Modanisa & Influencer Affiliate Program
Share the products from Modanisa that you like with your followers and earn money!
INFLUENCER AFFILIATE PROGRAM TERMS & CONDITIONS
Once the Modanisa Application Form is completely filled out by the Participant, the application will be evaluated by Modanisa based on the criteria listed below:
i)The Participant should have at least 10,000 followers. The Participant's followers and interactions (likes, comments, views, etc.) should be completely organic, which should in any way be acquired by non-organic means.
ii)Participants must be over the age of 18.
Where the application is accepted by Modanisa, the Participant will be contacted through the communication channels declared by the latter in the Application Form and he/she will be notified that the application has been accepted. Following the notification by Modanisa to the Participant that the application has been approved, a cooperative relationship will be deemed to have been established between the parties. Modanisa is free to approve or disapprove any application.
Once the cooperation relationship is established, the Participant shall create the link(s) that he/she can share with his/her followers. Any detailed information on the creation and use of such link(s) shall be forwarded to the e-mail address provided by the Participant in the Application Form and registered in the system.
The Participant shall earn no commissions from traffic directed to other URLs via Modanisa. The movements of users who click on the link created by the Participant shall be followed for 7 days. If the user clicks no other UTM link during this process, the purchase shall be deemed to have been made with the guidance of the Participant.
As a result of successful purchases made through the link created by the Participant, the latter shall be entitled to a commission of 10% of the net sales amount excluding VAT. In order for a purchase to be considered successful, such purchase must not have been canceled and/or the purchased product must not have been returned. All related progress payments shall be calculated by Modanisa. Modanisa reserves the right to unilaterally change, at any time, the commission rate specified in this Article. In case that the commission rate is changed unilaterally by Modanisa, the Participant shall be informed of such change via the e-mail address provided by the Participant in the Application Form and registered in the system. The Participant may object to the new commission rate within seven days as of the receipt of such notification, and may terminate the cooperative relationship on the grounds that he/she does not accept the commission rate. In such a case, the Participant shall not be entitled to claim any rights against or receivables from Modanisa. In case that the Participant fails to terminate the cooperation in due time, the Participant shall be deemed to have accepted the new commission rate.
Commission payments shall be made to the Participant's PayPal account in US Dollars (USD) on the second Tuesday -or on the fourth Tuesday if such day is a public holiday- of the month following the conclusion of the purchase and the consensus made at the end of each month. To ensure the settlement of payments, the Participant is required to indicate the e-mail address associated with his/her PayPal account in the application form. Modanisa reserves the right to unilaterally change the payment date.
Commission payments are calculated on a monthly basis through the UTM structure, in which the movements related to the link created by the Participant are tracked and the purchases made through these links are recorded. Also, a weekly performance report, which show the yields of the posts, the purchases made and the amounts related to such purchases shall be sent to the registered e-mail address of the Participant on the following Monday.
The Participant accepts, declares and undertakes that he/she shall not wear, promote or label any products of other brands in the posts created for Modanisa products. Otherwise, the Participant shall not be paid any commission fees, where Modanisa reserves the right to terminate the cooperation immediately and without any compensation.
The Participant agrees, declares and undertakes that he/she shall not share anything that is contrary to national/international legislation, public decency and offending good morals and/or involving, encouraging the use of alcohol and drugs, containing obscene and/or criminal elements and/or that may harm third parties and/or damage Modanisa brand value and reputation. Otherwise, Modanisa may terminate the cooperation immediately without paying any compensation, in which case the Participant shall not be entitled to any commission. The Participant accepts that he/she shall be held responsible for any damages incurred by Modanisa and/or third parties due to his/her posts as well as for the compensation of such damages, and that Modanisa reserves all its rights of litigation and petition.
The Participant accepts, declares and undertakes that he/she shall not be entitled to create keyword-targeted ads on Internet search engines by using Modanisa's trade name, logo, brand and other brand names of Modanisa, and that he/she shall not use targeted visual and video ads of Modanisa and its brands through internet search engines. Otherwise, Modanisa reserves the right to claim compensation for any damages and to file lawsuits regarding other matters, and may terminate the business relationship immediately without paying any compensation, in which case the Participant shall not be entitled to any commission.
