• PRIVACY AND PERSONAL DATA PROTECTION POLICY
  • A. INTRODUCTION
  • Data privacy is extremely important to 7elt and we attach particular importance to the openness and transparency of our processing of your personal data.
  • For this reason, we explain in this Privacy and Personal Data Protection Policy (hereinafter referred to as “Policy”) how your personal data will be processed and protected. This content is important, so please read it carefully and be sure to control your privacy.
  • Before we start, we would like to explain our privacy policies to you:
  • ·We take your privacy seriously.
  • ·We are committed to protecting the security of your personal data.
  • ·We comply with data privacy laws when using your personal data.
  • ·We only use your personal data in the ways described in this document.
  • ·We will not collect your personal data if it is not necessary.
  • ·We will stop collecting your personal data when it is no longer necessary for the purposes for which we collect your personal data.
  • ·We will explain to you your rights to control your personal data.
  • A.1. WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA?
  • The data controller in the processing of data is SEVEN GÜVENLİK SİSTEMLERİ TİC.LTD.ŞTİ, whose Certificate Number is 0764032813300018. (“7ELT” or “COMPANY”)
  • 7ELT contact information is as follows:
  • ·Mailing address: ikitelli Osb Mah. 6.Cadde Beyaz Tower No:1 D:30 Başakşehir-İstanbul TURKEY
  • ·Phone: 0212 255 47 35
  • ·Email:info@7elt.com
  • A.2. POLICY PURPOSE
  • This Policy regulates the principles and principles adopted by 7elt, which operates in the field of auto key and lock systems, to ensure compliance with the legislation in the processing and protection of personal data regulated and protected within the scope of the Personal Data Protection Law No. 6698.
  • Protection of personal data is of great sensitivity for 7ELT and is among the priorities of our company.
  • The text of the personal data processing policy is shared with 7ELT on the website of www.7elt.com (hereinafter referred to as the “Site”). It is an integral part of the membership agreement and the commercial distance sales contract drawn up between the real person user who becomes a member through the mobile applications announced by 7ELT and the legal person user’s representative(s).
  • A.3. POLICY SCOPE
  • This Policy applies to our Company, its customers, potential customers, their employees, our Company’s interns and employees, intern and employee candidates, shareholders, officers, officials, shareholders and employees of the organizations with which it has commercial relations, physical and virtual visitors, members and third parties. It covers all personal data processed by automatic or non-automatic means, provided that it is part of any data recording system. In addition, the principles and principles adopted by this Policy apply to all employees, employee candidates, subcontracted employees, existing and potential business partners who process personal data processed by our Company, have access to personal data, provide personal data to the Company or receive data from the Company. It is applied to the employees of ‘s affiliated companies and their officials.
  • A.4. DEFINITIONS
  • Explicit Consent: Consent regarding a specific subject, based on being informed and expressed with free will,
  • Processing of Personal Data: Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, personal data by fully or partially automatic or non-automatic means provided that it is part of any data recording system. Any operation performed on data such as making it available, classifying it or preventing its use,
  • Personal Data Owner: The real person whose personal data is processed, (including legal entity officials)
  • Personal Data: Any information regarding an identified or identifiable natural person,
  • Special Personal Data: Data regarding race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance, association, foundation or union membership, health, sexual life, criminal conviction and security measures. biometric and genetic data, special quality data,
  • Data Controller: Data controller is the person who determines the purposes and means of processing personal data and manages the place where the data is systematically kept (data recording system),
  • Data Processor: Real or legal person who processes personal data on behalf of the data controller, based on the authority given by the data controller.
  • Data Recording System: Personal data Registration system where data are structured and processed according to certain criteria,
  • Law: Personal Data Protection Law No. 6698,
  • Anonymization: Making the data previously associated with a person impossible to associate it with an identified or identifiable real person in any way, even by matching it with other data
  • expresses.
  • B. PRINCIPLES ON THE PROCESSING OF PERSONAL DATA
  • Our company acts in accordance with the following principles, which have been determined and adopted in accordance with all legislation, especially the Constitution and the Law, in the processing of personal data.
  • B.1.7What are the types of personal data collected by ELT?
  • We use the personal data we collect from you in several different ways, the purpose of which we process the data we collect varies depending on the relevant data. In the table below, this issue is explained in detail, the types of personal data we collect and the purpose of our collection are shown.
  • Personal Data Category

