Language

Sepetim

Sepetiniz boş.

Membership Agreement

Membership and Terms of Use

GENERAL INFORMATION

This membership agreement has been prepared by SAPOVERA KOZMETİK LİMİTED ŞİRKETİ to define the rules and conditions regarding the use of the sapovera.com website.

Completing the membership form on our website and logging in means you agree to abide by the terms of the sapovera.com membership agreement. The user is deemed to have committed to complying with the membership agreement from the moment the membership process is successfully completed. sapovera.com offers its members who accept the agreement various online communication services (voting, ordering, receiving e-newsletters, being informed about discounts) and the opportunity to shop online. sapovera.com reserves the right to make changes to the services it provides without prior notice.

MEMBERSHIP SYSTEM

Each member will have a "password" that they choose themselves. Users can change their password at any time. The selection and protection of the password is entirely the user's responsibility. sapovera.com is absolutely not responsible for any problems arising from password usage. The email address you provided during registration is unique to the member and allows for only one membership; you cannot have two different memberships with the same email address. The "password" is known only by the user. To access services requiring membership, the user must enter the email address and password they provided during registration.

MEMBER'S OBLIGATIONS

The member acknowledges that the information provided in the registration form is accurate and that they are responsible for any damages arising from inaccurate or incomplete information (such as forgetting a password) when using the services, and that their membership may be terminated in such cases.

The user acknowledges that the copyright of the services and software provided by sapovera.com belongs to sapovera.com and that these software products may not be reproduced or distributed in any way. The user also acknowledges that they are responsible for their personal opinions, thoughts, expressions, attached files, and personal information submitted while using the services, and that sapovera.com cannot be held liable in any way for these files. The user agrees that they will be obligated to compensate for all damages that may arise as a result of such situations.

The member acknowledges that sapovera.com will not be held responsible for any information, messages, or files lost, incomplete, or sent to the wrong address during the use of the services. The member agrees not to access the services in any way other than that determined by sapovera.com and without authorization, not to modify the software in any way, not to use software that appears to have been modified, and to compensate sapovera.com for all material and moral damages it may suffer in case of non-compliance with the aforementioned clauses.

The member acknowledges that sapovera.com will not be held responsible for any damages resulting from their data being accessed by unauthorized persons.

CIRCUMSTANCES REQUIRING THE DESTRUCTION OF PERSONAL DATA

Legal Violation: SAPOVERA COSMETICS LIMITED COMPANY undertakes not to process personal data in a manner contrary to the Law and relevant legal regulations. Unless the exceptions specified in Articles 5 and 6 of the Law exist, SAPOVERA COSMETICS LIMITED COMPANY will not store the personal data of individuals from whom it has not obtained explicit consent. In cases where SAPOVERA COSMETICS LIMITED COMPANY stores special categories of personal data, it will process the data in accordance with the relevant legislation.

Termination of Data Processing Conditions: SAPOVERA COSMETICS LIMITED COMPANY is responsible for maintaining the validity of data processing conditions and shares this responsibility with all its employees. Employees may not continue processing data if the data processing conditions cease to exist. The IT Department within SAPOVERA COSMETICS LIMITED COMPANY is obligated to dispose of data storage media in accordance with this Policy if the data processing conditions cease to exist.

DELETION OF PERSONAL DATA

Secure Deletion from Software: When deleting data that has been processed entirely or partially automatically and stored in digital environments, methods are used to delete the data from the relevant software in a way that makes it completely inaccessible and unusable for the relevant users. Examples include deleting data in a cloud system by issuing a delete command; removing the relevant user's access rights to the file or directory on the central server; deleting relevant rows in databases using database commands; or deleting data on portable media, i.e., flash drives, using appropriate software.

Redaction of Personal Data in Paper Format: This method involves physically cutting out or covering personal data from a document to prevent its misuse or to delete data requested for deletion. It involves rendering the data invisible using permanent ink in a way that makes it irreversible and unreadable by technological means.

Destruction of Personal Data: Demagnetization: This method involves physically altering magnetic media in a high-magnetic field, rendering the data on it unreadable.

AUTHORIZED COURTS AND ENFORCEMENT OFFICES

Turkish Courts and Enforcement Offices shall have jurisdiction in resolving any disputes arising from the implementation of this agreement.

EFFECTIVE DATE

Once the user completes the registration form and receives a password, this agreement enters into force between the parties indefinitely.

DISSOLUTION

sapovera.com may terminate this agreement unilaterally at any time.

DATA PROCESSOR AND DATA OWNER

Data Processor: Refers to any natural or legal person who processes Personal Data on behalf of the Data Controller, having received authorization from the Data Controller.

Data Subject: Refers to all natural persons whose Personal Data is processed by or on behalf of the Company.

CHANGES TO BE MADE IN POLICY

The Company may amend this Policy from time to time. The Company will share the updated Policy text with its employees via email or make it accessible to employees and Data Subjects via the following web address, so that the changes to the Policy can be reviewed.

The relevant website address is: sapovera.com

DATE OF EFFECTIVENESS OF THE POLICY

This version of the Policy entered into force on April 1, 2018.

PRINCIPLES FOR PROCESSING PERSONAL DATA

1- Personal data is processed by the Company in accordance with the law, principles of fairness, and proportionality.

2- The company takes all necessary measures to ensure that Personal Data is complete, accurate, and up-to-date, and updates the relevant Personal Data if the Data Subject requests changes to their Personal Data.

3- Before processing Personal Data, the Company determines the purpose for which the Personal Data will be processed. In this context, the Data Subject is informed in accordance with the GDPR Regulations and their Explicit Consent is obtained where necessary.

