PRIVACY AND PERSONAL DATA PROTECTION POLICY
A. INTRODUCTION Data privacy is extremely important to 7İMMO and we place particular emphasis on the openness and transparency of our processing of your personal data. Therefore, we explain how your personal data will be processed and protected in this Privacy and Personal Data Protection Policy (hereinafter referred to as the “Policy”) This content is important, so please read it carefully and be sure to control your privacy. Before we begin, we would like to explain our privacy policy: · We take your privacy seriously. We are committed to protecting the security of your personal data. We comply with data privacy laws when using your personal data. · We only use your personal data in the ways described in this document. We will not collect your personal data if not required. We will stop collecting your personal data when it is no longer necessary for our purposes of collecting personal data. We will explain your rights to control your personal data. A.1. WHO IS THE RESPONSIBLE OF YOUR PERSONAL DATA? The data controller in the processing of data is SEVEN GÜVENLİK SİSTEMLERİ TİC.LTD.ŞTİ, whose Mersis Number is0764032813300018. (“7IMMO” or “COMPANY”) 7IMMO contact information is as follows: · Postal address: ikitelli Osb Mah. 6.Cad the White Tower No: 1 D: 30 Esenyurt-Istanbul TURKEY Phone: 0212 255 47 35 Email: [email protected] A.2. POLICY PURPOSE This Policy regulates the principles and principles adopted by 7IMMO, operating in the field of auto key and lock systems, in the processing and protection of personal data regulated and protected under the Law on the Protection of Personal Data No.6698, in order to ensure compliance with the legislation. The protection of personal data is of great sensitivity for 7İMMO and is among the priorities of our company. The text of the personal data processing policy is between 7IMMO and the natural person user and the representative authority (s) of the legal person user who is a member of the www.7immo.com website (hereinafter referred to as the “Site”) or mobile applications announced by 7IMMO It is an integral part of the membership agreement and the commercial distance sales agreement. A.3. POLICY SCOPE This Policy applies to our Company, its customers, potential customers, their employees, our Company interns and employees, trainee and employee candidates, shareholders, officials, officials, shareholders and employees of the institutions with which they have commercial relations, physical and virtual visitors, members and third parties. includes all personal data processed by non-automatic means provided that it is a part of any data recording system. In addition, the principles and principles adopted by this Policy are all employees who process personal data processed by our Company, have access to personal data, provide personal data to the Company or receive data from the Company, employee candidates, subcontractor employees, current and potential business partners, the Company. Employees of affiliated companies and their officers. A.4. DEFINITIONS Explicit Consent: The consent that is based on information and declared with free will regarding a specific issue, Processing of Personal Data: Obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making available, through fully or partially automatic means of personal data or non-automatic means provided that it is a part of any data recording system, All kinds of operations performed on data such as classification or prevention of use, Personal Data Owner: Real person whose personal data is processed (including legal person officials) Personal Data: All kinds of information regarding an identified or identifiable natural person, Special Categories of Personal Data: Data on race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, dress code, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data of special nature, Data Controller: The person who determines the purposes and means of processing personal data and manages the place where the data is systematically kept (data recording system), Data Processor: Real and legal person who processes personal data on behalf of the data controller based on the authority given by him, Data Recording System: The recording system in which personal data are structured and processed according to certain criteria, Law: Law No. 6698 on Protection of Personal Data, Anonymization: Making the data previously associated with a person unrelated to an identified or identifiable real person in any way, even by matching other data. expresses. B. PRINCIPLES REGARDING THE PROCESSING OF PERSONAL DATA Our company acts in accordance with the following principles, which are determined and adopted in accordance with all legislation, especially the Constitution and the Law, in the processing of personal data. B.1.7 What are the types of personal data collected by IMMO?   We use the personal data we collect from you in several different ways, the purpose of processing the data we collect varies depending on the relevant data. In the table below, this issue is explained in detail, the types of personal data we collect and our collection purpose are shown. Personal Data Category Personal Data Sample Credentials & Contact Information For example, your name, date of birth, place of birth, identity number, identity information, mother’s name, father’s name, identity serial number, validity date, signature, identity photo, gender, e-mail address, postal address, residential address, telephone number and other personal data Customer Transaction Information For example, payment card information, call document records, account holder name, invoice information, bank account number, IBAN number, receipt information, account information, customer account activities, contact history etc. Financial Information For example, bank / payment institution information, customer number, payment account information, call document records, account holder name, invoice information, bank account number, IBAN number, receipt information, account information, financial performance information, business information, etc.   