In order to comply with the Personal Data Protection Law No.6698 ("KVKK"), the website address "best2dine.co.uk" and the mobile application named "B2D" adopt the general principles of KVKK while processing personal data. For this reason, B2D states how your personal data is used, with whom the personal data is shared, the purpose and legal basis of the data processing, the processing, deletion, destruction, anonymization, transfer of personal data, the period of storage of your personal data, and the duration of the protection of your personal data. Our "PRIVACY and GDPR POLICY", which is prepared to explain clearly and in detail the measures taken regarding the security of your personal data, your rights regarding your personal data, and how to change the positive or negative preferences in receiving electronic commercial messages, provides access to the persons whose personal data is processed.
Definitions in this "PRIVACY and GDPR POLICY":
B2D Applications: The website addressed "best2dine.co.uk" that offers the products, services or opportunities of the companies and / or persons it has contracted with in a certain format, the mobile application called "B2D",
Data Record System: Any medium containing personal data that is fully or partially automated or processed in non-automatic ways provided that it is part of any data recording system
Recording Media: Any environment where personal data are available,
Processing of Personal Data: Obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making available, classifying or using personal data through fully or partially automatic means or non-automatic means provided that they are part of any data recording system. All kinds of operations performed on data such as blocking,
Data Processor: Real or legal person who processes personal data on behalf of the data controller with the authorization of the data controller,
Data Supervisor: Natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system,
Law No. 5651: The Law on Regulating Broadcasts Made on the Internet and Combating Crimes Committed Through These Publications,
Law No. 6698 / KVKK: Law on Protection of Personal Data.
Processing of Personal Data of Mobile Website, Website, Mobile Application Users (online visitors)
Personal Data Processed: Personal data are processed by B2D Applications within the scope of the following processes and activities:
- For the purpose of membership, from the website, mobile website or mobile application; Required entry required name, surname, e-mail, mobile phone number, optional date of birth, gender information
- Legal transaction information and contact information based on your consent to receive commercial electronic messages in line with your preferences and tastes
- In order to prepare content suitable for your preferences and preferences, to offer discounts, opportunities and benefits, taking into account the transactions you have made on B2D Applications; Your interests, browsing information, categories of interest, transaction history, demographic information, location and followed locations,
- Traffic information of users using B2D Applications, whether they are a member or not (IP address of the parties, start and end time of the service provided, type of service used, amount of data transferred and subscriber credentials, if any),
- Your navigation information in B2D Applications,
- Location information, provided that "location" information can be seen on the members' devices,
- The personal data of the members who connect to B2D Applications using social media accounts such as Instagram and Facebook, which allow sharing on their respective social media profiles, e-mails and the user's open profile are processed.
B2D's Personal Data Processing Purpose and Legal Basis
- In accordance with your consent to receive commercial electronic messages and the legal obligation to fulfill this approval, in order to prepare content suitable for your preferences and preferences, to offer promotion, discounts, benefits,
- Traffic information of users visiting B2D Applications, regardless of whether they are a member or not, in order to fulfill the obligations arising from the Law No. 5651 on Regulating Broadcasts on the Internet and Combating Crimes Committed Through These Publications and the relevant secondary legislation,
- Your navigation information; It is processed in order to prepare electronic message content suitable for the preferences and tastes of our customers who have commercial electronic message approval and to offer benefits and opportunities. The navigation information of non-member users, on the condition that the obligations arising from the Law No. 5651 are reserved, by deleting personal data such as IP address, for use only in statistical studies, reporting and decision support systems,
- In order to plan and / or execute the processes of creating and / or increasing adherence to B2D Applications,
- In order to plan and / or execute activities for the satisfaction and / or experience of the member,
- In order to identify and / or evaluate the people to be subject to marketing activities in line with the member behavior criteria,
For the design and / or execution of personalized marketing and / or promotional activities, - For the planning and / or execution of data analytics studies for marketing purposes,
For the planning and / or execution of event promotion processes, -
For the planning and / or execution of campaign promotion processes, - In order to manage member requests and / or complaints, to ensure customer satisfaction and to provide information and support on all kinds of issues regarding B2D Applications if needed, to mediate customer satisfaction by conveying the issue to B2D in case of problems that cannot be solved instantly,
- In order to show advertisements of companies that advertise on B2D Applications,
- In order to show the advertisements of the advertisers in other advertising channels by using various advertising technologies,
Cookies are text files that are loaded by your internet browser and contain small pieces of information stored on your computer, mobile phone or tablet when you visit B2D's platforms or download the mobile application to your mobile phone or connect from the mobile site.
