Personal Data Policy
Rova Bilişim Personal Data Policy
General Information About the Personal Data Protection Law
The Personal Data Protection Law No. 6698 (hereinafter referred to as KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 dated April 7, 2016. Part of the KVKK entered into force on the date of publication, and part of it entered into force on October 7, 2016.
Information in the Capacity of Data Controller
In accordance with Law No. 6698 on the Protection of Personal Data and as the data controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties in cases permitted by law, classified, and processed in the manner specified in the Law on the Protection of Personal Data, as explained on this page.
How Your Personal Data May Be Processed
In accordance with KVKK No. 6698, your personal data shared with our Company may be processed by us through any type of operation performed on the data, such as being obtained, recorded, stored, modified, reorganized, in whole or in part, automatically, or through non-automatic means as part of any data recording system. Any processing of data under the KVKK is considered “processing of personal data.”
Purposes and Legal Grounds for Processing Your Personal Data
The personal data you share,
– To be able to provide our customers with services that meet the requirements of the contract and technology, and to improve the products and services we offer;
– Law No. 6563 on the Regulation of Electronic Commerce, Law No. 6502 on the Protection of Consumers, and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce, published in the Official Gazette No. 29457 dated August 26, 2015, based on these regulations, The Regulation on Distance Contracts published in the Official Gazette No. 29188 dated November 27, 2014, and other relevant legislation, for the purpose of recording the identity, address, and other necessary information of the transaction owner to identify their information;
– Organize all records and documents that will serve as the basis for payment systems, electronic contracts, or paper-based transactions, which are mandatory in the field of banking and electronic payments; comply with information storage, reporting, and disclosure obligations required by law and other authorities;
– In matters related to public safety and legal disputes, in order to provide information to prosecutors, courts, and relevant public officials upon request and as required by law; your personal data will be processed in accordance with Law No. 6698 on the Protection of Personal Data and related secondary regulations. Information about third parties or organizations to which your personal data may be transferred For the purposes mentioned above, the individuals/organizations to which your personal data shared with our Company may be transferred are as follows: primarily IdeaSoft Yazılım San. ve Tic. A.Ş., which provides our e-commerce infrastructure, as well as persons and organizations related to the services provided, such as suppliers and shipping companies, organizations with which we collaborate and from which we receive services in order to carry out our activities and/or in the capacity of Data Processors, domestic/foreign organizations, and other third parties.
How Your Personal Data Is Collected
Your personal data,
– Our company collects information such as name, surname, Turkish ID number, address, telephone number, work or personal e-mail address through forms on its website and mobile applications; preferences on pages accessed using a username and password, IP records of transactions performed, data collected by the browser such as cookies, browsing duration and details, and location data.
– Our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing, and call centers, through verbal, written, or electronic means;
– Personal data obtained from individuals who share their personal data with our company for purposes such as establishing commercial relations, applying for a job, or submitting a bid, through business cards, resumes (CVs), bids, and other means, in a physical or virtual environment, face-to-face or remotely, verbally or in writing, or through electronic means;
– In addition, data obtained indirectly from different channels, such as websites, blogs, competitions, surveys, games, campaigns, and similar purposes (micro) websites and social media, e-newsletter reading or clicking activities, data provided by public databases, and publicly shared profiles and data from social media platforms can be processed and collected.
Your Personal Data Obtained Before the KVKK Came into Effect
Personal data obtained in accordance with the law prior to April 7, 2016, the effective date of the KVKK, through membership, electronic communication consent, product/service purchases, and other means, is processed and stored in accordance with the terms and conditions set forth in this document.
Transfer of Your Personal Data Abroad
Your personal data collected using any of the methods listed above, whether processed in Turkey or processed and stored outside Turkey, may be transferred to service providers located abroad (in countries accredited by the Personal Data Board and providing adequate protection for personal data) in accordance with the KVKK and for the purposes of the contract.
Storage and Protection of Personal Data
Your personal data will be stored confidentially in the databases and systems of our Company in accordance with Article 12 of the KVKK; it will not be shared with third parties in any way except for legal obligations and the regulations specified in this document. Our company is obligated to prevent the unlawful processing of your personal data, to prevent unauthorized access, and to take software measures such as access management and physical security measures in accordance with Article 12 of the KVKK. In the event that personal data is obtained by others through unlawful means, the situation will be immediately reported to the Personal Data Protection Board in writing and in accordance with legal regulations.
Keeping Personal Data Up-to-Date and Accurate
In accordance with Article 4 of the KVKK, our Company is obliged to keep your personal data accurate and up to date. In this context, in order for our Company to fulfill its obligations arising from the legislation in force, our Customers are required to share their accurate and up-to-date data or update it via the website/mobile application.
Rights of Data Subjects Under Law No. 6698 on the Protection of Personal Data
Article 11 of Law No. 6698 on the Protection of Personal Data entered into force on October 7, 2016. Pursuant to the relevant article, the rights of the Data Subject after this date are as follows: The Data Subject may apply to our Company (data controller) regarding themselves;
– Learning whether personal data is being processed or not,
– Request information about the processing of personal data,
– Learning the purpose of processing personal data and whether it is being used for its intended purpose,
– Knowing the third parties to whom personal data is transferred within or outside the country,
– Requesting the correction of personal data that has been processed incorrectly or incompletely,
– Requesting the deletion or destruction of personal data within the framework of the conditions set forth in Article 7 of the KVKK,
– Requesting that third parties to whom personal data has been transferred be notified of any corrections, deletions, or destruction of personal data.
– Objecting to the analysis of processed data exclusively by automated systems resulting in a decision against the individual.
– They have the right to request compensation for damages incurred as a result of the unlawful processing of personal data.
Rova Bilişim İthalat İhracat San. Tic. Ltd. Şti., registered under number 218258-5 in the Istanbul Chamber of Commerce, with MERSİS number 0735153125300001, located at Seyrantepe Mh. Nato Cd. Kağıthane/İstanbul, is the data controller within the scope of the KVKK. The Data Protection Officer appointed by our company will be announced in the Data Protection Register and on the website where this document is located once the legal infrastructure is in place. Data subjects may direct their questions, opinions, or requests to any of the following communication channels:
E-Mail: bilgi@rovabilisim.com
Phone: 0850 466 7682