PRIVACY POLICY

Data Policy

1. PURPOSE

As SUNRİSE BİLİŞİM A.Ş. (“YUKPORT”), our priority is to process the personal data of real persons, including our members, customers, visitors, suppliers, and employees, in accordance with the Constitution of the Republic of Turkey, international human rights agreements to which our country is a party, and relevant legislation, particularly the Personal Data Protection Law No. 6698 (“KVKK”), and to ensure that the data subjects whose data is processed effectively exercise their rights.

Therefore, including but not limited to the following: We process, store, and transfer all personal data regarding our employees, suppliers, customers, visitors, members (those who receive cargo and those who send cargo), users who visit our website and mobile applications—in short, all personal data we obtain during our activities—in accordance with SUNRİSE BİLİŞİM A.Ş's Personal Data Protection and Processing Policy ("Policy").

Protecting personal data and protecting the fundamental rights and freedoms of the natural persons whose personal data is collected are the fundamental principles of our personal data processing policy. Therefore, we carry out all our activities involving the processing of personal data by observing the protection of privacy, confidentiality of personal information, privacy of communication, freedom of thought and belief, and the right to use effective legal remedies.

For the protection of personal data, we take all administrative and technical protection measures required by the nature of the relevant data in accordance with legislation and current technology.

This Policy explains the methods we follow for processing, storing, transferring, deleting, or anonymizing personal data shared during our commercial, promotional, marketing, social responsibility, and similar activities, within the framework of the principles set forth in the KVKK. It is intended to ensure that the transportation services provided by YUKPORT through the www.YUKPORT.com website are carried out in compliance with the KVKK.

2. SCOPE

All personal data processed by the Company, including that of our visitors, business contacts, business partners, employees, suppliers, members, and third parties, is within the scope of this Policy.

Our Policy applies to all activities related to the processing of personal data owned or managed by the Company, and has been prepared in accordance with the KVKK (Personal Data Protection Law) and other relevant legislation on personal data, as well as international standards in this field.

3. DEFINITIONS AND ABBREVIATIONS

This section contains special terms and expressions, concepts, abbreviations, etc. used in the Policy. is briefly explained.

Explicit Consent:Consent given with unambiguous clarity, based on informed consent and free will, regarding a specific matter, and limited only to that transaction.

Anonymization:The rendering of personal data so that it cannot be linked to an identified or identifiable natural person under any circumstances, even by matching it with other data.

Employee:Company personnel.

Personal Data Owner (Relevant Person):The natural person whose personal data is processed.

Personal Data:Any information relating to an identified or identifiable natural person.

Special Personal Data:Any information relating to an individual's race, ethnic origin, political opinion, philosophical belief, religion, sect, or other beliefs, health information, fingerprints, appearance, association, foundation, or union membership, health, sexual life, criminal convictions, and data related to security measures, as well as biometric and genetic data.

Processing of Personal Data:Any operation performed on personal data, such as obtaining, recording, storing, preserving, altering, reorganizing, disclosing, transferring, acquiring, making available, classifying, or preventing the use of personal data, whether fully or partially by automatic means, or non-automatic means provided that it is part of any data recording system.

Data Processor: The natural or legal person who processes personal data on behalf of the data controller based on the authorization granted by the data controller.

Data Controller:The natural or legal person who determines the purposes and means of processing personal data and is responsible for establishing and managing the data recording system.

KVK Board : Personal Data Protection Board.

KVK Institution : Personal Data Protection Authority.

KVKK : Personal Data Protection Law, published in the Official Gazette dated April 7, 2016 and numbered 29677.

Policy : SUNRİSE BİLİŞİM A.Ş. Personal Data Protection and Processing Policy

YUKPORT : SUNRİSE BİLİŞİM A.Ş.

YUKPORT Membership System : Membership system for the Company and its digital platforms.

4. ROLES AND RESPONSIBILITIES

4.1. Managers

Managers are responsible for overseeing the establishment and implementation of notification, investigation, and sanction mechanisms for non-compliance with the Policy, rules, and regulations.

The Personal Data Protection and Processing Policy has been approved by the Company Manager.

It is the authorized approval mechanism for ensuring the establishment, implementation, and, when necessary, updating of the Policy.

4.2 Audit Unit

The Audit Unit is responsible for taking the necessary measures to ensure compliance with the Policy by employees and outsourced companies, and for investigating matters that violate the Policy.

