Protection and Processing of Personal Data
1. PURPOSE
The Law on Protection of Personal Data (KVKK Law) was published in the Official Gazette dated 7 April 2016 and numbered 29677. The KVKK Law is regulated to protect the fundamental rights and freedoms of real persons, including the privacy of private life, which is also protected by the Constitution, and to determine the obligations of natural and legal persons who process personal data.
The purpose of this policy is to create management instructions, procedural conditions and a technical policy in order to ensure that Derin Limited / MinMaxVillas’ personal data of the persons concerned is processed and protected in accordance with the KVKK Law.
2. SCOPE
Within the scope of this policy, there are employees of Derin Limited / MiniMaxVillas, including the visitors of MiniMaxVillas.com. Derin Limited / MiniMaxVillas ® is an international advertising, marketing and consultancy company, Derin Yayıncılık Matbaa Reklam Bilgisayar Bilişim Tekn. From. Singing. Trade Ltd. is a registered trademark. MiniMaxVillas.com Derin Publishing Printing Advertising Computer Informatics Tech. From. Singing. Trade Ltd. is managed by. Politics, Derin Publishing Printing Advertising Computer Informatics Tech. From. Singing. Trade Ltd. It is applied in the activities created by and carried out for the processing and protection of all personal data.
This policy has been prepared in accordance with the KVKK Law and has been accepted by all employees of Derin Limited / MiniMaxVillas.
Derin Limited / MiniMaxVillas seeks the participation and support of its employees, visitors and customers. Our company provides its employees with adequate training and materials to ensure they properly protect company assets.
3. DEFINITIONS AND ABBREVIATIONS
3.1. Derin Limited / MiniMaxVillas
Derin Limited / MiniMaxVillas, Derin Publishing Printing Advertising Computer Informatics Tech. From. Singing. Trade Ltd. is one of the brands.
3.2. Open Consent
Consent on a specific subject, based on information and free will, for the processing of data.
3.3. Anonymization
Making personal data incapable of being associated with an identified or identifiable natural person under any circumstances, even by matching with other data.
3.4. Employees
Derin Limited / MiniMaxVillas Staff.
3.5. Service provider
Personnel of the third party company Derin Limited / MiniMaxVillas receives service from.
3.6. Personal Data Owner (Customer / Visitor)
The person whose personal data is kept and processed by Derin Limited / MiniMaxVillas.
3.7. Personal Data
Any information relating to an identified or identifiable natural person, such as e-mail address and telephone number.
3.8. Processing of Personal Data
All kinds of transactions carried out on personal data such as the automatic collection, change, storage, recording, disclosure or arrangement of personal information in full or in part.
3.9. Data Controller
People who decide what personal information Derin Limited / MiniMaxVillas will keep, how it will be done and used.
3.10. Data Processor
Natural or legal persons who process personal data on behalf of the data controller, based on the authority granted by the data controller.
3.11 KVKK Board
Personal Data Protection Board.
3.12. KVKK Institution
Personal Data Protection Authority.
3.13. KVKK Law
The Law on Protection of Personal Data published in the Official Gazette dated 7 April 2016 and numbered 29677.
3.14. Policy
Derin Limited / MiniMaxVillas, Personal Data Protection and Processing Policy.
4. ROLES AND RESPONSIBILITIES
4.1. Data Controller
It is the processing of all kinds of information carried out on personal data such as the automatic collection, change, storage, recording, disclosure or arrangement of personal information in full or in part pursuant to the KVKK Law.
Derin Limited / MiniMaxVillas determines the purposes of processing personal data and determines the establishment of the data recording system and what the data will be used for.
4.2. Data Controller Representative
When the data controllers registry is established, a data controller representative will be needed to keep the data private, process it and take the necessary security steps.
4.3. Data Processor
They are natural or legal persons who process personal data on behalf of Derin Limited / MiniMaxVillas under its authority.
4.4. Responsibility
In the event that personal data is processed by a real or legal person, Derin Limited / MiniMaxVillas and the data processors are obliged to take the necessary precautions. Derin Limited / MiniMaxVillas, as a data controller, oversees the trust process between itself and the relevant persons who share their personal data.
