INFORMATION TEXT ON THE COLLECTION AND PROCESSING OF PERSONAL DATA
1. INTRODUCTION
As YATED Fuarcılık A.Ş. (“Our Company” or “YATED”), we demonstrate the utmost care in processing and protecting the personal data of our visitors and Association members when visiting our official website for the Bosphorus Boat Show, bosphorusboatshow.com, in accordance with the Law on the Protection of Personal Data No. 6698 and its secondary regulations (“KVK Legislation”).
Within the scope of YATED’s disclosure obligations arising from the KVK Legislation, we would like to inform our bosphorusboatshow.com visitors through this Bosphorus Boat Show Website KVK Information Text (“Information Text”).
2. PERSONAL DATA
2.1. Definition of Personal Data
Within the scope of Article 3/I(d) of the KVK Law, “personal data” refers to any information relating to an identified or identifiable natural person. In this context, anonymous information, anonymized information, and other data that cannot be associated with a specific individual are not considered personal data under this Policy.
2.2. General Principles Regarding the Processing of Personal Data
Within the scope of Article 3/I(e) of the KVK Law, all operations performed on personal data, whether obtained entirely or partially by automated means or as part of any data recording system by non-automated means, including recording, storing, retaining, modifying, rearranging, disclosing, transferring, acquiring, making accessible, classifying, or preventing the use of personal data, are considered “data processing.”
The Company processes personal data in accordance with the following principles:
Compliance with the law and honesty
Accuracy and, when necessary, keeping data up-to-date
Processing for specific, clear, and legitimate purposes
Relevance, limitation, and proportionality in relation to the purpose for which the data is processed
Retention for the period foreseen by relevant legislation or necessary for the purpose for which the data is processed
2.3. Personal Data Processed by YATED
By visiting bosphorusboatshow.com, your personal data, primarily traffic data, as well as the personal data specified below, are processed in written form in electronic and physical environments, using automated and non-automated methods by our Company, in compliance with the KVK Legislation, in a manner that is relevant, limited, and proportional to the purposes explained below.
| Your personal data | Means of Contact with YATED |
| Internet traffic data | bosphorusboatshow.com |
| Name and email of the visitor requesting information | bosphorusboatshow.com |
| Name, email, address, and phone number of the ticket purchaser | https://ticket.edfuar.com |
| Contact persons name and email information | In written form, via any physical or electronic channel |
INFORMATION TEXT ON THE COLLECTION AND PROCESSING OF PERSONAL DATA
2.4. Purposes of Processing Personal Data
The Company may process personal data for the purposes listed below and retain them for the duration required for these purposes and, in any case, for the periods required by law:
Processing online visitor data in accordance with relevant legislation
Enabling visitors to purchase tickets through the Website
Performing ticket purchase transactions, negotiating, concluding, and fulfilling concluded or intended contracts
Improving services provided via the Website, developing new services, and providing related information
Fulfilling the Distance Ticket Sales Agreement with the customer; analyzing customer/member preferences, interests, and needs, and providing personalized promotions, offers, and benefits (for customers with commercial electronic communication consent)
Conducting direct marketing, digital marketing, remarketing, targeting, profiling, and analyses to promote and market activities and services according to customer/member preferences (for customers with commercial electronic communication consent)
Resolving customer complaints and issues
Communicating with customers based on commercial electronic communication consent and improving the website customer experience
Ensuring customer/visitor satisfaction, loyalty, and engagement
Tracking accounting and procurement operations
Ensuring the security of the Company’s Website, other electronic systems, social media accounts, and physical environments
Legal compliance and legal proceedings
Responding to requests for information from administrative and judicial authorities
Ensuring information and operational security and preventing malicious use
Conducting recruitment processes within the framework of human resources policies
Making necessary arrangements to ensure the accuracy and currency of processed data and carrying out all activities related to these processes
Fulfilling retention obligations arising from the Law and other legislation