    Personal Data Example

    Credentials & Contact Information

    For example, your name, date of birth, place of birth, ID number, ID information, mother’s name, father’s name, ID serial number, ID validity date, signature, ID photo. , gender, your e-mail address, postal address, residential address, telephone number and other personal data

    Customer Transaction Information

    For example, payment card information, call document records, account holder name, billing information, bank account number, IBAN number, receipt information, account information , customer’s account transactions, communication history, etc.

    Financial Information

    For example, bank/payment institution information, customer number, payment account information, call document records, account holder name, billing information, bank account number, IBAN number, receipt information, account information, financial performance information, business information, etc.

    Marketing Information

    For example, conversations and correspondence between 7ELT and the customer via telephone and e-mail, communication history, shopping history information, surveys, cookie records, information obtained through campaign work, etc.

    Location Information

    For example, location information of the place where the transaction took place and where it is located.

    Risk Management Information

    For example, information processed to manage commercial, technical, administrative risks, etc.

    Process Security Information & Complaint Management Information

    For example, the customer’s IP address, website login-login information, password and password information, instant photo, business photo, transaction receipts, residence address , civil registry document, tax plate, internet provider, operating system and browser used, device type; for example, laptop or smartphone, mobile application or website, device cookie settings and other device-related details, geographic region reported by the customer device, etc.
  • B.2. For what purposes does 7ELT process your personal data?
  • 7elt may share your personal information with all relevant authorities, including the Turkish Penal Code no. 5237, the Criminal Procedure Law no. 5271, the Law on Prevention of Laundering Proceeds of Crime no. 5549, the Labor Law no. 4857, the Turkish Commercial Code no. 6102, the Turkish Code of Obligations no. 6098. It operates for the following purposes and based on the legal bases stated below, in order to fulfill the obligations arising from national/international legislation and secondary regulations published by national/international competent authorities based on them, as well as all agreements to which it is a party:
  • Which Purposes of Processing Your Personal Data

