GOLD DRESSES TEKSTİL VE DIŞ TİCARET LTD. ŞTİ. POLICY FOR CONFIDENTIALITY AND PROTECTION OF PERSONAL DATA

 

  1. POLICY OBJECTIVE AND SCOPE

The objective of this Policy for Confidentiality and Protection of Personal Data (“POLICY”) is to inform individuals in relation to the processing of personal data of job applicants, suppliers, online and physical visitors, members, customers, shareholders and partners of GOLD DRESSES’s (“Data Supervisor”).

  1. APPLICANTS
    1. Personal Data Collected in Relation to Applicant Group of Individuals

In relation to the group of individuals applying for a job, GOLD DRESSES may process information such as;

  • Personal background, work experience, educational background, foreign language certificate and other certificates,
  • Name and surname, address, date of birth, e-mail address, telephone number and other contact details,
  • Records of information obtained during face to face interviews or via teleconference, video call or telephone,
  • References or information obtained via research conducted by GOLD DRESSES,
  • Results of recruitment assessment tools determining skills and personal attributes,
  • Salary expectations, disabilities and liabilities,

and method of payment. Documents such as a criminal record and health report may also be required.

  1. Purposes for Collecting and Processing Personal Data of Applicants

GOLD DRESSES may process an applicant’s personal data  based on one or more purposes specified  in  the section of this POLICY, titled “VII. Personal Data Processing  Purposes,” in accordance with the nature of the application.

  • Evaluating the suitability of the applicant’s qualifications, experience and interest in relation to  the vacant position,
  • Checking the validity of the information submitted by the applicant or contacting third parties for reference check purposes when required,
  • Contacting applicant concerning the recruitment process or, if suitable, contacting the applicant for any position subsequently opened in the country or abroad,
  • Meeting the requirements of regulations or those of an authorized body or organization,
  • Developing and improving the recruitment principles implemented by GOLD DRESSES,
  • Implementing operations which are required within the context of occupational health and safety.
  1. Methods of Collecting and Processing of Personal Data of Applicants

Personal data of applicants may be collected during the recruitment process by employing other methods and tools specified  in this POLICY, or with additional methods and tools specified  below:

  • Application form in print or published in  an electronic environment,
  • CVs which  have been submitted to GOLD DRESSES by applicants via e-mail, cargo, references and similar methods.
  • Recruitment or consultancy firms and LinkedIn,
  • Research carried out by GOLD DRESSES with the aim of confirming the accuracy of information obtained from the applicant during interviews conducted
  • Via tools such as video conferencing and telephones,
  • Recruitment tests which determine skills and personal attributes, carried out and analyzed by experienced experts.

GOLD DRESSES processes collected personal data via computer systems and human resources personnel, automatically and manually.

  1. Applicant Reference Checks

GOLD DRESSES may carry out reference checks in respect of  the applicant. The reference check process is usually carried out by means of confirming the accuracy of the information provided by the applicant. Determining factors  that may have been withheld by the applicant and which may have the capacity to cause a threat to GOLD DRESSES will be part of the research conducted.

In the context of the reference check, necessary personal data such as the identification information of third parties and applicants, work and educational backgrounds may be shared. Personal data concerning the applicant may be obtained from third parties .

Applicants may, at all times, contact GOLD DRESSES regarding the reference check process.

  1. Applicants’ Rights Related to their Personal Data

Applicants who wish to exercise their rights based on the Law on Protection of Personal Data no 6698 (“LPPD”) may apply to GOLD DRESSES in accordance with the rules and procedures declared in this POLICY.

  1. The Personal Data Collected During the Application Process Which will Continue to be Processed in the Instance of Recruitment

All personal data concerning the applicant which has been collected and processed during the application procedure are transferred to their personal file upon the decision to recruit the candidate for the vacant position.

  1. Security of Applicants’ Personal Data

With regards to  the personal data it processes,  GOLD DRESSES does not discriminate amongst data subject groups of individuals (such as applicants, group of individuals, interns). Detailed information regarding the security of personal data is found in the section of this document related to the security of personal data.

