Privacy Policy

PERSONAL DATA PROTECTION POLICY AND INFORMATION NOTICE

Emire Tekstil Mağazacılık İth. İhr. San. Tic. Ltd. Şti. (“MARİNA” or the “Data Controller”), as the data controller, adopts the principles set forth by the relevant legislation to comply with the Law on the Protection of Personal Data No. 6698 (KVKK) and the General Data Protection Regulation (GDPR) No. 2016/679 of the European Union. It fulfills its obligations regarding the processing, deletion, destruction, anonymization, transfer, disclosure, and security of personal data. Accordingly, this Privacy and Personal Data Protection Policy (the "Policy") has been drafted and made accessible to individuals whose personal data is processed (“data subject”).

PURPOSE AND SCOPE OF THE POLICY

This Privacy and Personal Data Protection Policy aims to inform data subjects and covers the following matters:

  • Principles regarding the processing of personal data
  • Conditions for processing personal data
  • Cases in which special categories of personal data may be processed
  • Information and notification of data subjects
  • Categorization of personal data
  • Purposes of processing personal data
  • Transfer of personal data to third parties domestically and abroad
  • Methods and legal grounds for processing personal data
  • Retention periods of personal data
  • Security of personal data
  • Use of cookies
  • Legal rights of data subjects and contact information for exercising these rights
  • Enforcement and updates

PRINCIPLES OF PERSONAL DATA PROCESSING

2.1. Processing in Compliance with Law, Good Faith, and Transparency

Personal data is processed in accordance with legal regulations, general principles of trust and good faith, and the principle of transparency.

2.2. Ensuring Accuracy and Keeping Data Up to Date

Reasonable measures are taken to ensure that processed personal data is accurate and up to date. Periodic checks and updates are conducted. MARİNA has implemented systems to verify and update data when necessary. Members can make updates and changes through the "My Account" page on www.marinatr.com.

2.3. Processing for Specific, Explicit, and Legitimate Purposes

Personal data is processed for explicit, specific, and legitimate purposes. The purposes of data processing are detailed in this Policy.

2.4. Processing in a Limited and Proportionate Manner

Personal data is processed in a manner that is proportionate and limited to the purposes for which it is collected. Data that is not required for achieving the intended purposes is not processed.

2.5. Retaining Data for the Period Specified in Legislation or Required for Processing Purposes

MARİNA retains personal data only for the duration specified in the relevant legislation or as required for the purpose of processing. If a retention period is defined in the legislation, it is followed; otherwise, the data is retained for as long as necessary for the intended purpose. Once this period expires or the purpose for processing is no longer applicable, and if no legal reason exists for further retention, the data is deleted, destroyed, or anonymized in accordance with MARİNA’s Personal Data Retention and Destruction Policy. The details of retention periods are outlined in this Policy.

2.6. Ensuring Data Integrity and Confidentiality

Personal data is processed securely using appropriate technical and administrative measures to prevent unauthorized or unlawful processing, accidental loss, destruction, or damage.

 

  1. KİŞİSEL VERİLERİNİN İŞLENMESİ ŞARTLARI

Kişisel veri işleme faaliyetinin dayanağı aşağıda belirtilen hukuka uygunluk sebeplerinden yalnızca biri olabildiği gibi bu şartlardan birden fazlası da aynı kişisel veri işleme faaliyetinin dayanağı olabilir. İşlenen kişisel verilerin, özel nitelikli kişisel veri olması halinde ise; aşağıda “Özel Nitelikli Kişisel Verilerin İşlenebileceği Haller” başlığı içerisinde yer alan koşullar uygulanır.
İlgili kişi gruplarının açık rızası, kişisel verilerin hukuka uygun olarak işlenmesini olanaklı kılan hukuka uygunluk sebeplerinden sadece bir tanesidir. Açık rıza dışında, aşağıda yer alan diğer hukuka uygunluk sebeplerinden birinin varlığı durumunda da kişisel veriler işlenebilir.
İlgili kişi gruplarının kişisel verileri, aşağıda açıklanan işleme şartları dâhilinde işlenmektedir.