Marketing Knowledge     For example, conversations and correspondence between 7IMMO and the customer over phone and e-mail, communication history, shopping history information, surveys, cookie records, information obtained through campaign work, etc. Location Information For example, location information of where the transaction took place and where it is located. Risk Management Information For example, information processed to manage commercial, technical, administrative risks, etc. Transaction Security Information & Complaint Management Information   For example, the customer’s IP address, website login and logout information, password and password information, snapshot, business photo, transaction receipts, residence address, identity register certificate, tax plate, internet provider, operating system and browser, device type; for example, laptop or smartphone, mobile application or website, device cookie settings and other details about the device, geographic area reported by the client device, etc. B.2. For what purposes does 7IMMO process your personal data?   7IMMO will send your personal information to all relevant national / international data, including the Turkish Penal Code No.5237, Code of Criminal Procedure No.5271, Law No.5549 on the Prevention of Laundering Proceeds of Crime, Labor Law No.4857, Turkish Commercial Code No.6102, Turkish Code of Obligations no. In order to fulfill the obligations arising from the secondary regulations published by the legislation and national / international competent authorities based on them and also from all contracts to which it is a party, it operates for the following purposes and depending on the following legal bases: Purposes of Processing Your Personal Data   Legal Bases of Data Processing   To fulfill your requests or applications through Corporate Communication and Customer Communication channels, to update the identity and contact information. Carrying out the necessary work by business units to make use of the products and services offered by our shopping site, and carrying out the relevant business processes, carrying out the necessary work by the relevant business units for the realization of the commercial activities carried out by our shopping site, and carrying out related business processes. Preparing the product to be delivered in accordance with the customer’s order and ensuring that it reaches the customer within the promised delivery time. Giving information to the relevant unit in order to transfer the product costs regarding the cancellation or refund to the customer’s account as soon as possible. Data collection to bring the product out of stock to the customer.       Our legitimate interest in the execution of a contract and its fulfillment by checking up-to-date information about our products and services, and evaluating applications and requests for products and services with our customers / potential customers.   To perform mobile application development services and website usability and quality analysis in order to improve our products and services. Planning and execution of commercial and / or business strategies of our shopping site. Carrying out activities that increase the user experience by following customer movements, improving the functioning of the website and mobile application of our shopping site and personalizing it according to customer needs, direct and indirect marketing, personalized marketing and remarketing activities, personal segmentation, targeting, analysis and company Planning and execution of the sales and marketing processes of the products and / or services of our shopping site, including the purposes of conducting internal reporting activities, market research, planning and execution of customer satisfaction activities and planning and execution of customer relationship management processes, or planning and execution of processes of creating and / or increasing commitment to services.       Our legitimate interest in the performance of a contract and sharing up-to-date information about our products and services with our customers / potential customers.   To verify and perform the financial transactions related to the financial transactions you have made, to confirm whether the membership conditions are fulfilled, To prepare and regularly follow up invoices, to fulfill the Company obligations.   Performance of a contract.   Fulfilling requests for updating identity and contact information. Establishing and implementing processes for ensuring the security of information. Lowering the risk to an acceptable level. Risk management. Creating Access Authority and Control Matrix. Determining data transfer techniques. Creating data storage processes and methods. Determining and executing remote access methods and processes.   Ensuring commercial, technical, administrative and legal security.   Keeping website and application entry-exit records. Logging the system movements of online visitors and users.     Ensuring transaction security with our legitimate interest in getting to know our customers better and improving our products and services accordingly. To identify visitors to our website.     Our legitimate interest and your prior express consent to share with our customers / potential customers up-to-date information about our products and services.   Conducting data analytics and market research. To provide better service to customers, to provide and offer various advantages, to provide information about sales, marketing, information, promotions, to provide information about the campaign and its conditions, to conduct surveys, customer satisfaction surveys, to speed up your purchases, to receive and deliver your orders, Creating campaigns, cross-selling, campaign planning, feasibility studies and accurate targeting within the scope of CRM.           