Privacy and Personal Data Protection Policy
The confidentiality of your commercial, financial and personal data is an important issue for "ne ekersen". ne ekersen Inc. ("ne ekersen") operates in compliance with the Law on the Protection of Personal Data No. 6698 and relevant legislation ("PDP Law") in order for you to benefit from the goods and services offered to you with peace of mind. In this context, the Privacy and Personal Data Protection Policy has been prepared and is made available to real persons whose personal data is processed ("Data Subject").
1. Scope and Purpose of the Privacy and Personal Data Protection Policy
This Privacy and Personal Data Protection Policy describes how ne ekersen;
- Methods and legal reasons for collecting personal data,
- Which groups of persons' personal data are processed (Data Subject Categorization),
- Which category of personal data is processed in relation to these groups of persons (Data Categories) and sample data types,
- In which business processes and for what purposes this personal data is used,
- Technical and administrative measures taken to ensure the security of personal data,
- To whom and for what purpose personal data may be transferred,
- Retention periods for personal data,
- What are the rights of the Data Subjects on their personal data and how they can exercise these rights,
- Sharing personal data with public authorities
explains.
A. Methods and Legal Grounds for Collecting Personal Data
ne ekersen collects personal data through neekersen.com, social media accounts, business partners, cookies, call center, notifications from administrative and judicial authorities, and other communication channels, audibly, electronically or in writing, in accordance with the personal data processing conditions specified in the PDP Law and for the legal reasons stated in this Privacy and Personal Data Protection Policy.
B. Data Subject Person Group Categorization
In personal data processing processes and activities related to these processes, ne ekersen categorizes the data subject groups whose personal data is processed as follows. However, personal data of other groups of people can also be processed in accordance with the personal data processing conditions specified in Articles 5 and 6 of the PDP Law and for the legal reasons stated in this Privacy and Personal Data Protection Policy.
1. ne ekersen Employee or Authorized Representative
2. Farmer Customer, Potential Farmer Customer, Employee or Authorized Representative of Farmer Customer
C. Data Categories and Sample Data Types
1. ne ekersen Employee or Authorized Representative
- Identity Information: First name, last name, Turkish ID Number, date of birth
- Location Information: Business address, dealer address
- Contact Information: Cell phone number, landline phone number, e-mail address
- Ticari Bilgi: Satılan ürüne ilişkin tür, adet ve fiyat bilgisi dahil olmak üzere satışlara ilişkin her türlü bilgi, fatura bilgisi, vergi dairesi, vergi kimlik numarası, hesap numarası, tahsilat durumuna ilişkin bilgi
- Transaction and Security Information: Password, password information
- Legal Transaction and Compliance Information: other legal texts and agreements that enable the utilization of the services offered by ne ekersen, signature
- Request/Reputation Management Information: Records of questions and/or requests regarding ne ekersen or the services it offers, and transactions made during the evaluation or management process of these requests
2. Farmer Customer, Potential Farmer Customer, Employee or Authorized Representative of Farmer Customer
- Identity Information: First name, last name, Turkish ID Number, date of birth
- Location Information: Business address, location information of agricultural lands
- Contact Information: Cell phone number, landline phone number, e-mail address
- Commercial Information: Any information related to the purchase, including the type, quantity and price of the purchased product,
- Agriculture Production Information: Data in the Farmer Registration System, all kinds of information on production, invoice information, tax office, tax identification number, account number, information on collection status
- Legal Transaction and Compliance Information: other legal texts and agreements that enable the utilization of the services offered by ne ekersen, signature
- Request/Reputation Management Information: Records of questions and/or requests regarding ne ekersen or the services it offers, and transactions made during the evaluation or management process of these requests
D. In Which Business Processes and for Which Purposes Personal Data are Used
Personal data are used within the scope of the business processes and purposes listed below:
- Realization of membership transactions
- Providing farmers with easy and fast access to agricultural inputs at more affordable prices
- to enable ne ekersen to expand its farmer network and increase its sales
- Enabling farmers to sell their crops without the need for intermediaries
- Statistical evaluations and market research for the development of agricultural activities and economy in Turkey
- Improving the services offered through ne ekersen, developing new services and providing information about them
- Improving the services offered through ne ekersen, developing new services and providing information about them
- Analyzing the needs of ne ekersen and the Farmer and providing promotion, opportunities and benefits in line with the needs
- Carrying out the promotion and marketing of applications, goods, products and services in line with the preferences and needs of ne ekersen and the Farmer, by conducting direct marketing, digital marketing, remarketing, targeting, profiling and analysis within the scope of the contractual relationship
- Resolving the problems and complaints of ne ekersen and the Farmer
- Creating the satisfaction, loyalty and commitment of ne ekersen and the Farmer
- Corporate reputation management, media communication
- Tracking of accounting and purchasing transactions
- Legal processes and compliance with legislation
- Responding to information requests from administrative and judicial authorities
- Planning reporting and business development activities
- Ensuring information and process security and preventing malicious use
- Planning and execution of operational activities necessary to ensure that ne ekersen's activities are carried out in accordance with ne ekersen procedures and policies prepared within the scope of the PDP Law
- Making the necessary arrangements to ensure that the processed data is up-to-date and accurate
E. Technical and Administrative Measures Taken to Ensure the Security of Personal Data
ne ekersen undertakes to take all necessary legal, technical and administrative measures and to show due diligence to ensure the confidentiality, integrity and security of your personal data. ne ekersen takes the necessary precautions to protect personal data against unauthorized access or loss, misuse, disclosure, alteration or destruction of this information. In this context, ne ekersen;
- Uses generally accepted security technology standards such as firewalls, Secure Sockets Layer (SSL) encryption and AWS Cloud Security when storing personal data.