3.1. Kanunlarda Açıkça Öngörülmesi
Kanunlarda açıkça kişisel veri işlenmesi öngörüldüğü hallerde, MARİNA verisi işlenecek kişi gruplarının ayrıca açık rızasını almadan kişisel verilerini işlemektedir. Örneğin Elektronik Ticaretin Düzenlenmesi Hakkında Kanun uyarınca MARİNA’ya üyelik, ticari elektronik izni verilmesi, sipariş, ödeme, teslimat, ürüne ilişkin iptal veya iade gibi süreçlerde kişisel verilerin işlenmesi, kanunda açıkça öngörülmesi halinde gerçekleşen işleme faaliyetidir.

3.2. Fiili İmkânsızlık Sebebiyle İlgilinin Açık Rızasının Alınamaması veya Kişisel Verilerin İlgili Kişinin veya Başka Bir Kişinin Hayati Çıkarlarının Korunması İçin Gerekli Olması
Fiili imkânsızlık nedeniyle rızasını açıklayamayacak durumda olan veya rızasına geçerlilik tanınamayacak olan kişi grubunun kendisinin ya da başka bir kişinin hayatı veya beden bütünlüğünü korumak için kişisel verisinin işlenmesinin zorunlu olması halinde kişi grubunun açık rızası alınmaksızın verileri işlenebilir. Ayrıca kişisel veriler, ilgili kişinin veya başka bir kişinin hayati menfaatlerinin korunması için gerekli ise, söz konusu ilgili kişinin açık rızası alınmadan işlenebilecektir.

3.3. Sözleşmenin Kurulması veya İfasıyla Doğrudan İlgili Olması
Bir sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması kaydıyla, sözleşmenin taraflarına ait kişisel verilerin işlenmesinin gerekli olması halinde veriler işlenebilir. Örneğin; My Marina Sadakat Programı üyelik işleminin gerçekleştirilebilmesi, MARİNA’ya üyelik işleminin gerçekleştirebilmesi için Üye’nin verdiği kişisel veriler, sözleşmenin ifası ile doğrudan ilgili işleme faaliyetidir.

3.4. MARİNA’nın Hukuki Yükümlülüğünü Yerine Getirmesi
Veri sorumlusu olarak, hukuki yükümlülükleri yerine getirmek için işlemenin zorunlu olması halinde açık rıza alınmaksızın kişi grubunun kişisel verileri işlenebilir. Örneğin, siparişte cayma hakkının kullanımı neticesinde ürün iadesi durumunda, satıcıya ürün bedelinin ödenmesi gibi faaliyetler MARİNA’nın hukuki yükümlülüğünü yerine getirmesi için gerekli işleme faaliyetleridir.

3.5. Kişi Gruplarının Kişisel Verisini Alenileştirmesi
Kişi grubunun, kişisel verisinin kendisi tarafından alenileştirilmiş olması halinde, açık rızaya gerek olmaksızın veriler işlenebilir. Örneğin, Üye’nin internette, sosyal medya hesaplarında herkese açık olarak paylaşmış olduğu kişisel veriler MARİNA sosyal medya kanalları ile bağlantılı kişi ise, bu paylaşım iradesine uygun ve ölçüde olduğu takdirde işlenebilecektir.

3.6. Bir Hakkın Tesisi veya Korunması için Veri İşlemenin Zorunlu Olması
Bir hakkın tesisi, kullanılması veya korunması için veri işlemenin zorunlu olması halinde, kişi grubunun açık rızası alınmaksızın verileri işlenebilir. Örneğin, Üye’nin tüketici hakem heyetine yapmış olduğu bir şikâyete istinaden, alışveriş ile bilgilerinin bu şikâyet dosyasına gönderilmesi hakkın tesisi veya korunması için gerekli bir işleme faaliyetidir.

3.7. Meşru Menfaate Dayalı Olarak Verilerin İşlenmesi
Kişi grubunun temel hak ve özgürlüklerine zarar vermemek kaydıyla MARİNA’nın meşru menfaatleri için veri işlemenin zorunlu olması halinde kişi grubunun açık rızası alınmaksızın kişisel verileri işlenebilir.

