- The Company, or, the Data Controller
The Company means Mevaris Tasarım ve Sanat Galerisi Ticaret A.Ş.
(herein after referred to "We" or "Mevaris")
Address: Levent Mah. Yosun Sokak. No:8 Beşiktaş/İstanbul
P: +90 212 325 72 75
- Data Controller: Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
- Data Processor: Data Processor means any natural or legal person who processes the data on behalf of the Data Controller.
- Data Subject: Data Subject is any living individual who is using our Service and is the subject of Personal Data.
- Personal Data: Means any information relating to an identified or identifiable natural person
- GDPR: EU General Data Protection Regulation (No.2016/679)
- PDPL: Personal Data Protection Law (No. 6698) of the Republic of Turkey
- Principles for processing personal data
As the Data Controller, Our principles for processing personal data are:
- Fairness and lawfulness. When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.
- Restricted to a specific purpose. The personal data of Data Subject must be processed only for specific purposes.
- Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.
- What personal data we collect and process
Mevaris collects several different types of personal data for various purposes. Personal Data may include, but is not limited to:
- Email address
- First name and last name
- Phone number
3. For what purposes we use the personal data
The company use the collected personal data:
- To provide you with services
- To notify you about changes to our services and/or products
- To provide customer support
- To gather analysis or valuable information so that we can improve our services
- To detect, prevent and address technical issues
4. Legal basis for collecting and processing personal data
Mevaris, have put in place appropriate and technical measures in order to process and protect personal data of individuals related to our company in accordance with both the Personal Data Protection Law (Law No. 6698, "PDPL") and GDPR, No: 2016/679.
The Company processes personal data in compliance with provisions laid down in both data protection laws, within the framework of;
a) the performance of a contract or in order to take steps prior to entering into a contract
b) the compliance with a legal obligation
c) legitimate interests
We also collect and process personal data to pursue legitimate interests in the following situations:
- Processing of general requests for our products and services
- Advertising or market research
- Assertion of legal claims and defense in legal disputes
- Ensuring IT operations and IT security
- Measures for building and system security (e.g. access authorizations)
- Measures to improve our internal business processes and product optimization
In some situations, the processing of your personal data is not absolutely necessary and only permitted with your consent. We inform you about this circumstance and in particular about the fact that giving your consent is voluntary and revocable at any time with effect for the future.
5. Retention of personal data
We will retain your personal information only for as long as is necessary for the purposes set out in this Data Protection Policy.
And more importantly, we will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
6. Your rights as a Data Subject
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us via Contact Person firstname.lastname@example.org mentioned above.
In certain circumstances, you have the following data protection rights:
- The right to access, update or to delete the information we have about you
- The right of rectification
- The right to object
- The right of restriction
- The right to data portability
- The right to withdraw consent