5. LEGAL OBLIGATIONS
Derin Limited / MiniMaxVillas has legal obligations within the scope of protection and processing of personal data according to the KVKK Law. These obligations are as follows:
5.1. Lighting Obligation
Derin Limited / MiniMaxVillas is obliged to inform the person concerned about the following during the collection of personal data:
• Identity of the data controller and its representative, if any,
• Reasons for protecting personal data,
• Method and legal reason for collecting personal data,
• Rights of the person concerned.
5.2 Obligation to Notify
Derin Limited / MiniMaxVillas is obliged to inform the relevant persons by evaluating the requests regarding these rights in accordance with Article 13 of the KVKK Law, via the info@derinlimited.com contact e-mail address or by calling the phone number 0090 551 135 42 35.
These requests must be written by the relevant persons manually or by other methods determined by the KVKK Board of Directors.
5.3. Obligation to Ensure Personal Data Security
Derin Limited / MiniMaxVillas, as the data controller, is obliged to provide the necessary security services in accordance with Article 12 of the KVKK Law.
5.4. Obligation to Register with the Data Controllers Registry
Derin Limited / MiniMaxVillas is obliged to register with the data controllers registry within the period determined and announced by the KVKK Board, pursuant to Article 16 of the KVKK Law.
6. LIMITATION OF PERSONAL DATA
6.1. Personal Data
A person’s name, surname, date and place of birth, identity number, social security number, phone number, e-mail address, address, images, payment information and all other similar information are considered personal data.
Derin Limited / MiniMaxVillas retains some data such as name, surname, phone number and e-mail address due to membership conditions.
6.2. Special Qualified Personal Data
An individual’s race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, disguise and clothing, membership to any foundation or organization, health, sexual life, criminal conviction, security measures, and biometric and genetic data are sensitive personal data. It is considered.
Derin Limited / MiniMaxVillas will never request such personal data unless specified in legal laws.
7. FUNCTIONING OF PERSONAL DATA POLICY
7.1. Personal Data Processing Principles
Derin Limited / MiniMaxVillas, in the processing of personal data, in accordance with the principles listed in Article 4 of the KVKK Law and with the conditions specified in Articles 5 and 6, it is obligatory to comply with the following principles;
• It is obliged to act in accordance with the KVKK Law and other legal rules.
• It should be transparent and comply with the obligation to inform and enlighten.
• Process personal data lawfully for specific and lawful limited purposes.
• Data must be relevant, limited and proportionate to the purpose for which they are processed.
• It should process personal data to the extent required. The proportionality principle should be taken into account and only the necessary part of the data should be processed.
• Keep the data for the period required by the relevant legislation or for the purpose for which they are processed. (see Chapter 9)
7.2. Derin Limited / MiniMaxVillas’ Purposes of Processing Personal Data
Derin Limited / MiniMaxVillas does not collect and save any personal information from a customer to send unwanted information (spam). Our company processes personal data for the following purposes;
• Processes personal and contact data such as name, surname, phone number and e-mail address for website registration and higher quality communication.
• Processes demographic, site or application browsing data to analyze and collect user’s points of interest. These data are used for the purposes of conducting and developing operational activities such as marketing and communication.
• Social network information is used to give a better and easier experience on the website. Some social networking sites such as Facebook, Instagram Twitter and Google Plus can only be used to log into Derin Limited / MiniMaxVillas website.
• Location data is data that is used when browsing from the user’s mobile phone, if allowed. Derin Limited / MiniMaxVillas recommends properties based on your location and processes location data to show you the nearest offices.
Derin Limited / MiniMaxVillas collects data in addition to the purposes stated above;
• Sending newsletters or making notifications to its members by e-mail,
• Dealing with each customer individually by responding to all kinds of questions and needs provided by the contact data,
• To inform about new services,
• Direct marketing,
• To communicate directly with its members when necessary.
7.3. Ensuring the Processing of Personal Data in Compliance with the Law
Derin Limited / MiniMaxVillas takes the following technical measures for the legal processing of personal data;
• With the internal organization for the legal processing and storage of personal data.