The Participant accepts, declares and undertakes that Modanisa, as the Advertiser, provided him/her with the necessary information about the social media posts and impressive advertising/marketing activities, and asked him/her to comply with the relevant laws and regulations, including the Law No. 6502, sub-regulations and related guidelines, and drew his/her attention to the fact that, in cases where the Participant is allowed to use third parties, such third parties are also required to comply with the obligations specified, and therefore, that the Participant shall comply with all those requirements where, otherwise, Modanisa assumes no responsibility, and that, in the event of any damage caused by failure to comply such requirements, he/she shall immediately and irrevocably compensate the related damages upon the first written request. Modanisa reserves its right of recourse and its unilateral offsetting power.
At its sole discretion, Modanisa is entitled to share the Participant's posts in social media applications, all kinds of online promotion channels including the website, all kinds of online and offline electronic communication tools including television, printed publications and on any media including periodicals and non-periodicals such as magazines, newspapers, catalogs, outdoor, brochures, etc. all over the world, including within the borders of Turkey and abroad, and without any limitations. The Participant accepts, declares and undertakes that he/she transfers all intellectual rights on the posts created within the scope of the cooperation to Modanisa for an indefinite period of time and in a manner that makes it possible for Modanisa to publish and share the posts to be published in the format specified by the latter.
Modanisa may terminate the cooperative relationship with the Participant without giving any reason and at any time during the cooperation by giving at least seven (7) days’ notice. The Participant accepts and undertakes that he/she accepts those conditions and that he/she shall not claim any compensation from Modanisa due to such termination of the cooperative relationship.
The Participant may terminate the cooperative relationship by written notice to Modanisa at least seven days before the end of the current payment period.
Modanisa may unilaterally change these Affiliate Program Terms & Conditions at any time, in which case such change shall become effective as soon as it is published and shall be binding upon all parties. In case that those terms & conditions changed unilaterally by Modanisa, the Participant shall be informed of such change via the e-mail address provided by the Participant in the Application Form and registered in the system. The Participant may object to such changes within seven days as of the receipt of such notification, and may terminate the cooperative relationship on the grounds that he/she does not accept the modified terms & conditions. In such a case, the Participant shall not be entitled to claim any rights against or receivables from Modanisa. In case that the Participant fails to terminate the cooperation in due time, the Participant shall be deemed to have accepted the modified terms & conditions.
By taking part in this program, the Participant declares that he/she fully accepts these terms and conditions.
LETTER OF CONSENT
I hereby accept, declare and undertake that I grant my consent (allow) to the publication of my photos, videos, stories, posts and visual and written contents in printed publications, especially on the internet and social media, in media, magazines, newspapers, catalogues, television, radio, outdoor, brochures, etc., including periodicals and non-periodicals, in Turkey and all over the world; that I exclusively and irrevocably transfer to Modanisa Elektronik Mağazacılık ve Ticaret A.Ş. the right to process regulated in Article 21, the right of reproduction regulated in Article 22, the right to disseminate regulated in Article 23, the right of representation regulated in Article 24 and right to transmit to the public by means of signal, sound and/or image transmission regulated in Article 25 of the Law No. 5846 on Intellectual and Artistic Works, regarding the resulting works, without limitation of any place, time, number, country and medium and in a way to include the authorization of third parties to benefit from these rights and to their transfer thereto, and therefore, I do not have any rights to claim or compensations to receive under any name, and that I consent to all these uses.
Personal Data Protection Policy
As a data controller, Modanisa Elektronik Mağazacılık ve Ticaret A.Ş. (hereinafter referred to as “MODANİSA” or the “Data Controller”) is committed to the principles laid down by the Personal Data Protection Law No. 6698 (Kişisel Verilerin Korunması Kanunu) (hereinafter referred to as the “Personal Data Protection Law”) and the General Data Protection Regulation (“GDPR”) No. 2016/679 of the European Union, and duly complies with its duties arising therefrom in connection with the processing, deletion, destruction, anonymization, and transfer, of personal data, the provision of necessary information to data subjects, and the data security. We hereby present this Confidentiality and Personal Data Protection Policy (hereinafter the “Policy”) to real persons whose personal data is processed (hereinafter the “data subjects”).