Our legitimate interest and your prior express consent to share with our customers / potential customers up-to-date information about our products and services.   To carry out the services provided to our customers who are members.   Establishing contracts for all kinds of products and services requested, conducting order / cancellation / return processes and arranging all other records and documents (on paper or electronic media) and keeping information and documents in company records, providing the products and services in question and as required, To carry out the necessary operational activities of 7IMMO and its affiliates, the controlling company and the third party companies with which it cooperates, to ensure the legal and commercial security, to ensure the security of all the locations of our company, to carry out the human resources policies of 7IMMO.   To resolve your questions and complaints.   Your prior express consent.   To request information / documents from the Client to ensure account security.   Ensuring the security of the service provided in accordance with the terms of the contract concluded between the parties and legal legislation.   To perform KVKK legal and technical services and occupational health and safety information management system services.   Legal obligations arising from legislation and ensuring legal and commercial security.   Providing information to the authorized institutions regarding the legislation.   Legal obligations arising from legislation.   To send marketing communications related to news, information and updates, newsletters, offers and special events regarding our services and other marketing communications (via SMS, email or telephone) that may be of interest to you. At the same time, to use the data we collect about you in our product and service advertisements on third party websites.     Our legitimate interest in sharing up-to-date information about our services with our customers / potential merchant customers until the right of refusal is used (since customers have the title of merchant in order to market via SMS, e-mail and telephone channels, express consent is not sought as per the legislation) Your personal data are processed within the scope of our services, in accordance with the principles in Article 4 of the Law, within the processing conditions regulated in Articles 5 and 6. Our Shopping Site; For the purpose of online behavioral advertising and marketing, the user who comes to the site has the right to associate the behavior of the user on the site with a cookie in the browser, even if they are not a member, and to define remarketing lists based on metrics such as the number of pages viewed, visit duration and target completion number. Then, targeted advertising content can be shown to this user on the site or on other sites in the Display Network, according to the interests of the users. During the redirection of Google AFS advertisements to our Shopping Site, Google may place cookies on users’ browser or read the cookies contained in them or use web beacons to collect information. For more information, please review our Cookie Policy [HA4]. B.3. General Principles in Processing Personal Data 7İMMO, Constitution of Turkey, within the framework of compliance with the Personal Data Protection Act and in accordance with the legislation and manipulate data remains. In this context, 7IMMO acts in accordance with Article 4 of the Law, in accordance with the following principles: B.3.1. Compliance with Law and Good Faith 7IMMO, as a prudent trader, acts in accordance with the principles of legal regulations and general trust and honesty in the processing of personal data. B.3.2. Ensuring that Personal Data is Accurate and Updated when Required 7IMMO ensures that the personal data it processes are accurate and up-to-date, taking into account the fundamental rights of personal data owners and their own legitimate interests within the scope of the Law on the Protection of Personal Data along with other laws that it has to comply with within the scope of its activities. B.3.3. Processing for Specific, Clear and Legitimate Purposes 7IMMO clearly and precisely determines the purpose of processing personal data that is legitimate and lawful. In this context, personal data are presented or processed limited to the services to be provided and legal obligations. The purpose for which personal data will be processed is revealed before the personal data processing activity begins. B.3.4. Being Related, Limited and Measured for the Purpose of Processing 7IMMO processes personal data in a way that is convenient for the realization of the specified purposes and avoids the processing of personal data that are not related to the realization of the purpose or are not needed. Accordingly, the processing of data is limited to activities and legal obligations. B.3.5. Retaining for the Period Stipulated in the Relevant Legislation or Required for the Purpose for which they are processed 7IMMO determines the purposes for which and how long personal data will be processed before it has started to be processed and keeps personal data only for the period specified in the relevant legislation that it is obliged to comply with or for the period required for the purpose for which it is processed. In addition, it conducts data minimization studies, determines the periods stipulated in the legislation for the storage of personal data, or determines the maximum period according to the purpose of processing if there is not a period stipulated in the legislation, and deletes, destroys or anonymizes the personal data after these periods. Information about you will only be stored for as long as you continue to be a 7IMMO customer. If you decide that you no longer want to be a customer, you can contact our customer service team to request deletion of all of your information.   