Σύνδεση
TR | EN
TR | EN

PRIVACY NOTICE – REGISTRATION AND PURCHASE

This Privacy Notice explains how Vakko Tekstil ve Hazır Giyim Sanayi İşletmeleri A.Ş. ("Vakko", "we") processes personal data in connection with user registration and purchase transactions on the Vakko e-commerce platform, in accordance with the General Data Protection Regulation (GDPR).

This Privacy Notice may include references or links to specific sections of our website where personal data is collected. In such cases, additional or more specific privacy notices may be provided in those areas.

Vakko is established in Türkiye and acts as the data controller for the personal data processed in connection with user registration and purchase transactions carried out through the Vakko e-commerce platform. Where customers located in the European Union or the European Economic Area use the platform, their personal data may be processed through Vakko's central e-commerce, customer relationship, order management and support systems located in Türkiye.

Please note that this Privacy Notice does not apply to third-party websites that may be accessed through links on our website. Vakko is not responsible for the privacy practices of such third-party websites. When you visit external websites, their own privacy notices and policies will apply.

1. Categories of personal data

We may process the following categories of personal data when you register an account or place an order:

– Identity data (such as name and surname)

– Contact data (such as e-mail address, telephone number, and delivery and billing address)

– Account, transaction and customer relationship data (such as account profile information, order details, delivery and shipping information, return records and requests, purchase history, and customer service interactions)

– Payment-related data (such as transaction amount and payment reference information, processed via payment service providers)

– Security and technical data (such as login credentials, IP address, device and browser information, and verification records)

– Marketing-related data (such as gender, birthday, information regarding your participation in campaigns, use of promotional offers or gift vouchers, where applicable and in accordance with your marketing preferences)

How we collect personal data?

We collect personal data primarily directly from you when you register an account, place an order, contact customer support, or otherwise interact with our e-commerce platform.

Certain technical and security-related data (such as IP address, device and browser information) is collected automatically when you access and use our website, in order to ensure its proper functioning and security.

2. Purposes and legal bases of processing

Your personal data is processed for the following purposes and legal bases:

a) Performance of a contract (Article 6(1)(b) GDPR)

We process your personal data where necessary to perform a contract with you or to take steps at your request prior to entering into a contract, including:

– creating and managing your user account,

– processing orders, payments, deliveries and returns,

– providing customer support related to purchases,

– confirming your identity and contact information for order processing, delivery and customer communication purposes.

b) Legitimate interests (Article 6(1)(f) GDPR)

We process certain personal data based on our legitimate interests, provided that such interests do not override your fundamental rights and freedoms, including:

– ensuring the security and proper functioning of the platform,

– preventing fraud, misuse and unauthorised access,

– maintaining internal records and improving service quality,

– sending service-related communications such as account notifications, order confirmations, delivery updates and security alerts,

– facilitating password recovery and account security measures, including fraud monitoring and access control.

c) Consent (Article 6(1)(a) GDPR), where applicable

Where required by applicable law or where you have chosen to do so, we process your personal data based on your consent, including:

– sending marketing communications and personalised offers via selected channels (such as e-mail, SMS, push notifications or similar means),

– managing your marketing preferences and consent settings,

– enabling optional features that require your explicit permission, such as location-based services.

You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

d) Legal obligations (Article 6(1)(c) GDPR)

We process personal data where necessary to comply with applicable legal obligations, including:

– complying with consumer, tax and accounting regulations,

– preparing and maintaining legally required records, including sales and billing documentation,

– responding to lawful requests from public authorities, regulators or law enforcement agencies.

3. Recipients of personal data

Your personal data may be shared, where necessary and in accordance with applicable data protection laws, with the following categories of recipients:

Vakko group companies

We may share personal data within the Vakko group where such sharing is necessary to provide our services, including for order processing, customer support, payment coordination, fraud prevention and compliance purposes.

Vakko authorised internal teams

Personal data may be accessed and processed by Vakko's authorised internal teams located in Türkiye, including e-commerce, customer service, logistics coordination, finance, accounting, fraud prevention, IT, legal and compliance teams, strictly to the extent necessary for the purposes described in this Privacy Notice.

