INFORMATION NOTICE ON PROCESSING OF PERSONAL DATA

The protection of personal data is a sensitive and vital issue for our company, the Settled Data Controller Abroad. We care and attach importance to processingyour Personal Data within the scope of, National and International legislation Law No. 6698. As the Data Controller, we adopt the principles stipulated by the Personal Data numbered 6698 and fulfill the obligations regarding the processing, deletion, destruction, anonymization, transfer of personal data, enlightenment of the data subject, and ensuring data security.

As BYNOGAME;  we would like to inform you about the activities arising from the legal regulations regarding The Personal Data Protection Law No 6698  processing, collecting, and transferring your personal data to our: 

•  Potential product and service buyers,

•  Product or service buyers and their parents/guardians/representatives,

•   Employees and authorities of our suppliers,

•  Members of our board of directors  and our shareholders/co-partners

Scope Of The inform Notice

This Inform Letter Contains;

a) Personal Data Collection Methods and Legal Reasons

b)Categorization of Data Subject Groups and Processed Personal Data

c) Explanation of Personal Data usage for what purposes and in which business processes

d)Administrative and Technical Measures Taken by ByNoGame to Ensure the Security of Personal Data

e) Transferring of Personal Data, to where and to whom

f)  Retention Periods and Disposal Methods of Personal Data

g) Rights of Relevant  Persons

a)  Personal Data Collection Methods and Legal Reasons

Your Personal Data is collected in order to be able to fulfill the purposes of this Clarification Text, the responsibilities arising from the law completely, and accurately and carry out the commercial activities in all kinds of oral, written, and electronic media via technical, and other methods and they are processed by our company or data processors assigned by our company.    

As ByNoGame, the cases where your personal data is collected;

               -   expressly stipulated in the Law;

-    where it is directly related to the conclusion or performance of a contract;

-    if you make your personal data public;

-    in cases where data processing is necessary for the establishment,

-    use or protection of a right,

-    we process it within the legitimate interests of our company

As the respective person, we process your data receiving your explicit consent in cases in which it is obligatory for the benefit of our company and none of these situations exist providing that not to prejudice your fundamental rights and freedoms.

Your Personal Data is collected in accordance with the relevant legislation.

In the cases listed below, data collection processes are carried out within the site;

-    Cookies created by our website during your visits to our website

-    In membership transactions, account creation, and account update transactions,

-    When you fill out a form on our site,

-    When you buy or sell products, and services

-    In customer support transactions (call center services)

-    In correspondence as buyer/seller,

-    With cookies, site usage measurement systems (e.g. Google Analytics),

-    Notifications from administrative and judicial authorities,

-    Contracts, documents received regarding commercial activities, and other documents declared by the person concerned,

-      In all kinds of verbal, written, and electronic media;

Your personal data may be collected by automatic, non-automatic, or other methods.

b)Categorization of Data Subject Groups and Processed Personal Data

-    Potential Product or Service Buyers,

-    Product or Service Users and Employees, ( Parental Guardians / Custodians /Representatives )

-    Employees of our suppliers,

-    Authorities of our suppliers,

-    Members of The Directors Board, Shareholders

c)  In Which Business Processes and For What Purposes Personal Data Are Used

d)Administrative and Technical Measures Taken by BYNOGAME Regarding the Security of Personal Data 

As BYNOGAME, we attach utmost importance to taking the administrative and technical measures determined within the scope of Law numbered 6698, relevant legislation, and the decisions of the Personal Data Protection Board during the processing of your personal data.

By taking the necessary administrative and technical measures against risks that may arise from inside or outside the company, BYNOGAME prevents unauthorized access to personal data, illegal processing, disclosure, alteration, or destruction of personal data. BYNOGAME takes the following administrative and technical measures while processing personal data:

Applications for Administrative Measures:

-    Personal Data Processing Inventory Preparation  

-    Corporate Policies (Access, Information Security, Use, Storage, Destruction, etc.)

-    Contracts (between Data Controller and Data Controller, Data Controller and Data Processor)

-    Privacy Commitments

-    In-house Periodic and/or Random Audits

-    Contract of Employment, Disciplinary Regulations (Adding Legal Provisions)

-    Corporate Communication (Crisis Management, Informing the Board and Relevant Person, Reputation Management, etc.)

