PRIVACY POLICY AND PERSONAL DATA PROTECTION AND PROCESSING INFORMATION NOTICE

Data Controller

The website named {■} (“blackislandfashion.com”), operating at {■}, is operated by {■} (“KARANADA TEKSTIL SAN. VE TİC. LTD. ŞTİ.”). As the Data Controller, the COMPANY is responsible for determining the purposes and means of processing personal data, establishing and managing the data recording system.

We prioritize the protection of your personal data. In accordance with the Personal Data Protection Law (“KVKK”), we would like to inform you about the processing of data obtained in connection with your use of the “Company Website,” including but not limited to collection, storage, and transfer of such data, as well as the purposes of such processing.

Processing and Transfer of Personal Data

The COMPANY may request certain personal data from users when registering as a member or using the Company Website. Personal data refers to any information that identifies or makes a person identifiable. This may include, for example, your name, address, email address, or phone number. Data collected via cookies, which does not directly identify your identity (e.g., information on how you use the Company Website), may also qualify as personal data if it is associated with a user-specific ID and thus collected, stored, and evaluated individually. Non-personal data is information that is aggregated, anonymized, summarized, and analyzed, such that it cannot be linked to any real person.

The personal data collected by our Company is obtained through information provided in the membership form in line with the nature of our business. To identify system-related issues and quickly resolve any problems or disputes regarding the service provided, our Company records the IP addresses of its members and uses them. IP addresses may also be used to generally identify users and gather comprehensive demographic information.

Our Company may also use requested information, directly or in collaboration with third parties, for marketing purposes beyond the purposes and scope specified in the Membership Agreement. Personal information may also be used to contact users if necessary. Information requested or provided by users or collected through transactions on the Company Website may also be used, without revealing the identity of members, for statistical evaluation, database creation, and market research purposes beyond the scope and purposes specified in the Membership Agreement.

Periodically, our Company may send notifications to customers and members regarding campaigns, new packages, promotional offers, etc. Members may choose whether or not to receive such information during registration, and may subsequently change their preferences via the member panel or through the link provided in the received notification.

Purposes of Processing Personal Data

Our Company processes personal data for specific, explicit, and legitimate purposes. These purposes include:

  • Delivering and modifying services provided through the website,

  • Customizing products and services according to requests, updating and developing them according to customer needs, legal, and technical developments,

  • Creating user identifications in systems for specific products and services,

  • Announcing new or existing products, services, and campaigns; conducting sales and marketing activities,

  • Conducting market research,

  • Creating statistics and analyzing usage,

  • Payment of product, service, and subscription fees; selecting payment methods,

  • Fulfilling notification obligations arising from the Electronic Commerce Law No. 6563 and other relevant regulations,

  • Delivering advertisements for products and services to the Data Subject in line with the purpose of data processing and informing them about products, services, promotions, and campaigns,

  • Resolving issues encountered during website use,

  • Improving user experience, navigation, page transitions, and purchase experience on the website,

  • Establishing contact/communication,

  • Conducting commercial relationships with partner companies, suppliers, resellers, and service providers,

  • Reporting within the framework of collaborations,

  • Developing and planning the Company’s commercial strategies,

  • Conducting satisfaction surveys and communicating with participants,

  • Registering participants in Company events/trainings/competitions, issuing certificates/participation documents, determining winners of awards/gifts, and delivering awards/gifts,

  • Managing judicial/administrative procedures and responding to public institutions’ requests,

  • Fulfilling legal obligations and resolving legal disputes,

  • Managing investor relations,

  • Implementing the consequences of legal actions if the Company merges, splits, or transfers all or part of its operations,

  • Promoting Company employees, real customers, and stakeholders on social media,

  • Conducting recruitment processes and evaluating job applications,

  • Establishing, managing, and terminating employment relationships/contracts,

  • Granting employee rights and benefits arising from employment contracts and evaluating performance,

  • Creating employee user accounts,

  • Registering participants in events attended on behalf of the Company,

  • Recording employee participation in trainings and issuing certificates,

  • Ensuring the security of the Company Website and Applications,

  • Analyzing website usage,

  • Maintaining a personal data inventory,

  • Evaluating and responding to written, verbal, or electronic inquiries, requests, suggestions, complaints, and applications concerning personal data.

