Sigma Wear Personal Data Policy

General information about the Personal Data Law

Law No. 6698 on the Protection of Personal Data (hereinafter referred to as PDPA) was adopted on March 24, 2016 and published in the Official Gazette No. 29677 dated April 7, 2016. Some parts of the LPPD entered into force on the date of publication and some parts entered into force on October 7, 2016.

Disclosure as data controller

Pursuant to PDPA No. 6698 and in the capacity of Data Controller, your personal data will be recorded, stored, updated, disclosed / transferred to third parties where permitted by the legislation, classified and processed in the ways listed in the PDPAwithin the framework described on this page.

How your personal data may be processed

Pursuant to PDPA No. 6698, your personal data that you share with our Company, in whole or in part, automatically, or by obtaining, recording, storing, storing, changing, rearranging, in short, by non-automatic means, provided that it is part of any data recording system, can be processed by us subject to any kind of processing performed on the data. Within the scope of PDPA, any operation performed on the data is accepted as “processing of personal data”.

Purposes and legal reasons for processing your personal data

The personal data you share,

• In order to fulfill the requirements of the services we provide to our customers in accordance with the requirements of the contract and technology, and to improve our products and services offered;
• Law No. 6563 on the Regulation of Electronic Commerce, Law No. 6502 on the Protection of Consumers and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette dated 26.08.2015 and numbered 29457, the Regulation on Distance Contracts published in the Official Gazette dated 27.11.2014 and numbered 29188 and other relevant legislation to record the identity, address and other necessary information to identify the information of the transaction owner;
• To organize all records and documents that will be the basis of payment systems, electronic contracts or paper-based transactions that are mandatory in the field of Banking and Electronic Payment; to comply with the information storage, reporting and information obligations stipulated by the legislation and other authorities;
• To provide information to prosecutors’ offices, courts and relevant public officials in matters related to public security and legal disputes, upon request and in accordance with the legislation;

PDPA No. 6698 and will be processed in accordance with the relevant secondary regulations. Information about third parties or organizations to whom your personal data may be transferred For the purposes stated above, the persons / organizations to whom your personal data that you share with our Company may be transferred; persons and organizations related to the services provided, such as suppliers, cargo companies, especially wix technology, which provides the e-commerce infrastructure of our Company, program partner organizations, domestic / foreign organizations and other third parties that we cooperate with, in order to carry out our activities and / or receive services in the capacity of Data Processor.

How your personal data is collected

Your personal data,

• • Information such as name, surname, TR ID number, address, address, telephone, business or private e-mail address through forms on our company’s website and mobile applications; preferences on the pages logged in using the username and password, IP records of the transactions performed, cookie data collected by the browser, and data containing browsing time and details, in the form of location data;

• • Verbally, in writing or electronically through our channels such as our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing and call center;

• • In a physical or virtual environment, face-to-face or distant, verbal or written or electronic media for purposes such as establishing a commercial relationship with our company, applying for a job, making an offer, business cards, CVs, making an offer and other ways from people who share their personal data;

• In addition, data obtained indirectly through different channels, from (micro) websites and social media used for websites, blogs, contests, surveys, surveys, games, campaigns and similar purposes, e-bulletin reading or clicking movements, data provided by public databases, profiles and data open to sharing from social media platforms; can be processed and collected.

Your personal data obtained before the PDPA entered into force

Your personal data obtained before April 7, 2016, the effective date of the PDPA, in accordance with the terms and conditions set out in this document are also processed and stored in accordance with the terms and conditions set out in this document.

Transfer of your personal data abroad

Your personal data collected by any of the above-mentioned methods to be processed in Turkey or to be processed and stored outside Turkey may also be transferred to service intermediaries abroad (to countries accredited by the Personal Data Board and where there is adequate protection for the protection of personal data), provided that they remain within the scope of PDPA and in accordance with the contractual purposes.

Storage and protection of personal data

Your personal data will be stored confidentially in the database and systems of our company in accordance with Article 12 of the PDPA; It will not be shared with third parties in any way other than legal obligations and the regulations specified in this document. Our company is obliged to prevent unlawful processing of personal data in accordance with Article 12 of the PDPA, to prevent unauthorized access, to take software measures such as access management and physical security measures. If it is learned that personal data is illegally obtained by others, the situation will be immediately notified to the Personal Data Protection Board in writing and in accordance with the legal regulation.

Keeping personal data up-to-date and accurate

Pursuant to Article 4 of the PDPA, our Company has the obligation to keep your personal data accurate and up-to-date. In this context, in order for our Company to fulfill its obligations arising from the legislation in force, our Customers are required to share accurate and up-to-date data or update them via the website / mobile application.

Pursuant to PDPA No. 6698, the rights of the personal data owner

Article 11 of the PDPA No. 6698 entered into force on October 07, 2016 and in accordance with the relevant article, the rights of the Personal Data Owner after this date are as follows: The Personal Data Owner may apply to our Company (data controller) and request information about himself/herself;

1. Learn whether personal data is being processed,
2. Request information if their personal data has been processed,
3. To learn the purpose of processing personal data and whether they are used for their intended purpose,
4. To know the third parties to whom personal data are transferred domestically or abroad,
5. To request correction of personal data in case of incomplete or incorrect processing,
6. To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the PDPA,
7. In case of correction, deletion or destruction of personal data, to request that these transactions be notified to third parties to whom personal data are transferred,
8. To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,
9. In case of damage due to unlawful processing of personal data, to demand compensation for the damage,

rights.

SIGMA FFYL is the Data Controller within the scope of PDPA. The Data Controller Representative to be appointed by our company will be announced in the Data Controllers Registry and on the website where this document is available when the legal infrastructure is provided. Personal Data Owners may direct their questions, opinions or requests to any of the following communication channels: