Data Controller

The website with the domain name tpm.com.tr (“Website”) is operated by the address Girne Mah. Irmak Sok. Küçükyalı İş Merkezi C Blok No: 6 Küçükyalı / Maltepe, 34852 Istanbul, Turkey. The COMPANY, as the data controller, is responsible for determining the purposes and means of processing personal data, establishing and managing the data recording system.

We attach importance to the protection of your personal data. In accordance with the Personal Data Protection Law (”PDPL”), we would like to inform you about the processing, including but not limited to the collection, storage, and transfer, of data obtained in connection with your use of the “Company Website” and the purpose of such processing.

Processing and Transfer of Personal Data

The COMPANY requests some personal data from the users during the membership phase of its customers using the Company Website or while using the Company Website. Personal data is any information that makes a person specific or identifiable. Such information may be, for example, your name, address, e-mail address or telephone number. Information collected through the use of cookies that does not directly allow you to be identified, such as how you use the Company Website, may also be considered personal data if they are based on an identity assigned to the user and is therefore collected, stored and evaluated individually. Non-personal data is information that can only be aggregated, qualified as big data, summarized, collected, evaluated and not associated with a real person by anonymizing it.

Your personal data is collected by our company due to the nature of the business by filling in the information by you in the demo request form, contact form, e-bulletin form, support system, call center and membership form. Our company records and uses the IP address of its members in order to identify system-related problems and quickly resolve any problems or disputes that may arise regarding the service provided. IP addresses can also be used to identify users generally and to gather comprehensive demographic information.

Our company may use the requested information for direct marketing purposes, by itself or by the people it cooperates with, even outside the purposes and scope determined by the Membership Agreement. Personal information can also be used to contact the user when necessary. Information requested by our company or information provided by the user or information about transactions made on the Company Website can also be used in various statistical evaluations, database creation and market research without disclosing the identity of our members, except for the purposes and scope determined by the “Membership Agreement” by our company and its collaborators.

During some periods, our company may send notifications such as campaign information, information about new packages, promotional offers to its customers and members. Our members can make any choices about whether or not to receive such information while becoming a member, then this choice can be changed from the administration panel after logging in, or they can make a notification with the link in the information message they receive.

Purposes of Processing Personal Data

Our company processes Personal Data for certain, clear and legitimate purposes. In this context, Personal Data may be processed for the following purposes:

  • • Providing and changing the services provided on the website;
  • • Customization of the offered products and services in accordance with the demands; updating, developing due to customer needs, legal and technical developments;
  • • Making user definitions for the systems specific to the products and services offered;
  • • Announcing new or existing products, services and campaigns, conducting sales and marketing activities;
  • • Conducting market research;
  • • Creating statistics and analyzing usage;
  • • Payment of product, service and service fees, collection, selection of collection method;
  • • Fulfilling the obligation to inform arising from the Law No. 6563 on the Regulation of Electronic Commerce and other relevant legislation;
  • • Transmitting the advertisements of the company website and products and services suitable for the purpose of processing the data to the Relevant Person, providing information about the products, services, promotions and campaigns;
  • • Providing solutions to the problems encountered during the use of the Web Site;
  • • Improving the visit, usage, switching between pages and purchasing experiences on the website, providing better quality service;
  • • Contact/communication;
  • • Execution of commercial relations with cooperated companies, suppliers, resellers and service providers;
  • • Reporting within the framework of cooperation;
  • • Developing the company’s commercial strategies and making plans;
  • • Contact by the company for satisfaction measurement surveys;
  • • Registration of participants in the events/training/competitions organized by the Company, arrangement of certificates/participation certificates, determination of award/gift holders and delivery of awards/gifts;
  • • Management of judicial/administrative processes, responding to requests from public institutions;
  • • Fulfillment of legal obligations, resolution of legal disputes, depending on legal regulations;
  • • Conducting investor relations;
  • • Providing the results arising from this legal transaction in case of merger, division, transfer of all or part of the company with another company;
  • • Introducing Company employees, Real Person Customers and Relevant Persons in social media posts;
  • • Conducting job interviews, evaluating job applications;
  • • Establishment, execution and termination of the business relationship/contract;
  • • Making the employees of the Company benefit from the basic and fringe benefits arising from the employment contracts, evaluating their performance and work;
  • • Opening user accounts for employees,
  • • In case of participation in an organization on behalf of the company, registration of the participant;
  • • Participation of employees in trainings and creation of certificate records;
  • • Ensuring the security of the Company Website and Applications;
  • • Usage analysis of the Website;
  • • Creation of personal data inventory;
  • • Evaluating and responding to all questions, requests, suggestions, complaints and applications submitted in writing, verbally or electronically, including those related to personal data.
  • • It is transferred to the systems at home or in other countries, especially the European Union countries (for more detailed information, you can apply in writing to our company) for the performance of the contract, data security, compliance with our company’s policies and other purposes mentioned above.

