İSTANBUL İZMİR
MENU
CATEGORIES
 
ALL STORES ÇALIŞMA SAATLERİ: 10:00 - 22:00
*Özel günlerde çalışma saatleri değişiklik gösterebilmektedir. Güncel çalışma saatlerimizi sosyal medya hesaplarımızdan takip edebilirsiniz.
FEATURED CATEGORIES
href="#"> Here’s What It Takes to Get Buzz at Fashion Week
SHOW ALL
SERVICE
href="#"> Here’s What It Takes to Get Buzz at Fashion Week
SHOW ALL
EVENTS
Here’s What It Takes to Get Buzz at Fashion Week
Here’s What It Takes to Get Buzz at Fashion Week
ALL EVENTS
ABOUT US
href="#"> Here’s What It Takes to Get Buzz at Fashion Week
ABOUT İSTİNYEPARK
Protection of Personal Data
The purpose of İSTİNYE YÖNETİM HİZMETLERİ VE TİC. A.Ş. (“İstinyePark AVM”) as the Data Controller in accordance with Article 10 of the Law on the Protection of Personal Data No. 6698 published in the Official Gazette dated April 7, 2016, and numbered 29677, is to inform you about the obligations of real and legal persons processing personal data in order to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, and to determine the obligations of personal data processors.  

1.PURPOSE OF PROCESSING PERSONAL DATA

İstinyePark AVM is also a data controller within the scope of the Law on the Protection of Personal Data No. 6698 (“KVKK”), and personal data owners are individuals whose personal data are collected, processed, and transferred by İstinyePark AVM in accordance with the relevant legislation, including Law No. 6585 on Regulation of Retail Trade, Regulation No. 29636 on Shopping Malls issued by the Ministry of Customs and Trade on February 26, 2016, KVKK No. 6698, and other applicable legislation to which İstinyePark AVM is subject. İstinyePark AVM attaches maximum importance to the security of personal data. In this awareness, we process and store personal data within the scope of our Personal Data Protection Policy, in compliance with KVKK No. 6698, the secondary regulations of the Law published in the Official Gazette dated October 28, 2017, regarding the Deletion, Destruction, or Anonymization of Personal Data and the Regulation on the Data Controllers Registry published on January 1, 2018, and other relevant regulations.

2.PURPOSE AND SCOPE OF PREPARATION OF PERSONAL DATA PROCESSING AND DESTRUCTION POLICY

2.1 With this Policy, İstinyePark AVM aims to ensure that the regulations to be introduced within the framework of the basic principles to be explained below in order to comply with the KVKK are effectively implemented by İstinyePark AVM shareholders, officials, employees, and business partners.

2.2 In accordance with the basic regulations envisaged by the Policy, İstinyePark AVM will take all necessary administrative and technical measures, create the necessary internal procedures, conduct all necessary training to raise awareness, and establish appropriate and effective control mechanisms by taking all necessary measures for İstinyePark AVM shareholders, officials, employees, and business partners to comply with KVKK processes.

2.3. The Policy regulates the fundamental principles to be observed in all these processes and the issues that İstinyePark AVM is obliged to comply with regarding the protection of personal data within the framework of the KVKK and other relevant legislation. We will regulate the compliance activities of İstinyePark AVM with KVKK and other relevant legislation through internal procedures to be established within the framework of KVKK and relevant legislation. All employees of İstinyePark AVM are obliged to act in accordance with the regulations introduced by this Policy and KVKK No. 6698, as well as all other relevant legislation, while performing their duties.

2.4. In case of non-compliance with the Policy and relevant legislation, in addition to the criminal and legal liability foreseen in the legislation, sanctions that may go up to the termination of the contract for a just cause within the framework of the legislation regulating business life may be applied within İstinyePark AVM, depending on the nature of the incident.

3.GENERAL PRINCIPLES OF PROCESSING PERSONAL DATA

As İstinyePark AVM, we acknowledge that we process personal data within the scope of this Policy in accordance with the following principles in accordance with Article 4 of the KVKK:

3.1. Compliance with the law and honesty

İstinyePark AVM, as the data controller and a prudent merchant, will conduct personal data processing activities in compliance with all applicable and future legislation, including the Constitution and the KVKK, as well as the principle of honesty foreseen in Article 2 of the Civil Code.

3.2. Accuracy and up-to-date

In the processing of personal data, İstinyePark AVM takes all necessary measures to ensure the accuracy and up-to-dateness of personal data to the extent permitted by the technology used. Depending on the requests to be communicated by the data subject to İstinyePark AVM as the data controller and the cases that İstinyePark AVM deems necessary itself, administrative and technical mechanisms established by İstinyePark AVM will be operated to correct incorrect or out-of-date personal data and check their accuracy.

3.3. Processing for specific, explicit, and legitimate purposes

Personal data are processed by İstinyePark AVM in accordance with the law and for legitimate purposes, limited to the purposes for which they are collected or for which they are processed later.