This Confidentiality and Personal Data Protection Policy pertains to, and aims at informing data subjects on, the following matters:
Principles governing the processing of personal data Criteria for processing personal data Cases where specific personal data may be processed Enlightening and informing groups of persons Categorizing personal data Purposes of processing personal data Transferring personal data to third parties in Turkey or abroad Management, and legal basis, of the processing of personal data Duration of retaining personal data Ensuring the security of personal data Cookies Legal rights of groups of people, and how to exercise these rights, and relevant contact information Entry into force, and updates
We comply with the principles laid down by the applicable laws and regulations and the generally applied principles of honesty, integrity and transparency, when processing personal data.
We periodically check and update the personal data processed regarding the relevant groups of data subjects, and take any and all reasonable measures to ensure that such data is accurate and up to date at all times. Accordingly we develop systems aiming at checking the accuracy of, and accordingly correcting, personal data. Our members may change and update their personal data by accessing their account at www.modanisa.com.
We process personal data for specific, clear and lawful purposes. This Policy sets forth the details of the purposes for which the data is to be processed.
We process personal data only for, limited to, and in proportion with the intended purpose, and refrain from processing any personal data irrelevant to or unnecessary for such purpose.
MODANİSA retains Personal Data only as long as required under the applicable legislation or for the purpose of processing. Accordingly we check whether the applicable legislation prescribes a certain period for retaining personal data, and retain personal data for such period, if any. In the event that there is no such prescribed period, then we retain personal data only as long as required for the purpose of processing. Once the prescribed period expires, or the reasons for processing personal data no longer apply, we delete, destroy or anonimyze personal data in accordance with MODANİSA’s Policy for Retaining and Destroying Personal Data, unless there is a legal requirement requiring otherwise. This Policy gives the details of these retention requirements.
Personal data is processed by taking any and all technical and administrative measures to ensure such data’s security, including, but not limited to those affording protection against unauthorized or illegal processing, or accidental loss, destruction or damage.
The processing of personal data can be lawful only if one or more of the following criteria is met. If the personal data being processed is sensitive personal data, then the criteria listed under “Purposes of Processing Sensitive Personal Data” apply.
Explicit consent of data subject is only one of the criteria required for lawful processing of personal data. Personal data may also be lawfully processed if any of the other legitimacy criteria set forth below is met.
The personal data of data subjects is being processed in compliance with the legitimacy criteria given below.
MODANİSA may process personal data of data subject without their consent, if the applicable legislation clearly requires such processing.
For example, the Law Regulating Electronic Commerce requires MODANİSA to process personal data regarding memberships, commercial electronic authorizations, purchase orders, payments, deliveries, cancellations and returns.
In the event that a data subject’s personal data must be processed in order to protect any other person against death or injury and such data subject is not physically or legally capable of giving their consent, then such data may be processed without this consent. Personal data may be also processed without the explicit consent of the data subject if and when such personal data must be processed in order to protect the vital interests of the date subject or a third party.
Personal data of a contracting party may be processed if such processing is directly relevant to the execution or performance of a contract to be entered into with such party. For example, the personal data that a person may enter for becoming a member of MODANİSA is directly related to the membership agreement, while the processing of the data on the name and address of the receiver is directly relevant to the performance of a distance sale agreement.
A data processor may process a data subject’s personal data without their consent, if such processing is required in order to comply with a statutory requirement. For example if a customer returns a product, MODANİSA is required to process such person’s personal data in order to refund the relevant payment.
If a data subject publicizes their personal data, then such data may be processed without their explicit consent. If a member is connected to MODANİSA over social media, then the personal data that such member shares publicly on their social media accounts may be freely processed, provided that such processing is relevant and proportional to the member’s intentions when sharing such data.
