CharmyEST. 2018
→ LEGAL

Privacy Policy

1. General Terms

We process information about you in order to provide you with the best experience from Charmy App ("Charmy" or the "Service"). This page is intended to inform you of our policy on how we process your personal data ("Policy").

By consenting to our Policy, you agree to processing of your personal data by CHARMY BİLİŞİM TEKNOLOJİLERİ A.Ş. (the "Controller", "We", "Our", "Us") or any other processor assigned by the Controller in accordance with this Policy. Unless otherwise defined in this Policy, terms used in this Policy have the same meanings as in our Terms and Conditions.

2. Legal Basis for Processing

The processing of your personal data is based on the Article 6-1(b) of the General Data Protection Regulation ("GDPR") of the European Union and Article 5-2(c) of the Law on the Protection of Personal Data ("KVKK") of Turkey. We will be processing the necessary information for the performance of our Service.

Part of our processing activity, where the processing is not necessary for the performance of our Service (e.g. providing third parties with your data), is based on your consent under this Policy, as laid down in the Article 6-1(a) of the GDPR and Article 5(1) of the KVKK. You may withdraw your consent anytime with regard to those processing activities. In that case, We will stop processing your personal data. However, if the data relates to any necessary information for the performance of our Service, Charmy holds the rights to terminate the contract.

3. Processing Period

Unless otherwise stated, we process your personal data as long as your membership is active. However, we keep storing your personal data in order to comply with legal obligations (e.g. court orders) or based on other legitimate grounds (e.g. legal claims) for five years after the deletion date of your account.

4. Purposes of Processing and the Types of Data Collected

We collect different types of data depending on how you use Charmy. The collected data are used for operational and commercial purposes. You may learn more about the types of information that we collect and the purposes of processing below.

A. Types of Data Collected

  • Basic Account Information: If you choose to create a Charmy account, you must provide us with some personal data so that we can provide our services to you. That includes your name(s), surname(s), title(s), display name (nick name), sex, age, answers to our security questions, passwords, e-mail address or phone number.
  • Usage Data: Usage data includes any content that you provide. For example, your likes, favourites lists, comments, your location (if you choose to share), people, pages, accounts, hashtags and groups that you are connected to and how you interact with them.
  • Device Information: When you access Charmy by or through a mobile device, we collect certain information automatically on the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
  • Tracking & Cookies Data: We use cookies and similar tracking technologies to track the activity on Charmy and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier.

B. Use of Data

The Controller uses the collected data for various purposes:

  • To provide and maintain the Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer care and support
  • To provide analysis or valuable information so that we can improve the Service
  • To monitor the usage of the Service
  • To detect, prevent and address technical issues
  • To personalise advertisements, offers and other sponsored content
  • To provide advertisers and other business partners with data which are relevant to their respective services

5. Transfer of Data

Our company base and servers are located in Ankara, Turkey. Your consent to this Policy represents your agreement to any transfer that we may realize as part of our business activity. However, the Controller will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information in accordance with Turkish law.

6. Disclosure of Data

The Controller may disclose your personal data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of the Controller
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

7. Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

8. Third Party Sharing

We may employ third party companies and individuals in furtherance of our purposes. You can find a list of possible Third-Party providers below:

  • Parties that support us as we provide our services (e.g., providers of telecommunication systems, mailroom support, IT system support, archiving services, document production services and cloud-based software services)
  • Our professional advisers, including lawyers, auditors and insurers
  • A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger/acquisition of part or all of our business or assets
  • Payment services providers
  • Marketing services providers
  • Law enforcement or other government and regulatory agencies
  • Recruitment services providers

9. Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

10. Children's Privacy

Our Service does not address anyone under the age of 16.

We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

11. Your Rights

Your rights under the GDPR and KVKK matters. Here is a list of them:

  • Access: You can ask us to verify whether we are processing personal data about you, and if so, to provide more specific information.
  • Correction: You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.
  • Erasure: You can ask us to erase (delete) your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected.
  • Processing restrictions: You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data.
  • Data portability: In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data directly to another company if is technically feasible.
  • Right to Withdraw Consent: You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data.
  • Right to Complaint: You have the right to lodge a complaint with a supervisory Authority. In Turkey, 'Kişisel Verileri Koruma Kurumu' is responsible for enforcing privacy rules.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.

13. Contact Information

Charmy Bilişim Teknolojileri A.Ş.
[email protected]