WEBSITE INFORMATIVE TEXT

We, as Morfose Kişisel Bakım ve Kozmetik Ürünleri Sanayi Ticaret Anonim Şirketi (“Morfose”), value the protection of your personal data and thus expect you to show the same sensitivity. Therefore, your reading this text, which thoroughly clarifies which of your personal data we use and the reasons thereof, and demonstrating your clear understanding of the obligations of Morfose, which, in its capacity as a “Data Controller”, is responsible for such data’s administrative and technical security, profoundly matters to us.

Why am I reading this text?

Article 10 of the Law No. 6698 on the Protection of Personal Data (the “LPPD”), which entered into force on 07 April 2016, requires that the persons whose personal data are processed (used) (referred to as the “relevant person” in the LPPD) be informed by the “Data Controller” using this data. We, as the Data Controller, are obliged to prove that you have been informed regarding the personal data that we will process about you.

Which of your personal data are used and how are these data obtained?

We, as Morfose, obtain your personal data within the scope of this informative text by digital means (referred to as the “automatic” method in the LPPD) when you visit our website. Below are explanations as to which of your personal data are obtained and the legal bases therefor:

 For what purposes and on what legal basis are your personal data that are obtained used?

The following chart by Morfose details the purposes of processing personal data within the scope of the activity in relation to which the obligation to inform is fulfilled. Each purpose of processing personal data is paired with the categories of personal data used for the purpose and the respective legal basis.

Are your personal data transferred to others?

Yes, we may have to transfer your personal data to official authorities, our business partners, auditors, lawyers, and financial advisors. We, however, make such transfers only for specific purposes and within your knowledge. Accordingly, your personal data are transferred;

• to our
• if requested by authorized institutions and organizations, for the purpose of fulfilling our existing legal obligations, to regulatory and supervisory authorities, and public institutions or organizations that are expressly authorized by law to request personal data,
• to the necessary persons and our consultants with whom we work for the purpose of pursuing legal matters and who are involved with pursuance of legal processes,
• to our indirect partners for the purpose of monitoring, maintaining, auditing business processes and carrying out reporting processes.

What rights does the LPPD confer on you?

For you to be able to have control over your own personal data, the LPPD provides you with many rights including without limitation the rights (a) to be informed of whether your personal data is processed; (b) if processed, to request information thereon; (c) to be informed of the purposes of the processing and whether the relevant data are used in accordance with such purposes; (d) to be informed of the third parties in or outside the country whom your personal data are transferred, if any; (e) to request the rectification of your personal data if they are processed incompletely or inaccurately; (f) to request the erasure or destruction of your personal data. You may refer to Article 11 of the LPPD for a complete list of these rights and the details thereof.

How can you exercise your rights?

If you wish to exercise your mentioned rights, you may submit your requests to us in writing (for example, by means of a cease and desist letter or a registered letter with return receipt) or by using your registered electronic mail (KEP) address, secure electronic signature, mobile signature, or your electronic mail address of which you previously notified us and which is registered in our system.