4.3 Information Systems Committee

The Information Systems Committee is responsible for the preparation, development, implementation, and updating of this Policy. It evaluates this Policy for its current status and development needs, as necessary. The Information Systems Manager is responsible for publishing the prepared document on the institution's portal.

5. LEGAL OBLIGATIONS

As a data controller, our legal obligations regarding the protection and processing of personal data pursuant to the KVKK are listed below:

5.1. Our obligation to inform

When collecting personal data as a data controller;

The purpose for which your personal data will be processed

Information regarding our identity and the identity of our representative, if any

To whom and for what purpose your processed personal data may be transferred

Our data collection method and legal basis

We have the obligation to inform the Data Subject regarding their rights arising from the law.

As a Company, we take care to ensure that this Policy, which is publicly available, is clear, understandable, and easily accessible.

5.2. Our obligation to ensure data security

As the data controller, we take the administrative and technical measures prescribed by legislation to ensure the security of personal data in our possession. Obligations and measures regarding data security are detailed in sections 9 and 10 of this Policy.

6. CLASSIFICATION OF PERSONAL DATA

6.1. Personal Data

Personal data is any information relating to an identified or identifiable natural person.

The protection of personal data relates only to natural persons. Information belonging to legal entities that does not contain information relating to a natural person is excluded from personal data protection. Therefore, this Policy does not apply to data belonging to legal entities.

6.2. Special personal data

Data related to an individual's race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership in associations, foundations or unions, health, sexual life, criminal convictions, and security measures, as well as biometric and genetic data, are special personal data.

7. PROCESSING OF PERSONAL DATA

7.1. Our principles for processing personal data

We process personal data in accordance with the following principles.

7.1.1. Processing in accordance with the law and principles of integrity

We process personal data in accordance with the principles of integrity, transparency, and within the framework of our obligation to disclose information.

7.1.2. Ensuring that personal data is accurate and, where necessary, up-to-date

We take the necessary measures in our data processing procedures to ensure that processed data is accurate and up-to-date. We also provide Personal Data Owners with the opportunity to contact us to update their existing data and correct any errors in their processed data.

7.1.3. Processing for Specific, Clear, and Legitimate Purposes

As a company, we process personal data for our legitimate purposes, the scope and content of which are clearly defined, and which are determined to carry out our activities within the framework of legislation and the ordinary course of business.

7.1.4. Personal data must be linked, limited, and proportionate to the purposes for which it is processed

We process personal data in a manner that is linked, limited, and proportionate to the purposes we have clearly and precisely determined.

We avoid processing personal data that is not relevant or does not need to be processed. Therefore, we do not process special personal data unless legally required to do so, or we obtain explicit consent when we do.

7.1.5. Retention of personal data for the duration prescribed by legal regulations and for our legitimate commercial interests

Many regulations in the legislation require the retention of personal data for a certain period. Therefore, we retain the personal data we process for the period prescribed by the relevant legislation or necessary for the purposes for which the personal data is processed.

When the retention period prescribed by the legislation expires or the processing purpose ceases, we delete, destroy, or anonymize personal data. Our principles and procedures regarding retention periods are detailed in Article 9.1 of this Policy.

7.2. Purposes of processing personal data

We process personal data for the following purposes:

Conducting our commercial activities
Providing support services within the scope of the contract and service standards
Identifying the preferences and needs of our members/visitors and shaping and updating the services we provide accordingly
Ensuring the fulfillment of our legal obligations as required or mandated by legal regulations
Evaluating job applications
Providing contact with individuals who have business relationships with the Company
Marketing
Supporting the training, development, and career processes of our employees
Compliance management
Vendor/supplier management
Providing legal reporting
Invoicing
Operating the Membership System
Ensuring communication between YUKPORT job candidates and employers
Managing call center processes
Ensuring corporate communication
Sending newsletters via SMS and email, conducting marketing activities, or providing notifications.

7.3. Processing of special personal data

Special personal data is processed by us by taking the administrative and technical measures prescribed by law and the Personal Data Protection Board, and if there is explicit consent, or in cases mandated by legislation.

Special personal data related to health and sexual life may be processed by persons under a confidentiality obligation or authorized institutions and organizations for the purposes of protecting public health, preventive medicine, medical diagnosis, treatment, and care services, and planning and managing healthcare services and their financing. Therefore, we do not process data other than that of our employees. Such data belonging to our employees may be processed by persons prescribed by law.