 

  1. PRINCIPLES IN RELATION TO PROCESSING OF PERSONAL DATA
    1. Processing in Compliance with Law and Principle of Honesty

In the processing of personal data, the principles which are enshrined in  legal regulations, and those which are related to general confidence and  honesty are being complied with .

  1. Ensuring that the Personal Data is Accurate and Up-To-Date when Necessary

Periodical verifications  and updates are made so  that the data processed are accurate and up-to-date, and the necessary measures are taken accordingly. In this context, systems for controlling the correctness of personal data and making necessary corrections are implemented in GOLD DRESSES. These changes and updates can be made by members on the My Account page at www.golddresses.com.tr

  1. Processing for Specific, Clear and Legitimate Purposes

Personal data are processed in accordance with  clear, specific and legitimate data processing purposes. The purpose for  which the data will be processed is described in detail below.

  1. Being related to and Limited to the Purpose of Processing thereof, and Being Measured

In order for  the envisaged purpose/purposes to be realized, personal data are processed in a measured manner  and which is related to  and limited to the purpose, and we abstain from processing the personal data which are not related to achieving the purpose or which are not needed.

  1. Preserving for the Period Stipulated in the Relevant Legislation or the  Period Required for the Purpose of Processing Thereof

GOLD DRESSES preserves personal data only for the period prescribed  in the relevant legislation or the  period required for the purpose of processing thereof. In this context ,  first of all we identify whether a period is stipulated in the relevant legislation for the preservation of personal data, if a period is prescribed  , we act in accordance with it , and if no period is prescribed , we preserve the personal data for the  period required for the purpose of processing thereof. In case of expiry of such period or in case the reasons requiring them to be processed cease to exist , provided  there is no legal reason for allowing them to be processed for longer periods, personal data are deleted, destroyed or anonymized in accordance with GOLD DRESSES’s Policy on Preservation and Destruction of Personal Data.

Preservation periods have been additionally indicated below.

 

 

  1. TERMS AND CONDITIONS IN RELATION TO PROCESSING OF PERSONAL DATA

Express consent of the relevant person is only one of the conditions that needs to be satisfied according to the law and which makes processing of personal data legally possible. Apart from express consent, personal data may also be processed in case of the existence of one of the below-specified conditions stipulated by the law.

The basis on which  personal data processing  activity is carried out may be  one or more than one of the below-specified conditions specified by the law. In the case where the personal data processed constitute private personal data; conditions listed under the heading “Circumstances Where Private Personal Data May be Processed” will be applied.

Individuals are informed of which personal data are being processed under  this hereby POLICY, for which purposes and reasons the personal data are being processed, from which resources the personal data are collected, with whom these personal data will be shared, and how they will be used.

  1. Being Explicitly Stipulated by Laws

GOLD DRESSES can process the personal data of individuals without obtaining his/her express consent in cases where processing of personal data is explicitly prescribed  by laws For example, pursuant of the Law on Electronic Trade Regulation, personal data to be processed in respect of  procedures such as membership to GOLD DRESSES, granting electronic permission for trade, purchase orders, deliveries, cancellation or return of products.

  1. Inability to Obtain Express Consent of the Relevant Person Due to Actual Impossibility

Data may be processed without the explicit consent of an individual if it is compulsory to process personal data in order to protect the life or body integrity of the individual or any other person where  an individual cannot give his/her consent or whose consent is deemed invalid due to actual impossibility.

  1. Direct Relationship with Conclusion or Performance of a Contract

Personal data belonging to the parties of a contract may be processed in case it is necessary,  provided that it is   directly related to the conclusion or performance of said contract. For example, the personal data provided by the Member in order to complete their GOLD DRESSES membership procedure.

  1. Performance by GOLD DRESSES of its Legal Obligation

Individuals’ data may be processed without obtaining explicit consent, where it is  compulsory to fulfill legal obligations as a data supervisor. For example, the delivery of an ordered product to a Member or the cost of a product being paid to the seller.

