KVKK Statement

  1. Data Officer and Contact Person Information


It is prepared in accordance with the Personal Data Protection Law No. 6698 and is responsible for SGS Group’s processing of personal data about you, determining the purposes of data processing, establishing and operating the data processing system. Natural persons whose personal data is processed by SGS Group are considered by law to be relevant persons.


Personal data: any information relating to an identified or identifiable natural person,


Processing of Personal Data: Means any operation which is performed on personal data, wholly or partially by automated means or non-automated means which provided that form part of a data filing system, such as collection, recording, storage, protection, alteration, adaptation, disclosure, transfer, retrieval, making available for collection, categorization, preventing the use thereof.


Data processor: Means a natural or legal person who processes personal data on its behalf based on the authority granted by the data controller.


Data recording system: Means a recording system in which personal data is structured and processed according to certain criteria.


Data officer: Refers to a natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.


According to Article 10 of the law regulating the Disclosure Obligation, data controllers are obliged to inform the natural persons with whom they process their personal data on matters related to data processing. 


This text intended to inform you as a person concerned and includes the rights and obligations of the person concerned (the data owner-the customer receiving the service) and the data controller.


  1. Main Purposes of Personal Data Processing and Processed Data


To fulfill the contractual obligations with you, to meet the requests of legal authorities (SGK, KVKK, Municipality, etc.) and relevant sector unions and the requirements of the Law No. 6563 on the Regulation of Electronic Commerce, to develop the products and services we offer, to record your suggestions, requests and complaints, to provide services in line with your needs by getting to know them better, to carry out our sales-marketing activities, to inform you about your requests (by phone, e-mail, mail, SMS and MMS tools), to determine our medium-long term commercial strategies, to ensure physical and systemic security, the following personal data are processed for the purposes of establishing or exercising our rights in order to solve legal problems; Your name, surname, TC.K.no, home and work address, e-mail address, registered e-mail address (KEP), telephone number, order information, service information, invoice, promissory note, cheque information, entry, exit and registration information of employees and visitors, camera records, IP address information, website login and logout information, user name, password and password information, bank and account information, shopping history information, survey, cookie records, information obtained through campaign work, Video, photo and sound recordings, informations, photo and video recordings which you make public by written or oral or by sharing on social media, data collected through automatic search tools, cookies or other means, social media tools, data shared with us by our business partners, suppliers and other third parties based on the permission you have given them, page view information, search terms and information about search results.


After the above-mentioned personal data is stored in our systems for periods determined in accordance with various laws and business needs, it will be removed from use by deletion.


  1. Method Of Obtaining of Processed Personal Data


Your processed personal data is obtained from you as the data owner and other third parties via written, verbal, visual and audio recording system and e-mail


4.Personal Data Transfer and Purposes


Your processed personal data can be transferred to the relevant authorities without the obligation of disclosure and without your explicit consent, if requested within the framework of Article 28/1 of the KVKK.


In addition, for unforeseen circumstances, your personal data may be transferred to public institutions (administrative authorities such as ministries, Presidential boards, etc.) specified in the laws, if requested in cases clearly stated in the law, within the scope and limitations stipulated in the law. At this stage, information cannot be provided due to the absence of such a predictable situation. If it happens, you will also be notified in advance.


Besides, contract requirements are shared with industry associations and SGS Group subsidiaries and subcontractors to ensure that the service provided is fully, accurately and timely, and that requests and complaints are met. 


Your personal data is not transferred to any natural and legal person or institution or organization other than our legal obligations, which do not require disclosure obligations and your explicit consent.


5.Rights and Obligations of the Data Controller


As a data controller, they have the rights and obligations to process personal data in accordance with 6698 KVKK and other relevant laws, to prevent unlawful processing and access of personal data, to take adequate security measures regarding technical and actual possibilities for the safe processing and storage of personal data.


If at least one of the following considerations exists, as specified in Articles 5 and 6 of the KVKK, personal and special personal data may be processed for the specified purposes, even if explicit consent is not obtained.


  • Explicitly stipulated in the relevant laws.
  • Data processing is mandatory for the establishment, exercise or protection of a right.
  • It is necessary to process personal data belonging to the parties to the contract, provided that it is directly related to the establishment or execution of the contract.
  • It is mandatory for the data controller to fulfill its legal obligation.
  • The data subject (data owner) has been made public by him/herself.
  • It is compulsory for the protection of the life or physical integrity of the person or another person, who is unable to express his/her consent due to actual impossibility or whose consent is not legally recognized.
  • Data processing is mandatory for the legitimate interests of the data controller, provided that it does not damage the fundamental rights and freedoms of the person concerned.
  • Special categories of personal data other than health and sexual life data (persons’ race, ethnic origins, political opinions, philosophical beliefs, religions, sect or other beliefs, clothing, association, foundation or union membership, criminal conviction and security measures data and biometric and genetic data)is prescribed in the laws in terms of processing.
  • For processing of data related to health and sexual life by persons or authorized institutions and organizations under the confidentiality obligation for the purpose of protection of public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and financing.
  1. Rights and Obligations of Data Owner