7.4. Processing of personal data collected through cookies

We use cookies to improve the operation and use of our websites and mobile applications, and to strive to make the time you spend on our digital platforms more productive and enjoyable. Additionally, we use some cookies to remember your preferences on our websites and mobile applications, thereby providing you with an enhanced and personalized experience.

We may collect, process, transfer, and store your personal data through cookies on our digital platforms.

You can find detailed information about the cookies we use in the "YUKPORT Privacy Policy."

7.5. Processing of personal data for recruitment and employment purposes

The resume, diploma, photograph, etc. you share with us during your application process as an employee candidate. We process, store, and transfer your personal data contained in other documents for the purpose of evaluating job applications. The processing, transfer, and storage of the personal data you share as a candidate are covered by this Policy.

Employee personal data is collected, processed, and stored within the scope of YUKPORT Human Resources, outside of this Policy.

7.6. Processing of personal data collected within the scope of other memberships provided through the membership system

To become a member of the digital platforms through the system, visitors must;

Name - Surname
Email Address
Phone Number
Date of Birth - Turkish ID Number
Tax Number - Social Security Number
Photograph
Driver's License Number
Vehicle Plate Number
Photocopy of License
Photocopy of National Identity Card

By sharing their information with us, they become members of the system.

The deletion, destruction, or anonymization of personal data within the scope of this platform is covered by Article 9 of this Policy.

7.7. Processing of personal data collected within the scope of the job application.

Personal data obtained through application forms, CVs, and applications made to intermediary institutions will be recorded for use in the evaluation of the job application.

You are advised to review the personal data processing and privacy policies.
Those who apply with the application form;
Identity information (name, surname, date of birth, Turkish Republic ID No.)
Contact information (address, email address, phone number, etc.)
Educational information (schools graduated from, etc.)
Work experience
Foreign language skills
Computer skills
Certificates
References
Photograph
Health data
General information such as driver's license/travel eligibility

They create a resume by sharing their information. Depending on the nature of the application, the employer may request additional photograph and health data from the member creating the resume to assess their suitability for the job in question. The requested health information is processed solely for employment purposes within the scope of relevant legislation.

Information shared by applicants in their CVs can be viewed by employers. The applicant stores the applicant's identity, education, and professional information under the legislation and may transfer this data to solution partners, public institutions, and organizations upon request.

The deletion, destruction, or anonymization of personal data within the scope of this platform is covered by Article 9 of this Policy. In the event of a negative job application process, the employer is responsible for the processing and security of personal data shared with the employer.

7.8. Exceptional cases where explicit consent is not required for the processing of personal data

In the following exceptional cases arising from the law, we may process personal data without explicit consent:

Explicitly provided for by law

Processing personal data of the parties to a contract is necessary, provided that it is directly related to the establishment or performance of a contract.

Data processing is necessary for the establishment, exercise, or protection of a right.

Processing your data is necessary for our legitimate interests as the data controller, provided that it does not prejudice fundamental rights and freedoms.

Exceptional cases in which special personal data may be processed without the explicit consent of the Data Subject are specified in Article 7.3 of this Policy.

8. TRANSFER OF PERSONAL DATA

8.1. Domestic Transfer of Personal Data

As a company, we act in accordance with the decisions and regulations stipulated in the Personal Data Protection Law and issued by the Personal Data Protection Board regarding the transfer of personal data.

Subject to exceptional circumstances stipulated in the legislation, we will not transfer personal data and special categories of data to other natural persons or legal entities without the explicit consent of the Data Subject.

In exceptional circumstances stipulated by the Personal Data Protection Law and other legislation, data may be transferred to authorized administrative or judicial institutions or organizations without the explicit consent of the Data Subject, in the manner and within the limits stipulated in the legislation.

Furthermore, in exceptional circumstances stipulated by the legislation;

In the cases described in the Policy.

In the cases listed in the Policy regarding special personal data

Special personal data may be transferred to persons or authorized institutions and organizations under a confidentiality obligation, without explicit consent, for the purposes of protecting the health of the Data Subject, preventive medicine, medical diagnosis, treatment and care services, and planning and management of health services and their financing, provided that the Data Subject takes the necessary measures as prescribed by the Personal Data Protection Board and relevant legislation.

