

a- Identity information (Name, surname, identity number)

b- Contact information (e-mail address, mobile phone number, KEP address, address)

c- Financial information (Account No, Tax Office, Tax No, Tax Plate, IBAN, Account No)

d- Legal transaction information (signature circular, activity certificate)

e- Personal data of special nature (signature)

f- Biometric data (photo)

 

2-PRINCIPLES ON THE PROCESSING OF YOUR PERSONAL DATA

 

We would like to inform you that while processing your personal data within the framework of the "Personal Data Protection Law" No. 6698, we carry out processing activities within the scope of the principles determined by the legal regulations stated below.

 

2.1- Processing Activity in Compliance with Law and Integrity Rules

 

While processing your personal data, we act in accordance with the principles brought by laws and other legal regulations. In order to achieve our purposes in processing your personal data as a data controller, the interests and reasonable expectations of the data subjects are taken into account. Actions are taken to prevent the emergence of results that are not expected by the relevant persons and that they do not need to wait.

 

2.2 – Ensuring Personal Data Are Accurate and Up-to-Date When Necessary

 

The control of whether the data of the persons whose personal data are processed are processed in accordance with the truth is carried out periodically. Necessary measures are taken to ensure that personal data is accurate and up-to-date. In this context, necessary systems have been established to check that your personal data is correct and up-to-date.

 

2.3 –Processing for Specific, Explicit and Legitimate Purposes

 

In the processing of your personal data, as specified in this policy, it is systematically stated in a way that the relevant persons can easily understand which personal data are processed for which purposes. As "Pulmulier.com", we process your personal data in line with the purposes specified in the "Privacy and Personal Data Processing Policy" and to perform the work we have done and the services we have provided.

 

2.4- Being Related to the Purpose for which they are Processed, Limited and Proportionate

 

Your personal data is processed in connection with the purposes specified in this "Privacy and Personal Data Processing Policy", limited to what is necessary for us to perform the work we have done and the services we have provided. Your personal data is not processed for purposes that do not exist or are expected to occur later. Necessary measures are taken by “Pulmulier.com” to prevent the processing of your personal data that is not necessary or needed for the realization of our stated purposes.

 

2.5- Retention for the Period Envisioned in the relevant Legislation or Necessary for the Purpose for which they are Processed

 

As a data controller, your personal data is processed for a limited period of time stipulated in the relevant laws. In cases where no period is foreseen in the relevant laws, they are stored in accordance with the purposes specified in the "Privacy and Personal Data Processing Policy" and for the periods required for the purposes for which they are processed. Your personal data is deleted, destroyed or anonymized in accordance with the procedures stipulated in the "Personal Data Storage and Destruction Policy", upon the expiration of the periods specified in the law or in cases where no period is stipulated in the relevant legislation.

 

3- METHOD OF COLLECTION OF YOUR PERSONAL DATA AND LEGAL REASONS

 

In order to process the data of the data subject, "Explicit Consent" must be obtained. However, in cases where explicit consent cannot be obtained, your personal data can also be processed in the presence of the reasons listed sequentially in the "Personal Data Protection Law" No. 6698. As “Pulmulier.com”, personal data is primarily processed in cases where there is express consent.

In the absence of the explicit consent of the person concerned, it can also be processed for the reasons set forth in Article 5 of the "Personal Data Protection Law". According to article 5 of the "Personal Data Protection Law", your data;

 

a- It is clearly stipulated in the laws

b- Processing of data is mandatory for the protection of life or bodily integrity of a person, himself or someone else, who is unable or unable to express his/her consent due to actual impossibility, or whose consent is not given legal validity.

c- It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.

d- It is mandatory to process the data in order for the data controller to fulfill its legal obligation.

e- The person concerned has been made public by himself.

f- Data processing is mandatory for the establishment, protection or exercise of a right

g- It is necessary to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

 

3.1-Personal Data Collection Method

 

“Pulmulier.com” can collect your personal data on the website with the address www.pulmulier.com operated by our company, if you fill out the membership agreement and application form on our website, and through social media accounts, through cookie applications, through call center records, forensic or It is collected by electronic, audio or written methods through notifications and letters sent by administrative authorities and similar communication channels.

 

3.2. Legal reasons

 

Your personal data is processed by “Pulmulier.com” through technical and procedural methods performed on the website, mobile applications and physical channels; In order to provide our commercial services to our customers using these channels and to carry out our commercial activities in this context, it is collected within the framework of legal reasons arising and executed based on the relevant legislation, contract, demand, commercial tradition and honesty rules. Your personal data collected for this legal reason can be processed and transferred for the purposes specified in this "Privacy and Personal Data Processing Policy" within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the " Personal Data Protection Law".