If it is necessary to process data for establishing, exercising or protecting a right, then the data subject’s personal data may be processed without their explicit consent. For example if a Member files a complaint with a consumer arbitration panel, providing the court with the information on the relevant purchase is a form of processing such member’s personal data for evidencing or protecting a right.
MODANİSA may process personal data without the explicit consent of the relevant data subjects, if the legitimate interests of MODANİSA requires such processing, provided that it does not violate their fundamental rights or freedoms.
In the event that none of the conditions set forth above for processing personal data is met, then data subject’s explicit consent is required. In such event, data subject’s explicit consent should be taken in accordance with the criteria set by the Personal Data Protection Law and the GDPR. For example, in order to process a data subject’s personal data for sending commercial e-mails, their explicit consent is required.
Certain personal data is categorized separately as “sensitive personal data”, and afforded a special protection. MODANİSA applies separate criteria and affords separate protection to sensitive personal data.
Sensitive personal data may be processed in accordance with the principles set forth in this Policy, and by taking the necessary administrative and technical measures, if the data subject explicitly consents to such processing.
A data subject’s sensitive personal data, other than medical and sexual data, may be processed without the consent of such data subject for the purposes required under the applicable legislation, provided that the measures set by the Personal Data Protection Council are sufficiently taken. Medical and sexual personal data may be processed only for protecting public health, providing protrective medicine, medical diagnosis, treatment and care services, and planning and managing the financing of healthcare services, only by those subject to nondisclosure obligations, or the authorities and agencies authorized for such purposes. For example medical information related to occupational health and workplace safety may be processed by the workplace MD of MODANİSA.
MODANİSA informs and enlightens data subjects when collecting their personal data. This information is also provided at www.modanisa.com, or by displaying the relevant policies and informatory texts or placing QR codes in the company’s common areas, stores and offices. Such information contains the name of MODANİSA’s data officer, the types of personal data processed, the purposes of processing personal data, to whom personal data may be transferred and for which purposes, the methods employed for collecting personal data, the legal basis of processing personal data, and the rights that data subject may have regarding such processing. Data subjects may apply to MODANİSA anytime to get information by sending an e-mail to kisiselverilerim@modanisa.com. MODANİSA will promptly reply with the relevant information.
MODANİSA processes following categories of personal data belonging to data subjects. In addition to the below mentioned categories, there are employment records and other similar information processed regarding company’s employees, trainees, subcontractors, etc., which are set forth in MODANİSA’s Policy on the Processing of Employees’ Personal Data.
Identity Information: Name, Surname, Birthday, Gender, Citizen Identity Card No. | Customer – Member customer, visiting customer Supplier’s representative Supplier’s employee Candidate for employment |
Contact Information: Cell phone number, e-mail address, address, postal code, landline number | Customer – Member customer, visiting customer Supplier’s representative Supplier’s employee Candidate for employment |
Location | Customer – Member customer, visiting customer Supplier’s employee |
Legal Transactions: Agreements, legal information | Customer – Member customer, visiting customer Supplier’s representative Supplier’s employee Candidate for employment |
Customer Transactions: Product(s) purchased, size and color preferences, amount and date of purchase, call center call records, campaigns/games participated, coupons used, order info. | Customer – Member customer, visiting customer |
Transaction Security: Passwords, passcodes, IP information | Customer – Member customer, visiting customer Online visitor Supplier’s representative Supplier’s employee |
Finance Invoice info, bank account info, financial info, payment, outstanding debt/credit | Customer – Member customer, visiting customer Supplier’s representative Supplier’s employee |
Professional experience | Supplier’s employee Candidate for employment |
Marketing | Customer – Member customer, visiting customer Online visitor |
Personal data is processed if
- The applicable legislation clearly requires the processing of your personal data;
- MODANİSA needs to process your personal data directly for executing or performing an agreement;
- MODANİSA needs to process your personal data for performing a statutory duty;
- The personal data in question has already been publicized by the data subject in question, provided that such processing does not go beyond the purpose of such publicizing;
- MODANİSA requires to process personal data for evidencing, exercising or protecting any right belonging to MODANİSA, or any data subject or third party;
- MODANİSA needs to process personal data for legitimate purposes, without violating any data subject’s fundamental rights or freedoms;
- MODANİSA needs to process personal data in order to protect the data subject or any third party against death or injury, provided that such data subject or third party is not physically or legally capable of expressing their consent or it is a must to process the personal data in order to protect vital interests of the data subject or a third party.