3.4. Being related, limited, and measured with the purpose for which they are processed

 Personal data are processed by İstinyePark AVM related to the purpose of processing and limited to this purpose, to the extent necessary for the realization of the purpose. In this context, it is essential to avoid the processing of personal data that are not related to the purpose of processing and that are not needed.

3.5. Processing for a period stipulated by the relevant legislation or required by the purpose for which they are processed

Personal data are kept by İstinyePark AVM for the periods stipulated by the relevant legislation or required by the purpose for which they are processed. After the end of the period stipulated by the legislation or the end of the period required by the purpose for which the data is processed, personal data will be deleted, destroyed, or anonymized by İstinyePark AVM. Necessary administrative and technical measures will be taken to prevent the retention of data beyond the required period.

4. CONDITIONS FOR PROCESSING PERSONAL DATA

The conditions for the processing of personal data are regulated by the KVKK, and İstinyePark AVM processes personal data in accordance with the conditions specified below.

4.1. Conditions for Processing Personal Data

Except for the exceptions listed in the Law, İstinyePark AVM processes personal data only with the explicit consent of the data subjects. However, in the presence of the following situations listed in the Law, personal data can be processed without the explicit consent of the data subject:   
  • Being clearly prescribed in the laws,
  • Being mandatory for the protection of life or physical integrity of the person or someone else who is unable to disclose his consent due to actual impossibility or whose consent is not legally valid,
  • Being necessary for the performance of a contract between the data subject and the data controller, provided that it is directly related to the establishment or performance of the contract,
  • Being mandatory for the data controller to fulfill its legal obligation,
  • Being made public by the data subject himself/herself,
  • Being necessary for the establishment, use, or protection of a right,
  • Being necessary for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

5.TRANSFER OF PROCESSED PERSONAL DATA

İstinyePark AVM may share the personal data of data subjects with İstinyePark AVM officials, İstinyePark AVM shareholders, individuals and companies that İstinyePark AVM receives services and/or consultancy from, business partners, suppliers, legally authorized public institutions, and private individuals within the framework of the personal data processing conditions specified in Articles 5 and 6 of the Law No. 6698 on the Protection of Personal Data and the purposes stated in the Personal Data Policy. The personal data we obtain are securely stored, either physically or electronically, for an appropriate period to fulfill İstinyePark AVM’s commercial activities. Within the scope of these activities, İstinyePark AVM complies with the obligations specified in the relevant legislation, including the KVKK, regarding the protection of personal data. In accordance with the relevant legislation, except for cases where personal data are allowed or required to be retained for a longer period, İstinyePark AVM will delete, destroy, or anonymize the data upon the completion of the purposes for which the data is processed, either ex officio or upon the request of the data owners. In case personal data is deleted by means of the mentioned methods, these data will be irretrievably destroyed and cannot be used again in any way.

6.YOUR RIGHTS

Individuals whose personal data are processed and, in the case of legal entities, the authorized representatives of legal entities can exercise the following rights by applying to İstinyePark AVM in accordance with the provisions of the KVKK:
  • Learning whether personal data is being processed,
  • Requesting information if personal data has been processed,
  • Learning the purpose of processing personal data and whether they are used in accordance with their purpose,
  • Knowing third parties to whom personal data is transferred, domestically or abroad,
  • Requesting the correction of personal data in case it is incomplete or incorrectly processed,
  • Requesting the deletion or destruction of personal data,
  • In cases where personal data is corrected, deleted, or destroyed, requesting that these transactions be notified to third parties to whom personal data has been transferred,
  • Objecting to the occurrence of a result against the individual by exclusively analyzing the processed data through automated systems,
  • Requesting the compensation of damages in case personal data is processed unlawfully.
Data subjects can send their requests regarding these rights to İstinyePark AVM free of charge by filling out and signing the Application Form available on the page, along with the information and documents that will identify them, and by using the following methods or other methods determined by the Personal Data Protection Board: (a) An e-mail to kvkk@istinyepark.com.tr (b) By sending a registered letter, notarized letter, or by hand to the address İstinyePark AVM Pınar Mahallesi Katar Caddesi İstinye/Sarıyer/İstanbul. In order for third parties to make a request on behalf of the data subject, a special power of attorney issued by the data subject must be available through a notary. If you submit your request to İstinyePark AVM in accordance with the procedures in this section, we will conclude your request within a maximum of thirty days depending on the nature of the request. However, if a fee is determined by the Personal Data Protection Board, İstinyePark AVM will collect the fee specified in the tariff determined by the Personal Data Protection Board from the applicant. As İstinyePark AVM, we may request information from you to determine whether you are a data subject or not and to clarify the issues related to your application.


Personal Data Protection Application Form

SEARCH FOR ISTINYEPARK FOR BRANDS,
SERVICES AND MORE