As the data owner has the following rights in accordance with Article 11 of the KVKK 6698; to learn whether your personal data is processed, to request information if it has been processed, to learn the purpose of processing and whether it is used in according to its purpose, to know the third parties to whom the personal data is transferred, to request correction of personal data if it has been processed incomplete or incorrect, to request notification of the arrangement if this personal data has been transferred to third parties, to request the deletion or destruction of personal data, to request deletion or destruction if this personal data has been transferred to third parties, to object to the emergence of a result against the person herself by analyzing the processed data, especially through automated systems, requesting the compensation of the damage due to the unlawful processing of personal data.




For our company it is a priority the safety of credit card holders making purchases from our shopping websites. Your credit card information is not stored in our system in any way.


There are two things to pay attention to realize that you are on a secured website when you enter the process of transactions. One of them is a key or lock icon on the bottom line of your browser. This is the sign of that you are on a secured internet page, and all your information is encrypted and protected. This information is solely used in the direction of your instructions depending on the sales process. The information about the credit card used during shopping is encrypted with 128-bit SSL (Secure Sockets Layer) protocol, independent of our shopping websites, and sent to the relevant bank for questioning. If the availability of the card is confirmed, shopping will continue. As no information about the card can be displayed or saved by us, third parties are prevented from capturing this information under any circumstances.


Only you can get access and change all the information you provide when you become a member. If you protect your member login information securely, it is not possible for others to access and change information about you. For this reason, it is acted within the 128-bit SSL security area during the membership process.


Internet shopping websites with information line or customer service or open address and phone information are shown are more preferred today. In this way, you can get detailed information about all the issues that are on your mind, and you can get correct information about the reliability of the company that provides online shopping services.


Note: we recommend that you pay attention to the company’s open address and phone number exist on Internet shopping websites. If you are going to shop, before purchasing take a note of all the phone/address information of the store where you will buy the product . If you don’t trust it, confirm it by calling before shopping. All information about our company and the location of the company are indicated on all our online shopping websites.




Our store may link to other websites within the website. Our company does not bear any responsibility for the privacy practices and content of the websites accessed through these links. The Privacy Policy Principles in this agreement relate merely to the use of our store, not to third-party websites.




In the limited cases mentioned below, our company may disclose information belonging to users to third parties, except for the provisions of this “Privacy Policy”. These cases are limited in number;


  1. To comply with the obligations imposed by the legal rules enacted by the competent legal authority, Law, Decree-Law, Regulation, etc.
  2. For the purpose of fulfilling the requirements of the “Membership Agreement”and other agreements concluded by our store with users or exercise them as mentioned in these agreements;
  3. Request of information about users for the purpose of conducting an investigation or prosecution duly conducted by the competent administrative and judicial authority;
  4. Situations that is necessary to provide information to protect the rights or security of users.




Never give or write your credit card number or passwords in the e-mails you send to our store’s Customer Service or any communication channel or regarding any of your orders. The information contained in the e-mails may be viewed by third parties. Our company cannot guarantee the security of the information transferred from your e-mails under any circumstances.




Our company can obtain information about the users visiting our store and the use of the website by using a technical communication file (Cookies). The technical communication files in question are small text files that a website sends to the user’s browser (browser) to be stored in main memory. The technical contact file facilitates the use of the Internet by storing status and preferences about the website.


The technical communication file helps to obtain statistical information about how many people visit the website, for what purposes, how many times a person visits the website and how long they remain on the website, and to dynamically generate advertisements and content from specially designed user pages for users. The technical contact file is not designed to retrieve data or any other personal information from your main memory or email. Many browsers are designed to receive the technical communication file at first, however users can change the settings so that the technical communication file does not arrive or is alerted when the technical communication file is sent.


Our company may change the provisions of this “Personal Data Protection Policy” at any time by posting on the website or sending e-mail to users or putting on the website. If the provisions of the personal data protection policy change, it becomes effective at the date of publication.


  1. Request and Application


 Fill out the application form on our web page submiting your requests and complaints about the processing of your personal data, then send it in written way to;


-Buyukbakkalköy, Buyukbakkalköy yolu no: 35/1, 34858 Maltepe/IstanbulIstanbul




– You can do this by using your e-mail address registered to the



mailing address.


After your request reaches us, you will be informed by channels indicated here within 30 days.


  1. Explicit Statement of Consent


After this clarification text, applications and communication to establish and maintain a business relationship with SGS Group shall mean that you have read, understood and given explicit consent to the above-mentioned information regarding the processing of your personal data.