Data may be transferred to systems located domestically or abroad, including the European Union, for the fulfillment of the contract, data security, compliance with Company policies, and the purposes mentioned above (for more information, you may contact us in writing).

Method and Legal Basis of Data Collection

Data regarding current and potential users of the Company Website is collected, partially or fully, automatically or manually, within contractual or statutory grounds, in accordance with the necessity of our business.

Personal Data Processed Without Explicit Consent

Under KVKK:

  • Personal information publicly shared by you may be processed and shared with third parties without your explicit consent.

  • If legislation explicitly allows processing of personal data without explicit consent, we may process and share it accordingly.

  • Personal data may be processed without consent to fulfill legal obligations, comply with laws, regulations, or court orders.

  • If processing personal data is necessary to establish, exercise, or protect a legal right, we may do so without your explicit consent.

Data Shared with Third Parties

Your personal data may be shared with Company employees, legal, financial, and tax advisors, auditors, service providers complementing the Company’s operations, cloud service providers such as Tekrom Teknoloji A.Ş., Amazon Web Services, Inc. (AWS), partners, education institutions, advertising and marketing agencies, and anonymized data may be shared for targeted advertising purposes. Consent is assumed for these transfers.

Server Log Data

When accessing the Company Website, your browser automatically transmits the following data to our web server, which we record regardless of your consent:

  • Date and time of access

  • URL of requested website

  • Downloaded files

  • Amount of data transferred

  • Browser type and version

  • Operating system

  • IP address

  • Domain name of your internet provider

These data are collected to ensure accurate delivery of requested content and are used for statistical purposes before being deleted.

Cookies

Like many other websites, we use cookies. Cookies are small text files sent to your hard drive by a web page server, enabling collection of IP address, browser type, operating system, and connection data. Cookies do not collect personal data or transmit viruses. They are used to enhance user experience, measure usage, improve security, provide personalized offers, and optimize services.

Cookies can be disabled via browser settings; some website features may be limited if cookies are blocked.

Social Media Plugins

The COMPANY uses social plugins from social networks including Facebook, YouTube, Twitter, and Instagram. Visiting a page with such plugins initially leaves them inactive. Activating the plugin connects you to the respective network and transmits data accordingly.

For details, please consult the privacy policies of the respective social networks. To prevent data collection via these networks, log out before visiting the site.

Your Rights Regarding Personal Data

You have the right to:

  • Learn whether personal data is processed,

  • Request information on processed data,

  • Learn the purpose of processing and whether it is used appropriately,

  • Know third parties receiving your data,

  • Request correction, deletion, or anonymization of data,

  • Object to automated processing,

  • Claim compensation for damages caused by unlawful processing.

Requests should be submitted in writing, with verified identity, to the Company address or legally accepted methods (e.g., notary).

Data Security

The COMPANY implements technical and administrative measures for data security as required by KVKK. Details are specified under the Personal Data Protection, Storage, Processing, and Disposal Policy.

Data of Minors

Personal data of minors should not be submitted without parental or guardian consent.

Links to Other Websites

The Company Website may include links to other websites. The COMPANY is not responsible for the privacy practices or content of these external sites.

Updates to the Privacy Policy

This “Privacy Policy and Personal Data Protection and Processing Information Notice” may be updated as necessary to introduce new services or comply with legal requirements.

User Access

Except when invited, no one can access your account. Authorized Company personnel may access your data only for support purposes in case of technical issues with your consent.

Data Sharing

Data will not be shared with partners without your consent or without adequate security, except for Tekrom Teknoloji A.Ş., which provides e-commerce software infrastructure services.

Data Backup

Daily backups are performed to protect against technical problems.

Security Breach Response

No transmission or storage method is completely secure. If a breach occurs, affected users will be notified to take protective measures. Notification procedures comply with legal requirements and industry standards.

Your Responsibilities

You are responsible for securing your account using strong passwords and ensuring your devices have adequate security when using COMPANY services.

Prepared by  T-Soft E-Commerce.