Protection of personal data is important for JL Management and Industrial Systems Ltd. (“JL”). As JL data controller, it adopts the principles stipulated by the KVK Law in order to comply with the Personal Data Protection Law No. 6698 (“KVK Law”), fulfills its obligations regarding the processing, deletion, destruction, anonymization, transfer, disclosure of the person concerned and ensuring data security. The Privacy and Personal Data Protection Policy regulated within this scope is made available to the real persons whose personal data has been processed (“Contact”). 

  1. Scope and Purpose of Privacy and Personal Data Protection Policy

This Privacy and Personal Data Protection Policy describes; 

  • Methods and legal reasons for collecting personal data, 
  • Which groups of people’s personal data are processed (Data Subject Contact Group Categorization), 
  • Which category of personal data is processed (Data Categories) and sample data types in relation to these groups of people, 
  • In which business processes and for what purposes this personal data is used, 
  • Technical and administrative measures taken to ensure the security of personal data, 
  • To whom and for what purpose personal data can be transferred, 
  • The periods of retention of personal data, 
  • Profiling and Segmentation 
  • What are the rights of the Persons concerned on their personal data and how they may exercise these rights, 
  • How to change the positive or negative preferences of Contacts for receiving electronic commercial messages, 
  • Share personal data with officials 
  • Cookie Use and Management 
 
  • Methods and Legal Reasons for Collecting Personal Data

JL personal data specified in Article 5 of the Personal Data Protection Law No. 6698 

  1. expressly stipulated in the law 
  2. the processing of personal data belonging to the parties to the contract, provided that it is directly related to the establishment or performance of a contract. 
  3. The fact that the contact has been made available to him or her 
  4. Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the person concerned 
  5. Data processing is mandatory for the establishment, exercise or protection of a right 

on the basis of legal reasons, it collects websites, mobile applications of its websites, social media accounts, cookies, call center, notifications from administrative and judicial authorities and other communication channels in auditory, electronic or written form. 

  • Data Subject Contact Group Categorization

JL categorizes the groups of people whose personal data are processed in personal data processing processes and activities related to these processes as follows. In addition, personal data of other groups of persons (consultants, educators, bloggers) may be processed in accordance with the personal data processing requirements specified in Articles 5 and 6 of the KVK Law and in accordance with the legal reasons specified in this Privacy/Personal Data Protection Policy. 

  • Data Categories and Sample Data Types 

1. 

a) Member Customer 

  • Credentials: First name, surname, date of birth, gender, T.C. identification number 
  • Location Information: City, county (delivery address of shopping made through Jlglobal.shop) 
  • Contact Information: mobile phone, email address, address, zip code, landline phone 
  • Financial Information: Tax office, billing information 
  • Customer/Member Information: Membership information, membership ID number 
  • Customer/Member Transaction Information: Purchased products/items, purchase amount, shopping date, call center call logs, commercial communication permit, campaigns/contests used, coupons used, information about the order 
  • Risk Management Information: IP address 
  • Process Security Information: Password, password information 
  • Marketing Information: Cookie registrations, targeting information, reviews showing habits and likes 
  • Auditory Data: Call center call logs 
  • Legal Action and Compliance Information: The start and end time of the service provided, the type of service used, the amount of data transferred, the commercial electronic message permission granted by the Contact electronically, the membership agreement approved by the Person, the corporate membership agreement, other legal texts and contracts that enable the use of the services provided by JL 
  • Direct Marketing Information: Marketing sms, e-mail messages or calls made by the call center in accordance with the commercial e-mail message permission provided by the contact 
  • Request/Complaint Management/Reputation Management Information: Complaints and/or requests submitted by the person concerned via the website, mobile application, social media accounts or call center related to the product or service purchased by the person concerned and records of the transactions carried out during the evaluation or management process of these requests 

 

b) Guest Customer (users who shop on the site without being a member) 