If there are reasonable requirements, or if it is necessary to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce other policies with the Usage Agreement, 7IMMO will provide you with the necessary information, even after closing your 7IMMO account or providing these services. Although we no longer need this information, it will continue to keep it. B.4 Conditions of Processing Personal Data B.4.1. Obtaining the Explicit Consent of the Personal Data Owner One of the conditions for processing personal data is the explicit consent of the owner. The explicit consent of the personal data owner should be explained on a specific subject, based on information and with free will. B.4.2 Cases Where Personal Data Can Be Processed Without Requiring Explicit Consent B.4.2.1. Clearly Stipulated in Laws Personal data of the data owner may be processed in accordance with the law without obtaining explicit consent if explicitly stipulated in the law (For example, Regulation on the Prevention of Laundering Proceeds of Crime and Terrorist Financing, Article 5.) B.4.2.2. Failure to Obtain Explicit Consent of the Relevant Person Due to Actual Impossibility The personal data of the data owner may be processed if it is necessary to process the personal data of the person who is unable to disclose his consent due to the actual impossibility or whose consent cannot be validated, or to protect the life or body integrity of another person. (For example, taking a visitor who has a disturbance in our company to the infirmary and recording their contact information) B.4.2.3. Directly Related to the Establishment or Execution of the Contract Provided that it is directly related to the establishment or execution of a contract, it is possible to process personal data if it is necessary to process personal data belonging to the parties to the contract. (For example, obtaining billing information of a person receiving a service from our company) B.4.2.4. Legal Obligation Personal data of the data owner may be processed if processing is mandatory for 7IMMO to fulfill its legal obligations. (For example, answering questions asked by public institutions such as MASAK, BTK, BRSA and sending the requested documents.) B.4.2.5. Making Personal Data Public by Personal Data Owner If the personal data is made public by the data owner himself, the relevant personal data can be processed. (For example, searching for a person applying for a job at our company) B.4.2.6. When Data Processing is Mandatory for the Establishment or Protection of a Right If data processing is necessary for the establishment, use or protection of a right, the personal data of the data owner may be processed. (For example, obtaining the information of people who are not our customers who apply to our company through the help section to answer their questions) B.4.2.7. Compulsory Data Processing for the Legitimate Interest of 7IMMO   Provided that it does not harm the fundamental rights and freedoms of the personal data owner, the personal data of the data owner may be processed if data processing is necessary for the legitimate interests of 7IMMO. PROCESSING SPECIAL QUALITY PERSONAL DATA 7IMMO acts sensitively in accordance with the regulations stipulated in the Personal Data Protection Law in the processing of personal data determined as “special quality” by the Law on Protection of Personal Data. In Article 6 of the Law on the Protection of Personal Data, the data determined as “special quality”; race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, costume and dress, association, foundation or union membership, health, sexual life are data on criminal convictions and security measures. By 7IMMO in accordance with the Law on Protection of Personal Data; Personal data of special nature are processed upon the explicit consent of the Personal Data owner, provided that adequate precautions are taken by the Personal Data Protection Board, and in cases stipulated by law, if there is no express consent. D. DELETING, DESTRUCTION OR ANONYMIZING PERSONAL DATA Although it has been processed in accordance with the provisions of the Personal Data Protection Law and other relevant laws, if the reasons for processing disappear, the personal data are deleted, destroyed or anonymized by the data controller ex officio or upon the request of the person concerned. 7IMMO reserves the right not to fulfill the request of the data owner in cases where it has the right and / or obligation to preserve personal data in accordance with the provisions of the relevant legislation. When the storage periods foreseen in the relevant legislation or required by the processing purpose expire, within the period stipulated for periodic destruction; It deletes the personal data it processes by using one or more techniques that are most suitable for business processes and activities, or continue to use it by anonymizing the deletion and anonymization methods specified in the Guide on Deletion, Destruction or Anonymization of Personal Data published by the KVK Board. In terms of deletion, destruction and anonymization of personal data; -Determining unnecessary or unlawful keeping of the data in our company’s records and determining who can access these data by which ways, and closing these channels, – In the event that a service is obtained from a third party service provider such as cloud storage service providers, the data kept in the records of this service provider is checked and deleted by checking whether this service provider has the authority (technical possibility) to retrieve the data, – The data kept in portable data recording devices are stored in encrypted form