B2D will collect, process, share with third parties and securely store your browsing information, provided that it is not used for purposes other than those specified by our PRIVACY and GDPR POLICY, within the framework of its legal obligation.
B2D, in order to provide you with special promotions, promotions and marketing offers, to improve the content of the website or mobile application for you and / or to determine your preferences; tracks your browsing information on the site and / or your membership usage history on the site. B2D may match the information collected on the site in different ways or at different times and use this information together with information from other sources such as third parties. Said matching and use will only remain within the scope and purposes set forth in this PRIVACY and GDPR POLICY.
B2D uses session cookies and persistent cookies in its Applications. Session ID cookie expires when you close your browser. The persistent cookie remains on your hard disk for a long time. You can remove persistent cookies and reject both session cookies and persistent cookies by following the instructions given in your internet browser's "help" file or by visiting "www.allaboutcookies.org" or "www.youronlinechoices.eu". If you refuse persistent cookies or session cookies, you may continue to use the website, mobile application and mobile site, but you may not be able to access all functions of the website, mobile application and mobile site, or your access may be limited. The situation in question may vary in mobile application.
Information about your use of this website / mobile application / mobile site (including your IP address) is transferred to Google by Google in the United States. stored on servers. Google will use this information to evaluate your use of the website / mobile application / mobile site, to compile the B2D website / mobile application / mobile site activity, and to provide other services related to website / mobile application / mobile site activity and internet usage. However, it will not match your IP address with other data stored by Google. For more information on using Google Analytics (including opt-out options), you can visit:http://www.google.com/intl/tr/policies/privacy/#infocollect
In addition, in order to provide you with advertisements that may be of interest to you, in order to create a special target audience with Facebook, by accepting our PRIVACY and GDPR POLICY and Communication Permit, your e-mail address from the personal data you have shared with B2D is shared with Facebook. Before uploading and forwarding your e-mail address to Facebook, it is encrypted locally by Facebook in our system using the hash method. Your e-mail address encrypted with the Hash Method shared with Facebook will only be used for the matching process. They are not shared with third parties or other advertisers and are deleted from Facebook systems as soon as possible after the matching process is completed. Facebook, technical and physical security developed to (a) protect the security and integrity of data as long as your personal data is in Facebook systems and (b) protect your personal data in Facebook systems against accidental or unauthorized access and accidental or unauthorized use, modification or disclosure of your data. It will ensure the confidentiality and security of Hash Method Encrypted Data and Facebook User ID collection, which constitutes your specific target audience ("your special target audience"), including the precautions. In addition, without your consent or unless required by law, Facebook will not provide access or information to third parties or other advertisers for your specific target audience, do not add your custom audience information to information about our users, or create interest-based profiles, or use your specific target audience other than to serve you.
For Facebook specific audience conditions, visithttps://www.facebook.com/ads/manage/customaudiences/tos.php?_=_,
PAnalyzing by ilaqi and / or the brands we work with, presenting special advertisements, campaigns and other benefits to you, sending commercial electronic messages in line with your consent preferences, sending mail, questionnaire and telemarketing applications, reporting and evaluating some of your usage data, making statistical analysis, Our member businesses, business partners, brands we work with, our shareholders, legally authorized public institutions and private persons, KVKK's Personal data can be transferred within the framework of the processing conditions and purposes specified in Articles 8 and 9. By taking the necessary security measures, your personal data can be kept domestically as well as transferred abroad to achieve the above-mentioned purposes.
