1- Introducion

As Özdilek Holding AŞ (hereinafter referred to as "Özdilek"), we place great importance on the protection of personal data and the privacy of our customers/guests/visitors. In this context, we process the personal data in the capacity of "Data Controller" under Law No. 6698 on the Protection of Personal Data (KVKK) within the framework of objectives and boundaries and we pay attention to taking the necessary administrative and technical measures. For this reason, we aim to provide the necessary information on our personal data protection processes and the rights of a data owner under KVKK through this "Clarification Text on the Processing of Personal Data (Clarification Text)". Necessary information on how personal data may be processed by Özdilek and with whom it can be shared is included herein.

2- Legal Basis for the Collection of Personal Data

This notification is made in line with Article 10 of Law No. 6698 on the Protection of Personal Data (KVKK). Özdilek and its affiliates undertake to apply necessary measures to keep customer/guest/visitor information confidential and not to share this information with third parties. Özdilek and its employees undertake to protect the confidentiality of the information they obtain while performing their duties and to use such information only within the scope of the legislation.

3- Personal Data Processed

Özdilek processes personal data based on the explicit consent of the data owner and in cases where allowed in the applicable legal regulations. The following information is requested regarding the data owners who are Özdilek customers/guests/visitors:

- Identity Information, such as first name, last name, identity number, account and membership information, etc.

- Contact Details, such as address, phone number, e-mail address, IP address, etc.

- Physical Venue Security Information

- Financial Information in certain cases

- Professional Experience Information


(All the information mentioned above will hereinafter be referred to as "Personal Data".)

4- Time and Manner of Receiving the Personal Data

The data and express consent given by the data owners who make a transaction over Özdilek web site are processed by Özdilek under the provisions of the legislation. Özdilek undertakes to keep the customer/guest/visitor information confidential and to take the necessary measures in order for preventing the disclosure of this information to the third parties under Law No. 6698 on the Protection of Personal Data. In addition, your personal data will be processed when you utilize our hotline or website and visit our company or website in order to benefit from the services offered by our company or group companies.

As Özdilek, we process the data of our customers/guests/visitors in the capacity of Data Controller under KVKK.

The following personal data may be collected in case of the following situations:

· Identity and contact information when giving feedback about the service and complaints

·    Identity and contact information for security purposes from the people who come for job application or company visit

·    Physical venue security information for ensuring the security of the people who visit the enterprise under the legal conditions

·         Registering for or using a service

·         Contacting us for a query or request



5- Processing of Sensitive Personal Data

Certain personal data that pose the risk of leading to aggrievement or discrimination of the persons in the event of unlawful processing are defined as "sensitive" under Article 6 of Law No. 6698 on the Protection of Personal Data. This data consists of the data regarding race, ethnic background, political view, philosophical belief, religion, religious sect or other beliefs, appearance, association or union membership, health, sexual life, conviction or safety measures and biometric and genetic data. Özdilek acts in line with the regulations set forth under Article 6 of the Law on the Protection of Personal Data during the processing of sensitive personal data and shows sensitivity towards the protection of this data.

6- Purposes of Processing Personal Data

Data of our customers/guests/visitors such as first name, last name, e-mail address, phone number, Turkish identity number, etc. may be kept in written/magnetic archives, used, shared, transferred, and processed in other ways for the purpose of receiving your verbal, written, or electronic requests, complaints and suggestions, offering our services, improving our service, solving systemic problems, updating your information about products and services for marketing purposes in case of your prior consent, offering services that may catch your interest, meeting your scholarship and similar requests and managing these activities, providing data analysis, audit, fraud monitoring and prevention, internal quality assurance, developing new services and improving or modifying them, controlling the use and functionality of our services, helping to ensure compliance with our terms of use, helping to protect our services, executing and expanding our commercial activities and enabling third parties to perform their technical, logistics, and other similar functions on behalf of Özdilek. However, our company does not share some of the information collected from the membership forms with third parties without the knowledge of the member user in question or otherwise, and does not use it for commercial purposes for any reason other than activity, and does not sell it in no case.

Özdilek is entitled to record, store, update your personal information, disclose and transfer them to third parties, and classify and process them in cases and to the extent permitted by the legislation.

Your personal data is used for the following purposes:

Execution of emergency processes, executing access authorizations, executing activities in line with the legislation, executing financial and accounting works, executing logistics activities, executing commodity/service purchase contracts, executing commodity and service sales processes, executing contract processes, following up requests/complaints, executing supply chain management processes, informing authorized persons-institutions and organizations, and conducting other internal and external security.


7- Share/Transfer of Personal Data

The share of personal data of our customers/guests/visitors with third parties takes place within the framework of the consent of the customers/guests/visitors, and as a rule, personal data is not transferred to third parties without the consent of our customers/guests/visitors.

