KVKK

Since our establishment as Tınaztepe Yumurta, we have continued our efforts with great importance towards the Protection of Personal Data, in parallel with the 'Personal Data Protection Law (KVKK)'. In this context, information about our data processing processes to fulfill some terms expressed in the law and our obligations is presented below.

What is KVKK?
The Personal Data Protection Law (KVKK) was adopted by the Turkish Grand National Assembly on 24.03.2016 and entered into force by being published in the Official Gazette numbered 29677 on 07.04.2016.

The law is based on the compliance of all individuals and institutions processing data, with the fundamental objectives of ensuring the privacy of personal data, its protection, and preventing unauthorized use. Our company, like all organizations, is obliged to comply with this law, and the personal data processed in all of our processes are within this scope.

What is Personal Data?
Any data or data sets that directly or indirectly identify a person are considered personal data. Examples include information directly belonging to or created on behalf of a person such as name, surname, place/date of birth, phone number, resume, photograph, and voice recording. Data identifying a person such as address, phone, and credit card produced for sales and service transactions are also considered Personal Data.

What is Data Processing?
Any operation performed on personal data is considered 'data processing'. Therefore, the archiving, storing, modifying, reorganizing, disclosing, transferring, analyzing, and classifying of data fall under the scope of data processing.

Who is the Data Subject?
One of the frequently mentioned terms in the law and our corporate policies is 'data subject' or 'data owner'. It refers to real individuals whose personal data is being processed.

Who is the Data Controller?
The data controller is the real or legal person responsible for determining the purposes and methods of processing personal data and establishing and managing the data recording system. In this context, our Company acts as the Data Controller regarding the data of our customers, visitors, and employees.

Who is the Data Processor?
The data processor is the real or legal person who processes data on behalf of the data controller. These persons may be separate individuals or legal entities authorized by the data controller to process personal data.

Conditions for Data Processing
All data controllers are only entitled to process data if the following conditions are met, or the data subject gives explicit consent:
- As expressly stipulated by the laws
- Directly related to the establishment or execution of a contract,
- For the data controller to fulfill its legal obligations,
- Made public by the data subject,
- Necessary for the establishment, use, or protection of a right,
- The legitimate interest of the data controller.
- Meeting Data Owner Requests

KVKK grants the right to data subjects to request information about which personal data is being processed and how. As Tınaztepe Yumurta, we are obliged to respond to requests from data owners within 30 days.
According to Article 13 of the Personal Data Protection Law No. 6698, which regulates 'Application to the Data Controller', the data subject/data owner is required to submit their requests regarding the application of the law in writing to the data controller. Therefore, for your request to be evaluated, you must apply to our company in writing. For detailed applications, you can download the 'KVKK Request Form' under the KVKK section on our website.
Data controllers or processors are obliged by law to inform data subjects about the personal data they process.

Our clarification text regarding the personal data we process as Tınaztepe Yumurta is presented below.

PERSONAL DATA PROTECTION DISCLOSURE TEXT
As Tınaztepe Yumurta, we take necessary precautions, acting as the data controller, during the storage, processing, and transfer of your personal data in accordance with the Personal Data Protection Law No. 6698 ('KVKK') and the principle of protecting privacy and safeguarding individuals' fundamental rights and freedoms. We would like to inform you on these matters.

COLLECTION AND LEGAL BASIS OF PERSONAL DATA
Tınaztepe Yumurta may obtain personal data from its employees, suppliers, customers, and/or their authorized representatives, as well as all individuals it interacts with, through various written, verbal, and electronic means, third parties, and/or legal authorities, to fulfill its legal obligations, provide the products/services we offer within the legally defined framework, and perform the obligations arising from the contract. The personal data collected by these methods can be processed and transferred for the purposes mentioned below, within the conditions of processing personal data and special categories of personal data stipulated by KVKK.

PURPOSE OF PROCESSING PERSONAL DATA
In addition to the information that Tınaztepe Yumurta is required to obtain from its employees, suppliers, customers, and/or their authorized representatives, as well as all individuals it interacts with, we process, store, and transfer personal data and special categories of personal data as we deem necessary to provide the best service and product. Your personal data may be processed for the purposes of providing the products and services you have with our Company, making general notifications regarding these products, sharing opportunities, conducting service, maintenance, repair, and other services, as well as to communicate with you regarding other products and services of our Company, engage in product sales, marketing, and informational activities, acquire customers, perform customer satisfaction and retention activities, share offers related to our services, improve our service quality, conduct risk analysis, and develop solutions for customer and sector needs. Furthermore, newsletters, invitations, analysis, reporting, segmentation, and modeling studies related to the necessary reports and investigations required under the company's activities may also be processed.

TRANSFER OF PROCESSED PERSONAL DATA
Tınaztepe Yumurta may share your personal data with public legal entities listed in the law, our domestic and/or international subsidiaries, institutions we collaborate with, and other individuals or organizations permitted by legal regulations.
Tınaztepe Yumurta is required by legal regulations to retain the records and documents of transactions made with its employees, suppliers, customers, and/or their authorized representatives, and all individuals it interacts with for a certain period. If you request the deletion, destruction, or anonymization of your personal data, this request will be fulfilled at the end of the legally determined period. Until this time, your personal data will not be processed and will not be shared with third parties, except for national and international laws, regulations, and agreements.

THIRD PARTIES WHOSE PERSONAL DATA IS PROCESSED AND PURPOSE OF PROCESSING THEIR DATA
Tınaztepe Yumurta collects and processes the personal data of individuals other than its employees, suppliers, customers, and/or their authorized representatives, such as individuals visiting our digital channels, guarantors (mortgage, pledge, assignment, guarantee, etc.), sureties, legal representatives, guardians, trustees, legal advisors, attorneys, and company partners through various written, verbal, and electronic means. This data may be processed for purposes such as risk analysis and application notifications and shared with persons or organizations permitted by legal regulations.

RIGHTS OF THE INDIVIDUAL WHOSE PERSONAL DATA IS PROCESSED

Under KVKK regulations, you can exercise the following rights by applying to Tınaztepe Yumurta:
- Learning whether personal data is processed,
- Requesting information if personal data has been processed,
- Learning the purpose of processing personal data and whether it is used appropriately for its purpose,
- Knowing the third parties to whom personal data is transferred domestically or abroad,
...