  • Credential: First name, surname, date of birth, T.C. id number 
  • Location Information: City, county (delivery address of shopping made through Jlglobal.shop.com/Jlglobal.shoppro.com) 
  • Contact Information: mobile phone, email address, address, zip code, landline phone 
  • Financial Information: Tax office, billing information 
  • Guest Customer Transaction Information: Purchased products/s, purchase amount, shopping date, call center call logs, commercial communication permit, campaigns used, information about the order 
  • Risk Management Information: IP address 
  • Process Security Information: Password, password information 
  • Marketing Information: Cookie registrations, targeting information, reviews showing habits and likes 
  • Auditory Data: Call center call logs 
  • Legal Action and Compliance Information: The start and end time of the service provided, the type of service used, the amount of data transferred, the commercial electronic message permission provided by the Contact electronically, other legal texts and contracts that enable the use of the services provided by JL 
  • Direct Marketing Information: Marketing sms, e-mail messages or calls made by the call center in accordance with the commercial e-mail message permission provided by the contact 
  • Request/Complaint Management/Reputation Management Information: Complaints and/or requests submitted by the person concerned via the website, mobile application, social media accounts or call center related to the product or service purchased by the person concerned and records of the transactions carried out during the evaluation or management process of these requests 

2. 

Online Visitor 

  • Transaction Security Information: Password, mobile phone, password information 
  • Legal Transaction Information/Risk Management Information: IP address 
  • Legal Action and Compliance Information: The start and end time of the service provided, the type of service used, the amount of data transferred. 

3. 

Person to Deliver the Purchased Product on Behalf of 

  • Credentials: First name, surname, date of birth, gender, T.C. identification number 
  • Location Information: City, district (delivery address of shopping made through jlglobal.shop) 
  • Contact Information: mobile phone, email address, address, zip code, landline phone 
  • Financial Information: Tax office, billing information 

4. 

Vendor/Supplier/Vendor Candidate/Vendor or Supplier Employee or Authority 

  • Credential: TC Id No., Last Name 
  • Contact Information: email address, phone, address, mobile phone 
  • Financial Information: Account No., Tax Office, Tax Identification Number, tax plate, IBAN 
  • Legal Action and Compliance Information: Signature circular, activity certificate, 
  • Special Quality Personal Data/Legal Transaction Information: Signature 
  • Image Information: Photo 
  • In which business processes and for what purposes personal data are used

1. 

a) Member Customer Personal Data 

  • Performing membership procedures, 
  • “JLglobal.shop” e-commerce platforms operated by JL (“platform”); improving the services offered through , developing new services and providing information about it, 
  • For the purpose of performance of the Membership Agreement established with the Member Customer, commercial electronic message approval is for existing Member Customers; Analyzing the preferences, likes and needs of the Member Customer and providing special promotion, opportunities and benefits to the Member Customer, 
  • To promote and market applications, goods/products and services in line with the preferences and tastes of the Member Customer by remarketing, targeting, profiling and analyzing in accordance with the explicit consent of the Member Customer, 
  • Resolving Member Customer problems and complaints, 
  • Improving the Member Customer experience on both the platform and mobile application, 
  • Follow-up of accounting and purchase transactions, 
  • Compliance with legal processes and legislation, 
  • Answering information requests from administrative and judicial authorities, 
  • Ensuring information and process security and preventing malicious use, 
  • Making the necessary arrangements to ensure that the processed data is up-to-date and accurate 

 

b) Guest Customer (users who shop on the site without being a member) Personal Data 

  • To be able to shop as a “guest” from the platforms, 
  • Improving the services offered through the platforms, developing new services and providing information about it, 
  • Commercial electronic message confirmation for existing Guest Customers; analyzing preferences, likes and needs and providing special promotion, opportunities and benefits to the Guest Customer, 
  • To promote and market applications, goods/products and services in line with the preferences and tastes of the Guest Customer by remarketing, targeting, profiling and analyzing in accordance with the explicit consent of the Guest Customer, 
  • Solving guest customer problems and complaints, 
  • Improving the Guest Customer experience on both the platform and mobile application, 
  • Follow-up of accounting and purchase transactions, 
  • Compliance with legal processes and legislation, 
  • Answering information requests from administrative and judicial authorities, 
  • Ensuring information and process security and preventing malicious use, 
  • Making the necessary arrangements to ensure that the processed data is up-to-date and accurate, 
  • Fulfillment of legal obligations 

2. 