 

4- FOR WHAT PURPOSE PERSONAL DATA IS COLLECTED

 

As “Pulmulier.com”, your personal data is processed in accordance with the relevant legislation for the purposes stated below.

 

4.1- Member Customer Data

a- Execution of membership procedures

b- Carrying out the transactions of member customers by "Pulmulier.com", developing our site and providing necessary information

c- Providing special campaigns, opportunities and promotions to our customers, with commercial message approval, analysis of customers' tastes, preferences and needs, for the purpose of fulfilling the contract with the member customer.

d- Within the scope of the customers' informed consent, remarketing, profile analysis, promotion of new products suitable for the needs of customers, realization of services and marketing of new products

 

Providing ease of use on the website and mobile devices by evaluating the preferences of e-member customers

f- Solving the problems of member customers and evaluating their complaints

g- Follow-up of purchasing transactions

h- Management of accounting processes

I- Management of legal processes

j- Meeting information requests from judicial and administrative authorities

k- Improving and auditing security systems in order to prevent misuse

l- Determining the accuracy of the data of the relevant person and ensuring that it is updated when necessary

 

4.2- Guest Customer Data

 

a- Enabling shopping as a customer on both the website and mobile

b- "Pulmulier.com" to carry out the transactions of the guest customers, to develop our site and to provide the necessary information

c- For the purpose of fulfilling the contract with the guest customer, commercial message approval, analysis of customers' tastes, preferences and needs, and providing special campaigns, opportunities and promotions to our customers

d- Within the scope of the informed consent of the guest customers, remarketing, profile analysis, promotion of new products suitable for the needs of customers, realization of services and marketing of new products

e- Ensuring ease of use on the website and mobile devices by evaluating the preferences of guest customers

f- Solving the problems of guest customers and evaluating their complaints

g- Follow-up of purchasing transactions

h- Management of accounting processes

I- Management of legal processes

j- Meeting information requests from judicial and administrative authorities

k- Improving and auditing security systems in order to prevent misuse

 

4.3- Online Visitor Data

 

a- Follow-up and management of legal processes

b- Detection and prevention of malicious use and improvement and inspection of security systems

c- Meeting information requests from judicial and administrative authorities

d- Fulfillment of obligations arising from legislation

 

4.4- Person on whose Name the Purchased Product will be Delivered

 

a- Ensuring the performance of the distance sales contract

b- Management of purchasing and accounting transactions

c- Follow-up and management of legal processes

d- Meeting information requests from judicial and administrative authorities

e- Fulfillment of obligations arising from legislation

f- Improvement and inspection of security systems in order to prevent malicious use.

 

 

5- TECHNICAL AND ADMINISTRATIVE MEASURES TO ENSURE THE SECURITY OF YOUR PERSONAL DATA

 

As “Pulmulier.com”, we take all necessary technical and administrative measures to ensure the security and protection of your personal data and to prevent it from falling into the hands of unauthorized persons. Data controller pursuant to Article 12 of the Law

 

a- To prevent the unlawful processing of personal data

b- To prevent unlawful access to personal data

c- To ensure the protection of personal data

 

For these purposes, it is obliged to take all necessary technical and administrative measures to ensure the appropriate level of security. provision is included. Accordingly, Pulmulier.com takes the following technical and administrative measures in order to protect and ensure the security of personal data.

 

5.1-Technical Measures

 

The technical measures taken by the company to ensure the security of the personal data we process are as follows;

• Risks, threats, vulnerabilities and vulnerabilities, if any, regarding our company's information systems are revealed through regular penetration tests, and necessary precautions are taken.
• Risks and threats that will affect the continuity of information systems are constantly monitored as a result of real-time analyzes with information security event management.
• Access to information systems and authorization of users are made through security policies through the access and authorization matrix and the corporate active directory.
• Necessary measures are taken for the physical security of the information systems equipment, software and data of the institution.

In order to ensure the security of information systems against environmental threats, hardware (access control system that allows only authorized personnel to enter the system room, 24/7 employee monitoring system, physical security of the edge switches that make up the local area network, fire extinguishing system, air conditioning system, etc.) and software (firewalls, attack prevention systems, network access control, systems preventing malware, etc.) measures are taken.

