Plant-Based Foods Association (“Association”) prioritizes the privacy and security of your personal data. This privacy policy (“Privacy Policy”) has been prepared to inform you about (i) the personal data we process, (ii) the purposes for which we collect data, and (iii) your rights regarding your data through bitkiden.org.tr (“Site”). Individuals using the Site are subject to the Privacy Policy in effect at the time of use. Therefore, you should review the terms of the Privacy Policy each time you use the Site and should not use our website if you do not accept the Privacy Policy.

The personal information you provide to us will be processed under the responsibility of the Association and recorded in a file in accordance with the purposes specified in the Information Notice below.

INFORMATION NOTICE REGARDING THE PROCESSING AND PROTECTION OF PERSONAL DATA

This Privacy Notice has been prepared by Bitkiden, acting as the data controller, in accordance with the Personal Data Protection Law No. 6698, to provide explanations and information regarding the processing of Personal Data belonging to all individuals associated with our Association, including our users/visitors and persons benefiting from our activities. Detailed information regarding the processing of your Personal Data shared with our Association can be accessed from the Policy on the Processing and Protection of Personal Data available on the bitkiden.org.tr website.

1. Processed Personal Data:

• Identity Information (Full Name)
• Contact Information (Email Address, Mobile Phone Number)
• Legal Process Information (In case of a dispute: information in the case file, notices, correspondence with judicial and administrative authorities)
• Visitor Transaction Information (Visitor Comments)
• Website-Related Information (IP Address Information, Website Login and Logout Details, Username Information, Password Information, Traffic Data such as Connection Time/Duration, etc.)

2. Purpose of Processing Personal Data:

Within the scope of your legal relationship with our Association, the personal data you have shared may be processed by our Association in accordance with the law, the purpose of the Personal Data Protection Law (KVKK), and the processing purposes stated below.

In this context, your personal data may be processed for the following purposes:

• Carrying out the necessary activities by our Association’s relevant departments to ensure that personal data subjects benefit from the services and activities provided by our Association;

• Conducting operations in collaboration with our Association’s business partners and/or suppliers;

• Enabling access to the records created for personal data subjects during subsequent visits;

• Sending notifications regarding the provided services via mail, e-mail, SMS, or telephone;

• Customizing the services offered based on the preferences, usage habits, and needs of personal data subjects, and providing personalized suggestions and content;

• Ensuring the continuity of engagement with the Association’s services by sending catalogs and announcements to visitors/users;

• Responding to complaints or inquiries related to the services and providing relevant information to visitors/users;

• Fulfilling obligations and taking necessary measures within the scope of occupational health and safety as part of our Association’s human resources policies;

• Ensuring the legal and commercial security of our Association and individuals in business relations with our Association, including administrative and legal procedures related to communication and the physical security and supervision of our Association’s premises, as well as conducting financial affairs;

• Determining and implementing the commercial and business strategies of our Association, including management of internal systems and applications, communication, market research, social responsibility activities, financial operations, product/project/manufacturing/investment quality processes;

• Planning and/or executing customer relationship management processes, including user satisfaction activities;

• Contacting users via mail, e-mail, SMS, and telephone for such purposes;

• Communicating with personal data subjects who submit requests or complaints to our Association and managing and tracking such requests and complaints;

• Creating and tracking visitor records;

• Carrying out advertising/announcement processes and communication activities, including sending electronic messages (via telephone, SMS, MMS, e-mail (printed or digital), or other methods).

These processing activities will be carried out in accordance with the personal data processing conditions specified in Articles 5 and 6 of the Law on the Protection of Personal Data.

3. Methods of Collecting Personal Data and Cookies

We process the personal data of our customers who use our website in accordance with the provisions of the legislation. bitkiden.org.tr, which belongs to our association, is a website that uses cookies. Cookies refer to a system used on websites, also known as “http cookies.” Cookies refer to small pieces of data stored on the computers of individuals using the website by their internet browser. This data allows information such as the pages clicked on to be recorded. On our website, in order to provide better service to users, your browsing information is collected, processed, shared with third parties, and stored securely in accordance with this Disclosure Statement and limited to the purposes, scope, and methods described herein. bitkiden.org.tr cookies store your files created at the time of use and/or information collected through third-party sources in order to determine your preferences and provide you with a suitable service. bitkiden.org.tr may track your browsing information and/or usage history on the site in order to provide you with personalized promotions, special offers, a customized website design, and/or highlight your preferences. bitkiden.org.tr may match information collected about you in environments with and without an internet connection and may use this information in conjunction with information obtained from other sources, such as third parties.

Our website also uses session ID cookies. Session ID cookies automatically expire when you close your browser. Persistent cookies, however, remain on your hard drive for an extended period. You can delete persistent cookies and refuse both session cookies and persistent cookies by following the instructions in your web browser’s “help” file or by visiting “www.allaboutcookies.org” or “www.youronlinechoices.eu”. If you reject persistent cookies or session cookies, you can continue to use the website and mobile application, but you may not be able to access all of the website’s features, or your access may be limited. The following methods can be used to reject cookies in different browsers:

In addition to the above options, you can learn about all cookies and manage them by visiting https://www.allaboutcookies.org, https://www.youronlinechoices.eu/, or using the “Privacy Badger” application (https://www.eff.org/tr/privacybadger). If you reject persistent cookies or session cookies, you can continue to use the website, mobile application, and mobile site, but you may not be able to access all the features of the website, mobile application, and mobile site, or your access may be limited.

Our website bitkiden.org.tr uses certain cookies related to the functioning of our site.

Some of the cookies on our website are used to enable you to navigate our site, use its features, and access certain secure areas. The use of these cookies is essential for the website to function. For example, our cookies related to user logins work throughout the user’s time on the website and track the user’s actions when filling out forms on many pages.

Some of the cookies on our website are functional and remember the preferences and information provided by users. Examples include the user name, language, and region. This allows us to tailor our website to users’ preferences. For example, verification cookies that are functional during the time spent on the website (or persistent cookies if you use the “remember me” feature) allow users to verify themselves on subsequent visits or access content that requires verification between pages. Our functional cookies include the following:

• User-centric security cookies, such as repeated failed login attempts, used to detect authentication violations occurring within a limited continuous period.
• These cookies are specifically set up for the purpose of ensuring the security of the service.
• Multimedia content player session cookies (flash cookies) used to store the technical data necessary for playing video or audio content during a session (e.g., image quality, internet link speed, and buffer parameters).
• Load balancing session cookies used during a session to identify the same server in the pool so that the load balancer can route user requests appropriately.
• Persistent cookies related to user interface customization to record the user’s preferences regarding a service across web pages.

Our website is focused on improving the user experience and utilizes a variety of tools to enhance the site and its commercial platform. To this end, reporting and analytics cookies are used to collect information about how you use websites such as Bitkiden. These cookies collect information solely for statistical purposes and work with pseudonymous cookie identifiers that cannot directly identify you. Among the performance cookies used:

• First-party analytical cookies – These cookies are used to determine the total number of unique visitors, improve our system, and identify the most searched keywords that direct users to a page via search engines. These cookies are not used to target you for online marketing purposes; they are only used to enable enhancements that improve your browsing experience.
• Third-party analytics cookies – Bitkiden also uses Google Analytics and other third-party analytics providers listed below to measure how users interact with Bitkiden’s content. These cookies “remember” what Bitkiden users did on previous pages and the actions they took on the Bitkiden site. For more information about Google Analytics, you can visit Google’s information page. For instructions on how to opt out of Google Analytics, you can use the information below.

Finally, Social and Content cookies are placed by multiple social media plugins (e.g., the Facebook ‘like’ button) and other tools used to enhance content (e.g., services that enable video playback or create comment sections). Bitkiden uses these modules to enhance the browsing experience on its platform and improve interaction with the website. Some of these third-party services also place cookies that are used for purposes such as behavioral marketing, analytics, and/or market research. The following cookies are used due to the Bitkiden website software infrastructure:

How long do cookies remain on a computer or mobile device?

The duration for which a cookie remains on your computer or mobile device depends on whether it is “persistent” or “session-based.” Session cookies remain active until you end your browsing session, while persistent cookies expire when their expiration date is reached or when they are deleted. Most of the cookies we use are persistent cookies, which remain on your device for 30 minutes to two years after being downloaded, or until they expire or are deleted. You can learn how to control cookies and delete them before they expire in the section below.