3.8. Kişi Grubunun Kişisel Verilerinin Açık Rızaya Dayalı Olarak İşlenmesi
Kişi grubunun kişisel verileri, yukarıda belirtilen şartlardan herhangi birine dayalı olarak işlenemediği durumlarda, açık rızaya dayalı olarak işlenecektir, bu durumda KVKK’nın ve GDPR’ın belirlediği kriterlere uygun açık rıza alınarak işleme faaliyeti gerçekleştirilmektedir. Örneğin, ticari elektronik ileti gönderimi için ilgili kişilerin iletişim bilgilerinin işlenmesi açık rıza halinde gerçekleşmektedir.
 

  1. CASES WHERE SPECIAL CATEGORIES OF PERSONAL DATA MAY BE PROCESSED

    Some personal data are classified as "special categories of personal data" and are subject to enhanced protection measures. At MARİNA, special categories of personal data are processed under distinct conditions and safeguards.

    4.1. Processing of Special Categories of Personal Data Based on Explicit Consent

    Special categories of personal data may be processed if the data subject has provided explicit consent. Such processing will be carried out in compliance with the principles outlined in this Policy, while implementing the necessary administrative and technical measures.

    4.2. Processing of Special Categories of Personal Data Without Explicit Consent

    In cases where the data subject has not given explicit consent, special categories of personal data may still be processed if adequate measures are taken as determined by the Personal Data Protection Board.

    • For personal data other than health and sexual life-related data, processing may take place if required by law.
    • For personal data related to health and sexual life, processing is permitted only if it is carried out by persons or institutions under a confidentiality obligation, and for purposes such as:
      • Protection of public health,
      • Preventive medicine,
      • Medical diagnosis, treatment, and care services,
      • Planning and management of healthcare services and financing.

    For example, MARİNA’s occupational physician may process health data for occupational health and safety purposes.

    5. INFORMING AND NOTIFYING DATA SUBJECTS

    At MARİNA, data subjects are informed at the time of personal data collection. Additionally, MARİNA provides notification through the following channels:

    • Website: www.marinatr.com
    • Shared areas within company premises, stores, and offices, where policies, privacy notices, and QR codes are available.

    The notification includes:

    • The identity of MARİNA as the data controller,
    • The types of personal data being processed,
    • The purposes for processing personal data,
    • The recipients and purposes for sharing personal data,
    • The methods and legal basis for collecting personal data,
    • The rights of the data subjects under applicable data protection laws.

    Data subjects may request further information from MARİNA at info@marinamayo.com, and MARİNA will provide a response as soon as possible.

    CATEGORIZATION OF PERSONAL DATA

    MARİNA processes personal data categorized as follows:

    • Examples of data categories processed for different groups of individuals
    • Employee, intern, and subcontractor data, including personnel records and similar categories processed internally under MARİNA’s Employee Personal Data Processing Policy.

 

Name, surname, date of birth, gender, Turkish ID number

 

Customer-Member Customer, Guest Customer
Supplier Officer
Supplier Employee
Employee Candidate

Contact
Mobile phone, email address, address, postcode, landline

Customer- Member Customer, Guest Customer
Supplier Officer
Supplier Employee
Employee Candidate

Location

Customer- Member Customer, Guest Customer
Supplier Employee

Legal Procedure
Contract, legal information

Customer- Member Customer, Guest Customer
Supplier Officer
Supplier Employee
Employee Candidate

Customer Transaction
Purchased product/s, size and color preferences, purchase amount date etc. information, call center call records, campaigns/competitions used, coupons used, information about the order

Customer- Member Customer, Guest Customer

Transaction Security
Password, password, IP information

Customer- Member Customer, Guest Customer
Online Visitor
Supplier Official
Supplier Employee

Finance
Invoice information, bank account information, financial information, payment debit credit information

Customer- Member Customer, Guest Customer
Supplier Official
Supplier Employee

Professional Experience

Supplier Employee
Employee Candidate

Marketing

Customer- Member Customer, Guest Customer
Online Visitor



 

  1. PROCESSING OF SPECIAL CATEGORY PERSONAL DATA

    Some personal data are classified as "special category personal data" and are subject to special protection. At MARİNA, such data are processed under separate conditions and with enhanced security measures.

