GENERAL INFORMATION ON THE PROTECTION AND PROCESSING OF PERSONAL DATA

GENERAL NOTICE

At Mini Celebrities, we attach utmost importance to the security of your personal data. In this awareness, we process and store personal data of real persons that the Company interacts with in accordance with the Personal Data Protection Law No. 6698, secondary regulations (regulations, communiqués, circulars) issued or to be issued under the Law, and binding decisions made or to be made by the Personal Data Protection Board. In full awareness of this responsibility, as the “Data Controller” defined under the Law, we process your personal data within the scope of account opening procedures as explained below and within the limits prescribed by the legislation.

1. Information About the Data Controller

According to the Law, the data controller is Cansu Sezici Güçlü / Mini Celebrities, residing at Barbaros Mah., Mor Leylak Sk. Andromeda Ataşehir/Istanbul.

2. Purposes of Processing Personal Data

Your personal data is processed by the Company for purposes such as carrying out the Company’s commercial activities in accordance with legislation and Company policies, conducting necessary studies by Company units, determining, planning, and implementing the Company’s short, medium, and long-term commercial policies, designing and executing human resources activities, fulfilling legal obligations, managing customer relations and corporate communications, and ensuring the commercial and legal safety of real and legal persons with whom the Company has business relations. Processing is carried out lawfully, fairly, limitedly, and proportionally in connection with these purposes.

3. Transfer of Personal Data

Your personal data may be transferred, within the purposes mentioned above and in accordance with Articles 8 and 9 of the Law, to legally authorized public institutions, judicial and administrative authorities, private legal and natural persons permitted under other legislation, institutions authorized to audit the Company, payment institutions contracted to fulfill payment and financial obligations, business partners and service providers supporting the Company’s operations, and only when necessary, to the Company’s suppliers, with all necessary data security measures taken as required by the Law.

4. Methods and Legal Basis for Collecting Personal Data

Your personal data is collected by authorized units and employees of the Company through automatic and non-automatic methods, orally, in writing, or electronically. Personal data in categories such as identity, contact, location, employment, legal transactions, customer transactions, physical security, transaction security, risk management, finance, professional experience, marketing, and audiovisual records is processed based on the following legal grounds: the necessity of processing personal data directly related to the establishment or performance of a contract as per Article 5(2) of the Law, fulfilling the data controller’s legal obligations, the data being made public by the data subject, and the necessity of processing for the legitimate interests of the Company without harming the fundamental rights and freedoms of the data subject.

5. Rights of Data Subjects under the Law

5.1. Individuals whose personal data is processed have the following rights under Article 11 of the Law:

  • To learn whether their personal data is being processed,
  • To request information if their personal data has been processed,
  • To learn the purpose of processing and whether it is being used in accordance with its purpose,
  • To know third parties to whom personal data is transferred domestically or abroad,
  • To request correction of incomplete or inaccurate personal data,
  • To request deletion or destruction of personal data under the conditions outlined in Article 7 of the Law,
  • To request notification of the actions taken pursuant to paragraphs (d) and (e) of Article 11 to third parties to whom personal data has been transferred,
  • To object to a result arising against them through exclusive analysis of processed data by automated systems,
  • To request compensation for damages arising from unlawful processing of personal data.

5.2. You can submit your requests regarding these rights to the Company via email, registered mail to the Company’s address, or through a notary.

5.3. Your requests will be fulfilled in accordance with the relevant provisions of the Law. This can only be done if it is verified that the requested data belongs to the person making the request, in order to prevent personal data from falling into the hands of malicious third parties.

6. Browser Cookies

6.1. Technical communication files (cookies) are small text files sent to the user’s browser to be stored in the main memory. These files facilitate the use of the internet. Browser cookies help understand how visitors use our website and create statistical databases, which assist in advertising and content creation.

6.2. Browser cookies do not, under any circumstances, create data that can identify the website visitors. These technical communication files are not intended to access your personal data from your main memory or email.

6.3. You can change your preferences regarding the use of browser cookies by blocking or deleting them.

As a data subject, to exercise the rights mentioned above, your request must include clear and understandable explanations, relate to you personally, or if acting on behalf of someone else, include a notarized special power of attorney. Your requests must also include your full name, signature, ID number, address, email, phone and fax numbers, and the elements of your request, in accordance with the “Communiqué on the Procedures and Principles for Application to the Data Controller.” Requests lacking these elements will be rejected.