4- Personal Data Must Be Limited and Proportional to the Purpose for Which They Are Processed: The Company processes Personal Data only in exceptional circumstances within the scope of the GDPR Regulations (GDPR Articles 5.2 and 6.3) or in accordance with the purpose covered by the Explicit Consent obtained from the Data Subject (GDPR Articles 5.1 and 6.2) and in accordance with the principle of proportionality.

5. Retaining Personal Data for as Long as Necessary and Then Deleting It

1- The company retains Personal Data for as long as necessary for its intended purpose. If the company wishes to retain Personal Data for a period longer than that stipulated in the Personal Data Protection Law (KVKK) or required by the purpose of Personal Data processing, the company shall comply with the obligations specified in the KVKK.

2- Personal Data shall be deleted, destroyed, or anonymized after the period required for the purpose of Personal Data Processing has expired. In this case, the third parties to whom the Company has transferred Personal Data shall also be required to delete, destroy, or anonymize the Personal Data.

3- The Company is responsible for operating the processes of Deletion, Destruction, and Anonymization.

DATA MANAGEMENT AND SECURITY

1. All employees involved in the relevant process are jointly and severally liable for the protection of Personal Data in accordance with this Policy and GDPR Procedures.

2. Company employees are informed about the protection and lawful processing of Personal Data.

3. Company employees may only access Personal Data within the scope of the authority granted to them and in accordance with the relevant GDPR procedure. Any access and processing by an employee exceeding their authority is unlawful and constitutes grounds for justified termination of the employment contract.

4. Each person assigned a Company device is responsible for the security of the device assigned to their use.

5. Each Company employee or person working within the Company is responsible for the security of physical files within their area of ​​responsibility.

6. In the event that additional security measures are requested or may be requested under the Personal Data Protection Law (KVKK) regulations, all employees are obliged to comply with these additional security measures and ensure their continuity.

7. In order to store Personal Data securely within the company, software and hardware including virus protection systems and firewalls are installed in accordance with technological developments.

8. The company uses backup programs and takes adequate security measures to prevent the loss or damage of personal data.

9. All Personal Data processed within the Company is treated as "Confidential Information" by the Company.

10. Company employees have been informed that their obligations regarding the security and confidentiality of Personal Data will continue even after the termination of the employment relationship, and they have been required to commit to complying with these rules.

DATA SUBJECTS' RIGHTS

Data Subjects who wish to exercise their rights and/or believe that the Company is not acting within the scope of this Policy when processing Personal Data may submit their requests to the Data Controller via the email address below (which may change from time to time), securely signed electronically, or by hand to the postal address below (which may also change from time to time), along with a petition bearing their wet signature and identifying documents, or by sending it via a notary public.

Data Controller: SAPOVERA COSMETICS LIMITED COMPANY.

Email: info@sapovera.com

Address: Anadolu Mh. 1. Kavaklı Sk. No:5/A Yıldırım/BURSA

If Data Subjects submit their requests regarding the rights listed above to the Company in writing, the Company will process the request free of charge within a maximum of thirty days, depending on the nature of the request. If there are additional costs incurred by the Data Controller in processing the requests, the Company may request the fees specified in the tariff determined by the Personal Data Protection Board. The Company will accept or reject the request, explaining the reason, and will notify the relevant person of its response in writing or electronically. If the request in the application is accepted, the Company will take the necessary action. If the application is due to an error by the Company, the fee charged will be refunded to the relevant person.

COMPANY RESPONSIBILITIES

The company undertakes to comply with this Policy and the procedures that will be applied in connection with this Policy with regard to Personal Data within its organization.

THE AIM OF POLICY

The main purpose of this Policy is to define the principles regarding the methods and processes used by the Company for the protection of Personal Data.

SCOPE

1- This Personal Data Storage and Destruction Policy (Policy) covers and applies to all activities involved in any process where SAPOVERA KOZMETİK LİMİTED ŞİRKETİ (sapovera.com) processes personal data.

2- This policy does not apply to data that does not qualify as personal data.

3- This Policy covers all storage and destruction processes that SAPOVERA KOZMETİK LİMİTED ŞİRKETİ will implement regarding personal data.

4- This policy may be amended if required by the GDPR regulations.

DEFINITIONS

The law (KVKK) is the Law No. 6698 on the Protection of Personal Data.

The regulation in question is the Regulation on the Deletion, Destruction, or Anonymization of Personal Data.

Notification: This is the Notification on the Procedures and Principles for Applications to the Data Controller, published in the Official Gazette on March 10, 2018, by the Personal Data Protection Authority.

The Board: This refers to the Personal Data Protection Board.

Institution: Refers to the Personal Data Protection Authority.

Personal Data Protection Regulations: This refers to the Law No. 6698 on the Protection of Personal Data and other relevant legislation on the protection of personal data, binding decisions, principle decisions, provisions, instructions issued by regulatory and supervisory authorities, courts and other official bodies, applicable international agreements on data protection, and all other relevant legislation.

Recording Medium: Any medium containing personal data processed, either partially or fully automatically, or through non-automatic means as part of a data recording system.

CHANGES TO BE MADE IN POLICY

This Policy may be amended from time to time. The updated Policy text, which allows for review of any changes, will be shared with employees via email or made available to employees and Data Subjects at the following web address.

The relevant website address is: sapovera.com

DATE OF EFFECTIVENESS OF THE POLICY

This version of the Policy entered into force on April 1, 2018.

COMMUNICATION

Data Controller: SAPOVERA COSMETICS LIMITED COMPANY.

Email: info@sapovera.com

Address: Anadolu Mh. 1. Kavaklı Sk. No:5/A Yıldırım/BURSA