In the event that none of the criteria set forth above is met, then MODANİSA takes the explicit consent of the data subject before processing their data.
MODANİSA processes personal data for the purposes given below:
- Completing membership process;
- Presenting, improving or developing services, and providing information in connection therewith;
- Performing membership agreements and distance sale agreements;
- Announcing promotions, campaigns and benefits, and conducting marketing activities, with the explicit consent of data subjects;
- Resolving member customers’ problems and complaints;
- Improving desktop, tablet, mobile platform and mobile app experiences;
- Accounting and purchase transactions;
- Compliance with legal processes and applicable legislation;
- Responding to any information request made by administrative or judicial authorities;
- Ensuring data and transaction safety, and preventing malicious use;
- Making the necessary arrangements for ensuring the accuracy and up to dateness of the data processed;
- Establishing and implementing the processes aiming at ensuring data safety and improving internal processes.
- Making available and improving the services provided by MODANİSA, developing new services, and providing information in connection therewith;
- Announcing promotions, campaigns and benefits, and conducting marketing activities, with the explicit consent of data subjects;
- Improving desktop, tablet, mobile platform and mobile app experiences;
- Accounting and purchase transactions;
- Compliance with legal processes and applicable legislation;
- Responding to any information request made by administrative or judicial authorities;
- Ensuring data and transaction safety, and preventing malicious use;
- Making the necessary arrangements for ensuring the accuracy and up to dateness of the data processed;
establishing and implementing the processes aiming at ensuring data safety and improving internal processes.
- Managing the business processes conducted with the suppliers;
- Complying with statutory requirements and conducting legal matters, such as entering into agreements for necessary services;
- Entering into agreements with selected suppliers, and conducting the relevant operations;
- Conducting purchase, manufacturing, supply and other similar operations;
- Conducting purchase operations, providing post-sale services, and conducting the processes related to returns and cancellations;
- Complying with the requirements of the law on occupational health and applicable agreements;
- Checking the payment of the premiums required to be made to employees and the state under the Social Security Act;
- Checking the licenses of employees (certificates, authorization letters etc.);
- Ensuring the frugal use of company’s sources, and improving company’s operations for the benefit of customers:
- Getting letters from suppliers wherein they undertake to comply with the obligations under the Personal Data Protection Law that MODANİSA needs to comply with regarding personal data security;
- Monitoring accounting processes and purchases, checking and approving payments;
- Complying with legal proceedings and applicable legislation, performing statutory duties;
- Responding to information requests made by administrative and judicial authorities;
- Ensuring information and transaction security, and preventing malicious use;
- Making necessary arrangements for ensuring the up to dateness and accuracy of the data processed;
- Checking the performance of actions undertaking, and planning inspections.
- Complying with HR policies, conducting and completing HR processes;
- Planning selection and assessment processes regarding job applicants;
- Performing the activities required in connection with occupational health and workplace safety;
- Conducting the necessary communication for recruiting;
- Selecting and assigning trainees, and planning operational processes.
- Keeping log entries of system operations by online visitors and users;
- Compliance with the legal processes and the applicable legislation;
- Responding to information requests made by administrative and judicial authorities;
- Ensuring information and transaction security, and preventing malicious use;
- Complying with statutory requirements.
Personal data and sensitive personal data may be transferred to third parties (legal entities or persons) for certain processing purposes by taking any and all necessary security measures, provided that the conditions set forth in Articles 8 and 9 of the PDPL are met.
Personal data may also be transferred abroad given the software and server infrastructure used or outsourced.
