Privacy Policy
Roopety Consultancy and Trade Joint Stock Company (hereinafter referred to as "COMPANY") attaches utmost importance to the security of your personal data. With this awareness, we attach great importance to the processing and preservation of all kinds of personal data belonging to all individuals associated with the COMPANY in accordance with the Law on Protection of Personal Data No. 6698 ("Law"). With full understanding of this responsibility, your personal data that you have shared with the COMPANY as a data owner in the capacity of service recipient, service provider, supplier, employee, visitor, business partner and/or that the COMPANY has acquired within the framework of its services, procedures and transactions are processed as explained below and within the limits specified by the legislation.
This General Information Text and Privacy Policy has been prepared to inform you about the purpose for which your personal data will be processed by the COMPANY as the "Data Controller", to whom and for what purposes your processed personal data can be transferred, the method and legal reason for collecting personal data, and your rights under Article 11 of the Law as a personal data owner.
The COMPANY may process the personal data specified below for the specified purposes and retain it for the period required by these purposes, to the extent and in cases permitted by the legislation.
1. Measures Regarding the Protection of Personal Data and Personal Data Subject to Processing
The protection of personal data is of utmost importance for the COMPANY. The COMPANY takes necessary measures to protect personal data against unauthorized access or loss, misuse, disclosure, alteration or destruction of this information.
The COMPANY shows necessary diligence in keeping your personal data confidential, and taking all necessary technical and administrative measures to ensure confidentiality and security. Despite the necessary information security measures being taken, in case of damage to personal data or unauthorized access by third parties as a result of attacks on the website and system, the COMPANY will immediately notify you and the Personal Data Protection Authority.
Your personal data that may be subject to processing regarding Service Recipients are as follows:
| Personal data category | Personal data |
|---|---|
| Identity information | Name, Surname, TR Identity Number, Date of Birth |
| Contact information | Phone No, Address, Email Address |
| Visual data | Photo |
| Financial data | IBAN No, Bank Account Information |
| Customer transaction information | Order/Service Request Information, Invoice Information |
| Transaction security data | IP Address Information, Website Entry-Exit Information, User Name-Password Information |
| Marketing data | Shopping History Information, Cookie Records |
Your personal data that may be subject to processing regarding Service Providers are as follows:
| Personal data category | Personal data |
|---|---|
| Identity information | Name, Surname, TR Identity Number, Date of Birth |
| Contact information | Phone No, Address, Email Address |
| Visual data | Photo |
| Location data | Location Information |
| Financial data | IBAN No, Bank Account Information |
| Customer transaction information | Provided Service History Information, Invoice Information |
| Transaction security data | IP Address Information, Website Entry-Exit Information, User Name-Password Information |
| Marketing data | Shopping History Information, Cookie Records |
2. Purpose of Processing Personal Data:
Your personal data will be processed by the COMPANY for the purposes of providing the products and services offered by the COMPANY and/or for which it acts as an intermediary service provider/location provider completely and on time within the legal framework, receiving and dispatching/directing orders/service requests within this scope, fulfilling legal obligations under the legislation, carrying out information security processes, especially keeping payment records within the COMPANY and carrying out financial and accounting affairs, carrying out communication activities, carrying out intermediary service provider and location provider activities in accordance with the legislation, completely and accurately fulfilling the responsibilities arising from labor, service, sales, power of attorney, work and other contracts and legislation to which the COMPANY is a party, carrying out storage and archiving activities, and providing information to authorized persons/institutions and organizations.
3. To Whom and for What Purpose Processed Personal Data Can Be Transferred:
Your personal data may be shared by the COMPANY for the purposes of providing the products and services offered by the COMPANY and/or for which it acts as an intermediary service provider/location provider completely and on time within the legal framework, fulfilling legal obligations under the legislation, and completely and accurately fulfilling the responsibilities arising from contracts and legislation; with service recipients and/or service providers within the scope of intermediary service provider/location provider activities, with our business partners from whom we receive services to carry out COMPANY activities, with our suppliers, with organizations with which we cooperate, and with authorities authorized by law to fulfill our legal obligations, within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the Law.