    Legal Basis for Data Processing

    To fulfill the requests or applications you submit through Corporate Communication and Customer Communication channels, and to update your identity and contact information. To carry out the necessary work by the business units and carry out the relevant business processes in order to benefit the relevant people from the products and services offered by our shopping site, to carry out the necessary work by the relevant business units to realize the commercial activities carried out by our shopping site and to carry out the related business processes. Preparing the product to be delivered in accordance with the customer order and ensuring that it reaches the customer within the promised delivery time. Informing the relevant unit in order to transfer the product prices regarding cancellation or return to the customer’s account as soon as possible.  Data collection to bring out-of-stock product to customer   Performance of a contract and its fulfillment by checking up-to-date information about our products and services. Our legitimate interest in evaluating applications and requests regarding services with customers/potential customers.
    To conduct usability and quality analysis of mobile application development services and websites for the purpose of improving our products and services. . Planning and execution of commercial and/or business strategies of our shopping site. Carrying out activities that increase user experience by tracking customer movements and improving the functioning of the website and mobile application of our shopping site and personalizing it according to customer needs, Including for the purposes of direct and non-direct marketing, carrying out personalized marketing and remarketing activities, carrying out personalized segmentation, targeting, analysis and in-house reporting activities, market research, planning and execution of customer satisfaction activities and planning and execution of customer relationship management processes. Planning and execution of the sales and marketing processes of the products and/or services of our shopping site, including planning and execution of the processes of creating and/or increasing loyalty to the products and/or services offered by our shopping site.   For the performance of a contract and to share up-to-date information about our products and services with our customers/potential customers our interest.
    To verify and carry out financial transactions regarding the financial transactions you make, to confirm whether the membership conditions are met, to issue and regularly follow up invoices, to fulfill the company’s obligations.< /span> Performance of a contract.
    To fulfill requests to update identity and contact information. Establishing and implementing processes to ensure the security of information. Reducing the risk to an acceptable level. Risk Management. Creation of Access Authorization and Control Matrix.Detection of Data Transfer techniques.Establishment of data storage processes and methods.Remote access methods and methods. determination and execution of processes. Ensuring commercial, technical, administrative and legal security.
    Keeping website and application entry-exit records. Logging system movements of online visitors and users. Our legitimate interest in getting to know our customers better and improving our products and services accordingly and ensuring transaction security ensuring.
    To identify visitors to our website.   Our legitimate interest and your prior express consent to share up-to-date information about our products and services with our customers/potential customers.
    To conduct data analytics and market research. To be able to provide better service to customers, to provide various advantages, to provide information about sales, marketing, information, promotions, to provide information about campaigns and conditions, to conduct surveys, customer satisfaction research, to accelerate your purchases, to receive and deliver your orders. Creating campaigns for customers, cross-selling, campaign planning, feasibility studies and accurate targeting within the scope of CRM.     Our legitimate interest in sharing up-to-date information about our products and services with our customers/potential customers and prior Your express consent.
    To carry out the services provided to our member customers. Establishing contracts for all kinds of requested products and services, carrying out order/cancellation/return processes and arranging all other records and documents (in paper or electronic media) and keeping the information and documents in the company records To carry out the necessary operational activities of 7ELT and its subsidiaries, its parent company and the third party companies it cooperates with, to ensure its legal and commercial security, to ensure the security of all locations belonging to our Company, within the scope of providing the products and services in question and maintaining them as uninterrupted as required, 7ELT’ Execution of human resources policies of .
    Resolving your questions and complaints. Your express prior consent.
    Requesting information/documents from the Customer to ensure account security. Ensuring the security of the service provided in accordance with the terms of the contract concluded between the parties and legal legislation.
    Providing KVKK legal and technical services and occupational health and safety information management system services. Legal obligations arising from the legislation and ensuring legal and commercial security.
    Providing information to authorized institutions based on legislation. Legal obligations arising from legislation.