Service providers

We may share personal data with third-party service providers acting on our behalf, including providers of:

– payment processing and fraud monitoring services,

– logistics, delivery and fulfilment services,

– customer support and contact centre services,

– IT infrastructure, hosting and security services.

Such service providers process personal data only in accordance with our instructions and subject to appropriate contractual safeguards.

Public authorities and professional advisers

We may disclose personal data to public authorities, courts, regulators, law enforcement bodies or professional advisers where such disclosure is required by law or necessary to protect our legal rights.

4. International data transfers

Vakko is established in Türkiye and operates its central e-commerce, order management, customer relationship, logistics coordination, finance, accounting, IT support and customer service systems from Türkiye. Therefore, where you are located in the European Union or the European Economic Area, your personal data may be processed and accessed in Türkiye for the purposes described in this Privacy Notice, including account management, order processing, delivery, returns, customer support, fraud prevention, payment follow-up, accounting, legal claims management and compliance with applicable legal obligations.

Türkiye is not currently subject to an adequacy decision by the European Commission. Vakko therefore applies appropriate technical and organisational measures designed to protect personal data processed in Türkiye, including access controls, role-based authorisations, confidentiality obligations, logging, secure communication channels, data minimisation and retention controls.

Where personal data is transferred or made available to third-party service providers, group companies or other recipients located outside the EU/EEA, such transfers are carried out in accordance with applicable data protection laws and, where required, on the basis of appropriate safeguards under Chapter V of the GDPR. Depending on the specific transfer, such safeguards may include the Standard Contractual Clauses approved by the European Commission or other legally recognised transfer mechanisms.

Personal data is transferred or made available outside the EU/EEA only where necessary for the relevant purpose and subject to appropriate contractual, technical and organisational measures designed to protect the data.

You may request further information about international data transfers or the safeguards applied by contacting us using the details provided in this Privacy Notice.

5. Data retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, to comply with applicable legal obligations, or to establish, exercise or defend legal claims.

Where personal data is processed for more than one purpose, it is retained until the purpose requiring the longest retention period expires. In such cases, the data is no longer used for purposes that no longer apply.

Once personal data is no longer required, it is securely deleted or irreversibly anonymised.

6. Your rights

Under the General Data Protection Regulation (GDPR), you have the following rights in relation to your personal data:

– the right to access your personal data and obtain information about how it is processed,

– the right to request rectification of inaccurate or incomplete personal data,

– the right to request erasure of your personal data, subject to applicable legal conditions,

– the right to request restriction of processing in certain circumstances,

– the right to object to processing, in particular processing for direct marketing purposes,

– the right to data portability, where technically feasible,

– the right to withdraw your consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal.

You also have the right to lodge a complaint with a competent data protection supervisory authority if you believe that your personal data has been processed in breach of applicable data protection laws.

Exercising your rights

If you wish to exercise your rights or obtain further information about the processing of your personal data, you may contact us using the contact details provided below:

Vakko Tekstil ve Hazır Giyim Sanayi İşletmeleri A.Ş.

Address: ALTUNİZADE MH. KUŞBAKIŞI CD. NO:35 ÜSKÜDAR / İSTANBUL

E-mail: [email protected]

Customer Service: +90 212 482 04 04

EU/EEA Representative:

For individuals located in the European Union or the European Economic Area, Vakko has appointed Jurcom GRC Services B.V. as its representative/contact point for GDPR-related matters.

EU/EEA Representative: Jurcom GRC Services B.V.

Name: Ali Osman Özdilek

Address: World Trade Center, Prinses Margrietplantsoen 33 2595 AM The Hague / Netherlands

E-mail: [email protected]

You may contact Vakko directly or contact the EU/EEA Representative in relation to questions concerning the processing of your personal data or the exercise of your rights under the GDPR.

7. How we use cookies and similar technologies

Further information about how we use cookies and similar technologies is available in our Cookie Policy.

8. Updates to this Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices, website content or applicable legal requirements. The most recent version of this Privacy Notice will always be made available on our website.