9. PERSONAL DATA PROTECTION POLICY
9.1. Data Protection Period
According to the KVKK Law, any information about an identified or identifiable person is personal data. All information such as e-mail address and phone number are recorded and securely protected by Derin Limited / MiniMaxVillas. In this regard, Derin Limited / MiniMaxVillas is obliged to act in accordance with the law while receiving and keeping the data.
These data will be kept until the protection purpose (see 7.2) is completed. According to the obligations of the state, although the data is kept for an average of 2 years, a different retention period may apply for the period stipulated in the legislation or required for the purpose for which they are processed. For example, according to the Tax Procedure Law, records and identification information must be kept for 5 years.
9.2. Precautions Regarding the Processing of Personal Data
Technical measures taken:
• Derin Limited / MiniMaxVillas takes measures to ensure the security of personal data. Necessary systems and control mechanisms have been established as a technical precaution.
Administrative measures:
• Derin Limited / MiniMaxVillas trains its employees to raise awareness about the protection of personal data.
• Derin Limited / MiniMaxVillas is responsible for supervising the measures taken for the protection of personal data processed by natural or legal persons.
10. PERSONAL DATA SECURITY POLICY
10.1. Data Security Obligations of Derin Limited / MiniMaxVillas
Derin Limited / MiniMaxVillas, as the data controller, has the following obligations regarding data security in accordance with Article 12 of the KVKK Law:
• To prevent unlawful processing of personal data,
• To make continuous audits,
• Ensuring sufficient technical equipment to ensure that the processed personal data is not unlawfully captured by others,
• Notifying the Board in case the data is seized.
10.2. Measures Taken to Protect Personal Data
The obligations of Derin Limited / MiniMaxVillas regarding the security measures it takes to keep personal data safe are as follows:
Technical and Administrative Measures
Technical and administrative measures to be taken are mentioned in the relevant sections regarding the processing, transfer and preservation of personal data. Although Derin Limited / MiniMaxVillas is obliged to take these measures in full and to prevent unlawful access; if there is still unlawful access to personal data by third parties; takes all technical and administrative measures to prevent harm to those concerned in accordance with the relevant legislation and Board decisions regarding the protection of this data.
Measures Taken for the Protection of Data and Their Control
The data recording systems used in Derin Limited / MiniMaxVillas are periodically monitored and audited to ensure that they are created and used in accordance with the KVKK Law and the relevant legislation, and a report is made to the person or board authorized in this regard.
Measures to be Taken in Case of Unauthorized Disclosure of Data
Derin Limited / MiniMaxVillas is obliged to take measures to prevent unauthorized disclosure of personal data and to establish an internal policy regarding this. In addition, in such cases, as the data controller, it is obliged to inform the persons whose personal data are disclosed in an unauthorized manner and the KVKK Board.
11. RIGHTS OF PERSONAL DATA SUBJECT
11.1. Right of Communication to Personal Data
Relevant persons, customers and visitors have the right to access personal data without any payment. These rights are;
• Learning whether personal data is processed or not,
• Requesting information about this if the data has been processed,
• Learning the purpose of processing their data and whether they are used in accordance with its purpose.
11.2. Right to Change or Delete Personal Data
Relevant persons, customers and visitors have the right to change or delete their personal data without any payment.
These rights are;
• Requesting correction of personal data in case of incomplete or incorrect processing,
• Requesting the deletion or destruction of personal data in case the reasons requiring the processing of personal data disappear,
• Requesting notification of the above-mentioned correction, deletion or destruction processes to third parties to whom personal data has been transferred,
• Objection to the negative results of the analysis of the processed data with the automatic system.
11.3. Ensuring Update of Personal Data
In case of your request to access, change or delete your personal data, you can contact us with the information below.
Phone: 0551 135 42 35
E-Mail: info@derinlimited.com
Address: Sinoplu Şht. Cemal Sk. No:4 Sisli-Istanbul
We will take steps we deem necessary to confirm your identity before sharing any personal data with you. We will respond to duly and approved requests regarding personal data within 30 days or as required by applicable law.
