.png?revision=1774880419)
.png?revision=1764341863)
.png?revision=1777804769)
.png?revision=1777804697)
.png?revision=1772140472)
.png?revision=1772140490)
.png?revision=1776767095)
.png?revision=1773936172)
.png?revision=1773936217)
.png?revision=1763654568)
.png?revision=1763661433)
.png?revision=1772202487)
.png?revision=1777372009)
.png?revision=1745939975)
.png?revision=1776944826)
.png?revision=1774880419)
Personal Data Policy
Irismo Store Personal Data Policy
General information about the Personal Data Protection Law
The Personal Data Protection Law No. 6698 (hereinafter referred to as KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 dated April 7, 2016. Some provisions of the KVKK entered into force on the publication date, while others entered into force on October 7, 2016.
Information as the Data Controller
In accordance with KVKK No. 6698 and in our capacity as the Data Controller, your personal data may be recorded, stored, updated, disclosed/transferred to third parties where permitted by legislation, classified, and processed in the ways specified under KVKK within the framework explained on this page.
How your personal data may be processed
In accordance with KVKK No. 6698, your personal data shared with our Company may be processed by us, wholly or partially, automatically or non-automatically provided that it is part of a data recording system; obtained, recorded, stored, modified, reorganized, and subjected to any kind of operation performed on the data. Any operation performed on data within the scope of KVKK is considered as “processing of personal data”.
Purposes and legal grounds for processing your personal data
Your shared personal data may be processed for the following purposes:
- To fulfill the requirements of the services we provide to our customers in accordance with the contract and technological requirements, and to improve our products and services;
- To record identity, address, and other necessary information to identify the transaction owner within the scope of the Law No. 6563 on the Regulation of Electronic Commerce, the Law No. 6502 on Consumer Protection, the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated 26.08.2015, the Distance Contracts Regulation published in the Official Gazette No. 29188 dated 27.11.2014, and other relevant legislation;
- To prepare all records and documents that will form the basis of transactions in payment systems, electronic contracts, or paper format, which are mandatory in banking and electronic payment fields; to comply with information storage, reporting, and disclosure obligations required by legislation and other authorities;
- To provide information to prosecutors, courts, and relevant public officials upon request and as required by legislation in matters related to public security and legal disputes;
Your data will be processed in accordance with KVKK No. 6698 and related secondary regulations. The third parties or organizations to whom your personal data may be transferred include, primarily, IdeaSoft Software Inc., which provides our e-commerce infrastructure, suppliers, cargo companies, service providers, business partners, domestic/foreign organizations, and other third parties we cooperate with as data processors.
How your personal data is collected
Your personal data may be collected through:
- Forms on our website and mobile applications including information such as name, surname, Turkish ID number, address, phone number, work or personal email address; user preferences on pages accessed with username and password, IP records of transactions, cookie data collected by the browser, browsing duration and details, and location data;
- Sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing, and call center channels in verbal, written, or electronic form;
- Individuals who share their personal data with our Company for purposes such as establishing commercial relations, job applications, or submitting offers, through business cards, CVs, offers, and similar methods in physical or digital environments, face-to-face or remotely, verbally, in writing, or electronically;
- Data obtained indirectly from different channels such as websites, blogs, campaigns, surveys, games, social media, newsletter interactions, publicly available databases, and publicly shared social media profiles.
Personal data obtained before KVKK came into force
Your personal data obtained lawfully before April 7, 2016, through membership, electronic communication consent, product/service purchases, and other means, are also processed and stored in accordance with the conditions stated in this document.
Transfer of your personal data abroad
Your personal data collected through the above methods may be transferred abroad to service providers located in countries accredited by the Personal Data Protection Board as having adequate protection, provided that it remains within the scope of KVKK and in line with contractual purposes.
Storage and protection of personal data
Your personal data will be stored confidentially in our Company’s databases and systems in accordance with Article 12 of KVKK and will not be shared with third parties except for legal obligations and the regulations stated in this document. Our Company is obliged to take software and physical security measures to prevent unlawful processing and unauthorized access. In the event of unlawful acquisition of personal data by others, the situation will be reported to the Personal Data Protection Board in writing and in accordance with legal regulations.
Keeping personal data accurate and up to date
In accordance with Article 4 of KVKK, our Company is obliged to keep your personal data accurate and up to date. Therefore, our customers must share accurate and updated data or update it through the website/mobile application.
Rights of the personal data owner under KVKK No. 6698
According to Article 11 of KVKK, effective as of October 7, 2016, Personal Data Owners have the following rights:
- To learn whether personal data is processed,
- To request information if personal data has been processed,
- To learn the purpose of processing and whether it is used in accordance with its purpose,
- To know the third parties to whom personal data is transferred domestically or abroad,
- To request correction if personal data is incomplete or incorrectly processed,
- To request deletion or destruction of personal data under the conditions set forth in Article 7 of KVKK,
- To request notification of these actions to third parties to whom personal data has been transferred,
- To object to the emergence of a result against the person through analysis of processed data exclusively by automated systems,
- To request compensation for damages in case of unlawful processing of personal data.
Personal Data Owners may submit their questions, opinions, or requests through the following communication channels: