PDPB - Yimaş

Data Controller
The website www.yimas.com.tr (“WebSite”) Alaaddinbey Mah. 624. Sok. Mese-5 Business Center Site. D Blok Apt. No:26 D/M Nilüfer/ BURSA YÜKSEK INNOVATION MERKEZİ OTOMASYON YAZILIM SAN. and TİC. Inc. (“Company”). The COMPANY, as the data controller, is responsible for determining the purposes and means of processing personal data, establishing and managing the data recording system.

We attach importance to the protection of your personal data. In accordance with the Law on the Protection of Personal Data (”KVKK”), the processing including but not limited to the collection, storage, transfer of data obtained in connection with your use of the “Company Website” and the purpose of such processing. We want to inform you.

Processing and Transfer of Personal Data
The COMPANY requests some personal data from the users during the membership phase of its customers using the Company Website or while using the Company Website. Personal data is any information that makes a person specific or identifiable. Such information may be, for example, your name, address, e-mail address or telephone number. Information collected through the use of cookies that does not directly identify you, such as how you use the Company Website, may also be considered personal data if they are based on an identity assigned to the user and are therefore collected, stored and evaluated individually. Non-personal data is information that can only be aggregated, qualified as big data, summarized, collected, evaluated and not associated with a real person by anonymizing it.

Your personal data is collected by our company due to the nature of the business by filling in the information in the demo request form, contact form, e-bulletin form, support system, call center and membership form to the Relevant Person. Our company records and uses the IP address of its members in order to identify system-related problems and quickly resolve any problems or disputes that may arise regarding the service provided. IP addresses can also be used to identify users in a general way and to gather comprehensive demographic information.

Our company may use the requested information for direct marketing purposes by itself or by the people it cooperates with, even outside the purposes and scope determined by the Membership Agreement. Personal information can also be used to contact the user when necessary. Information requested by our company or information provided by the user or information about transactions made on the Company Website; It can also be used in various statistical evaluations, database creation and market research without disclosing the identity of our members, except for the purposes and scope determined by the “Membership Agreement” by our company and its collaborators.

In some periods, our company may send notifications such as campaign information, information about new packages, promotional offers to its customers and members. Our members can make all kinds of choices about whether or not to receive such information while becoming a member, then this selection can be changed from the management panel after logging in, or they can make a notification with the link in the information message they receive.
Purposes of Processing Personal Data
Our company processes Personal Data for certain, clear and legitimate purposes. In this context, Personal Data may be processed for the following purposes:

• Providing and changing the services provided on the website,
• Customization of the offered products and services in accordance with the demands; updating, developing due to customer needs, legal and technical developments,
• Making user definitions for the systems specific to the products and services offered,
• Announcing new or existing products, services and campaigns, conducting sales and marketing activities,
• Conducting market research,
• Creating statistics and analyzing usage,
• Payment of product, service and service fees, collection, selection of collection method,
• Fulfilling the obligation to inform arising from the Law No. 6563 on the Regulation of Electronic Commerce and other relevant legislation,
• Transmitting the advertisements of the company website and products and services suitable for the purpose of processing the data to the Related Person, providing information about the products, services, promotions and campaigns,
• To provide solutions to the problems encountered during the use of the Web Site,
• Improving the visit, usage, switching between pages and purchasing experiences on the website, providing better quality service,
• Providing contact/communication,
• Execution of commercial relations with cooperated companies, suppliers, resellers and service providers,
• Reporting within the framework of cooperation,
• Developing the company’s commercial strategies and making plans,
• Contacting the company for satisfaction measurement surveys,
• Registration of participants in the events/trainings/competitions organized by the COMPANY, arrangement of certificates/participation certificates, determination of award/gift holders and delivery of awards/gifts,
• Management of judicial/administrative processes, responding to requests from public institutions,
• Fulfillment of legal obligations, resolution of legal disputes, depending on legal regulations,
• Conducting investor relations,
• Providing the results arising from this legal transaction in case of merger, division, transfer of all or part of the company with another company,
• Introducing Company employees, Real Person Customers and Relevant Persons in social media posts,
• Conducting job interviews, evaluating job applications,
• Establishment, execution and termination of the business relationship/contract,
• Making the employees of the COMPANY benefit from the basic and fringe benefits arising from the employment contracts, evaluating their performance and work,
• Opening user accounts for employees,
• In case of participation in an organization on behalf of the company, the registration of the participant,
• Participation of employees in trainings and creation of certificate records,
• Ensuring the security of the Company Website and Applications,
• Usage analysis of the Website,
• Creation of personal data inventory,
• Evaluating and responding to all questions, requests, suggestions, complaints and applications submitted in writing, verbally or electronically, including those related to personal data.
• It is transferred to the systems in the country or in other countries, especially the European Union countries (for more detailed information, you can apply in writing to our company) for the performance of the contract, data security, compliance with our company’s policies and other purposes mentioned above.
Method and Legal Reason for Personal Data Collection
Data about current and potential Company Website users are collected partially or completely automatically or non-automatically, for contractual or other reasons determined within the framework of the legislation, as a requirement of our business.

Personal Data Processed Without Explicit Consent
According to KVKK;
We may process the personal information made public by you publicly without your consent and share it with third parties in this context.
If there are provisions in the legislation that make it lawful to process your personal data without express consent, we may process it without your explicit consent and share it with third parties in this context.
We may process your personal data without express consent if it is necessary to fulfill our legal obligation, including information that must be disclosed in accordance with applicable laws or regulations or a court decision, administrative order.
If data processing is necessary for the establishment, exercise or protection of a right, we may process your personal data without your explicit consent.