  1. Making Public the Personal Data of Individuals

In case individuals’ personal data are made public by themselves, data may be processed without the need to obtain express consent. .For example, personal data shared with the public by a member on the internet via HIS social media account, may be processed provided that it is done in accordance with the will and proportionality .

  1. Obligation to Process Data for Establishment or Protection of a Right

In the case where  data processing is mandatory in order to establish, exercise or protect a right, data may be processed without obtaining the express consent of the individual. For example, in relation to a complaint issued to the consumer arbitration committee by a Member, entering the transaction and information into this complaint folder.

  1. Processing of Data Based on Legitimate Interest

In case the data processing for GOLD DRESSES ‘s legitimate interests is compulsory provided that the fundamental rights and freedoms of the individuals are not infringed, the data may be processed without obtaining the individual’s explicit consent. For example, GOLD DRESSES conducting satisfaction surveys in order to ensure Customer satisfaction.

  1. Processing of the Employee’s Personal Data Based on Express Consent

Employee personal data shall be  processed on the basis of express consent in cases where it can not be processed based on any of the conditions specified in Articles 3.1 to 3.7 above.

 

  1. CIRCUMSTANCES WHERE PRIVATE PERSONAL DATA MAY BE PROCESSED

Part of the personal data are categorized  as “private personal data”, and they are subject to a special protection.

  1. Processing of Private Personal Data Based on Express Consent

Private personal data may be processed in the event that the individual has given his/her express consent  in accordance with the principles specified in this hereby POLICY and by taking the necessary administrative and technical measures.

  1. Circumstances Where Private Personal Data may be Processed Without Express Consent

In cases where the individual has not given his/her express consent, in the following cases, private personal data are processed provided  that sufficient measures to be determined by the Board of Protection of Personal Data (“Board”) are taken:

  1. Private personal data other than  the individual’s health condition and sexual life, in cases where stipulated by laws,
  2. Private personal data in respect of the health of the individuals and sexual life shall be  only available to persons who are bound by the duty of confidentiality or authorized bodies and institutions for the purpose of public health protection, preventive medicine, medical diagnosis, treatment and  care services, planning and management of health services and financing.

 

  1. ENLIGHTENING AND INFORMING INDIVIDUALS

During the acquisition of personal data, individuals shall be informed by GOLD DRESSES. In this context , they shall be  informed of the identity of the contact person of GOLD DRESSES, the purpose for which personal data will be processed, to whom and for which purposes the data processed may be transferred, method of collecting personal data, and the rights that the employees are lawfully entitled to.

In case individuals request information in relation to their personal data, GOLD DRESSES shall inform  them through info@golddresses.com.tr . Physical visitors shall be  informed about the video cameras present   on  GOLD DRESSES ‘s premises . Additionally, there are signs placed at  visible points inside the building, which offer brief information.  With this hereby Policy, users visiting the GOLD DRESSES web site are informed; those who become Members are informed yet again not only by this  hereby Policy, but also with the details presented on the Membership page.

 

  1. CATEGORIZATION OF PERSONAL DATA

Within the scope of this policy, GOLD DRESSES processes the data of individuals in the below-specified categories:

  • Credentials
  • Contact Details
  • Location Data
  • Information on Family Members and Kith and Kin
  • Physical Space Security Information
  • Financial Information
  • Personal Information
  • Candidate Employee Information
  • Individuals Processing Information
  • Legal Transactions and Compliance Information
  • Private Personal Data
  • Information on Complaint Management

 

  1. PURPOSE OF PROCESSING OF PERSONAL DATA
    1. Processing Conditions

Personal data are processed subject to  the following conditions. The conditions are;

  • The relevant activity in relation to the processing of your personal data is explicitly stipulated by laws,
  • The processing of your personal data by GOLD DRESSES is directly related to and necessary for the conclusion or performance of a contract,
  • The processing of personal data is mandatory  for the fulfillment  of GOLD DRESSES’s legal obligation,
  • Provided  that the personal data has been shared with  public by the individuals; to be processed by GOLD DRESSES in a proportional manner  for the purpose of publicity .
  • Processing by GOLD DRESSES of personal data is mandatory  for the establishment, exercise or protection of rights of GOLD DRESSES or its individuals or third persons,
  • Provided  that the fundamental rights and freedoms of individuals are not infringed ,  the processing personal data is obligatory in order to uphold  the legitimate interests of GOLD DRESSES,
  • The processing of personal data by GOLD DRESSES is mandatory for the preservation  of the life and physical integrity of the data owner or another person, and in such a  case where  the owner of personal data is  in a position where he /she cannot give his/her consent due to an actual impossibility or legal invalidity.