Your personal data, in accordance with the current legislation; B2D can be collected verbally, in writing or electronically through channels such as our partners, group companies, affiliates, branches and liaison offices, solution partners with whom we cooperate or have contractual relationships, and our brands, and your information can be processed by these third party companies, provided that they are not contrary to the legislation. If you do not give your consent in this regard, you can report this at any time; we also keep your information inaccessible as required. However, if you do not accept this, in some cases, it may lead to a limitation of functions in our services.
How Your Personal Data Is Used
Your personal data processed by B2D are used in order to fulfill our obligations arising from the contract you have established with us and to provide you with a better service in this context. B2D does not process your personal data except for the personal data processing purposes specified in this policy. Likewise, it stipulates that third parties from whom you receive support during the service offered to you will use this personal data exclusively for the purpose specified in the contract. It is ensured that relevant third parties and employees who are authorized to access personal data are obliged to keep secrets regarding these personal data indefinitely. In cases where the relevant third party needs to transfer personal data to another subcontractor or subcontractor, it is ensured that this is done within the knowledge of B2D. With regard to the security of the personal data transferred, a joint responsibility with B2D is foreseen in cases where the relevant third party is a data processor.
With Whom Personal Data Is Shared
Your personal data processed during the duration of your B2D membership;
- In terms of our applications and services such as IT services, profiling and data analytics, with the companies we receive domestic or international service with Customer ID or encrypted,
- With the commercial electronic message intermediary service provider, in order to provide the customer with promotion, advertisement, benefits and opportunities in line with the customer's commercial electronic message approval,
- With the call center from which support is received for the management of member requests and / or complaints and the company measuring customer satisfaction,
- With companies that will conduct market research in order to increase customer satisfaction and loyalty,
- For the delivery of printed materials, with contracted companies,
- With cargo companies when goods / services need to be sent to our members,
- For reservations made through B2D application, contact the relevant restaurant,
- For transaction tracking with B2D member merchants,
- To define campaigns with our contracted companies,
- Provide the necessary information such as name, surname, e-mail, mobile phone etc. of the members who participated in the campaigns with the Merchants via the B2D Application, with the Merchant
- Your traffic information (IP address, start and end time of the service provided, the type of service used, the amount of data transferred and, if any, subscriber credentials), with the Information Technologies and Communication Authority, court or public prosecution offices,
- Your commercial electronic message approval, withdrawal of approval and all kinds of records regarding electronic commerce transactions with the Ministry of Customs and Trade,
- With other public institutions and organizations legally authorized to request your personal data, courts and public prosecutors,
- Profiling is shared with third party companies from which we receive services for the purpose of displaying advertisements in line with the likes and preferences of the Member on social media or other platforms. The likes of the members on the website and / or / mobile application, usage preferences, browsing history, transaction history, information are shared with the cookie service providers so that they can be retargeted using pseudonymized data. Personal data transfers within this scope are carried out through the secure environment and channels provided by the relevant third party. (Depending on the content and scope of the service received from third parties; in all cases where there is no need to transfer the personal data of the Customer / Member, it is performed using Pseudonymous data (pseudonym data).
As B2D, in case of personal data transfer, KVKK compliant provisions are added to the contracts we have made with the relevant parties, which will protect your personal data and ensure that it is returned to B2D or deleted from the systems after the contractual relationship. When receiving services from data processors, we work with data processors who are capable of fulfilling at least the obligations we are subject to in terms of data security in accordance with the KVKK.
Processing of Personal Data of Users (Online Visitors), Data Processing Purpose and Legal Basis
B2D's purpose of processing your personal data and its legal basis are based on clauses c), ç), d), e) and f) specified in Article 5 of the KVKK titled terms of processing personal data.