• Risks to prevent unlawful processing of personal data are determined, appropriate technical measures are taken against these risks, and technical controls are carried out for the measures taken.
• By establishing access procedures within the institution, reporting and analysis studies are carried out regarding access to personal data.
• Inappropriate access or access attempts are kept under control by recording the accesses to the storage areas where personal data are stored.

 

The Company takes the necessary measures to ensure that the deleted personal data is inaccessible and reusable for the relevant users.

 

• In the event that personal data is obtained unlawfully by others, a system and infrastructure has been established by the Company to notify the relevant person and the Board.
• Security vulnerabilities are followed and appropriate security patches are installed and information systems are kept up-to-date.
• Strong passwords are used in electronic environments where personal data is processed.
• Secure record keeping (logging) systems are used in electronic environments where personal data is processed.
• Data backup programs are used to keep personal data safe.
• Access to personal data stored in electronic or non-electronic media is limited according to access principles.

 

5.2-Administrative Measures

 

The administrative measures taken by Pulmulier.com to ensure the security of the personal data we process are as follows;

 

• In order to improve the quality of employees, trainings are provided on the prevention of illegal processing of personal data, the prevention of illegal access to personal data, the protection of personal data, communication techniques, technical knowledge and skills, the Labor Law No 4857 and other relevant legislation.

 

Confidentiality agreements are signed by the employees regarding the activities carried out by the company.

• A disciplinary procedure has been prepared for employees who do not comply with security policies and procedures.

 

Before starting to process personal data, the Company fulfills its obligation to inform the relevant persons.

Personal Data Processing Inventory has been prepared.

Periodic and random inspections are carried out within the institution.

• Regular information security trainings are given to employees.

 

The notices, communiqués and publications published by the Personal Data Protection Authority are followed by the legal department, reports are made about current changes, and updates are made by taking appropriate measures for these reports.

 

6- TO WHOM AND FOR WHAT PURPOSES YOUR PERSONAL DATA IS TRANSFERRED

 

“Pulmulier.com” transfers your personal data to third parties in accordance with the basic principles of the law, articles 8 and 9 of the “Personal Data Protection Law” and this “Privacy and Personal Data Processing Policy”. In this context, member customer, guest customer, third party information to be delivered on behalf of the purchased product; Our suppliers, whose services we use or cooperate with, in order to provide our services, to respond to and finalize your requests that you have sent to "Pulmulier.com", to be able to contact you, to be informed about our products and services in line with your requests, to offer you a personalized website visit in line with your marketing, advertising and interests. and our business partners, regulatory, supervisory institutions and legally authorized official institutions and persons, and can be transferred to the country and abroad as stipulated by the "Personal Data Protection Law". As "Pulmulier.com", we act in accordance with the 8th and 9th articles of the "Personal Data Protection Law" during the transfer of your personal data and take the necessary technical and administrative measures to protect your personal data.

 

7- STORAGE TIMES ACCORDING TO THE CATEGORIES OF YOUR PERSONAL DATA

 

As “Pulmulier.com”, your personal data is stored for the periods stipulated by the laws, and for the periods required by the purpose of processing, if no period is stipulated in the laws. While it is not legally possible to keep your personal data indefinitely, it is not necessary.

 

When the storage period of your personal data expires, your personal data is deleted, destroyed or anonymized with the methods specified in the "Personal Data Retention and Destruction Policy".

