YOGAZERO : PROCESSING OF PERSONAL DATA 

GÖZDE UYSAL (“ YOGAZERO ”) takes utmost care to protect privacy and confidentiality and to ensure continuous compliance with the Personal Data Protection Law. In order to comply with the Personal Data Protection Law No. 6698 (“ KVKK ”), it adopts the basic principles set forth by the KVKK and fulfills its obligations regarding ensuring data security.

Technical and Administrative Measures Taken to Ensure the Security of Personal Data YOGAZERO undertakes to take all necessary technical and administrative measures and show due diligence to ensure the security of your personal data. Yogazero takes the necessary measures to prevent unauthorized access, misuse, illegal processing, disclosure, alteration or destruction of personal data. Yogazero uses generally accepted security technology standards such as firewalls and encryption when processing personal data. Yogazero protects all areas of the website where personal data is collected with SSL, Implementing access authorizations and restrictions for its employees, Ensures that personal data on paper is kept in locked cabinets and accessed only by authorized persons. Personal data processed through cookies belonging to third parties from which service is received are deleted from third party systems when the membership is terminated.

Scope of the Personal Data Processing Policy

This Personal Data Processing Policy provides information to the relevant persons regarding the following issues;

↳ Personal data collection methods and legal reasons,
↳ Which groups of people have their personal data processed? The categories of personal data being processed.
↳ In which business processes and for what purposes these personal data are used,
↳ Technical and administrative measures taken to ensure the security of personal data, To whom and for what purpose personal data can be transferred,
↳ Personal data retention periods, legal rights of Data Subjects,
↳ How Data Subjects can change their preferences regarding receiving electronic commercial messages,

Personal Data Collection Methods and Legal Reasons

Yogazero collects personal data through membership forms, purchase forms and event participation forms on the Yogazero website, in accordance with the personal data processing conditions stipulated in the KVKK and in line with the legal reasons stated in this Personal Data Processing Policy.

Data CategoriesCustomers

↳ Identity Information: Name, surname, Date of Birth,
↳ Contact Information: Email address, Phone Number
↳ Financial Information: Billing information
↳ Risk Management Information: IP address, Time Zone, operating system,
↳ Transaction Security Information: Password, country information, city information
↳ Marketing Information: Cookie records, targeting information, evaluations showing habits and likes
↳ Legal Transaction and Compliance Information: Start and end time of the service provided, type of service used, amount of data transferred, commercial electronic message permission given by the Relevant Person electronically.
↳ Marketing Information: Emails sent based on the commercial electronic message permission given by the relevant person.

Website Visitors

↳ Location Information: Country, city
↳ Risk Management Information: IP address, session information
↳ Marketing Information: Cookie records, targeting information, evaluations showing habits and likes
↳ Marketing Information: Marketing e-mail messages sent based on the commercial electronic message permission given by the relevant person.
↳ Request/Complaint Management: Records regarding the actions taken during the evaluation or management of complaints and/or requests made by the relevant person regarding the product or service purchased.

In Which Business Processes and For What Purposes Are Personal Data Used?

CustomerPersonal Data

↳ Carrying out membership transactions,
↳ To improve the services offered on the Yogazero website, to develop new services and to provide information about them,
↳ Analyzing the preferences, tastes and needs of existing customers who have consented to commercial electronic messages and providing special promotions, opportunities and benefits to customers in order to fulfill distance contracts established with users,
↳ Promoting and marketing products and services in line with customer preferences and tastes by conducting remarketing, targeting, profiling and analysis in line with the explicit consent of users,
↳ Resolving user problems and complaints,
↳ Improving the User experience on the Website,
↳ Monitoring of accounting and purchasing transactions,
↳ Compliance with legal processes and legislation,
↳ Responding to requests for information from administrative and judicial authorities,
↳ Ensuring information and transaction security and preventing malicious use,
↳ Making the necessary arrangements to ensure that the processed data is up-to-date and accurate.

Website Visitors

↳ Improving the services offered through the website, developing new services and providing information about them,
↳ For existing visitors who have consented to commercial electronic messages; analyzing their preferences, tastes and needs and providing special promotions, opportunities and benefits to visitors,
↳ To promote and market applications, goods/products and services in line with the preferences and tastes of visitors by remarketing, targeting, profiling and analyzing with the explicit consent of visitors,
↳ Resolving visitor problems and complaints,
↳ Compliance with legal processes and legislation,
↳ Responding to requests for information from administrative and judicial authorities,
↳ Ensuring information and transaction security and preventing malicious use,
↳ Making the necessary arrangements to ensure that the processed data is up-to-date and accurate,
↳ Fulfillment of legal obligations

Technical and Administrative Measures Taken to Ensure the Security of Personal Data

Yogazero undertakes to take all necessary technical and administrative measures and show due diligence to ensure the security of your personal data.

Yogazero takes the necessary measures to prevent unauthorized access, improper use, unlawful processing, disclosure, alteration or destruction of personal data. 

Yogazero uses generally accepted security technology standards such as firewalls and encryption when processing personal data.

Regarding preventing unlawful access to personal data processed by Yogazero, preventing unlawful processing of these data and ensuring the preservation of personal data:

↳ The website where personal data is collected is protected with SSL in all areas,
↳ Implement access authorizations and restrictions for its employees,
↳ Ensures that personal data on paper is kept in locked cabinets and accessed only by authorized persons.
↳ Personal data processed through cookies belonging to third parties from which we receive services are deleted from third party systems when the membership is terminated.

Although Yogazero has taken the necessary information security measures, if personal data is damaged or falls into the hands of unauthorized third parties as a result of attacks on the platforms operated by Yogazero or the Yogazero system, Yogazero immediately notifies the relevant persons and the Personal Data Protection Board and takes the necessary measures.

Transfer of Personal Data

Yogazero transfers personal data to third parties only for the purposes specified in this Personal Data Processing Policy and in accordance with Articles 8 and 9 of the KVKK. Personal data collected through website usage preferences and navigation history, distance sales contract execution, membership form and other forms are shared with our domestic/overseas business partners from whom cookie service is received for the purpose of profiling and communicating in line with the likes and preferences of the relevant persons. Personal data transfers made within this scope are carried out through secure environments and channels provided by the relevant third party. Masked personal data is used in all cases where the transfer of personal data is not required, depending on the content and scope of the service received from third parties.

Shopify

The Yogazero website receives electronic commerce infrastructure services. Shopify servers are located in the United States. You can access their Privacy Policy here . Logo In order to fulfill our accounting obligations, invoice, collection and pre-accounting services are received. Paraşüt servers are hosted domestically. Privacy Policy You can reach us from here .

Sovos Foriba

Services are received to fulfill our accounting obligations such as e-invoice and e-delivery note. Sovos Foriba servers are hosted domestically. Privacy Policy from here You can reach.

Iyzico

Payment infrastructure service is provided for our e-commerce site. Iyzico servers are hosted domestically. Privacy Policy from here You can reach.

Keyboard

Used to measure usage for our e-commerce site and for email marketing purposes. Klavio servers are hosted in the United States. You can access their Privacy Policy here .

HotJar

Used to measure in-app usage for our e-commerce site and to improve our services. HotJar servers are hosted in the United States. Privacy Policy from here You can reach.

Google Ads

It is an online marketing tool that allows us to display our ads in Google's search results or on partner sites. Google Ads servers are hosted in the United States. Your personal data is not transferred directly but is shared using masking methods. Privacy Policy from here You can reach.

Google Analytics

Site performance and analysis technology services are purchased for our e-commerce site. Google Analytics servers are hosted in the United States. Your personal data is not transferred directly and is shared using masking methods. Privacy Policies from here You can reach.

Personal data subject to domestic and international transfers, as mentioned above, are legally protected not only by technical measures to ensure their security, but also by the provisions in line with KVKK in our contracts, taking into account whether the other party to the legal relationship is the data controller or the data processor.

When transferring personal information to countries outside of Turkey during the sharing of information as stated above, it is ensured that the data is transferred in accordance with this policy and as permitted by the applicable law on data protection.

Personal Data Storage Periods

Yogazero stores the personal data it processes in accordance with the KVKK for the periods stipulated in the relevant legislation or required by the purpose of processing. These periods in our Personal Data Storage and Destruction Policy are approximately as follows:

Membership records: 10 years

All records related to accounting and financial transactions: 10 years

Cookies: Maximum 3 years

Traffic information on online visitors: 2 years

CVs: 1 year

Personal data regarding Customer Companies: 10 years after the legal relationship ends

Personal data regarding suppliers: 10 years after the legal relationship ends

Data Subject Rights

The rights that the Data Subject has over the personal data processed by Yogazero, in accordance with Article 11 of the KVKK, are listed below:

↳ Learning whether personal data is being processed,
↳ Request information regarding the processing of personal data,
↳ Learning the purpose of processing personal data and whether they are used in accordance with their purpose,
↳ Knowing the third parties to whom personal data is transferred, either domestically or abroad,
↳ Request correction of personal data if it is processed incompletely or incorrectly,
↳ Request the deletion or destruction of personal data within the framework of the conditions set forth in Article 7 of the KVKK,
↳ Transactions made in accordance with clauses (d) and (e), 
↳ request notification to third parties to whom personal data has been transferred,
↳ To object to a result that is to the detriment of the person himself/herself resulting from the analysis of the processed data exclusively through automated systems,
↳ To request compensation in case of damages due to unlawful processing of personal data.

In order to exercise your rights over your personal data; you can apply and exercise your rights using the methods specified in the “Application Form” on the Yogazero website.

Conditions for Destruction of Personal Data

Yogazero stores the personal data it processes through the website and the Platform for the periods stipulated by the relevant laws and/or the periods required by the purpose of processing, in accordance with Articles 7, 17 of the KVKK and Article 138 of the Turkish Penal Code. In case of expiration of these periods, it will delete, destroy or anonymize the personal data in accordance with the provisions of the Regulation on the Erasure, Destruction or Anonymization of Personal Data.

Deletion of personal data by Yogazero refers to the process of making personal data inaccessible and non-reusable for the relevant users. Yogazero implements access authorizations and restrictions at the user level for this purpose. It takes the necessary measures to perform the deletion process in databases.

Anonymization of personal data by Yogazero means that personal data cannot be associated with an identified or identifiable natural person, even when matched with other data.

Yogazero explains in detail the methods and technical and administrative measures taken for deletion, destruction and anonymization within the scope of the Personal Data Storage and Destruction Policy prepared in accordance with the Regulation on Deletion, Destruction or Anonymization of Personal Data.

Changes to the Privacy/Personal Data Protection Policy

Yogazero may make changes to this Personal Data Processing Policy at any time. These changes shall become effective immediately upon publication of the new modified version of the Personal Data Processing Policy. Necessary information will be provided to the relevant persons so that you are informed of the changes to this Personal Data Processing Policy.