Method and Legal Reason for Personal Data Collection

Data about current and potential Company Website users are collected partially or completely automatically or non-automatically, for contractual or other reasons determined within the framework of the legislation, as a requirement of our business.

ramework of the legislation, as a requirement of our business.

Personal Data Processed Without Explicit Consent

Pursuant to the PDPL:
We may process personal information made public by you, without your consent and share it with third parties accordingly.

If there are provisions in the legislation that make it lawful to process your personal data without express consent, we may process it without your explicit consent and share it with third parties accordingly.
We may process your personal data without express consent if it is necessary to fulfill our legal obligation, including information that must be disclosed in accordance with applicable laws or regulations or a court decision, administrative order.
If data processing is necessary for the establishment, exercise or protection of a right, we may process your personal data without your explicit consent.

Data Transferred to Third Parties

Without prejudice to our rights in the PDPL, we may share your personal data with the Company employees, company officials, legal, financial and tax consultants, auditors within the scope of commercial activities on the Company Website, cloud companies on abroad and especially in the United States and European countries in order to carry out data processing activities, IBM Softlayer Data Center, Amazon Web Services, Inc (AWS), collaborating consultants and contracted organizations, educational institutions, advertising and marketing agencies that the Company works with, and real or legal entities to present advertisements that may be of interest to the Relevant Person through anonymization. You give explicit consent to the Data Controller regarding this sharing.

Network Server Data Log

When you log in to the Company Website, your web browser is technically set to automatically transmit the following data (“data log”) to our internet server, after which we record the following information in the data log records even without your consent:
Login date
Login time
URL of the application website
Received files
Amount of data transmitted
Browser type and version
Operating system
IP address
Domain name of your internet access provider
This information is the information required for technical purposes in order to deliver the content requested by you correctly, and its collection is an inevitable aspect of the use of websites. The data log is analyzed for statistical purposes only and then deleted to improve our website and the underlying technology.
The data log is stored separately from other data collected as part of your use of the Company Website.

Cookies

Like many other websites, we make use of “cookies”. Cookies are small text files delivered to your hard drive by a web page server. Thus, we automatically obtain certain data such as the IP address, the browser used, the operating system on your computer and your internet connection. The aforementioned technical communication file facilitates the use of the Internet by storing the status and preferences about the site. The technical communication file is not designed to retrieve data or any other personal information from the main memory or your e-mail. Also, cookies cannot be used to run programs or send viruses to your computer.

We use cookies and similar technologies to get to know you on different Services, to have information about your interests on and outside of our Services, to improve your experience, to increase security, to measure the use and effectiveness of our Services, to obtain statistical information about how many people visit the site for what purpose and how long they stay on the site, and to help dynamically generate advertisements and content from user pages specially designed for users.

We may monitor your navigation on the Company Website and your transactions in your membership account via cookies and may analyze your personal data collected on third sites and mobile applications together in order to offer different discounts and campaigns, to make advertisements and promotions, to make the Company Website personalized for you, to provide a personalized Company Website experience.In any case, the data we collect cannot be shared with third parties without your consent. Of course, you can always view our website without cookies. Internet browsers are always set up to accept cookies. You can control cookies and stop their use at any time through browser settings and other tools. Please use your browser’s help function to learn how to change these settings. Please note that certain features of our website may not work if you stop the use of cookies.