In the case that the above conditions are satisfied; GOLD DRESSES seeks to obtain the  express consent of the personal data owners in order to process personal data.

  1. Processing Purposes

GOLD DRESSES shall process personal data for the following purposes:

Candidate Working Group:

  • Ensuring completion and implementation of   human resources policies and processes ,
  • Planning the selection and evaluation procedures of candidate worker’s applications,
  • Implementing required operations within the framework of occupational health and safety regulations,
  • The communication activities necessary for the placement of the working candidate,
  • Internship recruitment, placing  and planning of operational processes.
  • For intern lawyers; To fulfill the legal requirements within the scope of professional solidarity under the Legal Profession Act.

For the Customer Group:

  • Fulfilling the legal requirements stipulated  in the law on electronic trade and the Turkish code of commerce.
  • Planning activities focusing on customer satisfaction and/or experience.
  • Legal, regulatory and company management legislations and ensuring compliance with correct application.
  • Preparation of product to be delivered in accordance with the customer’s order and providing assurance that delivery shall be made e within guaranteed time frame.
  • In cases  of cancellation and returns, relaying information to relevant department to ensure that the customer is reimbursed as soon as possible.
  • .Establishing and implementing processes for ensuring the security of information.
  • For the risk to be reduced  to an acceptable level.
  • Risk Management.
  • Forming Access Authorization and Control Matrix.
  • Identifying Data Transfer techniques.
  • Creating data preservation processes and procedures
  • Identification and implementation of remote access procedures an processes
  • Use of results derived from the sharing of anonymous data within the framework of customer CRM applications  in decision support systems.
  • Correct targets within  the scope of campaign planning, feasibility studies and CRM.
  • Invoicing and regular pursuance.
  • Fulfilling company obligations.
  • Data collection to form a customer portfolio.
  • Data collection to bring a product which  is not in stock for customers.
  • Data collection to be able to provide tailoring services to customers.

For the Supplier Group (Supplier, Supplier Executive, Supplier Employee):

  • Management of the business process with suppliers.
  • Implementation of legal processes and requirements such as contracts for the service required .
  • Establishing  communication with the relevant supplier for production on behalf of the company.
  • Drawing up contracts with selected suppliers.
  • Carrying out purchasing procedures.
  • Monitoring and supervision of manufacturing process.
  • Managing communication with the depot during the cancellation procedures when deficient or faulty products are received.
  • Supervision of payments and granting approvals.
  • In accordance with the Occupational Health law and agreement.
  • Payment and supervision of premiums to be paid to employees and the government, pursuant of the SGK (Social Security Institution) regulation.
  • Checking whether employees hold a certificate of competency (a certificate, document of authority, etc. depending on their occupation)
  • Inspection of documents regarding  hygiene and working at heights.
  • Evaluation of supplier employees’ suitability according to OHS laws.
  • Checking whether Social Security Institution premium debts have been paid.
  • Gathering of required information and documents in order to establish  a legal relationship with the supplier.
  • Managing relationships with suppliers.
  • Ensuring company resources are used economically and focusing on  improvement of company operations based on customer oriented approach.
  • Determining the needs of the depot and resolving it in a speedy and cost-effective manner.
  • Carrying out purchasing transactions required by the company.
  • Preparation of required visuals for product promotion and marketing.
  • Recruitment of manpower required for the preparation of visuals necessary for product promotion and marketing.
  • Obtaining documentation from real person or legal entity supplier processing personal data indicating adherence  to liabilities in terms of GOLD DRESSES’s data security, pursuant to the LPPD.
  • Supervision of whether obligations are fulfilled  and planning auditing.
  • Foreseeing the liability for suppliers to preserve confidentiality indefinitely.
  • Drafting  a clause indicating that in the the case where  personal data relayed to suppliers is not obtained via legal channels, the supplier is obliged to inform GOLD DRESSES of the situation as soon as possible.