4. Method and Legal Reason for Personal Data Collection:
Your personal data, although varying depending on your relationship with the COMPANY; are obtained based on the legal reasons that it is clearly stipulated in the laws, it is necessary to process the personal data of the parties to a contract provided that it is directly related to the establishment or performance of the contract, the COMPANY can provide its commercial activities completely and on time within the legal framework and within this scope, the COMPANY can completely and accurately fulfill its legal obligations, and it is mandatory to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject, and the personal data obtained for this legal reason are collected through partially or completely automatic or non-automatic collection methods, including verbally, in writing or electronically, through the internet site, application (app), social media channels and similar means.
5. Personal Data Storage Period
Personal data processed by the COMPANY is stored for the periods stipulated in the legislation and for the period required for the purpose of processing the data. If a legal period for the storage of such data is not determined, a period is determined by considering the COMPANY's business processes and legal and commercial practices, and in any case, a period not exceeding the purpose of processing.
After the said period expires, your personal data will be deleted, destroyed or anonymized by the COMPANY or upon your request in accordance with the legislation.
6. Rights of the Data Owner Listed in Article 11 of the Law:
Pursuant to Article 11 of the Law titled "Rights of the Data Subject", personal data owners, by applying to the COMPANY in writing or by other methods determined by the Personal Data Protection Board,
To learn whether their personal data is processed,
To request information if their personal data has been processed,
To learn the purpose of processing personal data if personal data is being processed and whether it is used in accordance with its purpose,
To know the third parties to whom personal data is transferred in the country or abroad,
To request the correction of personal data if it is incomplete or incorrectly processed and to request the notification of the transaction made within this scope to third parties to whom personal data is transferred,
To request the deletion or destruction of personal data if the reasons requiring its processing have disappeared, despite being processed in accordance with the Law and other relevant law provisions, and to request the notification of the transaction made within this scope to third parties to whom personal data is transferred,
To object to a result against them arising from the analysis of processed data exclusively through automatic systems,
To demand compensation for damage if they suffer damage due to the unlawful processing of their personal data
have the rights.
To exercise your rights listed above, you can send your request containing the necessary information to identify you and your explanations regarding the right you want to exercise from the rights specified in Article 11 of the Law, by filling out the "Data Controller Application Form" on the COMPANY's website https://www.roopety.com completely and accurately, and sending a wet-signed copy of the form through the channel "Koşuyolu Mah. Ali Nazima Sok. No: 15 İç Kapı No: 2, Kadıköy – İstanbul - Türkiye" or by other methods specified in the Law.
Your requests included in your application will be concluded free of charge by the COMPANY as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost for the COMPANY, the fee in the tariff determined by the Personal Data Protection Board will be charged.
7. Payment Information Security
Measures are taken to prevent illegal uses such as credit card fraud by checking the identity and address information of the service recipients and service providers ("User") who will benefit from the services offered on the https://www.roopety.com Website for the first time, and contacting the User by phone if necessary.
https://www.roopety.com has a 256-bit security certificate.
Credit card information provided for the services offered on the https://www.roopety.com Website is transferred to the system of contracted banks using a 256-bit SSL encryption protocol provided by the Service Provider bank, independent of the site, and the bank performs the query. The result of the query is instantly transmitted to the User and the payment process is completed. The entered card information is transmitted directly to the bank; all transactions take place between the User and the bank. Since this information cannot be viewed or recorded by the site in any way, it is not possible for the information to fall into the hands of third parties. The lock image in the lower right corner of the payment page indicates that the page is encrypted and secured with SSL.
8. Amendments to the Information Text and Privacy Policy
The COMPANY may make changes to this General Information Text and Privacy Policy at any time. These changes will take effect immediately upon publication of the amended new General Information Text and Privacy Policy on the https://www.roopety.com website.