Use of Social Plugins in the Context of Social Media

The Company uses social plugins (“plugins”) from social networks of Facebook operated by Facebook Inc., Palo Alto, CA, USA, YouTube video platform operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066 USA, Twitter operated by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103 USA, and Instagram operated by Instagram, LLC, Arbitration Opt-out 1601 Willow Rd. Menlo Park, CA 94025 USA.

If you visit a page on our website that contains such plug-ins, they are initially ineffective. Plugins cannot take effect unless you click the specified button. By activating the plugins, you connect with these social networks and give consent for data transfer to them. If you are logged in to these social networks, social networks may associate this visit with your account in the relevant social network. If you press the corresponding button, the corresponding information is directly transmitted by your browser to the relevant social network and stored there.

For the scope and purpose of data collection, further processing and use of data by the relevant social networks, and the settings you can make to protect your rights and privacy, please refer to the Data Protection notices of the relevant social networks. If you do not want these social networks to collect data about you through our website, you must log out of the relevant social networks before visiting our website.

Your Rights Regarding Your Personal Data

In accordance with the legislation regarding your processed personal data, you have the right to learn whether personal data is processed, to request information if personal data has been processed, to learn the purpose of processing personal data and whether it is used in accordance with its purpose, to know the third parties at home or abroad to whom personal data is transferred, to request correction of personal data in case of incomplete or incorrect processing, to request the deletion or destruction of personal data, to request the notification of third parties, to whom personal data has been transferred, of the correction of personal data in case of incomplete or incorrect processing and/or the processes regarding the deletion or destruction of personal data, to object to the emergence of a result against the person him/herself due to the analysis of the processed data processed exclusively by automated systems, and to request the compensation of the damage in case of damage due to the unlawful processing of personal data.

Exercise of Rights, Application, and Communication

You can send your requests regarding your rights mentioned above within the scope of PDPL to the COMPANY in person or in accordance with the legislation (for example, through a notary public) in writing, provided that your identity is verified.

Data Security

The Company has taken technical and administrative measures to the extent possible regarding data security within the scope of PDPL. Information on the measures taken is detailed under the Personal Data Protection, Storage, Processing, and Disposal Policy.

Data of Minors

Personal data of minors should not be sent without the consent of their parents or guardians.

Links to Other Websites

The Company Website contains links to other websites. We have no influence on whether the operators of these sites act in accordance with data protection provisions. The Company is not responsible for the content of the sites it links to (and the content of other sites to which those sites link) and has no authority to interfere with the contents of the sites it links to.

Clarification Text on the Amendments to the Data Privacy Statement and the Personal Data Protection and Processing Policy         This “Clarification Text on the Amendments to the Data Privacy Statement and the Personal Data Protection and Processing Policy” shall be amended to announce changes in our data protection-related services, for example, in the provision of new services, and to fulfill applicable legal requirements.

User Access

No one will have access to your account unless invited by you. Only in case of a technical or system failure, authorized Company personnel, upon your permission, will access your data for support purposes.

Data Sharing

Data transfer is not shared with our business partners without your consent and without sufficient security.

Data Backup

Daily backups of your data are made against possible technical problems.

Responding to Security Violations

Despite our best efforts, no method of transmission and no method of electronic storage is fully secure on the Internet. We cannot guarantee absolute security. However, if the Company becomes aware of a security violation, we will alert affected users so they can take appropriate protective steps. Our violation reporting procedures are consistent with our obligations under regulatory regulations and any industry rules or standards we comply with. Notification procedures include providing e-mail notifications or posting notices if a violation occurs on our website.

Your Responsibilities

Keeping your data safe also depends on you keeping your account secure by using sufficiently complex passwords and storing them securely. You should make sure that the computer, tablet or phone on which you use the Company service has sufficient security.

Teklif Al