How can cookies be controlled?

You can control and manage cookies in many ways. Please remember that deleting cookies may negatively affect your user experience and may completely block your access to certain parts of our website.

Many browsers automatically accept cookies, but you can choose whether or not to accept cookies directly. We recommend reviewing the information provided in Section 3 regarding this matter.

You can also opt out of some of the advertising systems used on the Site via the Digital Advertising Alliance’s opt-out page: http://optout.aboutads.info

4. To Whom and for What Purpose Personal Data May Be Transferred:

In accordance with the Personal Data Transfer conditions specified in Articles 8 and 9 of the Personal Data Protection Law, to ensure that the purposes of establishing the business partnership, which was established for purposes such as carrying out various projects and receiving services while our Association carries out its activities, are fulfilled; to carry out activities conducted within the scope of legislation, event management, and corporate communication processes; to design, manage, and supervise commercial activity strategies at the highest level; to notify users via mail, email, and/or SMS, telephone, and to print and distribute catalogs, the Association may transfer Personal Data to Association Business Partners, Association Stakeholders, Association Officials, and/or third parties/organizations designated by them. Furthermore, in cases where relevant public institutions and organizations request it within their legal authority, and where relevant private law entities request it within their legal authority in accordance with the provisions of the legislation, our Association may transfer Personal Data to Public Institutions and Organizations authorized by law, Private Law Entities authorized by law, and/or third parties/organizations designated by them.

If the processing activities carried out for the aforementioned purposes do not meet any of the exceptions provided for under the Law, our Association obtains your explicit consent regarding the relevant processing procedure.

5. Legal Grounds for Our Collection of Personal Data:

Your personal data is processed by the Association for the purposes listed in Article 2, in accordance with Article 5 of the Personal Data Protection Law:

• Explicitly provided for in the laws,
• Provided that it is directly related to the establishment or performance of a contract, the processing of personal data belonging to the parties to the contract is necessary,
• It is necessary for the data controller to fulfill their legal obligations, and
• Data processing is carried out based on legal grounds, provided that it is necessary for the legitimate interests of the data controller and does not infringe upon the fundamental rights and freedoms of the data subject.

6. Rights of the Data Subject Under the Personal Data Protection Law:

Our association informs you of your rights as a Data Subject in accordance with Article 10 of the Personal Data Protection Law; provides guidance on how to exercise these rights; and implements the necessary internal procedures, administrative and technical arrangements for all of these. In accordance with Article 11 of the Law, our Association informs individuals whose Personal Data is collected that they have the right to: learn whether their Personal Data is being processed; if so, request information about it; learn the purpose of processing their Personal Data and whether it is being used for that purpose; request information about whether their Personal Data is being processed domestically or abroad. to request the correction of Personal Data if it has been processed incompletely or incorrectly, to request the deletion or destruction of Personal Data within the framework of the conditions set forth in Article 7 of the Personal Data Protection Law, to request the notification of the processing of Personal Data to third parties in accordance with subparagraphs (d) and (e) of Article 11 of the Personal Data Protection Law, Request notification of third parties to whom personal data has been transferred, object to the analysis of processed data exclusively by automated systems resulting in a negative outcome for the individual, and request compensation for damages incurred due to the unlawful processing of personal data.

Data Subjects may submit their requests regarding their rights, free of charge, to our Association by completing and signing the Application Form in the Appendix, along with information and documents that verify their identity, using the methods specified below or other methods determined by the Personal Data Protection Board:

• The completed form must be submitted with a wet signature copy in person, via a notary public, or by registered mail to the address: Fenerbahçe Mah. Op. Cemil Topuzlu Cad. Hoşver Apt. No:16/6 K:3 Kadıköy-İstanbul.
• Compliance with a method prescribed/to be prescribed by the Personal Data Protection Board.

A special power of attorney notarized by a notary public must be provided by the Data Subject authorizing a third party to submit a request on their behalf. Our Association will process the request free of charge within the shortest possible time, and no later than 30 (thirty) days, depending on the nature of the request. However, if the process incurs additional costs, our Association reserves the right to charge a fee based on the rates determined by the Personal Data Protection Board.