Information Notice on Processing of Personal Data
DATA CONTROLLER:
ADDRESS:
WEBSITE:
PHONE:
E-MAIL:
DATA REPRESENTATIVE:
DATA REPRESENTATIVE'S KEP ADDRESS:
BYNOGAME BİLİŞİM LTD
Mehmet Akif Caddesi No 25A Köşklüçiftlik Lefkoşa Kuzey Kıbrıs Türk Cumhuriyeti
WWW.BYNOGAME.COM
0 850 600 00 30
ERTUGRUL@BYNOGAME.COM
ERTUĞRUL KALEMCİ
ERTUGRUL.KALEMCI@HS01.KEP.TR
The protection of personal data is a sensitive and important matter for our company as a data controller located abroad. We handle the processing of your personal data with care and importance within the framework of Law No. 6698 and national and international legislation. As data controller, we adopt the principles envisaged by this law and fully fulfill our obligations regarding the processing, deletion, anonymization, transfer, disclosure to the data subject, and ensuring data security.
At BYNOGAME, within the scope of activities arising from Law No. 6698 on the Protection of Personal Data and related regulations, we process, store, and transfer your personal data in accordance with legal requirements.
- Our potential product or service purchasers,
- Individuals purchasing a product or service and their parent/guardian/representative,
- Employees of our suppliers,
- Authorized persons of our suppliers,
- Board members and our shareholders,
Scope of this Information Notice
This Information Notice:
- Methods and Legal Grounds for Collecting Personal Data,
- Categorization of Data Subject Groups and Personal Data Processed,
- Business Processes and Purposes for Which Personal Data Is Used,
- Administrative and Technical Measures for Ensuring Personal Data Security,
- Transfer of Personal Data,
- Retention Periods and Destruction Methods for Personal Data,
- Rights of the Data Subject
a) Methods and Legal Grounds for Collecting Personal Data
Your personal data is collected by any verbal, written or electronic means; through technical and other methods, for the purposes specified in this Notice, in order to fully and correctly fulfill legal obligations and conduct business activities. Your personal data is processed by our company or data processors appointed by us. Your personal data, as defined in Articles 5 and 6 of Law No. 6698, include:
- Explicitly stipulated by laws,
- Directly related to the establishment or performance of a contract,
- Necessary for our Company to fulfill its legal obligation as Data Controller,
- Publicly disclosed by the data subject,
- Necessary for the establishment, exercise or protection of a right,
- Necessary for the legitimate interests of our Company without infringing on the fundamental rights and freedoms of the data subject; otherwise, processed with explicit consent.
b) Categorization of Data Subject Groups and Personal Data Processed
- Potential Product or Service Purchasers,
- Product or Service Purchasers and Parents/Guardians/Representatives,
- Employees of Our Suppliers,
- Authorized Persons of Our Suppliers,
- Board Members and Our Shareholders
| a. Identity |
| Personal data |
| b. Contact |
| Personal data |
| c. Legal Transaction |
| Personal data |
| d. Customer Transaction |
| Personal data |
| e. Transaction Security |
| Personal data |
| f. Finance |
| Personal data |
| g. Marketing |
| Personal data |
| h. Visual and Auditory Records |
| Personal data |
c) Business Processes and Purposes for Which Personal Data Is Used
Potential Product or Service Purchaser (Website Visitors)
- Execution of Information Security Processes,
- Management of Access Authorizations,
- Tracking and Execution of Legal Affairs,
- Execution of Goods/Services Sales Processes,
- Execution of Post-Sale Support Services,
- Carrying Out Communication Activities,
- Meeting Information Requests,
- Conducting Marketing and Analysis Studies,
- Carrying Out Marketing Processes for Products and Services,
- Managing Customer Relations and Satisfaction Processes,
- Conducting Strategic Marketing Activities,
- Carrying Out Retention and Archiving Activities,
- Conducting Risk Management Processes,
- Tracking Requests and Complaints,
- Ensuring Operational Security of the Data Controller,
- Carrying Out Marketing Processes for Products and Services
Product or Service Purchaser and Parent/Guardian/Representative (Registered Members)
- Execution of Information Security Processes,
- Management of Access Authorizations,
- Ensuring Operations' Compliance with Legislation,
- Execution of Finance and Accounting Transactions,
- Tracking and Execution of Legal Affairs,
- Carrying Out Communication Activities,
- Execution of Goods/Services Procurement Processes,
- Execution of Goods/Services Sales Processes,
- Execution of Post-Sale Support Services,
- Execution of Production and Operations Processes,
- Managing Customer Relations Processes,
- Conducting Customer Satisfaction Activities,
- Conducting Marketing and Analysis Studies,
- Carrying Out Advertising Campaign and Promotion Processes,
- Conducting Risk Management Processes,
- Carrying Out Retention and Archiving Activities,
- Executing Contractual Processes,
- Tracking Requests and Complaints,
- Conducting Marketing Processes for Products and Services,
- Ensuring Security of Data Controller Operations,
- Providing Information to Authorized Persons, Institutions and Organizations,
- Conducting Management Activities
Supplier Employees
- Execution of Finance, Accounting and Procurement Activities,
- Management of Access Authorizations,
- Execution of Information Security Processes,
- Ensuring Compliance of Activities with Legislation,
- Execution of Retention and Archiving Activities,
- Tracking and Execution of Legal Affairs,
- Execution/Monitoring of Business Activities,
- Execution of Goods/Services Procurement Processes,