The relevant regulations are as follows;
c) It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract.
ç) It is mandatory for the data controller to fulfill its legal obligation.
d) It is made public by the person concerned.
e) Data processing is mandatory for the establishment, use or protection of a right.
f) It is mandatory to process data for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed.
It is stated in the relevant article that it is possible to process personal data without seeking the explicit consent of the person concerned in the presence of one of the above conditions.
Users using B2D Applications can contact B2D by using the e-mail address [email protected] to make requests and suggestions.
Personal data that users share with their e-mail address are data made public by the user himself. Users share this personal data entirely at their own request. B2D will process this data only for the evaluation of requests and suggestions submitted by the user.
In addition, traffic information of users visiting B2D Applications (IP address of the parties, start and end time of the service provided, type of service used, amount of data transferred and subscriber identity information, if any) are processed in accordance with Law No. 5651.
Location information can be processed if the mobile application users have given their consent, and they can also be notified, provided that they have given their consent.
Deletion, Destruction and Anonymization of Personal Data
B2D keeps the personal data processed through the Applications for the periods stipulated by the relevant laws and / or the periods required by the processing purpose pursuant to Article 7, 17 of the KVKK and Article 138 of the Turkish Penal Code. In the event that these periods expire, they will delete, destroy or anonymize in accordance with the provisions of the Regulation on Deletion, Destruction or Anonymization of Personal Data.
Deletion of personal data refers to the process of making personal data inaccessible and unavailable in any way for the relevant users. B2D creates a user-level access authorization and control matrix for this and implements it within the framework of a policy. Takes the necessary measures to perform the deletion in the database.
Destruction of personal data refers to the process of making personal data inaccessible, unrecoverable and reusable in any way.
Anonymizing personal data means making personal data unrelated to an identified or identifiable natural person under any circumstances, even if they are matched with other data.
B2D explains in detail the methods for deletion, destruction and anonymization and the technical and administrative measures taken within the scope of the Personal Data Retention and Destruction Policy prepared in accordance with the Regulation on the Deletion, Destruction or Anonymization of Personal Data. In this Policy, the period of periodic destruction stipulated by the Regulation is also determined as 6 months.
Retention Period of Your Personal Data
Your personal data is stored as long as your membership continues.
After your membership expires;
- Call Center voice recordings for 3 years
- Law No. 6563 and related secondary legislation Membership records for 10 years
- Turkish Code of Obligations No. 6098 Claims arising from the contractual relationship 10 years for judicial processes
- Turkish Code of Obligations No. 6098 All records regarding accounting and financial transactions are 10 years
- Turkish Commercial Code No 6102, Tax Procedure Law No 213 Cookies Maximum 540 days
- Commercial electronic message confirmation records 1 year from the date of withdrawal of approval
6563 Law on the Regulation of Electronic Commerce and related secondary legislation
- Traffic information for online visitors
2 years - About Arrangement of Broadcasts Made on the Internet with Number 5651 and Fighting Against Crimes Committed Through These Publications - Law Information and / or CVs received due to job application 1 year
- Personal data on customers 10 years after the legal relationship ends; 3 years in accordance with the 6563 Law and related secondary legislation
- Law No. 6563, Law No. 6102, Law No. 6098, Law No. 213, Law No. 6502 Personal data collected for 2 weeks for usability test research
After these periods have passed, your personal data are deleted, destroyed or used by making them anonym within the framework of the principles and procedures specified in the Personal Data Storage and Destruction Policy.
Precautions Taken for the Security of Your Personal Data
B2D undertakes to take all technical and administrative measures and show due diligence to ensure the confidentiality, integrity and security of your personal data. B2D takes the necessary precautions to prevent unauthorized access to personal data, misuse, illegal processing, disclosure, alteration or destruction of personal data. B2D uses generally accepted security technology standards such as firewalls and Secure Socket Layer (SSL) encryption when processing personal data. In addition, when sending your personal data to B2D via website, mobile application and mobile site, these data are transferred using SSL.
