BİM BİRLEŞİK MAĞAZALAR ANONİM ŞİRKETİ CLARIFICATION TEXT ON THE PROCESSING OF PERSONAL DATA IN CUSTOMER SERVICES AND REQUEST COMPLAINT PROCESSES
Data Controller
Your personal data is processed by BİM Birleşik Mağazalar Anonim Şirketi (“Company”), registered with Istanbul Trade Registry Office under registration number 334499-0 and MERSIS number 0175005184608645, headquartered at Abdurrahmangazi Mah. Ebubekir Cad. No.73 Sancaktepe/Istanbul, as the data controller, within the scope of the Personal Data Protection Law No. 6698 (KVKK), relevant legislative provisions, decisions/announcements by competent authorities, and this Information Notice on the Processing of Personal Data in Customer Services and Request/Complaint Procedures.
Our Company processes your personal data in accordance with the provisions of all legislation on the protection of personal data, especially KVKK, ensures that your data is securely hosted and takes all necessary security measures against possible unlawful access. This Clarification Text explains the scope of processing of your personal data collected within the framework of our customer service and request complaint processes. For detailed information about the processing of your personal data by our Company, you can request BİM Birleşik Mağazalar Anonim Şirketi Personal Data Protection and Processing Policy from our Company.
Method of Collecting Personal Data
Your personal data is collected by our Company through automated or non-automated methods provided that it is part of a data recording system, through electronic means (e.g., website https://www.bim.com.tr/), physical forms, call centers, and other communication channels.
Categories of Personal Data Processed and Purposes and Legal Reasons for Processing Your Personal Data
Within the scope of our Customer Services, your personal data is processed for purposes including conducting communication activities, after-sales support, customer relationship management, request/complaint follow-up, and providing information to authorized public institutions and organizations. The details regarding the categories of personal data, purposes of processing, and legal grounds are provided in the table above.
| Personal Data Category | Purposes of Personal Data Processing |
|---|
| Contact Data | Your data under this category is processed for the following purposes and on the legal bases stipulated in Article 5/2 (ç) of the KVKK for the fulfillment of the data controller’s legal obligation, and Article 5/2 (e) for the establishment, exercise or protection of a right - Conducting Communication Activities
- Conducting After-Sales Support Services for Goods/Services
- Conducting Customer Relationship Management Processes
- Follow-up of Requests/Complaints
- Providing Information to Authorized Persons, Institutions and Organizations
|
| Identity Data | Your data under this category is processed for the following purposes and on the legal bases stipulated in Article 5/2 (ç) of the KVKK for the fulfillment of the data controller’s legal obligation, and Article 5/2 (e) for the establishment, exercise or protection of a right: - Conducting After-Sales Support Services for Goods/Services
- Conducting Customer Relationship Management Processes
- Follow-up of Requests/Complaints
- Providing Information to Authorized Persons, Institutions and Organizations
|
| Customer Transaction Data (Only if you are our customer) | Your data under this category is processed for the following purposes and on the legal bases stipulated in Article 5/2 (ç) of the KVKK for the fulfillment of the data controller’s legal obligation, and Article 5/2 (e) for the establishment, exercise or protection of a right: - Conducting After-Sales Support Services for Goods/Services
- Conducting Customer Relationship Management Processes
- Follow-up of Requests/Complaints
- Providing Information to Authorized Persons, Institutions and Organizations
|
| Request / Complaint Data | Your data under this category is processed for the following purposes and on the legal bases stipulated in Article 5/2 (ç) of the KVKK for the fulfillment of the data controller’s legal obligation, and Article 5/2 (e) for the establishment, exercise or protection of a right: - Conducting Customer Relationship Management Processes
- Follow-up of Requests/Complaints
- Providing Information to Authorized Persons, Institutions and Organizations
|
Transfer of Your Personal Data to Third Parties Residing in Turkey and/or Abroad
Within our Company, your personal data can only be accessed to the extent necessary to fulfill their duties by our employees who have limited authorization access for the purposes detailed above, and are not transferred to domestic and/or foreign third parties in the absence of the conditions for transfer set out in Articles 8 and/or 9 of the KVKK. However, your personal data processed within the scope of each personal data category mentioned above may be transferred to the following recipient groups in accordance with Articles 8 and/or 9 of the KVKK and if the personal data processing conditions (legal reasons) specified above for the relevant data category are also available for the purposes of transfer:
- To our domestic suppliers (e.g. after-sales service providers, telecommunication service providers, data hosting service providers, etc. and legal / tax / independent audit service providers) for the purposes specified in the relevant category for each data category above, primarily for the purposes of providing products and/or services in terms of carrying out the Company's activities, and
- For the purposes specified in the relevant category for each category of data above, especially for the purposes of ensuring business continuity within the scope of our company's activities, establishing potential collaborations and providing after-sales support services through authorized services and companies from which products / services are provided, to our business partners (e.g. chain stores, authorized services and other companies from which products/services are provided),
- Domestic banks and payment service institutions and payment systems institutions for the purposes specified in the relevant category for each category of data above, especially for payment, finance, accounting and collection purposes related to products/services,
- To authorized public institutions and organizations located in the country (e.g. courts, tax offices) for the purposes specified in the relevant category for each category of data above, especially for the purposes of fulfilling the legal obligations of our company and the follow-up of legal affairs
- Storage Period of Personal Data
Your personal data obtained during our company activities are stored and destroyed in accordance with the general principles and regulations specified in our Company's policies and procedures regarding storage and destruction, which are prepared in accordance with the provisions of the Constitution, KVKK, the Regulation on Deletion, Destruction or Anonymization of Personal Data and other relevant legislation.
In this context, your personal data will continue to be processed during the relevant legal time-out periods specific to the process, and will be destroyed in the event that all of the above-mentioned personal data processing conditions disappear. In terms of your requests regarding the destruction of your personal data, we kindly request you to review the 6th section of this Clarification Text.
- Your Rights Under the KVKK
As a personal data subject, we hereby inform you that you have the following rights pursuant to Article 11 of the KVKK.
- To learn whether your personal data has been processed,
- To request information if your personal data has been processed,
- To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
- To know the third parties to whom your personal data is transferred domestically or abroad,
- To request correction of your personal data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom your personal data has been transferred,
- Although it has been processed in accordance with the provisions of KVKK and other relevant laws, To request the deletion or destruction of your personal data in the event that the reasons requiring the processing of your personal data disappear and to request notification of the transactions made within this scope and in case your personal data is incomplete or incorrectly processed to third parties to whom your personal data has been transferred,
- To object to the occurrence of a result against the person himself/herself by analyzing your processed data exclusively through automated systems,
- To request compensation for the damage in case of damage due to unlawful processing of your personal data.
You can submit your applications for your rights mentioned above in accordance with the provisions of the Communiqué on the Procedures and Principles of Application to the Data Controller and in a way that is convenient to prove your identity*, in writing, by filling out the Data Subject Application Form that you can access at [https://www.bim.com.tr/Uploads/BIM_Relevant_Person_Application_Form.pdf] or in accordance with the procedures and principles described above and regulated in the relevant legislation. Ebubekir Cad. No:73 Sancaktepe Istanbul/Turkey address. Depending on the nature of the request, our Company will finalize the request free of charge as soon as possible and within 30 (thirty) days at the latest. However, if the transaction requires an additional cost, our company will charge the fee in the tariff determined by the Personal Data Protection Board.
* We would like to remind you that no special categories of personal data (e.g. religious information or blood type information) should be included within the scope of these documents.