8.2. Transfer of Personal Data Abroad

As a rule, personal data is not transferred abroad without the Data Subject's explicit consent. However, in cases where one of the exceptional circumstances of this Policy exists, personal data may only be transferred abroad without explicit consent if the third parties located abroad:

Are located in countries with sufficient protection declared by the Personal Data Protection Board

If located in countries without sufficient protection, the data controllers in Türkiye and the foreign country in question commit in writing to providing sufficient protection, and the Personal Data Protection Board has granted permission.

Personal data may be transferred abroad without explicit consent.

8.2.1. Transfer of personal data abroad for the provision of our services and marketing activities

We work with service providers located abroad for purposes such as developing our website and digital platforms, conducting surveys, increasing the variety of products and services according to the preferences of visitors and members, and measuring user experience. It is recommended to review the relevant policies of the service providers we cooperate with regarding the processing and protection of personal data.

8.3. Institutions and organizations to which personal data is transferred

Personal data may be transferred to;

Our suppliers

Our business partners and business contacts

Transportation companies

Cargo companies

Legally authorized public institutions and organizations

Legally authorized private legal entities

Independent audit firms

Our partners may be transferred in accordance with the principles and rules described above.

8.4. Measures we take regarding the lawful transfer of personal data

8.4.1. Technical Measures

To protect personal data, we include, but are not limited to:

To establish internal technical organization for the processing and storage of personal data in accordance with legislation.

To establish the technical infrastructure to ensure the security of the databases where your personal data will be stored.

To monitor and audit the processes of the established technical infrastructure.

To determine procedures for reporting the technical measures and audit processes we have implemented.

To periodically update and renew technical measures.

To re-examine risky situations and develop necessary technological solutions.

To use virus protection systems, firewalls, and similar software or hardware security products, and to establish security systems compatible with technological developments.

We employ technically specialized personnel.

8.4.2. Administrative Measures

To protect your personal data, including but not limited to the following;

We establish policies and procedures for accessing personal data, including for company and affiliate employees within our company.

We inform and train our employees regarding the legal protection and processing of personal data.

In the contracts we enter into with our employees and/or the policies we develop, we record the measures to be taken in cases of unlawful processing of personal data by our company employees.

We audit the personal data processing activities of the data processors we work with or the partners of data processors.

9. STORAGE OF PERSONAL DATA

9.1. Storage of personal data for the period stipulated in relevant legislation or necessary for the purpose for which they are processed.

We store personal data for the period required for the purpose of processing, without prejudice to the retention periods stipulated in legislation.

In cases where we process personal data for more than one purpose, the data will be deleted, destroyed, or anonymized if the purposes of processing no longer exist or if there is no legal impediment to erasing the data upon the Data Subject's request. Legislative provisions and the decisions of the Personal Data Protection Board will be complied with regarding destruction, deletion, or anonymization.

9.2. Measures we take regarding the storage of personal data.

9.2.1. Technical Measures

We establish technical infrastructures and related control mechanisms for the deletion, destruction, and anonymization of personal data.

We take the necessary measures to ensure the secure storage of personal data.

We employ employees with technical expertise.

We develop business continuity and emergency plans against potential risks and develop systems for their implementation.

We establish security systems in accordance with technological advancements regarding the storage of personal data.

9.2.2. Administrative Measures

We raise awareness by informing our employees about the technical and administrative risks associated with the storage of personal data.

In cases where we collaborate with third parties for the storage of personal data, the contracts signed with the companies to which personal data is transferred must include: We include provisions regarding the necessary security measures to be taken for the protection and secure storage of personal data transferred to individuals to whom personal data is transferred.

10. SECURITY OF PERSONAL DATA

10.1. Our obligations regarding the security of personal data

We take administrative and technical measures, in accordance with technological possibilities and implementation costs, to prevent the unlawful processing of personal data,

Prevent unlawful access,

Ensure the lawful storage of personal data.

10.2. Measures we take to prevent the unlawful processing of personal data

We conduct and have the necessary audits conducted within our company.

We train and inform our employees about the lawful processing of personal data.

The activities carried out by our company are evaluated in detail across all business units, and as a result of this evaluation, personal data is processed specifically for the commercial activities carried out by the relevant units.

In cases where we collaborate with third parties for the processing of personal data, the contracts signed with the companies processing personal data include provisions requiring the necessary security measures to be taken by the data processors.

In the event of unlawful disclosure or data leakage of personal data, we notify the Personal Data Protection Board, conduct the investigations and take the necessary measures required by legislation.