Online Visitor Personal Data 

  • Processing of online visitor data within the scope of Law No. 5651, 
  • Compliance with legal processes and legislation, 
  • Answering information requests from administrative and judicial authorities, 
  • Ensuring information and process security and preventing malicious use, 
  • Fulfillment of legal obligations 

3. 

Personal Data of the Person to Be Delivered on Behalf of the Purchased Product 

  • Carrying out product delivery processes, 
  • Follow-up of accounting and purchase transactions, 
  • Compliance with legal processes and legislation, 
  • Answering information requests from administrative and judicial authorities, 
  • Ensuring information and process security and preventing malicious use, 
  • Making the necessary arrangements to ensure that the processed data is up-to-date and accurate, 
  • Fulfillment of legal obligations 

4. 

Vendor/Supplier/Vendor Candidate/Vendor or Supplier Employee or Official Personal Data 

  • Execution of contract processes, 
  • Follow-up of accounting and purchase transactions, 
  • Compliance with legal processes and legislation, 
  • Answering information requests from administrative and judicial authorities, 
  • Ensuring information and process security and preventing malicious use, 
  • Making the necessary arrangements to ensure that the processed data is up-to-date and accurate, 
  • Fulfillment of legal obligations 

 

  • Technical and Administrative Measures Taken to Ensure the Security of Personal Data

JL is committed to taking all necessary technical and administrative measures and taking the necessary care to ensure the confidentiality, integrity and security of your personal data. 

JL takes the necessary measures to prevent unauthorized access to, misuse, unlawful processing, disclosure, alteration or destruction of personal data. JL uses generally accepted security technology standards such as firewalls and Secure Socket Layer (SSL) encryption when processing personal data. In addition, when sending your personal data to JL through the website, mobile application and mobile site, this data is transmitted using SSL. 

Regarding the blocking of unlawful access to personal data, the prevention of unlawful processing of this data and the provision of the retention of personal data: 

  • All areas on the website or mobile application where personal data is taken are protected by SSL, 
  • Creates and implements access authorization and control matrices for its employees in order not to unlawfully process personal data collected from the website or mobile application, 
  • To ensure that personal data is not accessed unlawfully; periodically conducts penetration tests, tests the resistance of the system to unauthorized access, 
  • Uses the Pseudonymization (pseudonymization) method for all secondary data processing other than the primary processing purpose. Pseudonymous also uses encryption methods on systems containing this data and implements a stricter access and control policy to ensure that the data is impossible to identify the person concerned, 
  • It ensures that personal data in the paper environment is necessarily stored in lockers and accessed only by authorized persons. 
  • Personal data processed through cookies belonging to third parties received are deleted from third-party systems if membership ends. 

Although JL has taken the necessary information security measures, in the event that personal data is damaged or obtained by unauthorized third parties as a result of attacks on platforms or JL systems operated by JL, JL immediately notifies you and the Personal Data Protection Board and takes the necessary measures. 

  • To whom and for what purpose personal data may be transferred

JL transmits personal data only to third parties for the purposes specified in this Privacy and Personal Data Protection Policy and in accordance with Articles 8 and 9 of the KVK Law. In this context, the Member Customer/Guest Customer data processed and the person information to be delivered on behalf of the purchased product are shared with the seller and the cargo company and this data can be accessed by the call center if necessary. The information of the person to be issued an invoice in his name is shared with the cargo company for the purpose of sending the invoice to the relevant person. 