The Personal Data Protection Agency has not yet announced its lists of secure countries, and accordingly personal data may be transferred abroad under Article 9 of the PDPL with the explicit consent of data subjects.
Your personal data may be transferred to the categories of people listed below:
- MODANİSA’s business partners,
- MODANİSA’s suppliers,
- MODANİSA’s subsidiaries,
- MODANİSA’s shareholders,
- Public authorities and entities authorized by law
- Private legal entities authorized by law
The Company processes your personal data that it receives electronically or physically by using methods that are fully or partially automatic, or that is not automatic, but a party of a data recording system, for the legitimate purposes given below for each category of persons, in accordance with Article 5 of the PDPL and the relevant provisions of the GDPR, for the purposes given in this Policy.
- Protecting rights and interests of the Clients;
- Granting certain rights and privileges to the Clients for business purposes;
- Maintaining and developing intracompany activities;
- Performing the duties imposed by the applicable laws and regulations;
- Processing personal data of contracting parties, if and when directly necessary for executing or performing an agreement;
- Processing personal data for legitimate interests of the data controller, such as entering the Clients’ purchase orders to the relevant bookkeeping and analysis software, to ensure the sustainability of the business, provided that such processing does not violate the Clients’ fundamental rights and freedoms;
- The Client’s express consent.
- Performing a legal duty imposed on the data processor;
- Processing personal data of contracting parties, if and when directly necessary for executing or performing an agreement;
- Processing personal data for the data processor’s legitimate interests, such as keeping the contact details of the relevant parties to maintain business and ensure fast and effective communications;
- The Supplier’s/Business Partner’s express consent.
- Processing personal data of contracting parties, if and when directly necessary for executing or performing an agreement;
- Processing personal data for the data processor’s legitimate interests, such as keeping and analyzing personal data for any recruitment in the future, provided that such processing does not violate potential employees’ fundamental rights and freedoms;
- The Potential Employee’s express consent.
- Processing personal data of contracting parties, if and when directly necessary for executing or performing an agreement
- Processing personal data for the data processor’s legitimate interests, such as analyzing the most visited pages for business development purposes, provided that such processing does not violate online visitors’ fundamental rights and freedoms;
- The Online Visitor’s express consent.
Please find below information on how long MODANİSA retains personal data that it processes, and the legal basis of such processing.
Identity | 15 years starting from the end of the legal relationship | Law No. 6563 Regulating Electronic Commerce (6563 Sayılı Elektronik Ticaretin Düzenlenmesi Hakkında Kanun), Turkish Code of Commerce No. 6102 (6102 Sayılı Türk Ticaret Kanunu), Turkish Code of Obligations No. 6098 (6098 Sayılı Türk Borçlar Kanunu), Tax Procedure Code No. 213 (213 Sayılı Vergi Usul Kanunu), Consumer Protection Law No. 6502 (6502 Sayılı Tüketicinin Korunması Kanunu), Labor Code No. 4857 (4857 Sayılı İş Kanunu), Occupational Health and Workplace Safety Law No. 6331 (6331 Sayılı İş Sağlığı ve Güvenliği Kanunu ) |
Contact | 10 years starting from the end of the legal relationship | Law No. 6563 Regulating Electronic Commerce Turkish Code of Commerce No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Code No. 213, Consumer Protection Law No. 6502, Labor Code No. 4857, Occupational Health and Workplace Safety Law No. 6331 |
Location | 10 years starting from the end of the legal relationship | Law No. 6563 Regulating Electronic Commerce Turkish Code of Commerce No. 6102, Turkish Code of Obligations No. 6098 |
Litigation | 10 years starting from the final decision | Civil Litigation Procedure Code No. 6100 (6100 Sayılı Hukuk Muhakemeleri Kanunu), Criminal Litigation Procedure Code No. 5271 (5271 Sayılı Ceza Muhakemeleri Kanunu) |
Customer transactions | 10 years starting from the end of the legal relationship | Law No. 6563 Regulating Electronic Commerce Turkish Code of Commerce No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Code No. 213, Consumer Protection Law No. 6502, Law No. 5651 for Regulating Online Broadcasts and Combatting Crime Committed by way of such Broadcasts (5651 Sayılı İnternet Ortamında Yapılan Yayınların Düzenlenmesi Ve Bu Yayınlar Yoluyla İşlenen Suçlarla Mücadele Edilmesi Hakkında Kanun) |
Transaction security | 2 years | Law No. 5651 for Regulating Online Broadcasts and Combatting Crime Committed by way of such Broadcasts |
Finance | 10 years starting from the end of the legal relationship | Law No. 6563 Regulating Electronic Commerce, Turkish Code of Commerce No. 6102, Turkish Code of Obligations No. 6098, Tax Procedure Code No. 213, Consumer Protection Law No. 6502 |
Marketing | Throughout the legal relationship |
In order to secure personal data, MODANİSA takes reasonable measures against the risks of unauthorized access to, or accidental loss, intentional erasure, or corruption, of data.
