Menu
Your Cart

General Information on the Personal Data Protection Law

General Information on the Personal Data Protection Law

The Personal Data Protection Law No. 6698 (hereinafter referred to as KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 on April 7, 2016. Certain provisions of KVKK came into effect on the date of publication, while others became effective on October 7, 2016.

Information as a Data Controller

Pursuant to KVKK No. 6698 and in the capacity of Data Controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties where permitted by legislation, classified, and processed as described on this page and within the scope of KVKK.

How Your Personal Data May Be Processed

In accordance with KVKK No. 6698, the personal data you share with our Company may be processed, in whole or in part, automatically or through non-automated means as part of a data recording system, by being obtained, recorded, stored, altered, reorganized, or subjected to any other kind of operation performed on data. Any action taken on data within the scope of KVKK is considered "processing of personal data."

Purposes and Legal Grounds for Processing Your Personal Data

The personal data you provide may be processed:

  • To fulfill the requirements of the services we offer to our customers in accordance with the contract and technological needs, and to improve our products and services;
  • To record identity, address, and other required information of the transaction owner under the Law No. 6563 on the Regulation of Electronic Commerce, the Law No. 6502 on Consumer Protection, the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated August 26, 2015, the Distance Contracts Regulation published in the Official Gazette No. 29188 dated November 27, 2014, and other related legislation;
  • To prepare all records and documents that will form the basis of transactions in the field of banking and electronic payments, electronic contracts, or in paper form; to comply with information storage, reporting, and notification obligations mandated by legislation and other authorities;
  • To provide information to public prosecutors, courts, and relevant public officials upon request and in accordance with legislation in matters related to public security and legal disputes.

Your personal data will be processed in compliance with KVKK and related secondary regulations.

Information on the Transfer of Your Personal Data

For the purposes outlined above, the personal data you share with our Company may be transferred to:

  • Entities such as ShopGaranti.com, which provides our e-commerce infrastructure, suppliers, courier companies, and other service-related persons or entities;
  • Program partner organizations with whom we collaborate, domestic or international entities, and other third parties for the execution of activities and/or as data processors.

How Your Personal Data Is Collected

Your personal data may be collected through:

  • Forms on our Company’s website and mobile applications, including information such as name, surname, ID number, address, phone number, work or personal email address, preferences on pages accessed with a username and password, IP logs of transactions, cookie data collected by browsers, navigation times and details, and location data;
  • Verbal, written, or electronic communication via our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing, and call centers;
  • Physical or virtual, face-to-face or remote, verbal or written communication, or electronic means, shared by individuals establishing a commercial relationship with our Company, applying for jobs, submitting offers, or sharing personal data through business cards, resumes (CVs), offers, or other means;
  • Data obtained indirectly through different channels such as websites, blogs, competitions, surveys, games, campaigns, micro-sites, social media, e-bulletin reading or click movements, publicly available databases, and social media profiles shared publicly.

Processing of Personal Data Obtained Before KVKK Took Effect

Personal data obtained in compliance with the law prior to KVKK’s effective date of April 7, 2016, through membership, electronic communication permissions, product/service purchases, or other means, are also processed and stored in accordance with the conditions outlined in this document.

Transfer of Your Personal Data Abroad

Your personal data, collected by any of the methods described above and processed in Turkey or abroad for storage, may be transferred to service agents located in countries accredited by the Personal Data Protection Board that offer sufficient protection for personal data and in accordance with the purposes of the agreement, while remaining within the scope of KVKK.

Storage and Protection of Personal Data

Your personal data will be stored confidentially in databases and systems managed by our Company in accordance with Article 12 of KVKK. Except for legal obligations and regulations specified in this document, your data will not be shared with third parties. Our Company is obligated to prevent unlawful processing of personal data, prevent unauthorized access, and take software-based measures such as access management and physical security precautions for systems and databases where personal data is stored. In the event of the unlawful acquisition of personal data by third parties, the situation will be reported to the Personal Data Protection Board in writing in accordance with legal regulations.

Keeping Personal Data Accurate and Up-to-Date

Under Article 4 of KVKK, our Company is required to keep your personal data accurate and up-to-date. To fulfill our obligations under applicable legislation, our customers must provide accurate and up-to-date data or update their information via our website/mobile applications.

Rights of Personal Data Owners Under KVKK No. 6698

Article 11 of KVKK, effective as of October 7, 2016, grants the following rights to Personal Data Owners:

  • To learn whether personal data is processed,
  • To request information regarding the processing of personal data,
  • To learn the purpose of processing and whether the data is used in accordance with this purpose,
  • To know the third parties to whom personal data is transferred domestically or abroad,
  • To request correction of incomplete or incorrect personal data,
  • To request deletion or destruction of personal data within the framework of the conditions set forth in Article 7 of KVKK,
  • To request notification of these correction, deletion, or destruction processes to third parties to whom personal data has been transferred,
  • To object to adverse results arising exclusively from automated processing of personal data,
  • To demand compensation for damages arising from the unlawful processing of personal data.

The Data Controller within the scope of KVKK is Mehmet Gökpınar, registered with the Istanbul Chamber of Commerce under the trade registration number [.................], MERSIS number [.................], and located at Kireçburnu Mah, Kireçburnu Cami Sok, No:19 D.4 Sarıyer, Istanbul.

Once the legal infrastructure is established, the Data Controller Representative to be appointed by our Company will be announced in the Data Controllers Registry and on the website where this document is hosted.

Personal Data Owners may direct their questions, opinions, or requests via the following communication channels:

Email: info@mgsshop.com
Phone: +90 535 601 80 17