-    Education and Awareness Activities (Information Security and Law)

-    Notification to Data Controllers’ Registry Information System (VERBIS)

Applications for Technical Measures:

-    Authority Matrix

-    Authority Control

-    Access Logs

-    User Account Management

-    Network Security

-    Application Security

-    Penetration Test

-    Intrusion Detection and Prevention Systems

-    Log Records

-    Data Loss Prevention Software Tools

-    Back-up

-    Firewall

-    Up-to-date Anti-Virus Software

-    Deletion, Destruction, or Anonymization

Despite the administrative and technical measures listed above, if personal data is damaged as a result of possible attacks on our servers or is in the hands of unauthorized third parties, BYNOGAME immediately notifies you and the Personal Data Protection Board and takes the necessary measures.

e)  Transfer of  Your Personal Data

Our company will be able to transfer your collected personal data to the relevant parties within the scope of the personal data processing conditions and purposes specified in Articles 8 and 9 of the KVKK, due to the same purpose and legal obligations as in the data processing purposes mentioned above. In addition, our company uses cloud computing technology, and all of your personal data processed in this context is transferred to the secure cloud computing system of 3rd party companies. To provide our valued customers products and services with higher value-added, and to increase our service quality, our company may share your personal data with the partners, partnerships, and initiatives of our company that may occur at domestic or abroad; with public institutions and organizations that are authorized to request this data required by the Law; provided that we receive adequate confidentiality security, we can share it with domestic or foreign institutions, suppliers, authorized dealers, dealers, and business partners with whom we have contracted due to our activities. The nature of these transfers and the shared parties, the data owner and NOGAME TECHNOLOGY LTD. Depending on the type and nature of the relationship between the parties, the purpose of the transfer, and the relevant legal basis, these parties are, in general terms, as follows:

·   Business Units within BYNOGAME to Ensure Coordination, Collaboration, and Efficiency

·   Customer Satisfaction etc. Research Firms within the Scope of Purposes

·   Companies that receive services for the realization of marketing activities

·   Banks and Payment Institutions to Enable Financial Transactions

·   Natural Persons or Legal Entities

·   Domestic/Foreign Companies Providing Cloud Computing Technology Services

·   Legal Authorities such as Law Offices and Institutions Supported in Legal Purposes Activities

·   Business Partners

·   Authorized Public Organizations

·   Suppliers

f)   Personal DataStorage Periods and Destruction Methods

The principles regarding the retention period of your personal data are as follows:

.  If a period is stipulated in the legislation related to company activities regarding the storage of the said personal data, this period is complied with.

.  If a period is not stipulated in the legislation related to company activities regarding the storage of the said personal data, the period in line with the purposes we have determined for the data processing activity by observing the Principles of Law No. 6698 is complied with.

Your personal data is destroyed by deletion, destruction, and anonymization methods at the end of the above-mentioned periods.

g)  Rights  Of  The Data Subject

As a natural person whose data is processed within the scope of Article 11 of Law No. 6698, you have the right to request any time to us for the things listed below:

• Learning whether your personal data are processed or not,

• If your personal data have been processed, demanding for information,

• Learning the purpose of processing your personal data and whether these personal data are used in compliance with the purpose,

• Knowing the third parties to whom personal data are transferred in the country or abroad,

• Requesting correction of personal data in case of incomplete or incorrect processing,

• Requesting the deletion or destruction of personal data under the conditions stipulated in Article 7of the Law.

• Requesting notification of the transactions made pursuant to sub-paragraphs (d) and (e) of Article 11 of the Law, to third parties to whom personal data have been transferred,

• Objecting to the occurrence of a result against the person himself/herself by analyzing the data processed solely through the automated system,

• Requesting compensation for the damage in case of loss due to unlawful processing of personal data.
  
  

You may submit your applications about your personal data in accordance with the above but not limited to, and make requests about implementing the Law using the KVKK Data Subject Application Form and either send it to the relevant company in person, in writing through a notary public or send it to ertugrul.kalemci@hs01.kep.tr using registered e-mail address, secure digital signature, mobile signature, e-mail address that is notified about and registered on our system.

Depending on the nature of the request, your application will be answered free of charge as soon as possible,  and in any case, within thirty days at the latest. However, if fulfilling the request requires an additional cost, a fee included in the tariff determined by the Board may be charged.

Best Regards,

NOGAME TECHONOLOGY LTD.