2.5. Transfer of Personal Data
YATED may transfer the collected personal data to third parties in accordance with the general principles specified in the KVK Law and the conditions set out in Articles 8 and 9 of the KVK, and provided that necessary security measures are taken. Personal data may be processed and stored in domestic servers or other electronic environments. The third parties to whom personal data may be transferred may vary depending on the type and nature of the relationship between the data subject and the Company (user/membership relationship, employment relationship, etc.), but generally include:
Fair Organizer and Data Processor, ED FUARCILIK
Storage institutions, platform owners, data publishing institutions, infrastructure providers, other business partners, suppliers, and subcontractors working with YATED
Any official authorities and institutions
Banks and/or authorized collection institutions for collection purposes and other relevant third parties working for the execution of such activities
2.6. Security and Audit of Personal Data
In accordance with Article 12 of the KVK, YATED, as the “data controller,” takes necessary technical and administrative measures to prevent unlawful processing of personal data, unlawful access to data, and to ensure the protection of personal data. To this end:
Activities are carried out in accordance with internal policies and rules prepared for the protection of personal data
Employees are provided with necessary training and responsibilities regarding personal data protection legislation and internal policies
Necessary declarations and undertakings are obtained from employees and third-party data processors to ensure confidentiality and protection of data
Information security measures are applied to ensure the security of personal data and prevent unauthorized access
Compliance with internal policies and rules established for the protection of personal data is ensured
The adequacy of the measures taken is monitored, and new or improved data security systems are implemented as needed, with regular audits conducted
2.7. International Transfer of Personal Data
Our Company does not transfer personal data collected via the website to abroad.
2.8. Security and Destruction of Personal Data
In accordance with Article 12 of the KVK, YATED takes the necessary technical and administrative measures as the “data controller” to prevent unlawful processing and unauthorized access to personal data and to ensure its protection. Our Company is highly aware of personal data security and privacy. Accordingly, personal data of visitors specified in this Information Text is processed securely in compliance with KVK legislation, YATED’s KVK Procedure, and the Personal Data Retention and Destruction Policy.
Your personal data is retained for the period necessary for the purposes specified in this Information Text and, in any case, for the statutory limitation periods defined by law. Once these periods expire, YATED deletes, destroys, or anonymizes your personal data in accordance with the Personal Data Retention and Destruction Policy.
To prevent unauthorized access, incorrect processing, disclosure, unlawful alteration/deletion, and to ensure protection and security, the Company has implemented the following technical and administrative measures:
Authorization Matrix
Permission Control
Access Logs
User Account Management
Network Security
Application Security
Encryption
Penetration Testing, Intrusion Detection, and Prevention Systems
Log Records
Data Masking
Data Loss Prevention Software
Backup
Firewalls
Up-to-date Anti-Virus Systems
Deletion, Destruction, or Anonymization
Key Management
YATED promptly informs you and the Personal Data Protection Board where required by the KVK legislation.
3. Your Right to Access Information
Under Article 11 of the KVK Law, you have the right to apply to our Company to:
Learn whether your personal data is being processed
Request information if processed, and learn the purpose and whether it is used in accordance with that purpose
Know third parties to whom your data is transferred domestically or abroad
Request correction if your data is incomplete or inaccurate
Request deletion or destruction in accordance with Article 7 of the KVK Law, and notification to third parties of these corrections or deletions
Object to results that may arise against you due to automatic analysis
Request compensation if you suffer damages due to unlawful processing
Applications can be submitted in writing via bosphorusboatshow.com/bbs-kvkk-basvuru-formu
, by email to [email protected]
, or by mail to:
Marinturk Istanbul City Port, Floor 1, Block D, No: 5, 34890 Pendik / Istanbul / Turkey
This Information Text may be updated to comply with changing processes and KVK legislation. Please visit our website for any updates.
YATED Fuarcılık A.Ş.