PERSONAL DATA SOURCE	DURATION	LEGAL BASIS
Call center audio recordings	3 years	Law No. 6563 and related legislation
Membership records	10 years	Law No. 6098
All Records Related to Accounting and Financial Transactions	10 years	Law No. 6102, Law No. 213
Cookies and Logs	6 Months – Maximum 2 Years	Internet Law No. 5651
Commercial Electronic Mail Confirmation Records	1 Year from the date of withdrawal of consent	Law No. 6563 and Related Legislation
Traffic Information on Online Visitors	2 Years	Law No. 5651
Personal Data Regarding Customers	3 years within the framework legislation, of Law No. 6563 and related, 10 years after the legal relationship ends	Law No.6563,6102, 6098,213,6502
Personal Data Regarding Suppliers	10 Years after the legal relationship ends	Law No.6102,6098, 213
Personal Data Protection Board Transactions	10 Years	Personal Data Retention and Disposal Policy
Internal Communication Activities	10 Years Since End of Operation	Personal Data Retention and Disposal Policy
Human Resources Processes	10 Years Since End of Operation	Labor Law No. 4857 and Related Legislation
Hardware and Software Access Processes	2 Years	Personal Data Retention and Disposal Policy
Registration of Visitors and Meeting Users	2 Years From Event Ending	Personal Data Retention and Disposal Policy
Camera Recordings	2 Years	Personal Data Retention and Disposal Policy
Data Stored under the Labor Law (For example, severance pay, notice indemnity,  bad faith compensation,  information that may be  subject to compensation for violation of the principle  of equal treatment, payroll records, number of annual leave days, etc.)	5 Years from the end of the Business Relationship	Labor Law No. 4857 and Related Legislation
Data on Personal Files Stored under the Labor Law	10 Years from the end of the Business Relationship	Labor Law No. 4857 and Related Legislation / Turkish Code of Obligations No. 6098
Data Collected within the Scope of Occupational Health and Safety Legislation  (For example: Employment health tests, health reports, OHS Trainings, Occupational Health and Safety records, etc.)	15 Years from the end of the Business Relationship	Occupational Health and Safety Law No. 6331, Occupational Health and Safety Services Regulation
Data kept within the scope of Social Security Institution Legislation (For example: Employment notices, bonus/service documents, etc.)	10 Years from the end of the Business Relationship	Social Insurance and General Health Insurance Law No. 5510 and Related Legislation
Pursuant to the Labor Law: Responding to court/executive information requests regarding the employee	10 Years from the end of the Business Relationship	Labor Law No. 4857 and Related Legislation
Employee Access Restrictions – Active Directory Operations	10 Years from the end of the Business Relationship	Labor Law No. 4857 and Related Legislation
Information About Company Partners and Members of the Board of Directors (For example: Attendance fee and Dividend payments etc.)	10 Years	Turkish Commercial Code No. 6102
Information of Company Partners and Members of the Board of Directors (Personal data in the share ledger)	Due to the Obligation to Keep the share ledger, it is Indefinite	Turkish Commercial Code No. 6102
Employee Advance Payment	10 Years	Turkish Commercial Code No. 6102
Job Application / Internship Application / If Application Is Not Accepted, Data Regarding Candidate Applications (For example: CV, Curriculum Vitae, Application Form etc.)	1 Years	Industry customs apply
Data Processed in Accordance with Corporate Communication Activities for Employees (For example: Participant List etc.)	10 Years from the end of the Business Relationship	Industry Custom
Data on Employee Satisfaction Surveys	1 Year following the end of the year in which the survey was filled	Industry Custom
Commercial Books to be Keeped in Accordance with Company Activities, Documents Created Based on the Records in the Commercial Books, Financial Statements etc.Processed Personal Data	10 Years	Turkish Commercial Code No. 6102
Data Processed in Accordance with General Assembly Procedures	10 Years	Turkish Commercial Code No. 6102
Personal Data Regarding the Establishment and Content of Contracts to which the Company is a Party	10 Years	Turkish Commercial Code No. 6102
Audio or Electronic Information Regarding Informing the Consumer and Using the Right of Withdrawal	3 Years	Regulation on Distance Contracts Published in the Official Gazette No. 27866
Approval Records for Commercial Electronic Messages Sent to Buyers' Electronic Communication Addresses to Promote, Market, Promote the Business of Goods and Services, or Increase Recognition with Content such as Celebrations and Wishes	1 Years	Regulation on Commercial Communication and Commercial Electronic Messages Published in the Official Gazette No. 29417 dated 15.07.2015
Data Other than Approval Records Regarding Commercial Electronic Messages Sent to Recipients' Electronic Communication Addresses in order to Promote, Market, Promote the Business of Goods and Services or Increase Recognition with Content such as Celebrations and Wishes	1 Years	Regulation on Commercial Communication and Commercial Electronic Messages Published in the Official Gazette No. 29417 dated 15.07.2015
Personal Data Processed in Contractual Relationships (For example: Company Official, Name Surname, circular of signature, etc.)	10 Years After Contract Termination	Turkish Code of Obligations No. 6098
Personal Data Regarding Tax Records	5 Years	Tax Procedure Law No. 213
Personal Data Processed with Documents Required to Be Kept in accordance with the Tax Procedure Law, such as Invoice/Expense Compass/Receipt	5 Years	Tax Procedure Law No. 213
Personal Data of Visitors	2 Years	Law No. 5651 (For Visitors Accessing the Company's Wi-Fi Network)
Personal Data Processed for Security Purposes in Accordance with CCTV Cameras (Camera Records)	90 Days	Industry Custom
Log Records of Employees' Access to Media Containing Personal Data	10 Years Due To Being The Subject Of Business Lawsuits For At Least 2 Years	Pursuant to Law No. 5651 and TİB (Telecommunication Communications Regulations)
Traffic Information Processed During Use of Company Internet Network, Internet Login and Remote Connection (For example: IP address, start and end time of the service provided, type of service used, amount of data transferred and subscriber identity information, if any, etc.)	2 Years	Law No. 5651 on Regulation of Broadcasts on the Internet and Combating Crimes Committed Through These Broadcasts
Personal Data Processed Due to the Obligation to Provide After-Sales Service in accordance with the Consumer Protection Law No. 6502 (For example: Customer Contact Information)	15 Years	Law No. 6502 on the Protection of the Consumer, After-Sales Services Regulation Published in the Official Gazette dated 13.06.2014 and numbered 29029
Personal data regarding the issuance of invoices, which form the basis of commercial books and records, in accordance with Article 82 of the TTK from Customer Information	10 Years	Turkish Commercial Code No. 6102
Customer Transaction Information (Call Records     of Customers' Requests / Complaints / Suggestions, etc.)	10 Years	Turkish Code of Obligations No. 6098
Data on Potential Customers (For example: cookies, data related to profiling via LinkedIn)	13 Months	European Union / Sectoral Customary Practice