We take any and all technical and physical measures to prevent unauthorized access to personal data. Within this context, we design our authorization system allowing access to personal data on a need to know basis. We take more strict measures to ensure the security of sensitive personal data, such as medical data. We conduct a security check and apply an internal screening process on any person authorized to access data, and provide such persons with trainings on their duties and responsibilities.
We keep records of access to personal data, to the extent permitted by available technical capacities, and periodically analyze these records. We launch internal inspections, and take immediate legal action, when we detect unauthorized access
MODANİSA takes the following security measures to ensure the security of the data that it processes:
- The network and application security is ensured.
- Close system network is used to transfer data through a network path;
- Key method is used.
- Security measures are taken, in the scope of supply, development and maintenance of information technologies systems.
- The security of personal data stored on cloud is ensured.
- There are disciplinary regulations, involving data security provisions for employees.
- Data security and awareness themed periodical trainings for employees are arranged.
- Authorization matrix for employees is formed.
- Access logs are kept regularly.
- Corporate policies are created and started to be executed in fields of access, information security, retention and destruction.
- Confidentiality agreements are made.
- Mission based authorization of employees, who change positions or quit their jobs, are taken back.
- Up-to-date antivirus systems are used.
- Firewalls are used.
- Concluded agreements contain data security provisions.
- Additional security measures are taken for personal data that are transferred in printed form, and the relevant papers are sent as classified documents.
- Personal data security policies and procedures are set.
- Personal data security issues are reported without delay.
- Personal data security is monitored continuously.
- Necessary security measures are taken for access to physical media containing personal data. Physical media containing personal data is secured against external risks (such as fire, flood, etc.).
- Physical media containing personal data is secured.
- Personal data is minimized as much as possible.
- Personal data is backed up, and the backups are secured.
- Periodical/random in-house inspections are conducted.
- Log records are kept free from user intervention.
- Current risks and threats are determined.
- Policies and procedures for ensuring the security of sensitive personal data are specified and executed.
- When sending sensitive personal data by e-mail, such data is sent in encrypted form from a registered or corporate e-mail address.
- Attack detection and prevention systems are used.
- Penetration tests are run.
- Sensitive private data is encrypted before being transferred on a flash disk, CD or DVD.
- Data processing service providers are periodically inspected for data security purposes.
- Data processing service providers’ awareness on data security is raised.
MODANİSA uses cookies, pixels, GIFs and other similar technologies (“cookies” ) for enabling visitors to efficiently use its website and applications, and improve user experience. These technologies are used in line with any and all applicable laws and regulations, particularly the Personal Data Protection Law. If a data subject chooses not to use cookies, they may delete or block cookies in their browser settings. Please see the Cookies Policy for further information on the cookies used by MODANİSA.
MODANİSA automatically processes the behavioral data of its clients and potential clients through cookies and other similar technologies in order to provide targeted products and services. By collecting such data, it analyses the products that may preferred by such persons. For example, it statistically matches the products sold in general, and automatically offers products similar to those that the user is interested in as well as special promotions.