10.2.1. Technical and administrative measures taken to prevent unlawful access to personal data

To prevent unlawful access to personal data:

We employ employees with technical expertise,

We periodically update and renew our technical measures,

We establish access authorization procedures within our company,

We determine procedures for reporting the technical measures and audit processes we take,

We establish and periodically audit the data recording systems used within our company in accordance with legislation,

We create emergency aid plans against potential risks and develop systems for their implementation,

We train and inform our employees about access to and authorization of personal data,

In cases where we collaborate with third parties for activities such as processing and storing personal data, we include provisions in the contracts signed with companies that provide access to personal data regarding the necessary security measures for those who access personal data,

We establish security systems, in line with technological advancements, to prevent unlawful access to personal data.

10.2.2. Measures We Take in Case of Unlawful Disclosure of Personal Data

We take administrative and technical measures to prevent the unlawful disclosure of personal data and update them in accordance with our relevant procedures. If we detect unauthorized disclosure of personal data, we establish systems and infrastructures to notify the Relevant Person and the Personal Data Protection Board.

If an unlawful disclosure occurs despite all administrative and technical measures taken, the Personal Data Protection Board may, if deemed necessary, announce this on the Personal Data Protection Board's website or through another method.

11. RIGHTS OF THE PERSONAL DATA SUBJECT

As part of our obligation to inform, we inform the Personal Data Subject and establish systems and infrastructures for this notification. We make the necessary technical and administrative arrangements for Personal Data Owners to exercise their rights regarding their personal data.

Personal Data Owners have the right to;

Learn whether personal data is being processed

Request information if personal data has been processed

Learn the purpose of processing personal data and whether it is being used in accordance with its intended purpose

Know the third parties to whom personal data is transferred, whether domestically or internationally

Request rectification of personal data if it is incomplete or inaccurate

Request deletion or destruction of personal data if the reasons requiring processing of personal data no longer exist

Request notification of the aforementioned rectification, deletion, or destruction to third parties to whom personal data is transferred

Object to any adverse consequences resulting from the analysis of processed data exclusively through automated systems

Unlawful processing of personal data If the data owner suffers damage due to the processing of their personal data, they have the right to demand compensation for the damage.

11.1. Exercise of rights regarding personal data

The Personal Data Owner may submit their request regarding their personal data

to the address "Ataköy 7.8.9.10. Kısım Mahallesi, Nef 22 B Blok, NO:335, Bakırköy/İSTANBUL, İSTANBUL, TURKEY" or, if your e-mail address is registered in your system, to iletisim@yukport.com.

In the Application

a) Name, surname, and signature if the application is in writing,

b) Turkish Republic identity number for citizens of the Republic of Turkey; nationality, passport number, or identification number, if applicable, for foreigners,

c) Residence or workplace address for notification,

ç) Email address, telephone, and fax number, if applicable, for notification,

d) Subject of the request,

Must be included.

(3) Information and documents related to the subject are attached to the application.

(4) For written applications, the date of notification is the application date.

(5) For applications made by other methods, the date the application is received by us is the application date.

These requests will be made individually, and requests made by unauthorized third parties regarding personal data will not be considered.

11.2. Application Evaluation

11.2.1. Application Response Time

Requests regarding personal data will be processed as soon as possible, depending on their nature, and in any case, within 30 (thirty) days at the latest, free of charge or for a fee as per the tariff published by the Personal Data Protection Board.

Additional information and documents may be requested during the application or during the application evaluation.

11.2.2. Our right to reject an application

Applications regarding personal data will be rejected with justification in the following cases:

Processing of personal data for purposes such as research, marketing, planning, and statistics, by anonymizing it with official statistics.

Processing of personal data for artistic, historical, literary, or scientific purposes, or within the scope of freedom of expression, provided that it does not violate the privacy of private life or personal rights or constitute a crime.

Processing of personal data made public by the Personal Data Owner.

The application is not based on a legitimate reason.

The application contains a request contrary to the relevant legislation.

The application procedure has not been complied with.

The application will be rejected with justification.

11.3 Application Evaluation Procedure

Requests submitted before the response period specified in this Policy can begin are as per Article 11.1. You must submit your application using two methods and with information and documents verifying the applicant's identity.

If the request is accepted, the relevant procedure will be implemented, and a notification will be made in writing or electronically. If the request is rejected, the reason will be explained and the applicant will be notified in writing or electronically.