Mobile phone number and/or e-mail address of the Member Customer/Guest Customer; In accordance with commercial electronic message approval, shopping is shared with the commercial electronic message tool service provider in order to promote, advertise, benefit and offer opportunities in line with their preferences, likes and habits. 

Website or mobile application usage preferences and navigation history are shared with our business partners at home/abroad where cookie service is obtained in order to be segmented and to communicate with the Member Customer/Guest Customer in line with their likes and preferences. Personal data transfers carried out within this scope are carried out through the secure environment and channels offered by the relevant third party. Depending on the content and scope of the service received from third parties; Pseudonymous data is transferred in all cases where there is no need to transfer the personal data of the Member Customer/Guest Customer. 

In order to increase the satisfaction and loyalty of the Member Customer/Guest Customer, the data of the Member Customer/Guest Customer is shared with the companies that will conduct market research. 

Within the scope of reporting and statistical studies, the data of the Member Customer/Guest Customer is not shared with another institution. 

In addition, your personal data will be shared with our business partners abroad for the purposes of providing business development services, providing statistical and technical services and conducting customer relations. 

The personal data subject to domestic and international transfers mentioned above, in addition to the technical measures to ensure their security; It is also legally protected thanks to the provisions of the KVK Law included in our contracts, taking into account that the opposite side of the legal relationship is the data controller or data processor.  

When transferring personal information to countries other than Turkey during the sharing of information as mentioned above, it is ensured that the data is transferred in accordance with this policy and as permitted by the law regarding data protection.  

  • Personal Data Retention Periods

JL retains the personal data it provides in accordance with the KVK Law for the periods stipulated in the relevant legislation or required by the purpose of processing. In our Personal Data Retention and Destruction Policy, these periods are approximately as follows: 

Call Center audio recordings 

3 years 

Law No. 6563 and related secondary legislation 

Membership and order registrations 

10 years 

Law No. 6098 

All records related to accounting and financial transactions 

10 years 

Law No. 6102, Law No. 213 

Cookies 

Up to 540 days 

 

Commercial electronic message approval records 

1 year from the date of withdrawal of the approval 

Law No. 6563 and related secondary legislation 

Traffic information for online visitors 

2 years 

Law No. 5651 

Information and/or CVs received for job application 

1 year 

 

Personal data on Member Customer/Guest Customers 

10 years after the end of the legal relationship; 6563 3 years in accordance with the Law and the relevant secondary legislation 

Law No. 6563, Law No. 6102, Law No. 6098, Law No. 213, Law No. 6502 

Personal data on suppliers 

10 years after the end of the legal relationship 

Law No. 6102, Law No. 6098 and Law No. 213 

Personal data received for usability test research 

2 weeks 

 

You can review our Cookie Policy regarding the retention periods of personal data obtained through cookies. 

  • Profiles in Segments

Using the personal data it processes in relation to the JL Member Customer/Guest Customer; 

  • A. In relation to the Member Customer/Guest Customer who gives his approval to receive commercial electronic messages, he profiles and segments in order to prepare content that is more suitable for the likes and preferences of the Member Customer/Guest Customer, advertising, promotion, discounting. 
  • B. Profiling and segmentation in terms of Member Customer/Guest Customer who has not given commercial electronic message approval; 
  1. Product improvement (determination of the most sold or unsold product categories), 
  1. By analyzing shopping preferences, modeling is carried out and campaigns for customer groups with the potential to receive a particular product are organized and uploaded to the system, 
  1. Efforts are being taken to increase the sales potential. 

Within the scope of profiling and segmentation studies, the personal data of the Member Customer/Guest Customer are not used directly, especially the first and last name, mobile phone, e-mail or address information, but instead are processed with the Member Customer/Guest Customer IDs assigned to them. The protection of the Customer/Member’s personal data is ensured by the use of pseudonymed data with a Member Customer/Guest Customer ID or other expression. Member Customer/Guest Customer IDs are only accessible to contacts or departments in JL. These IDs assigned to the Member Customer/Guest Customer are encrypted by JL and access to this section is only granted to limited persons. 