Article 11 of the Personal Data Protection Law lists the rights that may be exercised by groups of persons as follows:
- Get information on whether or not personal data has been processed;
- Ask for information on how personal data has been processed;
- Get information on the purpose of processing personal data, and check whether or not personal data has been duly processed for this purpose;
- Learn the identity of third parties to whom personal data has been transferred in Turkey or abroad;
- Request the correction of any missing or incorrect personal data;
- Ask for the deletion or destruction of personal data in accordance with the conditions set forth in Article 7 of the Personal Data Protection Law, and the notification of the action taken under the said Article to any and all third parties to whom personal data has been transferred;
- Object to any unfavorable consequence of the analysis of personal data exclusively by automated systems;
- Claim damages arising from unlawful processing of personal data.
Data subjects’ rights on their personal data are set forth in the 3rd Chapter of the GDPR (from Article 12 to Article 23) as follows:
- You may withdraw your consent if your personal data is being processed based on your express consent;
- You may demand the restriction of the processing of your personal data where one of the following applies:
- You contest the accuracy of your personal data, for a period enabling the controller to verify the accuracy of your personal data;
- The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- Your personal data are no longer needed for the purposes of the processing, but you require such data for establishment, exercise or defense of legal claims;
- You have objected to processing pursuant to Article 21 (1) of the GDPR pending the verification whether our legitimate interests override your rights.
- You may object to the processing of your personal data if your personal data are processed for protecting public interests or based on the data controller’s authority under the applicable law or the legitimate interests of the data controller or a third party, including by way of profiling;
- You have the right to access the following:
- The verification of the processing of your personal data, the purposes of the processing and the categories of personal data concerned;
- The recipients or categories of recipients to whom your personal data have been or will be disclosed; where possible, the envisaged period for which the personal data will be stored, or if not possible, the criteria used to determine that period;
- The existence of the right to request the rectification or erasure of personal data or restriction of processing of personal data, and the existence of the right to lodge a complaint with a supervisory authority;
- Any available information as to the source of your personal data, if not directly collected from you; and
- The existence of automated decision making mechanisms that we use, including profiling, meaningful information about the logic involved as well as the envisaged consequences of such processing for you, and the significant information.
- You may have your personal data transferred to you or another data controller, if that it technically possible, in an organize, usable and machine readable format, if your personal data are processed based on your express consent, or a contractual provision, by using automated mechanisms.
- You may get information on the existence of automated decision making processes, including profiling, the logic involved and their possible consequences and significance for you.
Data subject may exercise their rights on personal data by filling in the Personal Data Protection Application Form available at www.modanisa.com , sign it by mobile signature and e-signature, or use their e-mail address registered and approved by our System, and send it to our registered e-mail (modanisa@hs03.kep.tr) or our e-mail address (kisiselverilerim@modanisa.com). You may also file your applications in printed form by hand signing your application and sending it to Kuşbakışı Cad. No:27 Altunizade, Üsküdar/İstanbul. You may also use the same address for any notice that you would like to give by the virtue of a notary public regarding your claims.
We will respond in 30 days following any application filed in line with the procedure set forth above and in the Personal Data Protection Law. If your application is rejected, you find our response insufficient or we fail to timely respond to your application, you may file a complaint with the Personal Data Protection Board within 30 days following your receipt of our response, and in any event, 60 days after your application.
We appointed a data protection officer (a “DPO”) under the GDPR to ensure the transparency, and accuracy of the processing of your personal data and the relevant compliance. You may contact our Data Protection Officer at dpo@modanisa.com.
This Policy entered into force upon its announcement. This policy is updated from time to time in order comply with the changes in the applicable legislation and respond to the changes in the surrounding circumstances. After being updated as required by the relevant Board resolutions and the surrounding circumstances, MODANİSA Data Protection Committee submits the updated policy to MODANİSA’s Board of Directors for approval, and then announces it on www.modanisa.com.
You may find the personal data protection application form at this link.
Address: Altunizade Mahallesi Kuşbakışı Cad. No:27/1 Üsküdar/İstanbul
Telephone: 0850 333 64 72 (NISA)
E-mail: kisiselverilerim@modanisa.com