 

8- ENLIGHTENING AND INFORMING THE RELEVANT PERSONS

 

Before your personal data is processed, "Pulmulier.com" informs the relevant persons in a way that is understandable and in detail, which personal data will be processed, by which methods, for what purposes, for what period of time, and your rights. Relevant persons may request information regarding their processed personal data.

If they submit their requests regarding their personal data physically or electronically using the methods specified in the Personal Data Protection Law Clarification Text, necessary information is provided by “Pulmulier.com” within the legal time limits.

 

9- YOUR RIGHTS ON YOUR PERSONAL DATA AND HOW TO USE THESE RIGHTS

 

Before your personal data is processed by "Pulmulier.com" a clarification text is provided to you about which personal data will be processed, by which methods, for what purposes, for what period of time, your rights over your personal data.

As personal data owners, you can submit your requests regarding your rights stated below, through the forms specified in the application form or prescribed by law. If you forward your requests to "Pulmulier.com", your application will be answered within 30 (thirty) days from its receipt by us.

In Article 11 of the Personal Data Protection Law No. 6698, the rights of the person concerned are stated as follows; according to this, everyone can apply to the data controller about himself/herself;

 

1. a) Learning whether personal data is processed or not,
2. b) If personal data has been processed, requesting information about it,
3. c) Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
4. d) To know the third parties to whom personal data is transferred in the country or abroad,
5. e) Requesting correction of personal data in case of incomplete or incorrect processing,
6. f) Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7, f) Requesting notification of the transactions made in accordance with subparagraphs (d) and (e) to the third parties to whom the personal data has been transferred,
7. g) Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
8. h) It has the right to demand the compensation of the damage in case of loss due to the unlawful processing of personal data.

 

10- DELETING, DESTROYING AND ANONYMIZING YOUR PERSONAL DATA

 

As “Pulmulier.com”, the security of your personal data is very important to us. In this context, your personal data, which has been processed in accordance with the relevant legislation as regulated in Article 7 of the "Personal Data Protection Law" and Article 138 of the Turkish Penal Code, is deleted, destroyed or anonymized upon the disappearance of the legal reason requiring processing or at the request of the person concerned. As "Pulmulier.com", necessary operational mechanisms have been established by taking the necessary technical and administrative measures in order to fulfill this obligation that has been legally imposed on us, and the relevant business units are trained, developed and awareness is raised in order.

Detailed information on the deletion, destruction or anonymization of your personal data as "Pulmulier.com" is explained in detail in our "Personal Data Retention and Destruction Policy" created within the scope of the Regulation on the Deletion, Destruction or Anonymization of Personal Data.

 

 

11-CHANGES TO THE POLICY ON THE PRIVACY AND THE PROTECTION OF YOUR PERSONAL DATA

 

“Pulmulier.com” can make changes in its Privacy and Personal Data Protection policy at any time as required by law. These changes will come into effect immediately by being published in the "Privacy and Personal Data Protection Policy". Please contact us ([email protected]) for your opinions and suggestions about the "Privacy and Personal Data Protection Policy".