    4.1. Processing of Special Category Personal Data Based on Explicit Consent

    Special category personal data may be processed with the explicit consent of the individual, in accordance with the principles outlined in this Policy and by implementing necessary administrative and technical measures.

    4.2. Cases Where Special Category Personal Data May Be Processed Without Explicit Consent

    In the absence of explicit consent, special category personal data may be processed provided that adequate precautions determined by the Personal Data Protection Board are taken. For data other than health and sexual life, processing is allowed if prescribed by law. Health and sexual life-related data may only be processed by persons or authorized institutions bound by confidentiality obligations, for purposes such as public health protection, preventive medicine, medical diagnosis, treatment, and healthcare service planning and management. For instance, occupational health and safety processes may involve the processing of health data by MARİNA’s workplace physician.

    INFORMING AND NOTIFYING DATA SUBJECTS

    At MARİNA, individuals are informed during the collection of their personal data. This is done through MARİNA’s website (www.marinatr.com), policies displayed in common areas within company offices and stores, and QR codes. Individuals are provided with details about MARİNA’s data controller identity, the categories of personal data processed, purposes of processing, data transfers, the legal basis for data collection, and their rights.

    Individuals may request information at any time by contacting MARİNA at info@marinamayo.com, and necessary clarifications will be provided as soon as possible.

    CATEGORIZATION OF PERSONAL DATA

    MARİNA processes personal data of individuals under the categories listed below. Additionally, categories related to employees, interns, and subcontractor personnel are detailed in MARİNA’s Employee Personal Data Processing Policy.

    Identity Data

    • Name, surname, date of birth, gender, national ID number

    PURPOSES OF PERSONAL DATA PROCESSING

    7.1. Conditions for Processing

    Personal data are processed under the following conditions:

    • When explicitly required by law,
    • When necessary for the establishment or performance of a contract with MARİNA,
    • When processing is required to fulfill MARİNA’s legal obligations,
    • When personal data have been made public by the data subject, limited to the scope of the disclosure,
    • When processing is essential for the protection or exercise of the legal rights of MARİNA, the data subject, or third parties,
    • When processing is required for MARİNA’s legitimate interests, provided that it does not violate fundamental rights and freedoms,
    • When processing is necessary to protect the life or physical integrity of the data subject or another individual in cases where consent cannot be obtained due to physical or legal incapacity.

    If none of these conditions apply, MARİNA obtains the explicit consent of the data subjects before processing their personal data.

    7.2. Purposes of Processing

    For Customers:

    Registered Customers’ Personal Data
    • Membership processes and agreements
    • Providing services and improving user experience
    • Contract execution (Membership & Distance Sales Agreements)
    • Marketing activities (subject to consent)
    • Handling customer inquiries and complaints
    • Enhancing desktop, tablet, and mobile user experience
    • Accounting and purchasing processes
    • Compliance with legal regulations
    • Responding to requests from administrative and judicial authorities
    • Ensuring data security and preventing malicious activity
    • Keeping personal data accurate and up to date
    • Improving information security and internal processes
    • Managing "My Marina" Loyalty Program
    Guest Customers’ Personal Data (for non-registered shoppers)
    • Providing services and improving user experience
    • Marketing activities (subject to consent)
    • Enhancing platform usability
    • Managing accounting and purchasing processes
    • Compliance with legal regulations
    • Responding to requests from administrative and judicial authorities
    • Ensuring information security and preventing misuse
    • Keeping data accurate and up to date

    For Suppliers (Supplier, Supplier Representative, Supplier Employee):

    • Managing business relationships
    • Contractual and legal obligations
    • Contract establishment and execution
    • Procurement, production, and service-related operations
    • Managing post-purchase services, returns, and refunds
    • Occupational health and safety compliance
    • Ensuring regulatory compliance with social security and employment laws
    • Verification of employee qualifications (certifications, licenses, etc.)
    • Ensuring cost-efficient use of company resources
    • Supplier compliance with MARİNA’s data protection obligations
    • Accounting and payment tracking
    • Legal compliance and responding to judicial or administrative requests
    • Ensuring data security and preventing unauthorized access