In addition, personal data is disclosed to courts and other public institutions under our legal obligations. Besides, the personal data is transferred to contracted third parties in order for providing services we undertake, controlling the quality of the services provided, protecting rights, confidentiality, security, or property of our company, our affiliates, you or other third parties.


Necessary technical and legal measures are taken to prevent violations of rights during data transfer to third parties. However, Özdilek shall not be responsible for any violations that occur in the risk area under the responsibility of the third party, due to the data protection policies of the third party.

Provided that you give your express consent, your personal data can be shared with Özdilek's group companies, with program partner institutions and organizations that we cooperate with in order for carrying out our activities for our direct/indirect domestic affiliates, with domestic institutions with which we have contracted to send commercial electronic messages to our customers/guests/visitors, with Interbank Card Centres, with contracted banks. Your Personal Data may be transferred to state institutions, judicial bodies, foreign missions (embassies, consulates, etc.) established under international agreements, within the framework of legal obligations and in cases necessary.

8- Processing Period of Personal Data

Personal data will be stored until the end of this period, if there is a period foreseen under the relevant legislation for the storage of this data, and if such a period is not determined, until the end of the period required for the purpose for which they are processed (at least 10 years).

Following the expiration of these periods, your personal data will be erased, destroyed, or anonymized immediately in line with the rules under the legislation, ex officio or upon your request. In the event that there is a change in your personal data within this period, you have an obligation to inform Özdilek so that your records can be kept up-to-date and accurate.


9- Methods for Protecting Personal Data

Personal data shared with Özdilek are under Özdilek's supervision and control. Özdilek, as a data controller, has undertaken the responsibility of establishing the necessary organization and taking and adapting technical measures in order for protecting the confidentiality and integrity of the information in line with the provisions of the relevant legislation in force. Being aware of our obligation in this regard, penetration tests are carried out periodically in line with international and national technical standards on data privacy, and we hereby inform you that we always update our data processing policies.

Relevant groups of persons whose personal data we process have accepted and declared that they know that the accuracy and up-to-dateness of the personal data they shared over the website and/or gave themselves and received due to the contractual relationship is important in terms of exercising their rights over their personal data within the framework of KVKK and in terms of other relevant legislation and that they will be entirely liable in case they give false information.


10- Use of Cookies

It respects your concerns regarding personal data protection and values our relationship with you. This Privacy, Cookies and Data Protection Policy (Policy) only applies to the personal data collected through Özdilek Holding AŞ websites, web pages, interactive features, applications, widgets, blogs, and related content, as well as our Twitter, Facebook, or other social networking sites and their related content (collectively referred to as "Sites"), which are accessed via computers, mobile devices, technology, or other devices (collectively referred to as "Device").


This Policy defines the types of personal data we collect through the sites and how personal data may be used and/or with whom it may be shared. This Policy also describes how you can reach us to update your contact information, to access and control the use of personal data we collect in connection with marketing communications and activities, or to get an answer to your queries about our privacy practices at these Sites. Please read the Policy carefully as you confirm that you understand and accept the terms of this Policy by using these sites. Also, please review our Terms of Use, which govern your use of the Sites and the content you submit to the Sites.


I. Cookies

Like many companies, Özdilek Holding AŞ uses "cookies" and similar tools on the Sites to increase performance and improve user experience.


What is a cookie?

A cookie is a small text file placed on your device. Cookies help analyze internet traffic and enable internet applications to respond to you as an individual. The Internet application can tailor its operations to your needs, likes, and dislikes, by collecting and remembering information about your preferences. Some cookies may involve personal data. For example, if you click on the "remember me" option while logging in, the cookie may record your username. Most cookies do not collect personally identifiable data, but rather collect more general information such as how users arrive at our Sites, how they use our Sites or the user's general location.


What do we use cookies for?

Özdilek Holding AŞ may upload cookies or similar files to your Device for security reasons and to tell whether you have visited the Sites before, to remember your language preferences if you are a new visitor, or to facilitate navigation on the site in other ways and to personalize your visit to our Sites. Cookies allow us to collect technical and navigational information such as browser type, time spent on our Sites and pages visited. It also allows us to choose which of our ads or offers may be more attractive to you and display them when visiting our Sites. Cookies can improve your online experience by saving your preferences when visiting a particular Site. Generally speaking, cookies help us provide you with a better Site by allowing us to keep track of which pages you may find useful and which you may not. Cookies do not allow us to access your Device and any information other than the data you wish to share with us.


What kind of cookies do we use?

