
Personal Data Policy
Personal Data Policy
Misspepperkids Personal Data Policy
General Information on the Personal Data Protection Law
The Law on the Protection of Personal Data No. 6698 (hereinafter referred to as the KVKK) was adopted on March 24, 2016, and published in the Official Gazette No. 29677 on April 7, 2016. Some parts of the KVKK came into force on the date of publication, and some parts came into force on October 7, 2016.
Information as a Data Controller
In accordance with the KVKK No. 6698 and as a Data Controller, your personal data will be recorded, stored, updated, disclosed/transferred to third parties where permitted by legislation, classified, and processed in ways listed in the KVKK within the framework explained on this page.
How Your Personal Data Can Be Processed
In accordance with the KVKK No. 6698, the personal data you share with our Company can be processed by obtaining, recording, storing, changing, reorganizing, in short, by performing all kinds of operations on the data, in whole or in part, automatically or non-automatically, provided that it is part of any data recording system. Any operation performed on data within the scope of the KVKK is considered "processing of personal data."
Purposes and Legal Reasons for Processing Your Personal Data
The personal data you share are processed for the following purposes: to fulfill the requirements of the services we provide to our customers in accordance with the demands of the contract and technology; to develop our products and services; to identify the transaction owner’s information for identity, address, and other necessary details in accordance with the Law on the Regulation of Electronic Commerce No. 6563, the Law on the Protection of the Consumer No. 6502, the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce published in the Official Gazette No. 29457 dated August 26, 2015, the Regulation on Distance Contracts published in the Official Gazette No. 29188 dated November 27, 2014, and other relevant legislation; to prepare all records and documents that will form the basis of transactions in the field of banking and electronic payment; to comply with information retention, reporting, and notification obligations stipulated by the legislation and other authorities; to provide information to prosecutors' offices, courts, and relevant public officials upon request and as required by the legislation on matters related to public security and legal disputes. Your personal data will be processed in accordance with the KVKK and related secondary regulations.
Information on Third Parties or Organizations to Which Your Personal Data Can Be Transferred
Your personal data shared with our Company for the above-mentioned purposes can be transferred to the following parties: primarily IdeaSoft Yazılım San. ve Tic. A.Ş., which provides the e-commerce infrastructure of our Company, suppliers, cargo companies, and other related parties and organizations for the services provided, program partner organizations with which we cooperate, domestic/foreign organizations, and other third parties.
How Your Personal Data is Collected
Your personal data can be collected in the following ways: via the forms on our Company's website and mobile applications including information such as name, surname, TC identification number, address, phone, business or personal email address, preferences, and transactions performed using user name and password, IP records of transactions, cookie data collected by the browser, browsing time and details, location data; verbally, in writing, or electronically through channels such as our sales and marketing department employees, branches, suppliers, other sales channels, forms on paper, business cards, digital marketing, and call center; from individuals who share their personal data with our Company for purposes such as establishing a commercial relationship, applying for a job, making an offer, by means of business cards, resumes (CVs), offers, and other methods; from data obtained indirectly through different channels such as websites, blogs, contests, surveys, games, campaigns, micro websites used for similar purposes, and social media, e-bulletin reading or clicking movements, data provided by public databases, social media platforms’ publicly available profiles and data.
Personal Data Obtained Before the KVKK Came into Force
Personal data obtained lawfully before the KVKK came into force on April 7, 2016, including membership, electronic communication permissions, product/service purchases, and other methods, are also processed and stored in accordance with the conditions and terms set out in this document.
Transfer of Personal Data Abroad
Your personal data, processed in Turkey or stored for processing outside of Turkey, collected by any of the methods listed above, may be transferred to service intermediaries located abroad (accredited by the Personal Data Protection Board and where sufficient protection for personal data is ensured) provided that it remains within the scope of the KVKK and in accordance with contractual purposes.
Storage and Protection of Personal Data
Your personal data will be kept confidential in the database and systems of our Company in accordance with Article 12 of the KVKK and will not be shared with third parties except for legal obligations and the regulations specified in this document. Our Company is obliged to take software and physical security measures to prevent unlawful processing and unauthorized access to the systems and databases where your personal data is stored in accordance with Article 12 of the KVKK. If it is learned that personal data is obtained by others unlawfully, the situation will be immediately reported to the Personal Data Protection Board in writing in accordance with the legal regulation.
Keeping Personal Data Accurate and Up-to-date
In accordance with Article 4 of the KVKK, our Company has an obligation to keep your personal data accurate and up-to-date. In this context, for our Company to fulfill its obligations arising from the current legislation, our customers must share their accurate and up-to-date data with our Company or update them via the website/mobile application.
Rights of the Personal Data Owner under the KVKK
Article 11 of the KVKK came into force on October 7, 2016, and under this article, the rights of the Personal Data Owner after this date are as follows: the Personal Data Owner can apply to our Company (data controller) to learn whether personal data is processed, request information if personal data is processed, learn the purpose of processing personal data and whether it is used in accordance with its purpose, know the third parties to whom personal data is transferred domestically or abroad, request correction of personal data if it is incomplete or incorrectly processed, request deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK, request notification of the transactions made pursuant to subparagraphs (d) and (e) to the third parties to whom personal data has been transferred, object to the occurrence of a result against the person by analyzing the processed data exclusively through automated systems, demand compensation for the damage arising from the unlawful processing of personal data.