    For Job Applicants:

    • Execution of HR policies and processes
    • Planning recruitment and evaluation procedures
    • Occupational health and safety activities
    • Communication for recruitment and placement purposes
    • Managing intern recruitment and operations

    For Online Visitors:

    • Logging user system activities
    • Legal compliance and responding to administrative/judicial requests
    • Ensuring cybersecurity and preventing misuse
    • Fulfilling legal obligations

    TRANSFER OF PERSONAL DATA TO THIRD PARTIES DOMESTICALLY AND INTERNATIONALLY

    8.1. Data Transfers

    Personal and special category data may be transferred to third parties (companies, individuals) within the scope of Articles 8 and 9 of the Personal Data Protection Law (KVKK), provided that security measures are taken.

    Data may also be transferred abroad due to software and server infrastructure used by MARİNA. Since the Personal Data Protection Authority has not yet announced a list of safe countries, cross-border data transfers are carried out based on the explicit consent of individuals in accordance with Article 9 of KVKK.

    8.2. Third Parties to Whom Personal Data May Be Transferred

    Personal data may be shared with:

    • MARİNA’s business partners,
    • MARİNA’s suppliers,
    • MARİNA’s subsidiaries,
    • MARİNA’s shareholders,
    • Authorized public institutions and authorities,
    • Authorized private legal entities.

    METHODS AND LEGAL BASIS FOR COLLECTING PERSONAL DATA

    Personal data may be collected electronically or physically and processed based on the legal grounds outlined in Articles 5 of KVKK and the relevant GDPR provisions. The collection and processing methods vary depending on the data subject category.

 

For the Customer (Member/Guest) Group:

  • Protection of the customer's rights and interests.
  • Providing benefits and privileges to customers for establishing a business relationship.
  • Continuation and development of internal company activities.
  • Fulfillment of legal obligations arising from regulations.
  • Processing of personal data necessary for the establishment or performance of a contract, provided it is directly related to the contract.
  • Processing of data for the legitimate interests of the data controller, such as entering customer orders into relevant storage and analysis software, provided that it does not harm the fundamental rights and freedoms of the customer.
  • Processing of data based on the customer's explicit consent.
  • Enabling customers to benefit from the advantages and system of the My Marina Loyalty Program.

For the Supplier/Business Partner Group (Supplier/Business Partner, Supplier/Business Partner Representative, Supplier/Business Partner Employee):

  • Processing of data necessary for the data controller to fulfill its legal obligations.
  • Processing of personal data necessary for the establishment or performance of a contract, provided it is directly related to the contract.
  • Processing of data for the legitimate interests of the data controller, such as storing contact details to ensure business continuity and effective communication, provided it does not harm the fundamental rights and freedoms of the Supplier/Business Partner.
  • Processing of data based on the explicit consent of the Supplier/Business Partner.

For the Job Applicant Group:

  • Processing of personal data necessary for the establishment or performance of a contract, provided it is directly related to the contract.
  • Processing of data for the legitimate interests of the data controller, such as retaining and evaluating applicant data for potential future employment opportunities, provided it does not harm the fundamental rights and freedoms of the Job Applicant.
  • Processing of data based on the explicit consent of the Job Applicant.

For the Online Visitor Group:

  • Processing of personal data necessary for the establishment or performance of a contract, provided it is directly related to the contract.
  • Processing of data for the legitimate interests of the data controller, such as analyzing which pages are visited more frequently for business development purposes, provided it does not harm the fundamental rights and freedoms of the Online Visitor.
  • Processing of data based on the explicit consent of the Online Visitor.