11.4. Right to Complain to the Personal Data Protection Board

In cases where the application is rejected, our response is deemed insufficient, or the response is not provided in a timely manner, the applicant has the right to complain to the Personal Data Protection Board within 30 (thirty) days from the date they learn of the response, and in any case, within 60 (sixty) days from the application date.

12. PUBLICATION AND STORAGE OF THE DOCUMENT

This Policy is stored in two different media: printed paper and electronically.

13. UPDATE PERIOD

This Policy is reviewed at least once every two years and updated as needed, based on the principles.

14. ENFORCEMENT

This Policy is deemed to have entered into force upon its publication on the Company's website.

15. REPEAL

In the event of a decision to revoke this Policy, the old, wet-signed copies of this Policy will be cancelled (either by stamping the cancellation stamp or by writing the cancellation) by the Legal Department with the written approval of the Department Manager and will be kept by the Legal Department for a period of 5 years.

PERSONAL DATA PROTECTION

PERSONAL DATA PROTECTION LAW INFORMATION FORM

SUNRİSE BİLİŞİM A.Ş. (“YUKPORT”) has provided basic information on the protection of transferred personal data below. In order to fulfill its obligation to inform arising from Article 10 of the Personal Data Protection Law No. 6698 (“KVKK”), YUKPORT presents the following explanations to the attention of our customers and third parties who use our website and/or mobile applications. YUKPORT reserves the right to update this Personal Data Protection Statement at any time, in accordance with any changes to applicable legislation.

In accordance with the Personal Data Protection Law, we would like to inform you that any information about you that has been obtained/will be obtained by our company, acting as the data controller, or that you have shared/will share with our company ("personal data") will be processed by our company within the framework described below and in the manner stipulated in the aforementioned Law. Any action performed on your information, including obtaining, recording, storing, preserving, altering, disclosing, transferring, or making available your information, whether by automatic or non-automatic means, constitutes "processing of personal data." Furthermore, Law No. 6563 on the Regulation of Electronic Commerce also contains provisions regarding the protection of personal data. Criminal sanctions are also stipulated in some cases for the protection of personal data through the provisions of the Turkish Penal Code No. 5237. On the other hand, data must be collected and used for the purpose of fulfilling our obligations arising from Consumer Protection Law No. 6502 and the Distance Contracts Regulation.

PURPOSES AND LEGAL REASONS FOR PROCESSING YOUR PERSONAL DATA

Our Company fulfills its obligations (identification, information storage, reporting, notification, etc.) and commitments under all relevant national/international legislation, particularly Law No. 5549 on Prevention of Laundering Proceeds of Crime, Law No. 4358 on Expansion of the Use of Tax Identification Numbers, and secondary regulations published by national/international competent authorities based on these, or under agreements to which it is a party in relation to these or its activities; Your personal data is processed by our company for purposes and legal reasons, such as the establishment of contracts for all products and services you request from our company, the preparation of all other records and documents (in paper or electronic form), the provision of such products and services, and their uninterrupted operation.

As a Member/User, due to any use you make through our website at YUKPORT.com, all personal data you share or have shared, including but not limited to your name, surname, email, etc., for product and service requests, receiving offers, or job applications, including personal data shared via cookies, are processed through the website in accordance with Article 5/f.1 and Article 1 of the Personal Data Protection Law. You acknowledge that you are sharing your personal information with your own free will and explicit consent, in accordance with 6/f.2, and you confirm that your shared information will be processed in accordance with Law No. 5651.

For what purposes does YUKPORT use personal data?

YUKPORT may record, store, update, disclose to third parties, transfer, classify, and process your personal information in the circumstances and to the extent permitted by law.

Your personal data is used for the following purposes:

To verify identity information through the website/mobile applications,

To record address and other necessary information for communication,

To carry out road transportation operations between those who will provide transportation services and service recipients for the purposes of carrying out the activities provided by YUKPORT through the website www.YUKPORT.com.

To communicate with our customers regarding the terms, current status, and updates of the agreements we have concluded under the relevant articles of our Membership Agreement and to provide the necessary information.

To prepare all records and documents that will form the basis of transactions, whether electronically (internet/mobile, etc.) or in paper form.

To fulfill the obligations undertaken pursuant to our membership agreements and the agreements we have concluded under the relevant articles of the Consumer Protection Law.

To provide information to public officials upon request and as required by law on matters related to public safety.

To plan and execute logistics activities.

To plan and execute production and/or operational processes.