and can be deleted, -Personal data in the paper medium is cut off whenever possible, and in cases where it is not possible, it is darkened by drawing / painting / erasing using fixed ink, which is irreversible and unreadable with technological solutions – Deleting the office files on the central server with the delete command in the operating system or removing the access rights of the relevant user on the directory where the file or file is located, – Deleting the relevant lines containing personal data in databases with database commands (DELETE etc.), – In terms of destruction, it is not enough to delete the records from the records, to divide it into pieces that are too small to be understood, to destroy the copies of encryption keys, to make the recording media irreversible by de-magnetizing, physical deformation or overwriting, – Destruction of data or removal of the storage medium where data is processed,  
  • In terms of anonymization, making the data unrelated to the relevant person by removing or changing all direct and / or indirect identifiers, in this context, which do not provide value irregularity (removing variables / records, regional hiding, generalization, lower and upper limit) coding, sampling) or providing (micro-combining, data exchange, adding noise) anonymization methods or using statistical methods (K-Anonymity, L-Diversity, T-Proximity) are taken.
E. TRANSFER OF PERSONAL DATA In line with the provisions within the scope of both the Constitution and the Law on the Protection of Personal Data, 7IMMO pays utmost care and attention to sharing personal data with domestic and / or abroad, and continues its activities in accordance with the existing regulations. 7İMMO, as can be transferred to the personal data of third parties in Turkey to be maintained processed outside treatment or Turkey In Turkey, including the use of external resources in accordance with the conditions stipulated in the Act and other relevant legislation as given above, and taking all safety precautions specified in the legislation ; Unless otherwise stipulated in the contract signed electronically with the data subject and other relevant legislation, it can be transferred abroad. Due to legal obligations and within the framework of legal restrictions, it can be transferred to administrative and official authorities that need to be transferred legally, to third parties from outside services, to third parties with whom we cooperate in areas such as program partner institutions, organizations and call centers. Your “name, surname, identity number, city of residence, address, date of birth, e-mail address, telephone number” in order to carry out our activities within the scope of the cooperation to be established in order to provide a healthier service and the services offered by our company with the campaigns that our company currently carries out and can carry out with third parties. , domestic / foreign organizations with whom we are / will be in contractual relations, domestic / international / international organizations that receive service / support / consultancy or become a project / program partner, companies providing security, SMS and e-mail services, companies providing social media services, surveyors contractors, institutions from which independent auditing and support services are provided, service and infrastructure providers and business partners to ensure the legal and commercial security of third parties and / or to ensure the security of electronic and physical environments. The establishment, development and maintenance of technical and administrative infrastructure and electronic systems (website), and keeping customer data and managing call center processes can be transferred to third parties, as required by the business. The identity and contact information of the user can be shared with payment institutions in accordance with the framework agreement of the payment institution that will be approved at the payment stage and in accordance with the Regulation on Measures to Prevent Money Laundering and Terrorist Financing published in the Official Gazette dated January 9, 2008 and numbered 26751. E.1. Transfer of Personal Data Domestically According to the definition article of the Law, transferring personal data is also an activity of “processing personal data”. In this respect, in the transfer of personal data, provisions of Articles 8 and 9 of the Law are followed. Within the scope of the data types and purposes listed under Article E of our company, in accordance with the purpose of the data processing and provided that necessary security measures are taken, transfer to third parties (7İMMO affiliates, business partners, employees, subcontractors or suppliers, public institutions and legally authorized private persons or organizations) realizes. Personal data transfers within this scope are carried out through the secure environment and channels provided by the relevant third party.   Member’s mobile phone number and / or e-mail address; It is shared with the commercial electronic message tool service provider in order to promote, advertise, offer benefits and opportunities until the merchant member uses the refusal. E.2. Transfer of Personal Data Abroad Our company transfers the data abroad in accordance with the purpose of processing and provided that necessary security measures are taken. Our company also obtains approval from the data owner in the Text of Open Consent for its transfer abroad. Your personal data will be shared with our business partners abroad for the purpose of providing business development services, providing statistical and technical services and conducting customer relations. Your personal data can be transferred to electronic media such as servers, hosting companies, software, cloud computing, which are supported by information technologies abroad for archiving