Data Transferred to Third Parties
Without prejudice to our rights in the KVKK, your personal data can be sent to the Company employees, company officials, legal, financial and tax consultants, auditors, within the scope of commercial activities on the Company Website, in order to carry out data processing activities, especially in the United States and European countries. companies, IBM Softlayer Data Center, Amazon Web Services, Inc (AWS), collaborating consultants and contracted organizations, educational institutions, advertising and marketing agencies that the Company works with, and real or legal entities to present advertisements that may be of interest to the Relevant Person by anonymisation. We can share with people. You give explicit consent to the Data Controller regarding this sharing.

Network Server Data Logging
When you log into the Company Website, your web browser is technically set to automatically transfer the following data (“data log”) to our internet server, after which we record the following information in the data log records even without your consent:
Entry date
Entry time
URL of the application website
Received files
Amount of data transmitted
Browser type and version
OS
IP address
Domain name of your internet access provider
This information is the information required for technical purposes in order to deliver the content requested by you correctly, and its collection is an inevitable aspect of the use of websites. The data log is analyzed for statistical purposes only and then deleted to improve our website and the underlying technology.
The data log is stored separately from other data collected as part of your use of the Company Website.
Cookies
Like many other websites, we make use of “cookies”. Cookies are small text files delivered to your hard drive by a web page server. In this way, we automatically obtain certain data such as the IP address, the browser used, the operating system on your computer and your internet connection. The aforementioned technical communication file facilitates the use of the Internet by storing the status and preferences about the site. The technical communication file is not designed to retrieve data or any other personal information from the main memory or your e-mail. Also, cookies cannot be used to run programs or send viruses to your computer.

To get to know you on different Services, to have information about your interests on and outside of our Services, to improve your experience, to increase security, to measure the use and effectiveness of our Services, to obtain statistical information about how many people visit the site for what purpose and how long they stay on the site, and is specially designed for users. We use cookies and similar technologies to help dynamically generate advertisements and content from user pages. To offer different discounts and campaigns, to make advertisements and promotions, to make the Company Website personalized for you, to provide a personalized Company.com experience, to monitor your navigation on the Company Website and your transactions in your membership account through cookies, to use various methods on the Company Website or We may analyze your personal data collected on third sites and mobile applications together.

In any case, the data we collect cannot be shared with third parties without your consent. Of course, you can always view our website without cookies. Internet browsers are always set up to accept cookies. You can control cookies and stop their use at any time through browser settings and other tools. Please use your browser’s help function to learn how to change these settings. Please note that certain features of our website may not work if you stop the use of cookies.

For the scope and purpose of data collection, further processing and use of data by the relevant social networks, and the settings you can make to protect your rights and privacy, please refer to the Data Protection notices of the relevant social networks. If you do not want these social networks to collect data about you through our website, you must log out of the relevant social networks before visiting our website.
Your Rights Regarding Your Personal Data
In accordance with the legislation regarding your processed personal data; to learn whether personal data is processed, to request information if personal data has been processed, to learn the purpose of processing personal data and whether they are used in accordance with its purpose, to know the third parties in the country or abroad to whom personal data are transferred, to request correction of personal data in case of incomplete or incorrect processing requesting the deletion or destruction of personal data, requesting the correction of personal data in case of incomplete or incorrect processing and/or notification of the processes regarding the deletion or destruction of personal data to third parties to whom personal data has been transferred, against the person himself by analyzing the processed data exclusively through automated systems You have the right to object to the emergence of a result, to demand the compensation of the damage in case of damage due to the unlawful processing of personal data.

Use of Rights, Application and Communication
You can send your requests regarding your rights mentioned above within the scope of KVKK to the COMPANY in person or in accordance with the legislation (for example, through a notary public) in writing, provided that your identity is verified, to the above-mentioned address.
Data security
The COMPANY has taken technical and administrative measures to the extent possible regarding data security within the scope of PDPL. Information on the measures taken is detailed under the Personal Data Protection, Storage, Processing and Disposal Policy.

Data of Minors
Personal data of minors should not be sent without the consent of their parents or guardians.

Linking to Other Websites
The Company Website contains links to other websites. We have no influence on whether the operators of these sites act in accordance with data protection provisions. The COMPANY is not responsible for the content of the sites it links to (and the content of other sites to which those sites link) and has no authority to interfere with the contents of the sites it links to.

Changes in the Data Privacy Statement and the Policy on the Protection and Processing of Personal Data This “Clarification Text on the Data Privacy Statement and the Policy on the Protection and Processing of Personal Data” is intended to announce changes in our data protection-related services, for example, in the provision of new services and to fulfill applicable legal requirements. shall be changed as necessary.

User Access
No one will have access to your account unless invited by you. Only in case of a technical or system failure, authorized COMPANY personnel, upon your permission, will access your data for support purposes.

Data Sharing
Data transfer is not shared with our business partners without your consent and without sufficient security.

Data Backup
Daily backups of your data are made against possible technical problems.
Responding to Security Violations
Despite our best efforts, no method of transmission on the Internet and no method of electronic storage is completely secure. We cannot guarantee absolute safety. However, if COMPANY becomes aware of a security breach, we will alert affected users so they can take appropriate protective steps. Our violation reporting procedures are consistent with our obligations under regulatory regulations and any industry rules or standards we comply with. Notification procedures include providing e-mail notifications or posting notices if a violation occurs on our website.

Your Responsibilities
Keeping your data safe also depends on you keeping your account secure by using sufficiently complex passwords and storing them securely. You should make sure that the computer, tablet or phone on which you use the COMPANY service has sufficient security.