B2D, regarding the prevention of illegal access to the personal data it processes, the prevention of unlawful processing of these data and the protection of personal data:
- Protects all areas in the website or mobile application from which personal data is taken, with SSL, - Creates and applies access authorization and control matrices for its employees in order to prevent unlawful processing of personal data collected from the website or mobile application,
- To ensure that personal data are not accessed illegally; periodically makes penetration tests, tests the system's resistance to unauthorized access,
- Uses the Pseudonymization (pseudonymized data) method for all secondary data processing other than the primary processing purpose. Pseudonymous uses encryption methods in the systems where this data is located in order to prevent the identification of the personal data owner and implements a stricter access authorization and control policy. - It ensures that personal data in paper environment is kept in lockers and accessed only by authorized persons.
- Personal data processed through cookies belonging to third parties from which the service is obtained is deleted from the systems of third parties if the membership is terminated.
B2D, in order to protect personal data legally; Considering the roles of the parties to the contracts it has made, KVKK adds provisions compliant with it, prefers to work with the data controller or data processors who fulfill the necessary obligations regarding the KVKK, and foresees the transfer of the personal data shared to B2D after the contractual relationship is terminated and the necessary control mechanisms before the relevant party.
Your Rights Regarding Your Personal Data
6698 Numbered Personal Data Protection Law Art. Your rights in 11 are:
1) Learning whether personal data is being processed,
2) Requesting information if personal data has been processed,
3) Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
4) To know the third parties to whom personal data are transferred at home or abroad,
5) To request correction of personal data in case of incomplete or incorrect processing,
6) Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of KVKK,
7) Request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data have been transferred,
8) Object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems,
9) Request compensation in case of damage due to the processing of personal data unlawfully.
To Exercise Your Rights Regarding Your Personal Data
- You can contact B2D at [email protected] - In your application: Name, surname, mobile phone number, e-mail address, postal address (if the answer is to be sent by mail), explanations regarding your relationship with B2D (such as supplier, member, visitor) and KVKK Art. You must clearly state your request under 11.
- If you have incomplete or incorrectly processed personal data, or if there is any change in your processed personal data, you can access your profile from the Profile section in B2D Applications and take necessary changes and / or updates to change and update your personal data.
-Personal data shared by users with the [email protected] e-mail address are data that have been made public by the user himself. B2D processes this data only for the evaluation of requests, suggestions and complaints submitted by the user.
Leaving B2D Applications
If you do not want to revoke your consent and no longer send messages sent to you for campaign promotions or information purposes; You can click the exit link in the messages sent to you, or send an e-mail to [email protected] whenever you want, or you can make necessary changes and / or updates by accessing the "settings" section under the profile section via the mobile application. If you want to close your B2D membership account; You can send an e-mail to [email protected]
Withdrawal of Commercial Electronic Message Confirmation
If you no longer wish to receive messages sent by B2D for campaign, promotion or benefit purposes, you can send an e-mail to [email protected] or click the exit link in the e-mail or SMS sent to you.
Termination of your B2D membership does not mean withdrawal of your consent for commercial electronic messages. Therefore, we recommend that you act as stated above to withdraw your commercial electronic mail consent.
The scope of our PRIVACY and GDPR POLICY; Updated under the heading in accordance with the Personal Data Protection Law, it is made available to you, our visitors, in order to ensure the highest level of transparency regarding our activities regarding your personal data.
B2D can always make changes to this "PRIVACY and GDPR POLICY". These changes become effective immediately upon the publication of our new modified "PRIVACY and GDPR POLICY". Necessary information will be given to you, our members, to be aware of the changes in this "PRIVACY and GDPR POLICY".