At OMWO TEKNOLOJİ A.Ş. (OMWO), we have written this Privacy Notice to inform you, our visitors, online visitors, customers, potential customers, and the employees/officials of our suppliers about the processing, storage, and transfer of your personal data within the framework of Turkish Law No. 6698 on the Protection of Personal Data (the “KVKK”) and the related legislation, and the activities arising from legal regulations. 

What categories of personal data do you process and for what purposes do you process them? 

Your personal information is processed by OMWO TEKNOLOJİ A.Ş. in accordance with the principles stipulated in Article 4/2 of the KVKK within the scope of our established and ongoing business relationships with our business partners (it is possible for a person to fall into more than one category): 

(I) In compliance with the law and acting in good faith.

(II) Where it is accurate and, where necessary, up to date.

(III) Only where it may be processed for specific, explicit, and legitimate purposes.

(IV) Only where it is relevant, limited, and proportionate to the purpose for which it is processed.

(V) Retention for the period stipulated in the relevant legislation or necessary for the purpose for which it is processed.

Our visitors

The identity information of our visitors (e.g. name, surname) and security information for physical spaces (e.g. camera recordings) shall only be processed for the purposes of creating and tracking visitor records, and ensuring the security of physical spaces. 

Our online visitors

The transaction security information (e.g. your IP address information), marketing information (e.g. shopping history information, cookie logs), and (if you have notified us*) identification and contact information (e.g. your email address) of our website visitors shall only be processed in order to: 

   • execute activities in accordance with the legislation. 

   • execute information security processes. 

   • conduct communication activities. 

   • inform authorized persons, institutions, and organizations, when legally required. 

   • provide you with access to our website via the internet.

Our customers

The identity information, contact information, customer transaction information (e.g. order information), security information for physical locations, financial information (e.g. balance sheet information), legal transaction information, and marketing information (e.g. shopping history information) of our natural person customers, or officers and/or employees of our legal person customers is only processed in order to: 

   • execute activities in accordance with the legislation.

   • conduct financial and accounting affairs.

   • execute/supervise business activities.

   • execute logistics activities.

   • execute after-sales support services for goods/services.

   • execute goods/service sales processes.

   • conduct marketing analysis studies.

   • execute contract processes.

   • inform authorized persons, institutions, and organizations, when legally required.

   • ensure the security of physical spaces.

   • resolve legal disputes.

   • carry out storage and archiving activities.

   • execute risk management processes.

   • conduct processes related to commitment to the company/product/services.

   • carry out communication activities.

Potential customers

The identity information, contact information, customer transaction information, security information of physical locations, marketing information of our natural person customers or officers and/or employees of our legal person customers is only processed in order to: 

   • manage the sales processes of goods/services. 

   • execute contract processes. 

   • ensure the security of physical spaces. 

   • conduct marketing analysis studies.

Supplier employees

The identity information, contact information, and security information for physical spaces of our supplier employees is only processed in order to: 

   • conduct communication activities. 

   • execute/supervise business activities. 

   • ensure the security of physical spaces. 

   • execute supply chain management processes. 

   • execute logistics activities. 

   • execute activities in accordance with the legislation. 

   • carry out occupational health/safety activities.

Authorized suppliers

The identity information, contact information, security information for physical locations, customer transaction information, financial information, marketing information, and legal transaction information of our natural person suppliers or officers of our legal person suppliers is only processed in order to:

   • execute/supervise business activities. 

   • execute goods/service procurement processes. 

   • conduct financial and accounting affairs. 

   • execute contract processes. 

   • execute investment processes. 

   • ensure the security of physical spaces. 

   • follow-up and execute legal affairs.

What are the methods used to collect my personal data?

Your personal data categorized above is collected through physical means such as order forms, contracts, visitor forms, or through information systems and electronic devices (e.g. telecommunication infrastructures, computers and telephones), third parties (e.g. KKB and Findeks), our website, and other documents when it is declared by you as the data subject, through automated or non-automated means. 

What are the legal grounds for collecting my personal data?

Your personal data is processed by OMWO TEKNOLOJİ A.Ş. for the purposes described above in accordance with Article 5 of the KVKK based on the following legal grounds:

(I) Processing is expressly provided for in the law.

(II) Processing the personal data of the parties to a contract is necessary, provided that it is directly related to the conclusion or performance of the contract.

(III) Processing is mandatory in order for the data controller to fulfill its legal obligation.

(IV) Processing is mandatory for the establishment, exercise, or protection of a right.

(V) Provided that it does not harm the fundamental rights and freedoms of the data subject, processing is mandatory for the legitimate interests of the data controller. 

Do you share my personal data with third parties?

a) The personal data of our visitors may be disclosed to law enforcement and judicial authorities for the settlement of legal disputes and when provided for in relevant legislation.

b) The personal data of our online visitors may be disclosed to judicial authorities and competent public institutions and organizations for the settlement of legal disputes and if provided for in the relevant legislation.

c) The personal data of our customers may be disclosed to our group companies, IT companies, suppliers, freight companies, insurance companies, banks, and our financial advisor to the extent necessary to carry out activities in accordance with the law, to pursue and settle legal matters, to transmit required information to authorized persons, institutions and organizations, to carry out/monitor business activities, to carry out risk management processes, and to provide our services properly, to the extent provided for by the law. In addition, this personal data may be disclosed to the law firm and judicial authorities from which we receive services, so that it can be used as evidence in any legal disputes that may arise.

d) The personal data of our potential customers may be disclosed to the law firm and judicial authorities from which we receive services, to be used as evidence in any legal disputes that may arise. 

e) The personal data of our supplier employees may be disclosed to authorized public bodies and organizations for the purpose of carrying out activities in accordance with legislation, pursuing and settling legal matters, transmitting required information to authorized persons, institutions and organizations, carrying out/monitoring business activities, and it may be disclosed to group companies, IT companies, suppliers, freight companies, banks, and our financial advisor to the extent necessary for the proper provision of our services in the framework provided by the legal regulation. In addition, this personal data may be disclosed to the law firm and judicial authorities from which we receive services, so that it can be used as evidence in any legal disputes that may arise. 

f) The personal data of our supplier representative may be transferred to the authorized public institutions and organizations for the purpose of carrying out activities in accordance with the law, pursuing and settling legal matters, providing information when required to authorized persons, institutions and organizations, carrying out/monitoring business activities, and may be disclosed to group companies, IT companies, suppliers, freight companies, banks, and our financial advisor to the extent necessary for the proper provision of our services within the scope provided by the law. In addition, this personal data may be disclosed to the law firm and judicial authorities from which we receive services, so that it can be used as evidence in any legal disputes that may arise.

Do you transfer my personal data overseas?

At OMWO TEKNOLOJİ A.Ş., we do not transfer your personal data overseas.

How can I exercise my rights regarding my personal data?

You can submit any requests for information to us under Article 11 of the KVKK, which governs the rights of data subjects, through the “Request for Information from the Data Controller Form” prepared for your convenience by OMWO TEKNOLOJİ A.Ş. in accordance with the “Turkish Communiqué on the Procedures and Principles for Sending Information Requests to Data Controllers” available on https://www.omwo.io.

Data Controller: OMWO TEKNOLOJİ A.Ş.

Address: Merkez Mah. Kelle İbrahim Cad. No:28 Beykoz/Istanbul, Turkey

Email: kvkk@omwo.io