Generally, the cookies used on the Sites can be divided into the following categories:


Session Cookies

These cookies are used during each 'session' you visit the Site and expire after you leave the Site or after a little time passes. They are not permanently saved on your device, involve no personal data and help reduce the need for personal data to be transferred over the internet. These cookies can be deleted or you can prevent their use, but this will reduce the performance of the Sites and limit your user experience. These cookies also use timestamps that record when you access and leave the Site.

Tracking Cookies

These cookies allow us to recognize regular visitors to our Sites. A tracking cookie matches an anonymous, randomly generated identifier, keeping track of where a user of our Sites came from, what search engine they might have used, which link they clicked, what keyword they used, and their location in the world when they accessed the Site. Tracking this data enables us to make improvements to our Sites.

Persistent Cookies

This type of cookie is saved on your Device for a fixed period (sometimes a few hours, sometimes a few years or more) and is not deleted when the browser is closed. Persistent cookies are used when we need to remember who you are over multiple sessions. For example, this type of cookie can be used to save your preferences, so that they are remembered when you visit the Site again.

Performance Cookies and Analytics Cookies

Performance cookies are used for analyzing how the Sites are used and monitoring their performance, which allows us to improve your experience of using the Sites. These cookies help us tailor the content of the Sites to reflect what Site users find most interesting and help us detect when technical problems with the Sites occur. We may also use this data to generate reports to help us analyze how the Sites are used, what the most common issues are and how we can improve the Sites.


Can cookies be blocked?

You can accept or reject cookies. Most web browsers automatically accept cookies, but you can change your browser's setting to reject cookies if you wish. You can follow the directions of your web browser for this.

11- Rights of the Data Owner and Ways of Application to the Data Controller

As personal data owners, if you submit your requests regarding your rights to our Company through the methods set out below herein, our Company will conclude the request free of charge within thirty days at the latest, depending on the nature of the request. However, in case a fee is foreseen by the Personal Data Protection Board, the fee in the tariff determined by our Company will be charged. In this context, the owners of the personal data have the following rights:

a.         To learn whether his/her personal data has been processed,

b.         If his/her personal data has been processed, to request information about this,

c.         To learn the purpose of processing his/her personal data and whether it is used in accordance with the purpose,

d.         To know the third parties inland or abroad, to whom his/her personal data is transferred,

e.         In the event that your personal data has been processed incompletely or incorrectly, to request it to be corrected and to request that the transaction made within this scope is notified to third parties to whom your personal data has been transferred,

f.         In the event that the reasons requiring processing disappear although it has been processed in line with KVKK and other relevant law provisions, to request the personal data to be erased or destroyed and the transaction made within this scope to be notified to third parties to whom the personal data has been transferred,

g.         To object the occurrence of a consequence against the person himself by analyzing the processed data exclusively by means of automated systems,

h..         In case of suffering damage due to the processing of the personal data in violation of the law, to request the damage to be indemnified.



Click here for the KVK application form


For any further queries regarding personal data, you can contact Özdilek's authorized unit responsible for data security (Company Data Security Responsible Unit: bt@ozdilek.com.tr). In order to exercise your above-mentioned rights, you can notify us of your request that includes your explanations regarding the right you wish to exercise by filling out the form at ozdilekholding.com.tr and personally handing over a signed copy of the form to Soğanlı Mah. İstanbul Cad. N: 343/1 Osmangazi/Bursa along with the documents identifying your identity, by e-mailing your request to the ozdilekholding@hs03.kep.tr, via notary public or by using the e-mail address previously reported by the responsible person and registered in our company's system, to kisiselveriler@ozdilek.com.tr. In order for the application of the personal data owner to be answered more quickly, we request that "Personal Data Information Request" be written on the application envelope.

Erasure, Destruction or Anonymization of Personal Data

Your personal data, processed for the purposes specified herein, will continue to be anonymized and used by us when the purpose that requires processing in line with the first paragraph of Article 7 of Law No. 6698 disappears and when the periods foreseen under Article 17 of the same law and Article 138 of the Turkish Penal Code expire.

Özdilek anonymizes the personal data it processes within the 6-month period stipulated for periodic destruction when the storage periods foreseen under the relevant legislation or required by the processing purpose expire, by using one or more methods that are most appropriate for its business processes and activities, among the anonymizing methods specified in the Guideline on the Erasure, Destruction or Anonymization of Personal Data published by the Personal Data Protection Board and continues to use the data in this way.


12- ÖZDİLEK HOLDİNG. A.Ş. Commercial Information



Central Registration System Number



Soğanlı Mahallesi İstanbul Caddesi No: 343/3 Osmangazi / Bursa


0 224 219 60 00


0 224 219 60 70




Özdilek may make changes or updates in this clarification text in line with legal regulations and Company Policy. Necessary information is given to the relevant persons over the website about the new clarification text reflecting all these changes and updates.