Claimant 3. For a Group of Individuals:

  • Legal, regulatory and company management legislations and ensuring compliance with correct application.

Public Official conducting the investigation or proceeding, for the administrative organ employee:

  • Obtaining information and documents required for the management of legal and administrative procedures.
  • Fulfilling legal obligations .

For Online Visitors:

  • Requirement of adherence to legislative regulations.
  • Logging of online visitors and user’s system actions.

For Shareholders/Partners:

  • Obtaining information and documents required for the management of legal and administrative procedures.

 

  1. TRANSFER OF PERSONAL DATA TO THIRD PERSONS NATIONALLY AND ABROAD

Personal data and private personal data belonging to individuals may be transferred to third persons (third party companies, group companies, real third persons) in accordance with their  processing purposes , by taking the necessary security measures.

  1. Transfer of Personal Data

Personal data may be transferred  to third parties in the the case where the  conditions  in LPPD’s Clause 8 and 9 are foreseen.

E-mail and/or telephone number may be shared with third parties abroad for singularization and match-up purposes. Information of anonymous quality about  online visitors which are non-member and their website use habits are collected with cookies and can be shared.

  1. Third Persons to Whom the Personal Data are Transferred, and Their Purpose of Processing

Your personal data may be transferred to the below-listed individuals :

  1. Business partners of GOLD DRESSES,
  2. Suppliers of GOLD DRESSES,
  3. Affiliates of GOLD DRESSES,
  4. Shareholders of GOLD DRESSES
  5. Legally competent public institutions and organizations,
  6. Legally competent private jurists.

Scope of the above-specified persons to whom transfer is made, and the purpose of data transfer are specified below.

 

  1. PRESERVATION PERIOD OF PERSONAL DATA

The preservation periods of personal data processed by GOLD DRESSES are indicated in the table below.

 

 

 

 

 

 

DEPARTMENT NAME PERSONAL DATA GROUP PERSONAL DATA CATEGORY PRESERVATION PERIOD
LAW Employee Data Credentials

Contact Details

Financial Information

Information on Legal Transactions

Personal Information

Educational Information

Professional Experience and Knowledge

Information on Side Benefits

Personnel Group Information

Organization Information

Information on the Employee’s Performance and Career Development

Private Personal Data

10 years pursuant of Turkish Code of Obligations
  Supplier Data (Real Person, Supplier Executive, Supplier Employee) Credentials

Contact Details

Financial Information

Information on Legal Transactions

Risk Management

Private Personal Data

10 years following conclusion of legal relationship
  Consultant/Trainer Credentials

Contact Details

Financial Information

Information on Legal Transactions

Private Personal Data

10 years following conclusion of legal relationship
  Intern Lawyer Credentials

Private Personal Data

1 year following conclusion of internship
  Customer Credentials

Contact Details

Financial Information

Information on Legal Transactions

Private Personal Data

10 years following conclusion of legal relationship
  Claimant 3. Individuals Credentials

Contact Details

Financial Information

Information on Legal Transactions

Information on Customer Transactions

Transaction Security Information

Risk Management Information

Private Personal Data

10 years as of final judgment
  Public official representative of the office running the investigation and proceedings Credentials