To evaluate customer complaints and suggestions regarding our services,

To fulfill our legal obligations and exercise our rights arising from applicable legislation.

The data provided by our customers/members/users who conduct transactions through the www.YUKPORT.com website or mobile applications is processed by YUKPORT with our customers' consent and in accordance with applicable legislation.

www.YUKPORT.com will collect, process, share with third parties, and securely store your browsing information in order to provide better service to its visitors and in accordance with its legal obligations, provided that it is not used for purposes and within the scope specified in this Personal Data Protection Statement.

www.YUKPORT.com stores the information collected through log files, empty gif files, and/or third-party sources to create a summary of your preferences.

PERSONS OR ORGANIZATIONS TO WHICH YOUR PROCESSED PERSONAL DATA MAY BE TRANSFERRED FOR THE PURPOSES MENTIONED ABOVE

Your personal data may be transferred directly or indirectly to third parties, including, but not limited to, individuals or organizations (judicial and administrative authorities, other official institutions and organizations, and individuals) permitted by all national/international legislation referred to above and/or authorized to request and process personal information within the scope of such legislation or agreements to which we are a party, as well as to our domestic/international affiliates or subsidiaries, domestic/international/international public/private institutions and organizations, companies, and other third parties from whom our Company receives service/support/consulting services, cooperates, or is a project/program/financing partner.

METHOD OF COLLECTION OF PERSONAL DATA AND LEGAL REASON

Personal data shared with YUKPORT is under the supervision and control of YUKPORT. YUKPORT, as the data controller, assumes responsibility for establishing the necessary organization and implementing and adapting technical measures to protect the confidentiality and integrity of information in accordance with the relevant legislation in force. Aware of our obligations in this regard, we conduct periodic penetration tests in accordance with international and national technical standards regarding data privacy, and we would like to inform you that we always update our data processing policies accordingly.

For the legal reasons explained above, your personal data may be collected verbally, in writing, or electronically, through automatic or non-automatic means, through our Company's Head Office Units, online branch, call center, and all other similar channels.
SUBJECT TO THE CASES SET FORTH IN ARTICLE 28 OF THE LPPD, TITLED "EXCEPTIONS," RIGHTS OWNED UNDER ARTICLE 11 OF THE LPPD

Your personal data, in accordance with the LPPD, may be:

Learn whether your personal data has been processed,

Request information if it has been processed,

Learn the purpose of processing and whether it is being used in accordance with its purpose,

Know the third parties to whom it has been transferred, domestically or abroad,

Request rectification if it has been processed incompletely or incorrectly,

Request deletion/destruction under the conditions stipulated in Article 7 of the LPPD,

Request third parties to whom it has been transferred, as specified in Articles (d) and (e) above.
You have the right to request notification of the actions taken pursuant to clauses 1.1.

To object to any adverse consequences arising from analysis of your personal data exclusively through automated systems,
We would like to remind you that you have the right to request compensation for any damages you incur due to processing in violation of the KVKK.

By contacting our Company, you have the right to (a) learn whether your personal data has been processed, if so, information regarding this, the purpose of processing, whether it has been used in accordance with this purpose, and the third parties in Turkey or abroad to whom the data has been transferred.

By contacting our Company, you have the right to (a) learn whether your personal data has been processed, and if so, information regarding this, the purpose of processing, whether it has been used in accordance with this purpose, and the third parties in the country or abroad to whom the data has been transferred.

If your personal data is incomplete or inaccurate, you can request correction, deletion or destruction of your personal data within the framework of the conditions stipulated in Article 7 of the Law, and notification of the actions taken by our Company in this context to the third parties to whom the information has been transferred.

You have the right to object to any adverse consequences arising from analysis of your personal data exclusively through automated systems, and to request compensation for any damages you incur due to processing in violation of the law.
You are here. You may exercise your rights under this article as of October 7, 2016, the effective date of the regulation. We reserve the right to request from you the expenses incurred by our Company in fulfilling your requests, in accordance with the tariff specified in Article 13 of the Personal Data Protection Law, "Application to the Data Controller."

EXPLICIT CONSENT CHECKOUT BOX THAT CAN BE USED DURING ONLINE TRANSACTIONS;

- I have read and understood the Personal Data Protection Information above/on the website.

- I, in accordance with my free will, consent to the collection, processing, storage, sharing with third parties, transfer, and international transfer of my personal data within the scope of the Personal Data Protection Information above/on the website.