  • What Are The Rights of Persons concerned on Their Personal Data and How They May Exercise These Rights

The rights of the Person concerned in accordance with article 11 of the KVK Law on the personal data processed by JL are listed below: 

  • To find out if personal data has been processed, 
  • Requesting information about personal data if it has been processed, 
  • To learn the purpose of processing personal data and whether they are used in accordance with their purpose, 
  • To know the third parties to whom personal data are transferred at home or abroad, 
  • Request correction of personal data in case of incomplete or inaccurate processing, 
  • Request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVK Law, 
  • Request notification of transactions made in accordance with paragraphs (d) and (e) to third parties to whom personal data are transferred, 
  • Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems, 
  • Request compensation for damages in case of damages due to unlawful processing of personal data. 

In order to exercise your rights over your personal data; You can access your account in the “My Account” section of the JL webpage, mobile app and mobile site and make the necessary changes, updates and/or deletions. In addition, you can apply and exercise your rights by the methods specified in the “Application Form” issued in accordance with article 13 of the KVK Law on the website or mobile application of electronic trading platforms operated by JL. 

  • How Interested Parties Can Change Their Positive or Negative Preferences for Receiving Electronic Business Messages

You can change or update your positive or negative preferences regarding receiving commercial electronic messages at any time by accessing the “My Account” section when you become a member of the website or mobile application of electronic trading platforms operated by JL. 

Termination of membership does not constitute a reversal of your consent to receive commercial electronic messages. Therefore, please also make sure that you have completed all transactions to revoke your consent.  

Regarding cookie management, you can follow the steps specified in our Cookie Policy. 

  • Personal Data Sharing with Official Authorities

Your personal data and browsing information, such as your visit to JL,JL-operated electronic commerce platforms and mobile apps; JL may legally share this information with public institutions and organizations authorized to request such information for the purpose of fulfilling its obligation under the law (where JL has an obligation to provide legal or administrative notification or information, including but not limited to the threat to crime, state and public safety, and so on). 

  • Cookie Use and Management

You can review our Cookie Policy for detailed information about cookies, types of cookies, purposes, retention periods and cookie management used by JL. 

  1. Terms of Deletion, Destruction and Anonymization of Personal Data

JL stores the personal data it processes through its website, mobile application or mobile site for the periods stipulated by the relevant laws in accordance with article 7, 17 of the KVK Law and article 138 of the Turkish Penal Code and/or for periods required by the purpose of processing. If these periods expire, it will delete, destroy or anonymize personal data in accordance with the provisions of the Regulation on The Deletion, Destruction or Anonymization. 

The deletion of personal data by JL refers to the process of making personal data inaccessible and unusable in any way for the relevant users. Creates and implements a user-level access authorization and control matrix for JL Takes the necessary measures to perform the deletion in the database. 

The destruction of personal data by JL refers to the process of making personal data inaccessible, irrevocable and unusable by anyone in any way. 

Anonymization of personal data by JL means that personal data cannot be associated with a specific or real person in any way, even if it is matched with other data. 

JL details the methods of deletion, destruction and anonymization within the scope of the Personal Data Storage and Destruction Policy prepared in accordance with the Regulation on the Deletion, Destruction or Anonymization of Personal Data and the technical and administrative measures it takes. In this Policy, the time interval for carrying out periodic destruction stipulated by the Regulation is determined as 6 months. 

  1. Changes to the Privacy/Personal Data Protection Policy

JL may make changes to this Privacy/Personal Data Protection Policy at any time. These changes take effect immediately with the publication of the new amended Privacy/Personal Data Protection Policy. In order to be informed of the changes in this Privacy/Personal Data Protection Policy, you will be informed to our members. 

 

Scroll to Top