    Hnews, information and updates on our services, newsletters, offers < span lang="DE">and to send you marketing communications regarding special events and other marketing communications (via SMS, email or telephone) that may be of interest to you. We also use the data we collect about you in our product and service advertisements on third party websites. Our legitimate interest in sharing up-to-date information about our services with our customers/potential merchants (via SMS, e-mail and telephone channels) until the right of refusal is exercised. Since customers have the title of merchants for marketing purposes, explicit consent is not required in accordance with the legislation)
  • Your personal data is processed within the scope of our services listed in accordance with the principles in Article 4 of the Law and within the processing conditions set out in Articles 5 and 6.
  • Our Shopping Site; In order to carry out online behavioral advertising and marketing, the user has the right to associate the behavior of the user visiting the site with a cookie in the browser, even if they are not a member, and to define remarketing lists based on metrics such as the number of pages viewed, visit duration and target completion number. Targeted advertising content can then be shown to this user on the site or on other sites in the Display Network, based on the users’ interests. When Google AFS ads are directed to our Shopping Site, Google may place cookies on users’ browsers or read the cookies contained therein, or use web beacons to collect information. For more information please see our Cookie Policy[HA4]Please review.
  • B.3. General Principles in Processing Personal Data
  • 7ELT processes and protects data within the framework of compliance with the Constitution of the Republic of Turkey, the Personal Data Protection Law and in accordance with legal legislation.
  • In this context, 7elt complies with Article 4 of the Law. In accordance with the following principles:
  • B.3.1. Compliance with the Law and the Rules of Honesty
  • 7ELT, as a prudent merchant, acts in accordance with the principles brought by legal regulations and the general rule of trust and honesty in the processing of personal data.
  • B.3.2. Ensuring Personal Data is Accurate and Up-to-Date When Necessary
  • 7ELT ensures that the personal data it processes are accurate and up-to-date, taking into account the fundamental rights of personal data owners and its own legitimate interests within the scope of the Personal Data Protection Law, as well as other laws that it has to comply with within the scope of its activities.
  • B.3.3. Processing for Specific, Clear and Legitimate Purposes
  • 7ELT clearly and precisely determines the purpose of processing personal data that is legitimate and lawful. In this context, personal data is presented or processed limited to the services to be offered and legal obligations. The purpose for which personal data will be processed is determined before the personal data processing begins.
  • B.3.4. Being Related to the Purpose for Processing, Limited and Proportionate
  • 7elt processes personal data in a way that is suitable for achieving the specified purposes and avoids the processing of personal data that is not related or needed to achieve the purpose. Accordingly, processing of data is limited to activities and legal obligations.
  • B.3.5. Preservation for the Period Envisaged in the Relevant Legislation or Necessary for the Purpose for which they are Processed
  • 7ELT determines for what purposes and how long personal data will be processed before the processing begins, and retains personal data only for the period specified in the relevant legislation that it is obliged to comply with or for the period required for the purpose for which they are processed.
  • In addition, it carries out data minimization studies, determines the periods stipulated in the legislation for the storage of personal data, or if there is no period stipulated in the legislation, determines the maximum period according to the purpose of processing and deletes, destroys or anonymizes the personal data after these periods. It makes it.
  • Information about you will be stored only as long as you continue to be a 7elt customer. If you decide that you no longer wish to be a customer, you can contact our customer service team and request that all of your information be deleted.
  • If reasonable requirements apply or if necessary to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce the Terms of Use and other policies, 7elt may retain the necessary information about you, even after you close your 7elt account or Although we no longer need this information to provide these services, we may continue to store it.
  • B.4 Conditions for Processing of Personal Data
  • B.4.1. Having Explicit Consent of the Personal Data Owner
  • One of the conditions for processing personal data is the explicit consent of the owner. Explicit consent of the personal data owner must be expressed on a specific subject, based on information and free will.
  • B.4.2 Situations Where Personal Data May Be Processed Without Explicit Consent
  • B.4.2.1. Clearly Provided in Laws
  • The personal data of the data owner may be processed in accordance with the law without obtaining explicit consent if it is clearly provided for by law (For example, Article 5 of the Regulation on Measures for the Prevention of Laundering Proceeds of Crime and Financing of Terrorism.)
  • B.4.2.2. Inability to Obtain Explicit Consent of the Person Relevant Due to Actual Impossibility
