General Privacy Policy and Disclosure Statement in accordance with the Law on the Protection of Personal Data No. 6698

This Agreement is a General Privacy Policy and Disclosure Statement prepared by Biadım Teknoloji Anonim Şirketi ("Company") in order to inform the relevant persons ("Users") of their rights arising from the Personal Data Protection Law No. 6698 ("PDPL") and the principles and procedures to be followed in fulfilling the disclosure obligation under Article 10 of the PDPL regarding the personal data shared by the users during the operation of the Bi'adım mobile application ("Application") by the Company as the data controller. The Company reserves the right to update this document at any time, in line with changes that may occur in the current legislation and in the data processing conditions, and may make changes if necessary. Any changes made will be put into effect and published on the website (www.biadim.com).

IDENTITY OF THE DATA CONTROLLER

TITLE: Biadım Teknoloji Anonim Şirketi
ADDRESS : Prof. Dr. Ahmet Taner Kışlalı Mah. 2873. Cad. Ulucan Sit. Blok No:3C İç Kapı No:5 06810 Çankaya, ANKARA/TURKEY
E-MAIL : info@biadim.com

FOR WHICH PURPOSES ARE YOUR PERSONAL DATA PROCESSED?

Your personal data are processed by the relevant business units of the company for the purposes of planning and implementing the company's commercial and/or business strategies to benefit the relevant parties from the services offered by the company and within the scope of necessary work to carry out related business processes, including:
– Providing services to users,
– Conducting information security processes,
– Conducting selection and placement processes for job candidates/interns/students,
– Conducting job application processes for job candidates,
– Fulfilling contractual and legal obligations for employees,
– Executing access authorizations,
– Ensuring compliance with regulations in activities,
– Conducting financial and accounting tasks,
– Conducting loyalty processes related to the company/product/services,
– Providing physical space security,
– Carrying out assignment processes,
– Tracking and executing legal affairs,
– Conducting communication activities,
– Planning human resources processes,
– Carrying out and monitoring business activities
– Managing organization and event processes,
– Awarding processes in organization and event processes,
– Conducting health and safety activities at work
– Carrying out product/service sales processes,
– Conducting customer relationship management processes,
– Conducting activities for customer satisfaction,
– Conducting social responsibility and civil society activities,
– Carrying out contract processes,
– Conducting sponsorship activities, – Tracking requests/complaints,
– Conducting product/service marketing processes,
– Ensuring the security of data controller operations,
– Providing information to authorized persons, institutions and organizations,
– Conducting company authorization and representation periods,
processed For Purposes.

INFORMATION WE COLLECT

Information such as users' name, contact information (phone number, email address), location information, date of birth, country of residence, step data, camera, photo gallery, IP address, calorie information, location during website visit, contact information, request, suggestion and complaint information are collected in order to benefit from the services offered within the scope of the application.

THE METHOD AND LEGAL REASON FOR COLLECTING YOUR PERSONAL DATA?

Your personal data can be collected through automated or non-automated methods, by Company Units and Offices, Internet Sites, Social Media Platforms, Mobile Applications and similar means, in written, visual or electronic form, depending on the services and activities provided by the Company and the Application.
Your personal data is processed based on the legal reasons and purposes specified in Articles 5 and 6 of the Law on the Protection of Personal Data (PDPL), including:
– The necessity of processing personal data of the parties to a contract, provided that it is directly related to the establishment or performance of the contract,
– The obligation of the data controller to fulfill its legal obligations,
– It is explicitly foreseen in the laws,
– The necessity of processing the data for the establishment, exercise or protection of a right,
The necessity of processing the data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

TO WHOM AND FOR WHAT PURPOSES ARE YOUR PERSONAL DATA TRANSFERRED?

The information you enter in the Application may be transferred to third parties in order to fulfill the purposes mentioned above (for example, your information may need to be shared with the service provider for technical support services). With the explicit consent of the data subject, the data may be shared with third parties and hosting service providers abroad. In this context, your personal data may be shared in order to benefit the relevant individuals from the services offered by the Company and the Application and to carry out the necessary work by the business units for the execution of the relevant business processes.
When requested to share your information to fulfill its legal obligations, the Company may share your personal data and any new data obtained from its use, depending on the purposes stated in this Privacy Policy and in accordance with the purposes stated in Article 1, with authorized persons, institutions and organizations such as Social Security Institution, Ministry of Finance, Information and Communication Technologies Authority and law enforcement agencies that are legally authorized.
The information provided by users will not be transferred to third parties except for the purposes specified in the texts provided to users and the situations required for the provision of the service.

WHAT ARE THE RIGHTS OF INDIVIDUALS REGARDING THE PROTECTION OF PERSONAL DATA?

According to the Relevant Persons, the Law and Relevant Legislation;
– The right to learn whether personal data is being processed or not,
– The right to request information if personal data has been processed,
– The right to learn the purpose of the processing of personal data and whether they are being used for their intended purpose,
– The right to know third parties to whom personal data has been transferred within the country or abroad,
– The right to request the correction of incomplete or incorrect personal data,
– The right to request the deletion or destruction of personal data,
– The right to request that the correction of incomplete or incorrect personal data and/or the deletion or destruction of personal data be notified to third parties to whom the personal data has been transferred,
– The right to object to a result that may arise against the individual as a result of the analysis of the processed data solely through automatic systems,
– The right to demand compensation if they suffer damages due to the unlawful processing of personal data.
The Relevant Person undertakes that the information subject to this Privacy Policy is complete, accurate, and up-to-date, and if there is any change in this information, they will update it immediately. If the Relevant Person does not provide up-to-date information, the Company will not be liable for any responsibility.
The Relevant Person acknowledges and accepts in advance that they may not fully benefit from the application if they make a request that will result in the inability of any of their personal data to be used by the Company, and any liability arising in this context belongs to them.

PERSONAL DATA SECURITY AND APPLICATION RIGHTS

The company protects your personal data in accordance with the information security standards and procedures that need to be taken, including all technical and administrative security controls. These security measures are provided at a level suitable for possible risks, taking into account technological capabilities. As a company, we ensure that these procedures are provided at the same level in protocols with our business partners and other parties, and necessary controls are made.
If you as the related person communicate your requests regarding your rights specified in 6 articles to the company, your requests will be evaluated and concluded by our company as soon as possible, and in any case within 30 (thirty) days. Related individuals can send these requests electronically via email to info@biadim.com

APPLICABLE LAW, COMPETENT COURT AND ENFORCEMENT OFFICES

This Privacy Policy is subject to the laws of the Republic of Turkey. Ankara Courts and Enforcement Offices are authorized to resolve any disputes that may arise from the implementation of the Privacy Policy.

CHANGES TO PRIVACY POLICY

Biadım Technology Joint Stock Company reserves the right to make changes to this Privacy Policy at any time due to legal requirements and/or changes in the processing of personal data. In order to keep you informed of any changes to this Privacy Policy, necessary notifications will be provided to you as users.

LIABILITY

The Company shall not be held responsible for any direct or indirect damages or expenses that may arise as a result of any errors, interruptions, delays, viruses, line and/or system failures that may occur during the electronic provision of services.