Information on Legal Transactions

Private Personal Data

10 years as of final judgment
  Shareholder/Partner Credentials

Contact Details

Financial Information

Information on Legal Transactions

Educational Information

Private Personal Data

Unlimited Time
HUMAN RESOURCES Employee Data Credentials

Contact Details

Personal Information

Professional Experience and Knowledge

Financial Information

Information on Legal Transactions

Educational Information

Side Benefits

Private Personal Data

50 years
    Copy of Marriage Certificate

Copy of Children’s IDs

Personnel Group Contact Details

10 years
  Employee Candidate Credentials

Contact Details

Personal Information

3 years
  Intern (Normal) Credentials

Contact Details

Personal Information

Financial Information

Educational Information

Information on Transactions of Employee

Private Personal Data

10 years
  Intern (Mandatory) Credentials

Contact Details

Private Personal Data

Educational Information

10 years
PRODUCT Employee Data Credentials

Contact Details

Corporate Identity Information

Information on Transactions of Employee

5 years following the end  of legal relationship
  Customer Data Contact Details Upon the end of the legal relationship; 1 year as of the date of retrieval of the commercial electronic message permit, 3 years for all records related to electronic  trade, 2 years of traffic information pursuant of the law no. 5651, 10 years pursuant to TPL, TCO, TCC, Consumer Protection Law.
  Supplier Data (Supplier Employee, Supplier Executive) Credentials

Contact Details

Financial Information

Corporate Identity Information

Private Personal Data

Upon the end  of the legal relationship, 10 years in accordance with TCC and TPL.
PRIVATE LABEL Supplier Data (Supplier Employee, Supplier Executive, Accounting Executive. Credentials

Personal Information

Contact Details

Private Personal Data

Corporate Identity Information

Financial Information

 

10 years following the end  of legal relationship
  Employee Data Private Personal Data 10 years following the end of legal relationship
ADMINISTRATIVE AFFAIRS Supplier Data (Supplier Employee, Supplier Executive) Personal Information

Credentials

Private Personal Data

Financial Information

Contact Details

Information on Legal Transactions

10 years following the end  of legal relationship
IT

( INFORMATION TECHNOLOGIES)

Employee Data Credentials

Personal Information

Contact Details

Risk Management Information

Transaction Security Information

10 years
    Risk Management Information

(Mac Adress, Internet Logs)

2 years
  Online Visitor Data Transaction Security Information

Risk Management Information

 

2 years
  Customer Data Credentials

Contact Details

Financial Information

Information on Customer Transactions

Transaction Security Information

Risk Management Information

Information on Legal Transactions

10 years
  Supplier Data Credentials

Transaction Security Information

Corporate Identity Information

Contact Details

Financial Information

 

10 years
STORE Employee Candidate Information Credentials

Contact Details

Personal Information

Private Personal Data

2 years
  Supplier Data Credentials

Financial Information

Contact Details

Private Personal Data

10 years
BUSINESS DEVELOPMENT Customer Data Credentials

Financial Information

Contact Details

Purchase Order Information

Until the end of the project period.
  Supplier Data Contact Details

Corporate Identity Information

Financial Information

Until the end of the project period.
  On-line Visitor Data Credentials

Contact Details

Location Information

Information on Pages Visited

Until the end of the project period.
ACCOUNTING Employee Data Credentials

Contact Details

Corporate Identity Information

Financial Information

Personal Information

Private Personal Data

5 years in accordance with TPL, 10 years in accordance with TCC
  Supplier Data Credentials

Contact Details

Financial Information

Private Personal Data

5 years in accordance with TPL, 10 years in accordance with TCC
  Customer Data Credentials

Financial Information

Contact Details

5 years in accordance with TPL, 10 years in accordance with TCC
Purchase Department Employee Data Credentials

Corporate Identity Information

Contact Details

5 years following conclusion of legal relationship
  Supplier Data Credentials

Contact Details

Financial Information

Corporate Identity Information

Private Personal Data

Risk Management Information

10 years following the end of legal relationship
STUDIO Employee Data Credentials

Corporate Identity Information

Contact Details

5 years following the end of legal relationship
  Supplier Data Credentials

Contact Details

10 years following conclusion of legal relationship
    Private Personal Data

(Photograph, video recordings)

70 years following the end  of legal relationship
    Transaction Information Arranged to be updated on an annual basis

 

  1. SAFETY OF PERSONAL DATA

To ensure the  safety of personal data, reasonable measures are taken which will prevent risks of unauthorized access , accidents and data losses, deliberate deletion of data or damages to data.