  • The personal data of the data owner may be processed if it is necessary to process the personal data of a person who is unable to express his/her consent due to actual impossibility or whose consent cannot be validated in order to protect the life or physical integrity of himself or another person. (For example, taking a visitor who is ill within our Company to the infirmary and recording his contact information)
  • B.4.2.3. Being Directly Involved in the Establishment or Performance of the Contract
  • It is possible to process personal data if it is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract. (For example, obtaining billing information of a person receiving a service from our company)
  • B.4.2.4. Legal Liability
  • 7ELT may process the personal data of the data owner if processing is necessary for it to fulfill its legal obligations. (For example, answering the questions asked by public institutions such as MASAK, BTK, BRSA, sending the requested documents.)
  • B.4.2.5. Personal Data Owner’s Publicization of Personal Data
  • Personal data is owned by the data owner himself.Relevant personal data may be processed if it is made public by . (For example, calling a person who applied for a job in our company)
  • B.4.2.6. Data Processing Is Necessary for the Establishment or Protection of a Right
  • If data processing is mandatory for the establishment, exercise or protection of a right, the personal data of the data owner may be processed. (For example, collecting information from non-customers who apply to our Company through the help section to answer their questions)
  • B.4.2.7. 7Data Processing is Necessary for ELT’s Legitimate Interests
  • The personal data of the data owner may be processed if it is necessary to process data for the legitimate interests of 7elt, provided that it does not harm the fundamental rights and freedoms of the personal data owner.
  • C. PROCESSING OF SPECIAL PERSONAL DATA
  • 7ELT strictly complies with the regulations stipulated in the Personal Data Protection Law in the processing of personal data determined as “special nature” by the Personal Data Protection Law.
  • In Article 6 of the Personal Data Protection Law, data determined as “special nature”; These are data regarding race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance and clothing, association, foundation or union membership, health, sexual life, criminal convictions and security measures.
  • By 7ELT in accordance with the Personal Data Protection Law; Special categories of personal data are processed upon the express consent of the personal data owner, provided that adequate measures are taken to be determined by the Personal Data Protection Board, and if there is no express consent, in cases stipulated by law.
  • D. DELETION, DESTRUCTION OR ANONYMIZATION OF PERSONAL DATA
  • Although it has been processed in accordance with the Personal Data Protection Law and other relevant legal provisions, if the reasons requiring processing are eliminated, personal data is deleted, destroyed or anonymized by the data controller ex officio or upon the request of the relevant person.
  • 7elt reserves the right not to fulfill the request of the data owner in cases where it has the right and/or obligation to preserve personal data in accordance with the relevant legislation.
  • 7elt, when the storage periods stipulated in the relevant legislation or required by the purpose of processing expire, within the period foreseen for periodic destruction; It deletes or anonymizes the personal data it processes by using one or more of the deletion and anonymization methods specified in the guide on Deletion, Destruction or Anonymization of Personal Data published by the KVK Board, which is most suitable for its business processes and activities.
  • In terms of deletion, destruction and anonymization of personal data;
  • -Detecting data that is unnecessary or unlawful to keep within the data in our company’s records, determining who can access these data and through what means, and closing these channels,
  • -If service is received from a third party service provider, such as cloud storage service providers, the data kept in the records of this service provider will be deleted by checking whether this service provider has the authority (technical possibility) to retrieve the data,
  • -Encrypted storage and deletion of data kept in portable data recording devices,
  • -Cutting personal data on paper whenever possible, and in cases where it is not possible, darkening it by drawing/painting/erasing it using fixed ink in a way that is irreversible and unreadable with technological solutions,
  • -Deleting the office files on the central server with the delete command in the operating system or removing the access rights of the relevant user on the file or the directory where the file is located,
  • – Deleting the relevant lines in the databases containing personal data with database commands (DELETE etc.),
  • – In terms of destruction, simply deleting the records is not enough; dividing them into pieces too small to be understood, destroying copies of encryption keys, and making the recording media irreversible by methods such as de-magnetization, physical deformation or overwriting.
  • – Destruction of data or removal of the storage medium in which data is processed,
  • – In terms of anonymization, the data is made unable to be associated with the relevant person by removing or changing all direct and/or indirect identifiers, in this context, the data that does not cause value irregularity according to the concrete situation (removing variables/records, regional hiding, generalization, and upper bound encoding, sampling) or providing (micro merging, data interchange, thick Precautions are taken such as using anonymization methods (e.g. adding an ultimatum) or statistical methods (K-Anonymity, L-Diversity, T-Proximity).
