REDOF BÜRO MOBİLYALARI TEKSTİL LOJ.SAN .TİC.LTD.ŞTİ. respect the personal data you have shared with us and attach importance to the protection of fundamental rights and freedoms, especially the privacy of private life. We would like to inform you in detail about the protection of your personal data you share in accordance with the GENERAL DATA PROTECTION REGULATION Law No.6698 (GDPR&), the ways in which your personal data are collected, the purposes of processing, legal reasons, and our mutual rights and obligations. Your personal data, in the capacity of Data Supervisor, is REDOF BÜRO MOBİLYALARI TEKSTİL LOJ. SAN. TİC. LTD.

ŞTİ. in accordance with the provisions of the GDPR and within the framework described below, can be obtained, recorded, stored, disclosed, transferred to third parties or abroad or processed in other ways as permitted by the legislation.

Your personal data can be collected verbally, in writing or electronically in order to fulfill the legal obligations arising from the relevant legislation and to carry out the collection, invoice and order delivery processes, by automatic or non-automatic methods.

Personal data before our company; Planning and execution of commercial activities, obtaining payment services for matters not directly provided by us and which are not within our field of expertise, delivering orders, making collections, issuing invoices, resolving consumer complaints, sending commercial electronic messages if you give express consent, providing information to authorized institutions and organizations from the legislation Planning and execution of the audit activities necessary to ensure that activities are carried out in accordance with our Company's procedures and the relevant legislation, planning and executing corporate sustainability activities, carrying out efforts to protect the reputation of our company, management of request and complaint processes, planning and execution of corporate governance and communication activities. to the rules of honesty and the principles of being retained for the period foreseen in the relevant legislation or required for the purpose for which they are processed, in relation to the purpose for which they are processed. It will be processed in accordance with its material.

In order for the purposes mentioned above to be fulfilled by you, the Ministry of Commerce, the Ministry of Commerce, our company received service / support / consultancy in accordance with the law and the rules of integrity and the principles related to the purpose for which they are processed, limited and measured, stipulated in the relevant legislation or required for the purpose for which they are processed. or cooperating with domestic / international / international, public / private institutions and organizations, companies and our companys consultants or solution partners, other group companies, other authorized institutions and organizations, their suppliers or subcontractors, as per the provisions of the Turkish Commercial Code and other relevant legislation. to persons or organizations, to legally authorized public and / or private legal entities with a limited purpose within their legal authority, and to persons or  organizations permitted or required by the provisions of other legislation, and to official authorities upon the request of official authorities. Also, GDPR s in accordance with Article 5 and 8, and / or relevant personal data in the presence of exceptions in the legislation will be able to share data without the owner's consent and also could work with third parties. The main cases are as follows:

It is mandatory for the protection of the life or physical integrity of the person who is unable to disclose his consent due to the actual impossibility or whose consent is not legally valid, It is necessary to process personal data, provided that it is directly related to the establishment or performance of any contract between the data owner and the Company,

It has been made public by the data owner himself, Data processing is mandatory for the establishment, use or protection of a right, Data processing is mandatory for the legitimate interests of the Company, provided that it does not harm the fundamental rights and freedoms of the data owner.

Your personal data is obtained in all kinds of verbal, written or electronic media in order to provide the services we provide by the Company in accordance with the above-mentioned purposes within the legal framework and to fulfill our Companys contractual and legal obligations in a complete and correct manner. Your personal data collected for this legal reason can be processed and transferred for the purposes specified in articles (1) and (2) of this text within the scope of the personal data processing conditions and purposes specified in Articles 5 and 6 of the GDPR Law.

As personal data owners, if you submit your requests regarding your rights to our Company through the methods set out below, our Company will finalize your request as soon as possible and within thirty (30) days at the latest, free of charge. However, if a fee is stipulated by the GENERAL DATA PROTECTION REGULATION Board, the fee in the tariff

determined by our Company will be charged.

You can send us your request to use these rights in writing or, in case a separate method is determined by the Personal Data Protection Board, in accordance with this method, including the necessary information to identify your identity and your explanations about your right to use the rights specified in Article 11 of the KVK Law.

Pursuant to Article 7 of the GDPR Law, although the personal data has been processed in accordance with the relevant legislation, if the reasons for its processing disappear, the personal data will be deleted, destroyed or anonymized by our Company, either ex officio or upon the request of the personal data owner. The procedures and principles regarding this issue will be fulfilled in accordance with the GDPR Law and the Regulation on the Deletion, Destruction or Anonymization of Personal Data published in the Official Gazette dated 28.10.2017 and numbered 30224 . Personal data is deleted, destroyed or anonymized within 3 (three) months following the date when our obligation to delete, destroy or anonymize personal data .

When you apply to our company and request the deletion or destruction of your personal data;

a) If all the conditions for processing personal data have disappeared; Your personal data subject to the request

will be deleted, destroyed or anonymized. Your request will be concluded within thirty (30) days at the latest and you will

be informed.

b) If all of the personal data processing conditions have disappeared and the personal data subject to the request is transferred to third parties, this situation is notified to third parties; It is ensured that necessary actions are taken within the scope of the regulation.

c) If all the conditions for processing personal data are not eliminated, your request may be rejected by explaining the reason in accordance with the third paragraph of Article 13 of the GDPR Law and the rejection response will be notified to you in writing or electronically within thirty days (30) at the latest.