Personal Data Policy

Personal Data Protection Law No. 6698 (hereinafter referred to as KVKK) was adopted on March 24, 2016 and published in the Official Gazette No. 29677 dated April 7, 2016.

Our company is a "data controller" within the scope of KVKK and in this capacity, we provide the following information:

  • You can visit our company's website, shop on our website and/or become a member to be informed about campaigns and announcements.
  • When you visit the www.sumaindesign.com website or when a third party sends you a purchase,
  • You agree to receive general and personalized campaign information through commercial communication channels,
  • In case we communicate mutually via communication channels, an information text regarding the use of your personal data is included.

Your personal data will be recorded, stored, updated, shared with third parties where permitted by legislation, classified, and processed in the ways listed in the KVKK, within the framework explained on this page.

How your personal data may be processed

Pursuant to the Personal Data Protection Law (KVKK), the personal data you share with our Company may be processed by us, in whole or in part, automatically or non-automatically, provided that it is part of any data recording system, by obtaining, recording, storing, changing, or rearranging the data. In short, any transaction performed on the data within the scope of the KVKK is considered "processing of personal data."

Purposes and legal reasons for processing your personal data

Personal data you share,

  • In order to fulfill the requirements of the services we provide to our customers in accordance with the requirements of the contract and technology and to improve our products and services;
  • To record the identity, address and other necessary information to identify the transaction owner within the scope of the Law on Regulation of Electronic Commerce No. 6563, the Law on Consumer Protection No. 6502 and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce prepared on the basis of these regulations, the Regulation on Distance Contracts and other relevant legislation;
  • To prepare all records and documents that will form the basis of payment systems, electronic contracts or paper transactions that are mandatory in the field of Banking and Electronic Payment; to comply with the information storage, reporting and notification obligations stipulated by legislation and other authorities;
  • To provide information to prosecutors, courts and relevant public officials on matters related to public security and legal disputes, upon request and in accordance with the legislation;

Your personal data will be processed in accordance with the Personal Data Protection Law (KVKK) and relevant secondary regulations. Information about third parties or organizations to whom your personal data may be transferred: The persons/organizations to whom your personal data you have shared with our company may be transferred for the purposes specified above are; IdeaSoft Yazılım San. ve Tic. A.Ş., which provides our company's e-commerce infrastructure, as well as persons and organizations related to the services provided, such as suppliers and cargo companies, program partner organizations we collaborate with and/or receive services from as Data Processors, domestic organizations, and other third parties.

Our Purposes for Processing Personal Data

  • Your identity (name and surname), contact information (e-mail address, telephone number) and shopping information (shopping date, quantity, shopping content, payment method and payment details) for the purposes of carrying out the shopping transaction, distinguishing your records in our systems from those of other customers, and sending you the e-invoice/e-archive invoice for your shopping.
  • Your bank account information so that the refund can be made to your bank account during the return process, if necessary.
  • Your identity, contact and billing information for the purpose of issuing invoices and, in some cases, performing current account and reconciliation transactions; and also your TR ID/tax number, shopping information (shopping date, amount and shopping content) and, if you are a taxpayer, some additional billing information (TR ID/tax number, sole proprietorship information) in order to fulfill our obligations under the relevant legislation if you purchase a certain product or service over a certain amount or for which there is a clear regulation.
  • If you wish to make your payment by credit card, your credit card information (credit card information is transferred to the payment institution without being recorded by us) in order to receive payment.
  • If you wish to make your payment via mail order, we process your name, surname, credit card information, telephone number, product information, order amount, signature and the front face photograph of your ID.

How your personal data is collected

Your personal data,

    • Through the forms on our company's website and mobile applications, information such as name, surname, Turkish ID number, address, telephone, work or private e-mail address; preferences on the pages accessed using the user name and password, transactions performed, cookie data collected by the browser, and data including browsing time and details, as well as location data;
    • Verbally, in writing or electronically through our channels such as our sales and marketing department employees, branches, suppliers, other sales channels, paper forms, business cards, digital marketing and call center;
    • Received from persons who share their personal data with our company for purposes such as establishing a commercial relationship, applying for a job, submitting an offer, through business cards, CVs, submitting an offer, or through other means, in a physical or virtual environment, face to face or at a distance, verbally, in writing, or electronically;
  • In addition, data obtained indirectly from different channels, from (micro) websites and social media used for websites, blogs, competitions, surveys, games, campaigns and similar purposes, e-bulletin reading or clicking movements, data provided by public databases, profiles and data open to sharing on social media platforms can be processed and collected.

Storage and protection of personal data

Your personal data will be kept confidential in our Company's databases and systems in accordance with Article 12 of the Personal Data Protection Law (KVKK) and will not be shared with third parties under any circumstances other than in accordance with legal obligations and the regulations specified in this document. Our Company is obligated to protect the systems and databases that house your personal data, in accordance with Article 12 of the Personal Data Protection Law, from unlawful processing of personal data, to prevent unauthorized access, and to implement software and physical security measures, such as access management. If it becomes known that personal data has been obtained by others through illegal means, the situation must be reported immediately, in writing, and in accordance with legal regulations, to the Personal Data Protection Board.

Keeping personal data up-to-date and accurate

Pursuant to Article 4 of the Personal Data Protection Law, our Company is obligated to keep your personal data accurate and up-to-date. In this context, in order for our Company to fulfill its obligations arising from applicable legislation, our Customers are required to share accurate and up-to-date data or update it through the website/mobile application.

Data owner's rights under KVKK

In accordance with Article 11 of the KVKK, the Personal Data Owner may apply to our company (data controller) and obtain the following information regarding himself/herself:

  1. Learning whether personal data is being processed,
  2. To request information regarding the processing of personal data,
  3. To learn the purpose of processing personal data and whether they are used in accordance with their purpose,
  4. To know the third parties to whom personal data is transferred, either domestically or abroad,
  5. To request correction of personal data if it is processed incompletely or incorrectly,
  6. Request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVKK,
  7. To request that, in case of correction, deletion or destruction of personal data, these operations be notified to third parties to whom personal data has been transferred,
  8. To object to the emergence of a result against the person himself/herself by analyzing the processed data exclusively through automated systems,
  9. In case of any damage caused by the unlawful processing of personal data, the person has the right to demand compensation for the damage.

SUMAIN TASARIM DANIŞMANLIK HİZMETLERİ SANAYİ VE TİCARET ANONİM ŞİRKETİ, registered with the Istanbul Chamber of Commerce under registration number 389088-5, with the MERSİS number 0783069235800001, and located at ÖMER AVNİ MAH. BEYTÜLMALCI SK. MARKET NO:7 İÇ KAPI NO:2, is the Data Controller within the scope of the KVKK. The Data Controller Representative to be appointed by our Company will be announced in the Data Controllers Registry and on the website where this document is located once the legal infrastructure is established. Personal Data Owners may direct their questions, comments, or requests to any of the following communication channels:

Email: info@sumaindesign.com
Telephone: 0 535 1060887