To prevent  access to personal data by persons other than those who have been granted authorisation to  access , all necessary technical and physical measures are taken. .In this context, particularly  the authorization system shall be  designed in such a way to make it impossible for anyone to access personal data to an extent which is more than required While ensuring safety of private personal data such as health data, measures which are more strict compared to  measures related to other personal data are taken.

Authorized persons are subjected to  necessary safety checks . In addition, the aforementioned persons are trained in relation to  their duties and responsibilities.

Records of access to personal data are kept to the extent permitted by technical opportunities, and these records are reviewed at regular intervals. When an unauthorized access is suspected , an investigation is immediately initiated .

GOLD DRESSES shall comply with the obligations specified below  for the purpose of ensuring safety of the data being processed:

  • Acting lawfully and honestly regarding  the matters related to the protection of personal data,
  • Processing the personal data accurately and in full,
  • Carrying out the necessary practices for the purpose of updating the personal data which are outdated.
  • When he/she notices any contradiction with  the law in relation to  processing of personal data, it shall inform   the relevant manager,
  • Making necessary referrals for the exercise of legal rights related to personal data,

 

  1. LEGAL RIGHTS OF INDIVIDUALS AND METHODS FOR EXERCISING THESE RIGHTS
    1. Rights Related to Personal Data in the Context of LPPD

Rights which can be exercised  by individuals in relation to personal data as stated in LPPD Clause 11, are specified  below:

  1. Learn whether or not personal data have been processed,
  2. Request information on the procedure, if personal data have been processed,
  3. Obtain information on the purpose of processing personal data and find out whether personal data were used as fit for the purpose,
  4. Obtain information  about the third persons to whom personal data were communicated domestically or abroad,
  5. Request  the correction of personal data that may have been incompletely or inaccurately processed,
  6. Request the deletion or destruction of personal data within the provisions set forth in applicable legislation,
  7. Request that the third parties to whom personal data are transferred are informed about  the transaction carried out pursuant to sub-paragraphs (d) and (e),
  8. Object to an outcome which is detrimental to the concerned as a result of the analysis of the processed data exclusively through automatic systems,
  9. Request compensation for  damages in the case that damages are sustained  as a result of the illegal processing of personal data..
  10. Principles in Relation to Exercising Rights in Relation to Personal Data

To exercise  their rights relating to personal data, GOLD DRESSES members may submit their application via e-mail with the e-mail address they have registered into the system during their membership process, to info@golddresses.com.tr . Individuals who are not members can submit their application by using the Use of Personal Data Application Form via www.golddresses.com.tr. Applications filed  in this manner will receive a response within 30 days.

 

13 EFFECTIVENESS AND UPDATABILITY

This hereby POLICY has entered into force on date of publication. The Policy may be updated for the purpose of adaptation to changing conditions and compliance with the legislation. Information regarding the relevant  update will be provided via www.golddresses.com.tr

 

 

ANNEX-1

DEFINITIONS STATED IN THE POLICY

 

Express Consent: Consent in relation to a specific matter, which is based on informing and which is expressed  with free will.

Anonymization : Anonymization of personal data is to render it impossible for personal data to be associated  in any manner with the identity of a real person who is   is identified or identifiable, even if they are matched with other data.

Personal Data Owner: Real persons whose personal data is being processed. For example, Members, Customers…

Personal Data: means any kind of information about an identified or identifiable real person.

Private Personal Data: Data in relation to race, ethnic origin, political opinion, philosophic belief, religion, sect or other beliefs, appearance, membership to associations, foundations or unions, health, sexual life, imprisonment and security measures and biometric and genetic data are private personal data.

Personal Data

Protection : Any transaction carried out  with  the data, such as obtaining, recording, storage, preservation, alteration, reorganization, disclosure, transfer, takeover, making available , classifying the personal data or blocking its   usage by full or partly automatic means, or by non-automatic means provided that they are part of a data entry system.

Data Processor: Real and legal persons who process personal data on behalf of the data supervisor depending on  the authorization granted  by the data supervisor.

Data Responsible: Real and legal persons who determine the aims and tools with which personal data will be  processed , real and legal persons responsible for  responsible for the establishment and management of the data record system .