  • E. TRANSFER OF PERSONAL DATA
  • In line with the provisions of both the Constitution and the Personal Data Protection Law, 7elt shows utmost care and attention in sharing personal data domestically and/or abroad, and continues its activities in accordance with current regulations in this context. 7ELT may transfer personal data to third parties in Turkey, or to be processed in Turkey or processed and stored outside Turkey, including outsourcing, as stated above, in accordance with the conditions stipulated in the Law and other relevant legislation and by taking all security measures specified in the legislation. ; The data may be transferred abroad unless otherwise stipulated in the contract signed electronically with the data owner and other relevant legislation.
  • It can be transferred to administrative and official authorities that are legally required to be transferred, to third parties from whom outsourced services are received, to third parties with whom we cooperate, from whom we receive support in areas such as program partner institutions, organizations, and cooperated call centers, due to legal obligations and within the framework of legal limitations.
  • >
  • In order for you to receive better service and to carry out our activities within the campaigns that our company currently carries out and may run with third parties and the collaborations to be established in accordance with the service provided, “name and surname, identification number, city of residence, address, date of birth, e-mail address” Your “address, telephone number” information can be sent to domestic/international organizations with which we have/will have contractual relations, domestic/foreign/international organizations from which we receive service/support/consultancy or become project/program partners, companies that provide security, SMS and e-mail sending services, social media services. It may be shared with third parties such as providing companies, surveyors and subcontractors, organizations from which independent audit and support services are received, service and infrastructure providers and business partners, to ensure the legal and commercial security of third parties and/or to ensure the security of electronic and physical environments.
  • The establishment, development and maintenance of technical and administrative infrastructure and electronic systems (website) and the retention of customer data can be transferred to third parties from whom services are received for the management of call center processes, to the extent required by the job.
  • The user’s identity and contact information may be shared with payment institutions for the purpose of identity verification in accordance with the framework agreement of the payment institution that the user will approve at the payment stage and in accordance with the Regulation on Measures for the Prevention of Laundering Proceeds of Crime and Financing of Terrorism published in the Official Gazette No. 26751 dated January 9, 2008.
  • E.1. Domestic Transfer of Personal Data
  • According to the definitions article of the Law, transfer of personal data is also a ‘processing of personal data’ activity. In this respect, the transfer of personal data is carried out in accordance with the provisions of Articles 8 and 9 of the Law.
  • Our company, within the scope of the data types and purposes listed under Article E, in accordance with the purpose of processing the data and provided that the necessary security measures are taken, to third parties (7ELT affiliates, business partners, employees, subcontractors or suppliers, public institutions and legally authorized private persons or transfers to organizations). Personal data transfers carried out in this context are carried out through the secure environment and channels provided by the relevant third party.
  • Member’s mobile phone number and/or e-mail address; It is shared with the commercial electronic messaging service provider for the purpose of promotion, advertising, and offering benefits and opportunities until the Member who is a merchant uses the option of rejection.
  • E.2. Transfer of Personal Data Abroad
  • Our company transfers the data abroad in accordance with the purpose of processing the data and provided that the necessary security measures are taken. Our company also obtains approval from the data owner in the Explicit Consent Text regarding its transfer abroad. Your personal data will be shared with our business partners abroad for the purposes of providing business development services, providing statistical and technical services and carrying out customer relations. Your personal data may be transferred to electronic environments such as servers, hosting companies, programs, cloud computing, etc. located abroad with information technology support for archiving and storage purposes, by taking the necessary security measures, and it may be processed and stored there.
  • In addition to the technical measures to ensure the security of personal data subject to domestic and international transfer as mentioned above; data controller of the other party to the legal relationship, or Considering that it processes data, it is also legally protected thanks to the KVKK-compliant provisions included in our contracts.
  • While sharing information as stated above and transferring personal information to countries other than Turkey, it is ensured that the data is transferred in accordance with this policy and as permitted by the applicable law regarding data protection.