11.4. Application and Evaluation of the Related Person
Relevant persons may make a request to Derin Limited / MiniMaxVillas in order to access the processed personal data as soon as possible. Applications are answered as soon as possible or within the period stipulated in the KVKK Law.
Related persons should apply to the representative to be announced by Derin Limited / MiniMaxVillas and to be announced in the Data Controllers Registry when the legal infrastructure is provided. The data controller representative will finalize these applications within 30 days at the latest, without a fee or payment determined by the KVKK Board of Directors. To initiate this process, the relevant persons must send their applications to the data controller representative determined by the KVKK Board of Directors. Until a method is determined by the Board, applications must be made in writing. During the application to be made by the person concerned, the person concerned should clearly state which right he/she has exercised and, if any, with the information and documents.
Sinoplu Sht. Cemal Sk. No:4 Sisli-Istanbul
It must be sent to the corporate address by registered mail with return receipt requested.
The requests made by the data subject are accepted by the representative of the data controller or rejected by explaining the reason. Responses are given in written or electronic form. If the application is accepted, Derin Limited / MiniMaxVillas will fulfill its requirements and the fee will be returned to the relevant person if it is due to company fault.
In cases where the application is rejected by Derin Limited / MiniMaxVillas, the answer is found insufficient or the answer is not given on time; The person concerned has the right to file a complaint with the KVKK Board within 30 days from the date of learning the answer and within 60 days from the date of application.
12. COOKIE POLICY
The Cookie Policy applies to mobile platforms, websites and applications run by Derin Limited / MiniMaxVillas.
Derin Limited / MiniMaxVillas uses cookies to enrich the experience of its visitors and to provide them with a better internet and mobile service. Visitors can block cookies from their browser settings at any time. However, blocking the use of cookies may affect the usage performance of the website.
Our visitors, who use MiniMaxVillas.com without blocking the use of cookies, are deemed to have accepted all these.
13. PUBLICATION AND STORAGE OF THE POLICY
We may make changes to this Confidentiality Agreement from time to time. The most current version of the Privacy Policy will govern the collection, use and disclosure of information about you and will be available here. If we make material changes to this Privacy Policy, we will notify you by posting a notice on the Service or by e-mail prior to the effective date of the changes. By continuing to access or use the Service after these changes take effect, you agree to this modified Privacy Policy.
14. UPDATE PERIOD
In case of changes in line with the economic and commercial decision of Derin Limited / MiniMaxVillas or the policy decisions of the Personal Data Protection Board, our members whose data are recorded will be notified by the way they are registered. This policy will be updated with the provision of Derin Limited / MiniMaxVillas or KVKK Law and the latest updates will be communicated to all relevant persons.
Last Updated: May 5, 2021. This Confidentiality Agreement will be effective immediately for users visiting Derin Limited / MiniMaxVillas website on and after May 5, 2021.
15. EFFECTIVENESS
This policy will apply as soon as it is published until it is removed from the mobile platform or website.
16. SAFETY
We take appropriate technical and organizational security measures to protect personal information submitted to us from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access, both during transmission and after we receive it. However, methods of transmission over the Internet or via a mobile device, as well as electronic storage methods, are not 100% secure. Therefore, we endeavor to use commercially acceptable methods to protect your personal information, but we cannot guarantee its absolute security.
17. INTERNATIONAL DATA TRANSFER
Users residing in the EEA or Switzerland should consider that personal data information we obtain from or about them may be transferred, processed and stored outside of the EEA or Switzerland, including the United States, for the purposes described in this Privacy Policy. . We take the privacy of our users very seriously and therefore take steps to protect your information, including ensuring an adequate level of data protection in accordance with EU standards. This includes applying the European Commission’s Standard Contractual Provisions for personal information transfers between our group companies, which require all group companies to protect the personal information they process from the EEA in accordance with European Union data security laws. We have implemented similar appropriate measures with our third-party service providers and business partners, more details available on request.
Updated Date: 21.05.2021