- Execution of Goods/Services Sales Processes,
- Execution of Post-Sale Support Services,
- Execution of Production and Operations Processes,
- Execution of Supply Chain Management Processes,
- Carrying Out Communication Activities,
- Execution of Contractual Processes,
- Execution of Information Security Processes,
- Providing Information to Authorized Persons, Institutions and Organizations
Supplier Representatives
- Execution of Finance, Accounting and Procurement Activities,
- Management of Access Authorizations,
- Execution of Information Security Processes,
- Ensuring Compliance of Activities with Legislation,
- Execution of Retention and Archiving Activities,
- Tracking and Execution of Legal Affairs,
- Execution/Monitoring of Business Activities,
- Execution of Goods/Services Procurement Processes,
- Execution of Goods/Services Sales Processes,
- Execution of Post-Sale Support Services,
- Execution of Production and Operations Processes,
- Execution of Supply Chain Management Processes,
- Carrying Out Communication Activities,
- Execution of Contractual Processes,
- Execution of Information Security Processes,
- Providing Information to Authorized Persons, Institutions and Organizations
Shareholder/Partner
- Execution of Information Security Processes,
- Management of Access Authorizations,
- Execution of Finance, Accounting and Procurement Activities,
- Execution/Monitoring of Business Activities,
- Execution of Goods/Services Procurement Processes,
- Execution of Production and Operations Processes,
- Organization and Event Management,
- Execution of Contractual Processes,
- Execution of Supply Chain Management Processes,
- Providing Information to Authorized Persons, Institutions and Organizations
d) Administrative and Technical Measures for Personal Data Security
As BYNOGAME, we place utmost importance on taking administrative and technical measures in accordance with Law No. 6698, related regulations, and decisions of the Personal Data Protection Board.
By implementing necessary administrative and technical measures, we prevent unauthorized access, unlawful processing, disclosure, alteration, or destruction of personal data against potential internal or external risks.
Administrative Measures
- Preparation of Personal Data Inventory,
- Corporate Policies (Access, Information Security, Usage, Retention, Destruction, etc.),
- Agreements (Data Controller–Data Processor Agreements),
- Confidentiality Undertakings,
- Internal Periodic or Random Audits,
- Inclusion of Law-Compliant Provisions in Employment Contracts and Disciplinary Regulations,
- Corporate Communication (Crisis Management, Notification Processes, Reputation Management, etc.),
- Training and Awareness Activities (Information Security and PDPL Training)
- contract.info.users7.text9
Technical Measures
- Authority Matrix and Control,
- Access Logs and User Account Management,
- Network and Application Security,
- Penetration Testing and Firewall,
- Intrusion Detection and Prevention Systems,
- Log Records and Data Loss Prevention Software,
- Backup and Updated Anti-Virus Systems,
- Deletion, Destruction or Anonymization
e) Transfer of Personal Data
Our company may transfer your personal data within the scope of the above purposes and under the conditions of Articles 8 and 9 of the Law. Data processed via cloud technologies is transmitted to secure third-party infrastructure providers.
Your data may be shared with domestic and international affiliates, suppliers, business partners, authorized public institutions, and other relevant parties to add value and improve service quality. Main transfer recipients include:
- BYNOGAME Internal Units (For Coordination and Efficiency),
- Research and Marketing Firms,
- Banks and Payment Service Providers,
- Natural Persons or Private Legal Entities,
- Domestic/International Cloud Service Providers,
- Law Firms and Legal Authorities,
- Authorized Public Institutions and Organizations,
- Suppliers and Business Partners
f) Retention Periods and Destruction Methods
Retention periods of your personal data:
- If a retention period is prescribed by law, data is kept for at least that period.
- contract.info.users10.text2
At the end of the specified periods, data is destroyed by deletion, destruction, or anonymization.
g) Rights of the Data Subject
Under Article 11 of Law No. 6698, as a data subject whose data is processed, you may at any time exercise the rights listed below by contacting us:
- Learning whether personal data is processed,
- Requesting information if personal data has been processed,
- Learning the purpose of personal data processing and whether it is used in accordance with its purpose,
- Knowing to which third parties domestic or abroad your data is transferred,
- Requesting correction if personal data is incomplete or incorrect,
- Requesting deletion or destruction under the conditions in Article 7 of the Law,
- Requesting notification to third parties to whom your data has been transferred under Articles 11/(d) and (e) of the Law,
- Objecting to the emergence of a result against you by analyzing your data solely through automated systems,
- Requesting compensation if you suffer damage due to unlawful processing of your data.
You may submit your applications and requests, including but not limited to those above, using the Personal Data Protection Law Data Subject Application Form, in person or via notary, registered electronic mail (KEP), secure electronic signature, mobile signature, or the email registered in our system. Your requests will be concluded free of charge as soon as possible, no later than thirty days, depending on their nature. A fee may apply according to legal tariffs.
BYNOGAME BİLİŞİM LTD.