As Mangodo Bilişim A.Ş. ("our Company" or "Mangodo"), we exercise the utmost care to process and protect the personal data we obtain from you through our official websites — https://mangodo.com/ and related addresses — in line with Law No. 6698 on the Protection of Personal Data, its secondary regulations, and the decisions of the Personal Data Protection Board ("PDPL legislation").
This Website Personal Data Privacy Notice ("Privacy Notice") has been prepared by Mangodo, in its capacity as data controller, to fulfil its obligation to inform you under the PDPL legislation.
1. Personal Data We Process, Methods of Collection, Purposes of Processing, and Legal Bases
When you visit https://mangodo.com/ or related addresses, the personal data set out below — beginning with your traffic data — are processed by our Company in electronic and physical environments, in writing, through automated and non-automated methods, in a manner connected with, limited to, and proportionate with the purposes explained below, in compliance with the PDPL legislation.
• Your data are processed on the legal basis of explicit provision in law (PDPL Art. 5/2-a) for the purpose of fulfilling our obligations arising from Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed Through Such Publications and its secondary regulations.
• Your identity data (first name, surname), • Your contact data (e-mail address, phone number, Mangodo membership e-mail address),
are processed on the legal basis that the processing is necessary, provided that it is directly related to the establishment or performance of a contract, for the personal data of the parties to that contract (PDPL Art. 5/2-c).
• Your identity data (first name, surname) — to enable you to share your questions and requests with us, • Your contact data (e-mail address, phone number, Mangodo membership e-mail address) — to provide you access to the products and services offered by our Company, to fulfil our obligations under the relevant legislation, and to enable you to share your questions and requests with us, • Your other data (message subject, message content, IP address) — to enable you to share your questions and requests with us,
are processed on the legal basis that processing is necessary for the legitimate interests of the data controller (PDPL Art. 5/2-f).
2. The Persons with Whom Personal Data Is Shared, and the Purpose of Sharing
Unless the PDPL legislation provides otherwise, the third parties with whom we share your personal data are bound by their contractual relationship with Mangodo to process and protect your personal data in connection with and limited to the sharing purpose, and they operate under Mangodo's supervision.
2.1. Domestic Transfer
Your personal data referenced above are transferred for the purposes and on the legal bases set out below.
• Your traffic data are transferred to public authorities, institutions, and judicial authorities on the legal basis of fulfilling the data controller's legal obligation (PDPL Art. 5/2-ç) for the purpose of meeting legal obligations.
• Your identity data (first name, surname) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints, • Your contact data (e-mail address) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints, • Your other data (message subject, message content) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints,
may be transferred to our business partners (solution partners) on the legal basis that processing is necessary for the legitimate interests of the data controller (PDPL Art. 5/2-f).
• Your identity data (first name, surname) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints, • Your contact data (e-mail address) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints, • Your traffic data — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints, • Your other data (message subject, message content) — for conducting our Company's commercial activities, improving business processes, and evaluating requests and complaints,
are transferred to suppliers (IT specialists, database providers, backup and recovery specialists) on the legal basis that processing is necessary for the legitimate interests of the data controller (PDPL Art. 5/2-f).
2.2. International Transfer
The personal data referenced above are transferred to suppliers located abroad — subject to your consent — for the conduct of our Company's activities and in a manner connected with, proportionate to, and limited to those purposes, given the infrastructure and information systems Mangodo uses and the international collaborations it maintains.
3. The Security, Retention, and Destruction of Your Personal Data
Our Company has a very high level of awareness regarding personal data security and the protection of privacy. Accordingly, Mangodo processes the personal data of you, our visitors, as set out in this Privacy Notice — securely and in line with the PDPL legislation, our Company's PDPL Procedure, and our Personal Data Retention and Destruction Policy.
To prevent unauthorized access to your personal data, incorrect processing, disclosure, and unlawful alteration or deletion, and to protect your personal data and ensure their security, our Company takes all necessary technical and administrative measures required by the PDPL legislation.
Your personal data are retained for the period necessary for the processing purposes set out in this Privacy Notice and, in any case, for the statutory limitation periods set out in the legal regulations or upon your request. Once those periods expire, your personal data are deleted, destroyed, or anonymized in line with our Personal Data Retention and Destruction Policy.
In the event of an attack on our Company's physical archive, servers, or other systems resulting in damage to your personal data or their unlawful acquisition or disclosure by third parties, our Company will inform you and the Personal Data Protection Board within 72 hours of becoming aware of the incident.
4. Your Right to Information
Under Article 11 of the PDPL, you may apply to our Company and have the right to: (i) learn whether your personal data are processed, (ii) request information if they have been processed, learn the purpose of processing and whether they are used in line with that purpose, (iii) know the third parties to whom they are transferred domestically or abroad, and request correction if they have been processed incompletely or inaccurately, (iv) request their deletion or destruction within the scope of Article 7 of the PDPL, (v) request that any deletion, destruction, or correction be communicated to the third parties to whom your personal data have been transferred, (vi) object to any adverse outcome arising solely from the analysis of your personal data by automated systems, and (vii) request compensation if you suffer damages due to unlawful processing of your personal data.
Should you wish to apply regarding your personal data under the PDPL, you may submit your application through one of the channels below:
• In writing to Kandilli Mah. Rasathane Cad. Kandilli Rasathanesi Deprem Araştırma Enstitüsü No: 104/13 Apartment No: 17 Üsküdar / İstanbul, in person after identity verification, or via notary, or
• Via your registered electronic mail (KEP) address, secure electronic signature, mobile signature, or by using the e-mail address you previously notified to Mangodo and which is registered in Mangodo's system, sent to our Company's address [email protected],
in accordance with Article 13 of the PDPL and Article 5 of the Communiqué on the Procedures and Principles for Application to the Data Controller, published in Official Gazette No. 30356 dated 10.03.2018.
Our Company will respond to procedurally compliant applications according to the nature of the request, within thirty (30) days at the latest. If the procedure requires a cost, the tariff determined by the Personal Data Protection Board will apply. Your request will either be accepted or rejected with reasons, and our response will be delivered to you in writing or electronically.
This Notice may be updated to keep pace with our changing processes and to maintain compliance with the PDPL legislation. We kindly ask you to visit our website for any updates.
Please note that, unless your e-mail communication is encrypted, the security of the message cannot be guaranteed, and you are responsible for the security of the e-mails you send.