PERSONAL DATA RETENTION PERIODS

The retention periods of personal data processed by MARİNA and their legal justifications are detailed in the table below:

Identity

15 years from the termination of the legal relationship

Law No. 6563 on the Regulation of Electronic Commerce, Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Law No. 213, Consumer Protection Law No. 6502, Labor Law No. 4857, Occupational Health and Safety Law No. 6331

Communication

10 years from the termination of the legal relationship

Law No. 6563 on the Regulation of Electronic Commerce, Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Law No. 213, Consumer Protection Law No. 6502, Labor Law No. 4857, Occupational Health and Safety Law No. 6331

Location

10 years from the termination of the legal relationship

6563 Sayılı Elektronik Ticaretin Düzenlenmesi Hakkında Kanun, 6102 Sayılı Türk Ticaret Kanunu, 6098 Sayılı Türk Borçlar Kanunu

Legal Action

10 years from the date of finalization of the trial

Code of Civil Procedure No. 6100, Code of Criminal Procedure No. 5271

Customer Transaction

10 years from the termination of the legal relationship

Law No. 6563 on the Regulation of Electronic Commerce, Turkish Commercial Code No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Law No. 213, Consumer Protection Law No. 6502, Law No. 5651 on the Regulation of Publications Made on the Internet and Combating Crimes Committed Through These Publications

Transaction Security

2 yearsLaw No. 5651 on the Regulation of Publications Made on the Internet and Combating Crimes Committed Through These Publications

Finance

10 years from the termination of the legal relationship

6563 Sayılı Elektronik Ticaretin Düzenlenmesi Hakkında Kanun, 6102 Sayılı Türk Ticaret Kanunu, 6098 Sayılı Türk Borçlar Kanunu, 213 Sayılı Vergi Usul Kanunu, 6502 Sayılı Tüketicinin Korunması Kanunu

Marketing

During Legal Relationship

 

 

  1. PERSONAL DATA SECURITY

    At MARINA, reasonable measures are taken to prevent unauthorized access risks, accidental data loss, deliberate deletion of data, or damage to data to ensure the security of personal data.

    All necessary technical and physical measures are taken to prevent unauthorized access to personal data by individuals other than those authorized to access it. In this context, especially the authorization system is structured in such a way that no one can access more personal data than necessary. Stricter measures are taken to ensure the security of sensitive personal data, such as health data, compared to other types of personal data.

    Authorized individuals undergo the necessary security and internal control procedures. Additionally, these individuals are trained regarding their duties and responsibilities.

    Access logs to personal data are kept as much as technically possible and are reviewed regularly. In the case of unauthorized access, an investigation and legal actions are immediately initiated.

    MARINA takes the following security measures to ensure the security of processed data:

    Network and application security are provided.
    Closed system networks are used for personal data transfers via networks.
    Key management is implemented.
    Security measures are taken for the procurement, development, and maintenance of information technology systems.
    The security of personal data stored in the cloud is ensured.
    Disciplinary regulations containing data security provisions are in place for employees.
    Employees receive periodic training and awareness programs on data security.
    An authorization matrix is created for employees.
    Access logs are regularly kept.
    Corporate policies regarding access, information security, usage, storage, and destruction have been prepared and implemented.
    Confidentiality agreements are signed.
    Access rights of employees who change roles or leave the company are revoked.
    Up-to-date antivirus systems are used.
    Firewalls are employed.
    Contracts signed include provisions on data security.
    Extra security measures are taken for personal data transferred by paper, and the documents are sent in confidential formats.
    Personal data security policies and procedures have been defined.
    Personal data security issues are reported quickly.
    The security of physical environments containing personal data is ensured against external risks (e.g., fire, flood).
    Physical environments containing personal data are protected.
    Personal data is minimized as much as possible.
    Personal data is backed up, and the security of the backed-up data is ensured.
    Periodic and/or random internal audits are conducted.
    Log records are maintained without user intervention.
    Current risks and threats have been identified.
    Protocols and procedures regarding the security of sensitive personal data have been defined and implemented.
    If sensitive personal data is sent by email, it is encrypted and sent via secure means such as KEP (Secure Electronic Notification) or corporate email.
    Intrusion detection and prevention systems are used.
    Penetration testing is conducted.
    Sensitive personal data transferred via portable memory, CDs, or DVDs is encrypted during transfer.
    Data processors are periodically audited for data security.
    Data processors are made aware of data security.
    USE OF COOKIES

    MARINA uses cookies, pixels, GIFs, and other technologies ("cookies") to ensure the most efficient use of its website and applications and to improve user experience. The use of these technologies is carried out in compliance with applicable laws, including the Personal Data Protection Law (KVKK). If individuals do not prefer the use of cookies, they can delete or block cookies through their browser settings. Detailed information regarding the cookies used by MARINA can be found in the Cookie Policy, where preferences can be set.