and storage purposes, and can be processed and stored here. In addition to the technical measures to ensure the security of personal data subject to domestic and international transfer, as mentioned above; Considering that the counterparty of the legal relationship is a data controller or data processor, it is also legally protected thanks to the KVKK compliant provisions included in our contracts. During the shared information, as stated above, when transferring personal data to countries outside of Turkey, the data transfer as permitted by applicable law and in accordance with this policy for data protection is ensured. F. LIGHTING OBLIGATION 7IMMO, in accordance with Article 10 of the Personal Data Protection Law, personal data owners during the acquisition of personal data, the identity of 7IMMO during the acquisition of personal data, for what purpose personal data will be processed, to whom and for what purpose the processed personal data can be transferred, method of collecting personal data. and informs about the rights that personal data owner has within the scope of Article 11 of the Law on Protection of Personal Data. 7IMMO informs the user / visitor with the Illumination Text issued by a pop-up while the membership process is taking place, and every person who accepts the membership agreement on the site and is a member of the site accepts that this lighting has been made to him. In addition, the aforementioned illumination text and cookie policy are also included in the transactional e-mail sent to users whose membership has been accepted. In addition, in cases where the explicit consent of the relevant persons is required for the processing of personal data, comprehensive clarifications are made in order to obtain the consent of the data subjects regarding a specific subject and declared with free will. In addition, 7IMMO informs the personal data owners and those concerned that it carries out personal data processing activities in accordance with all the matters in the Personal Data Protection Law and in particular “the law and the rule of honesty” with various public documents, especially this Policy document, and informs those concerned about personal data processing activities and provides transparency. ENSURING THE SECURITY OF PERSONAL DATA   Our company takes technical, administrative and physical measures regarding data security to be taken in order to prevent unlawful access to personal data and to protect personal data by illegally processing personal data. G.1. Technical Measures for Data Security – Within the scope of the Information Security Management System, it carries out activities that are systematic, established, planned, manageable, sustainable, documented, accepted by the management and based on international security standards in order to ensure the confidentiality, integrity and uninterrupted availability (accessibility) of information. – Taking, but not limited to, firewall and gateway measures to ensure cyber security; preventing employees from accessing threatening websites or online services; removal of unused software and services from computers; It takes measures such as ensuring that software and hardware are in the most up-to-date version against security vulnerabilities. – In the name of tracking personal data security; Measures are taken such as checking which software and services are running in the information networks, determining whether there is an infiltration or non-infiltration in the information networks, keeping the log records of all users, and preventing the acquisition of data by copying in case of maintenance and repair of any device where the data is processed. – In order to ensure the security of environments containing personal data; Necessary measures are taken to anticipate the risks such as theft, loss or damage of the devices or printed documents where personal data are stored, and to take measures to prevent these risks and to minimize the damages in case these risks occur. – If personal data is stored in the cloud; The data security measures of the relevant cloud storage systems and providers are examined, measures such as cryptographic encryption of personal data to be transmitted (to be uploaded) to data storage service providers, encrypted and disposed of in cloud environments, restriction and control of the people, places and internet networks where data storage service providers can be accessed. – Within the scope of procurement, development and maintenance of information technology systems; In order to control the correct data entry of existing systems and to ensure that the correct entered information is not corrupted during the process, measures such as establishing control mechanisms within the applications, preventing errors that may cause data loss, avoiding sending data-storing parts or taking necessary precautions when there is a need to send devices to third parties in case of hardware errors. . G.2. Administrative Measures Regarding Data Security In order to protect personal data, our company provides awareness training to its employees, informs its employees that they cannot disclose the personal data they have learned to anyone in violation of the provisions of the Law and that they cannot use them except for the purpose of processing, and this obligation will continue after they leave their duties, and accordingly receives necessary commitments from them. In case of making necessary updates by following the changes in the legislation, in case of transfer of personal data, special provisions are added to protect the data of personal data subjects in the contracts made with the data transferred persons, risks are determined through periodic audits, efforts are made to keep personal data as little as possible and other administrative measures are taken. G.3. Physical Measures Regarding Data Security In order to protect personal data, our company takes security measures in the buildings belonging to our Company, makes authorizations in environments such as archives where personal data is kept, and takes measures for the security of electronic devices where personal data are kept. G.4. Measures to be Taken If Personal Data Is Obtained by Others Illegally Our company, as the data controller, notifies the relevant person and the Board, as soon as possible, in case personal data is obtained by others through illegal means.   