- Ensures that personal data on paper media are kept in locked cabinets and accessed only by authorized persons.
- ne ekersen creates and implements access authorization and control matrices for its employees in order to prevent unlawful processing of personal data collected within the scope of the services provided by ne ekersen.
- It uses Pseudonymization (pseudonymous data) for all secondary data processing other than primary processing purposes. In order to ensure that pseudonymous data makes it impossible to identify the person concerned, it uses encryption methods in the systems containing this data and applies a stricter access authorization and control policy to this data.
- Takes the necessary contractual measures for the personal data processed by third parties from whom services are received within the scope of the service provided to be processed in accordance with the PDP Law and deleted from their systems after the service is terminated.
In the event that personal data is damaged or falls into the hands of third parties as a result of attacks on the website and system, despite ne ekersen taking the necessary information security measures, ne ekersen will immediately notify you and the Personal Data Protection Board and take the necessary measures.
F. To whom and for what purpose personal data may be transferred
ne ekersen transfers personal data to third parties only for the purposes stated in this Privacy and Personal Data Protection Policy and in accordance with Articles 8 and 9 of the PDP Law.
The personal data of third parties transferred to us in accordance with the Law on the Protection of Personal Data for you to benefit from the services provided by Ne Ekersen and its business partners is shared with our business partners. In this context, our business partners to whom your personal data is transferred, without limitation, are as follows:
- Third parties who process data on behalf of Ne Ekersen for research, promotion, and consultancy services in order to provide you with access to products and services at more favorable prices, to offer various advantages to you, and to provide access to affordable products tailored to you personally, including advertising, promotion, sales, marketing, information, promotions, campaign notifications, membership processes, surveys, customer satisfaction surveys, and the provision of services within this scope, are as follows:
- Commercial electronic message intermediary service provider for making all kinds of electronic communication and sending other communication messages in order to fulfill our legal obligations,
- Public institutions and organizations authorized to request data.
You can find out about other third parties to whom we transfer/share your data by contacting us.
This data will be shared with third parties who have the same legal and technical responsibilities as us in terms of data protection and security and who comply with the provisions of the relevant legislation, only if and to the extent necessary.
The personal data subject to domestic and international transfers as mentioned above are legally protected through provisions compliant with the Law on the Protection of Personal Data included in our contracts, taking into account technical measures to ensure their security as well as the legal relationship where the counterparty is the data controller or data processor.
G. Personal Data Retention Periods
ne ekersen retains the personal data it processes in accordance with the PDP Law for the periods stipulated in the relevant legislation or required by the purpose of processing. These periods are approximately as follows:
| Records related to membership and sales | 10 years | The Law Number 6098 |
| All records related to accounting and financial transactions | 10 years | The Law Number 6102, The Law Number 213 |
| Cookies | Maximum 540 days | |
| Commercial electronic message consent records | 1 year from the date of withdrawal of consent | The Law Number 6563 and related secondary legislation |
| Traffic information on online visitors | 2 years | The Law Number 5651 |
| ne ekersen and personal data relating to the Farmer Customer After the legal relationship has ended | 10 years | The Law Number 6102, The Law Number 6098, The Law Number 213 |
| Personal data relating to suppliers After termination of the legal relationship | 10 years | The Law Number 6102, The Law Number 6098 and The Law Number 213 |
H. What are the Rights of the Data Subjects on their Personal Data and How they can Exercise these Rights
The rights of the Data Subject on personal data processed by ne ekersen in accordance with Article 11 of the PDP Law are listed below:
- To learn whether personal data is processed or not,
- Request information if their personal data has been processed,
- To learn the purpose of processing personal data and whether they are used for their intended purpose,
- To know the third parties to whom personal data are transferred domestically or abroad,
- To request correction of personal data in case of incomplete or incorrect processing,
- To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the PDP Law,
- To request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data are transferred,
- To object to the emergence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,
- In case of damage due to unlawful processing of personal data, to demand compensation for the damage.
In order to exercise your rights over your personal data adresine başvuruda bulunabilirsiniz.
I. Sharing Personal Data with Public Authorities
ne ekersen may share your website or mobile site visit or membership data and traffic information such as your navigation information with public institutions and organizations legally authorized to request such information for your security and for ne ekersen to fulfill its obligations under the law (such as, but not limited to, combating crime and threats to state and public security, where ne ekersen has a legal or administrative obligation to notify or provide information).