    AUTOMATIC DATA PROCESSING ACTIVITIES

    MARINA automatically processes behavioral data obtained through cookies and similar technologies to offer personalized products and services to customers and potential customers. In this context, the obtained data can be analyzed to predict which products a person may prefer to purchase. For example, products that are generally sold can be statistically matched, and other related products can be offered to users who show interest in a specific product, along with automated special offers.

    LEGAL RIGHTS OF INDIVIDUALS AND HOW TO USE THEM

    14.1. Rights Related to Personal Data Under KVKK The rights that individuals can use concerning their personal data are specified in Article 11 of the KVKK and are as follows:

    Learn whether personal data is processed,
    Request information regarding the personal data if processed,
    Learn the purpose of processing personal data and whether they are being used in compliance with their purpose,
    Learn the third parties to whom personal data is transferred, whether domestically or internationally,
    Request the correction of personal data if they are processed incompletely or inaccurately,
    Request the deletion or destruction of personal data under the conditions stated in Article 7 of KVKK and request that these actions be notified to third parties to whom the data has been transferred,
    Object to the result of the automatic processing of personal data, which produces legal consequences for the individual,
    Request compensation for damages caused by unlawful processing of personal data.
    14.2. Rights Related to Personal Data Under GDPR The rights that individuals can exercise regarding their personal data are listed in Chapter 3 (Articles 12-23) of the GDPR and include the following:

    Withdraw consent if personal data is processed based on consent,
    Request the restriction of processing of personal data in the following cases:
    If the accuracy of the personal data is disputed,
    If the processing is unlawful but the individual prefers the restriction of use rather than deletion,
    If the personal data is no longer necessary for processing, but the individual requests the data for legal claims,
    Object to the processing of personal data if it is processed based on legitimate interests or public interest,
    Access information related to the processing of personal data, including its purpose, categories of data, and recipients,
    Request the rectification, deletion, or restriction of personal data, or object to the processing of personal data and the right to lodge a complaint with a supervisory authority,
    Request the transfer of personal data to another data controller in a structured, commonly used, and machine-readable format if the processing is based on consent or a contract and carried out by automated means.
    14.3. Principles for Exercising Rights Related to Personal Data Individuals wishing to exercise their rights related to personal data can use the Personal Data Application Form available at www.marinatr.com and send their request to our KEP address at emiretekstil@hs03.kep.tr, via email to info@marinamayo.com (with a mobile signature, e-signature, or an email registered and approved in our systems), or submit a written request with a wet signature or through a notary to the following address: Kuşbakışı Cad. No:27 Altunizade, Üsküdar/İstanbul.

    Applications will be responded to within 30 days at the latest. If the application is rejected, if you find the response insufficient, or if no response is given within the required time, you can file a complaint with the KVKK within 30 days from the date you learn of the response or within 60 days from the date of the application.

    A Data Protection Officer (DPO) has been appointed to ensure the continuous, correct, and legal processing of your personal data under GDPR. You can contact our Data Protection Officer at: info@marinamayo.com.

    EFFECTIVENESS AND UPDATABILITY

    This policy has been in effect since its publication. The policy is updated to comply with changing conditions and regulations. The updated policy is followed by the MARINA Data Protection Committee, approved by the MARINA Board of Directors, and published on www.marinatr.com.

    You can reach Marinatr.com using the contact information below:

    Emire Tekstil Mağazacılık İth. İhr. San. Tic. Ltd. Şti. 

    Address: Soğanlı Mah. İstanbul Cad. No: 335-337 Osmangazi/BURSA Phone: 0224 222 91 11 

    Email: info@marinamayo.com