  • F. CLARIFICATION OBLIGATION
  • 7ELT, in accordance with Article 10 of the Personal Data Protection Law, provides information to personal data owners during the acquisition of personal data, the identity of 7ELT, the purpose for which personal data will be processed, to whom and for what purpose the processed personal data can be transferred, personal It clarifies the method and legal reason for data collection and the rights of the personal data owner within the scope of Article 11 of the Personal Data Protection Law. 7elt informs the user/visitor with the Information Text issued via pop-up during the membership process, and each person who accepts the membership agreement on the site and becomes a member of the site accepts that this information is provided to him/her. In addition, the information text and the cookie policy are also included in the transactional e-mail sent to users whose membership is accepted.
  • In addition, in cases where the express consent of the data subjects is required for the processing of personal data, comprehensive clarification is made to obtain the free will of the data owners regarding a specific subject.
  • In addition, 7ELT carries out personal data processing activities by announcing to personal data owners and relevant parties through various public documents, especially this Policy document, that it carries out personal data processing activities in accordance with all matters in the Personal Data Protection Law and especially the “law and honesty rule”. It provides information and transparency to those concerned.
  • G. ENSURING THE SECURITY OF PERSONAL DATA
  • Our company takes technical, administrative and physical measures regarding data security to prevent unlawful processing of personal data and unlawful access to personal data and to ensure the preservation of personal data.
  • G.1. Technical Measures Regarding Data Security
  • – Within the scope of the Information Security Management System, it carries out activities that are systematic, regulated, planned, manageable, sustainable, documented, accepted by the management and based on international security standards in order to ensure the confidentiality, integrity and uninterrupted availability (accessibility) of information.
  • li>
  • – Taking firewall and gateway measures, including but not limited to, in order to ensure cyber security; preventing employees from accessing threatening websites or online services; deleting unused software and services from computers; It takes precautions such as ensuring that software and hardware are in the most up-to-date version against security vulnerabilities.
  • – In order to monitor personal data security; Precautions are taken such as checking which software and services are running in IT networks, determining whether there is any infiltration or any movement that should not occur in IT networks, keeping log records of all users, and preventing data from being copied and obtained in case any device on which data is processed is maintained and repaired by third parties. li>
  • – In order to ensure the security of environments containing personal data; Necessary precautions are taken to foresee risks such as theft, loss or damage to devices or printed documents where personal data are stored, and to take precautions to prevent these risks and to minimize the damages in case these risks occur.
  • – If personal data is stored in the cloud; The data security measures of the relevant cloud storage systems and providers are examined, and measures are taken such as encrypting the personal data to be transmitted (uploaded) to the data storage service providers with cryptographic methods, encrypting them in cloud environments, limiting and controlling the people, places and internet networks that can be accessed by the data storage service providers.
  • – Within the scope of supply, development and maintenance of information technology systems; Precautions are taken such as establishing control mechanisms within the applications to check the correct data entry of existing systems and ensuring that the correctly entered information is not corrupted during the process, preventing errors that may cause data loss, avoiding sending data storing parts or taking the necessary precautions when there is a need to send the devices to third party companies in case of hardware errors. .
  • G.2. Administrative Data Security Precautions
  • In order to protect personal data, our company provides awareness training to its employees, informs its employees that the personal data they have learned cannot be disclosed to anyone else contrary to the provisions of the Law and cannot be used for purposes other than the purpose of processing, and that this obligation will continue after they leave office, and obtains the necessary commitments from them in this regard. Following changes in the legislation and making necessary updates, in case of transfer of personal data, special provisions are added to the contracts made with the persons to whom data is transferred to protect the data of personal data owners, risks are identified by periodic audits, efforts are made to keep personal data as little as possible and other administrative measures are taken.
  • G.3. Physical Precautions for Data Security
  • In order to protect personal data, our company takes security measures in our company’s buildings, makes authorizations in environments such as archives where personal data is kept, and takes measures for the security of electronic devices where personal data is kept.
  • G.4. Precautions to be Taken in Case of Personal Data Obtained by Others Through Illegal Means
