Privacy Policy
PURPOSE AND SCOPE
These Privacy and Personal Data Protection Principles (hereinafter referred to as the “Principles”) aim to protect the records adopted by Mahoor Ayakkabı Ä°malat Giyim Aksesuar Tasarım Ticaret Limited Åžirketi (hereinafter referred to as the “Company”) regarding the protection of personal data and to inform all relevant person groups within the scope of the Personal Data Protection Law No. 6698 (hereinafter referred to as the “KVKK No. 6698”).
​
PRINCIPLES REGARDING THE PROCESSING OF PERSONAL DATA
As the Company, we operate in personal matters within the framework of the following principles as the Data Controller.
Processing in Accordance with Law and the Rule of Honesty
In personal care transactions, the principles carried out by legal regulations and the general rule of trust and honesty are followed. In particular, where this principle is not specified, we do not take into account your employee interests and reasonable expectations, do not exercise our rights and act in accordance with ensuring transparency in our data processing activities.
Ensuring that Personal Data is Accurate and Up-to-date When Necessary
Your personal data information and up-to-dateness are periodically checked and updated in order to record your legitimate interests in accordance with this principle and to ensure that the processed data is accurate and up-to-date, and are based on the necessary information in this direction. This potential is established within the Company to control the stability of personal data and make the necessary improvements. In addition, it is checked that personal data is kept at a high level and requests are taken into consideration due to the inaccuracy of personal data. Therefore, this principle can be used in accordance with the right to request the storage of stored personal data in accordance with the KVKK No. 6698.
Processing for Budget, Clear and Legitimate Purposes
It is operated based on the principle of processing personal data without password, clear, specific and legitimate. In this context, we ensure that our personal data processing activities are clearly processed by the relevant persons, and we determine and clearly state which transactions and legal processing conditions they are based on in Article 3 of these Principles.
Related to the Purpose of Processing, Limited and Proportionate
Storing of personal data is carried out in a proportionate, intended and limited processing manner in order to achieve the purpose/purposes, and the deletion of personal data that is not related to the realization of the purpose or is not needed is avoided. Nevertheless, personal data that does not exist within the scope of this principle and will be stored later is not collected or processed.
Storage for the Period Stipulated in the Relevant Legislation or Necessary for the Purpose of Processing
Your personal data is stored only for the period stipulated in the relevant legislation or necessary for the purpose of processing. In this regard, the Company takes and implements the relevant administrative and technical measures. In this context, first of all, it is determined whether a period is stipulated in the relevant legislation for the storage of personal data, if a period is specified, this period is complied with, if a period is not specified, personal data is stored for the period necessary for the purpose of processing. If the necessity of the relevant processes is eliminated, access to your personal data by unrelated departments is prevented within the scope of the deletion action specified in the KVKK No. 6698. If the period expires or the reasons requiring processing are eliminated, and if there is no legal reason allowing them to be processed for a longer period, your personal data is destroyed or anonymized in accordance with the personal data protection legislation.
CONDITIONS FOR PROCESSING PERSONAL DATA
Your personal data, personal and special personal data within the scope of the KVKK No. 6698 can be processed under the conditions set forth below.
Explicitly Foreseen in Laws
The basic rule is that personal data cannot be processed without the explicit consent of the relevant persons, and according to this exception, in cases where the processing of personal data is explicitly foreseen in the laws, your personal data can be processed.
Failure to Obtain the Explicit Consent of the Relevant Person Due to Actual Impossibility
If the processing of personal data is mandatory for the relevant person who is unable to express his/her consent due to actual impossibility or whose consent cannot be recognized as valid, or for the protection of the life or physical integrity of another person, your personal data can be processed.
Directly Related to the Establishment or Performance of the Contract
Provided that it is directly related to the establishment or performance of the contract, your personal data can be processed if the processing of personal data belonging to the parties to the contract is necessary.
The Company's Fulfillment of Legal Obligations
If the processing is mandatory to fulfill the Company's legal obligations, contracts and similar obligations that it is bound by and responsible for, your personal data may be processed.
Publication of Personal Data
If your personal data is made public by you, that is, shared with the public by you, it may be processed in a manner that is proportionate and in connection with the purpose of publicity.
Data Processing is Mandatory for the Establishment or Protection of a Right
If data processing is mandatory for the establishment, use or protection of the right in question within the scope of the execution and management of the processes related to the legal and commercial rights that the Company has, your personal data may be processed.
Data Processing Based on Legitimate Interest
If data processing is necessary for the legitimate interests of the Company, your personal data may be processed. Our Company evaluates the data processing required depending on the processing condition, considering your fundamental rights and freedoms, and makes a decision based on the evaluation result.
Processing Based on Explicit Consent
While the main rule is that personal data is processed based on explicit consent, if the other conditions specified in this article exist, the explicit consent of the relevant persons is not relied upon. Otherwise, abuse of right may be mentioned. In this context, if your personal data is not processed based on any of the conditions specified in these Principles, it is processed based on your explicit consent.
Processing of Special Personal Data
We process your special personal data based on your explicit consent in accordance with Article 6 of the KVKK No. 6698. Again, in the same article, we can process your special personal data other than health and sexual life only in cases prescribed by law, and your special personal data related to health and sexual life only for the purposes of protecting public health, conducting preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and their financing, without seeking your explicit consent, by paying attention to the issues regarding processing by persons or authorized institutions and organizations under the obligation of confidentiality.
​
TRANSFER OF PERSONAL DATA
Your personal and special data can be transferred to our business partners, public institutions and organizations and similar in Turkey or to our business partners abroad within the scope of Article 2 of these Principles. While such transfers are being made, compliance with Articles 8 and 9 of the KVKK No. 6698 is observed. If necessary, your explicit consent is obtained and the transfer is provided within this framework.
​
PERSONAL DATA SECURITY
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases, and general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set forth by PCI-DSS, which is managed by the PCI Security Standards Council, a joint effort of brands such as Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure that credit card information is handled securely by our store and its service providers.
​
PRIVACY POLICY UPDATES
We reserve the right to change this privacy policy at any time, so please review it frequently. Changes and clarifications will be effective immediately upon posting on the website. If we make material changes to this policy, we will post a notice here that it has been updated so that you are aware of what information we collect, how we use it, and under what circumstances we use and/or disclose it.