In case of any violation, our company, as a rule, foresees to make a notification to the Board within 72 hours after the violation is detected. H. PROTECTING THE RIGHTS OF THE DATA OWNER Our company has established a Personal Data Protection Unit in order to manage the processes regarding the protection and processing of personal data and to fulfill all other requirements of the Law. This unit also works within the scope of protecting your personal data and answering your requests. In case personal data owners submit their requests regarding their rights listed below to 7IMMO, the requests are concluded free of charge as soon as possible and within thirty days at the latest, depending on their nature. However, if the transaction requires an additional cost, the fee in the tariff determined by the KVK Board or other authorities will be collected by 7IMMO. In this context, by applying to our Company, in accordance with Article 11 of the Law, the persons whose personal data are processed by our Company; – Learning whether your personal data is processed, – If personal data has been processed, to request information regarding this, – Learning the purpose of processing personal data and whether they are used appropriately for their purpose, – To know the third parties to whom personal data is transferred domestically or abroad, – To request correction of personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom personal data are transferred, – Request deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the Law (in case the reasons requiring the processing of personal data are eliminated although it has been processed in accordance with the provisions of the Law and other relevant laws) and to notify the third parties to whom the personal data has been transferred don’t want – To object to the emergence of an unfavorable result by analyzing the processed data exclusively through automated systems, – In case of damage due to unlawful processing of personal data, they have the right to demand the compensation of the damage. Exceptional circumstances stipulated in Article 28 of the Law are reserved. In this context, data owners will be able to submit their requests in writing to 7IMMO. As 7IMMO, it is always important to hear from you (especially when you think we do not meet your expectations or we can do better). If you • If you have any questions or feedback regarding this Policy, • If you want us to stop using your personal data, • If you want to exercise your above-mentioned rights or to submit a complaint, You can send these notifications to our head office ikitelli Osb Mah. 6.Cad the White Tower No: 1 D: 30 Esenyurt-Istanbul TURKEY adresinepos in the way as you can reach with our company [email protected] electronic mail to your registered e-mail address or 7İMMO sevens01.kep.t ledger address in the e-signed or or You can forward it with other methods specified in the KVK Law.   If you want to submit your declarations physically, you can also do so via the Application Form [HA9] prepared in Turkish and English. I. HOW THE DATA OWNER MAY CHANGE THE POSITIVE OR NEGATIVE PREFERENCES FOR RECEIVING ELECTRONIC COMMERCIAL MESSAGES You can change or update your positive or negative preferences regarding receiving commercial electronic messages, which you have given at a later time after you become a member of the website or mobile application of electronic commerce platforms operated by 7IMMO, by following the steps below. • Sign in to your account. • Uncheck the preference you marked earlier. • Click on the “Update” button. When you complete this process, we will update your profile to ensure that you will not be sent via the commercial message receiving channel you do not prefer in the future. Please note that since 7IMMO has a complex web program with many interconnected services, it may take a few days for us to update our systems and therefore you may continue to receive messages from us while processing your request. Termination of membership does not mean withdrawing your consent for receiving commercial electronic messages. Therefore, please make sure that you have completed all the procedures to withdraw your consent. J. APPLICATION AND ENFORCEMENT The matters regulated in this Policy are subject to the Law and secondary legislation, in case of conflict between the policy and the provisions of the legislation, the provisions of the legislation will be applied. This Policy is published on our Company’s website (https://www.7immo.com) and is in effect from the date of its publication. 7IMMO may make changes or updates in this Policy in line with legal regulations and Company Policy. Necessary information is provided about the new Policy text that reflects all these changes and updates, via the website or other 7IMMO services such as mobile applications or by communicating with other means of communication such as your e-mail. K. REPORTING SECURITY VULNERABILITY   As 7IMMO, we do not accept any security risks. If you notice any technology issues, let us know. Send an e-mail to [email protected] with the details of the security vulnerability, explaining what we should do to see or verify this vulnerability exactly, including your contact information and company name. If you want to submit your notifications physically, you can also do so via the additional Data Violation Form [HA11].