  • If personal data is obtained by others through illegal means, our company, as the data controller, notifies the relevant person and the Board of this situation as soon as possible.
  • Our company intends to notify the Board in case of any violation, as a rule, within 72 hours from the detection of the violation.
  • H. PROTECTION OF DATA OWNER’S RIGHTS
  • Our company has established a Personal Data Protection Unit to manage the processes regarding the protection and processing of personal data and to fulfill all other requirements of the Law. This unit also works within the scope of protecting your personal data and responding to your requests.
  • If personal data owners submit their requests regarding their rights listed below to 7ELT, the requests will be finalized free of charge as soon as possible and within thirty days at the latest, depending on their nature. However, if the transaction requires an additional cost, 7elt will charge the fee in the tariff determined by the KVK Board or other authorities.
  • In this context, the relevant persons whose personal data are processed by our Company, by applying to our Company in accordance with Article 11 of the Law;
  • – Learning whether personal data is being processed or not,
  • – Requesting information if personal data has been processed,
  • – Learning the purpose of processing personal data and whether they are used for their intended purpose,
  • – Knowing the third parties to whom personal data are transferred at home or abroad,
  • – Requesting correction of personal data in case of incomplete or incorrect processing and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,
  • – Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the Law (in case the reasons requiring the processing of personal data disappear, even though it has been processed in accordance with the Law and other relevant legal provisions) and the processing carried out within this scope Requesting notification to third parties,
  • – Objecting to the emergence of an unfavorable result by analyzing the processed data exclusively through automatic systems,
  • – They have the right to request compensation for the damage if they suffer damage due to unlawful processing of their personal data. Exceptional cases stipulated in Article 28 of the Law are reserved.
  • In this context, data owners will be able to submit their requests to 7elt in writing.
  • As 7ELT, it is always important for us to hear from you (especially when you think we did not meet your expectations or we could do better).
  • If;
  • • If you have any questions or feedback regarding this Policy,
  • • If you want us to stop using your personal data,
  • • If you want to exercise your rights mentioned above or submit a complaint,
  • You will send these notifications, including the necessary information that identifies you and your explanations regarding the rights you request to use, to our company headquarters, İkitelli Osb Mah. You can send it via mail to 6.Cadde Beyaz Tower No:1 D:30 Başakşehir-İstanbul TURKİYE or via e-mail to policy@7elt.com from your e-mail address registered in our company. You can send it by mail or with e-signature to 7ELT sevens01.kep.tr kep address or by other methods specified in the KVK Law.
  • If you would like to send your notifications physically, you can send them English. Prepared in Izce language, Application Form of Data You can also do so via [HA9]
  • I. HOW THE DATA OWNER CAN CHANGE THEIR POSITIVE OR NEGATIVE PREFERENCES ABOUT RECEIVING ELECTRONIC COMMERCIAL MESSAGES
  • After becoming a member of the website or mobile application of the electronic commerce platforms operated by 7ELT, you can change or update your positive or negative preferences regarding receiving commercial electronic messages at any time by following the steps below.
  • • Log in to your account.
  • • Uncheck the option you previously selected.
  • • Click the “Update” button.
  • When you complete this process, we will update your profile to ensure that you are not sent any future messages through commercial message channels that you do not prefer. Please note that since 7elt has a complex web program with many interconnected services, it may take a few days for us to update our systems and therefore you may continue to receive messages from us while we process your request.
  • Termination of membership does not mean withdrawing your consent to receive commercial electronic messages. For this reason, please make sure that you have completed all the procedures to withdraw your consent.
  • J. APPLICATION and ENFORCEMENT
  • The matters regulated in this Policy are subject to the Law and secondary legislation, and in case of a conflict between the Policy and the legislative provisions, the legislative provisions will apply. This Policy is published on our Company’s website (https://www.7elt.com) and is in effect from the date of publication.
  • 7ELT may make changes or updates to this Policy in line with legal regulations and Company Policy. Necessary information will be provided about the new Policy text reflecting all these changes and updates through the website or other 7elt services such as mobile application or by communicating with you through other communication channels such as e-mail.
  • K. REPORTING SECURITY VULNERABILITY
  • As 7ELT, we do not accept any risks regarding security. If you notice any technology issues, let us know. An e-mail explaining the details of the security vulnerability, what we need to do to see or verify this vulnerability, including your contact information and company name. Send it to >. If you would like to submit your notifications physically, you can use the additional Data Breach Form [HA11]You can also do this through