Privacy Policy and Personal
Data Protection
1. PURPOSE
The Turkish Law on the Protection of Personal Data ("KVKK Law") was published in the official government publication Resmi Gazete on April 7, 2016. This Law is designed to protect the rights and freedoms of people's privacy and establish obligations against any illegal act in Turkey.
The purpose is to create a data storage security policy following the Personal Data Protection Act. Ayola creates and controls this policy to protect and preserve personal data.

2. COVERAGE
The policy actions apply to visitors to ayola.com and the Ayola team. Ayola is a registered trademark of an international company in agriculture that provides a new way of vertical farming. The website aayola.com is the property of Ayola. The policy applies to all actions created and executed by Ayola company.
This policy has been prepared under the KVKK Law and agreed upon with all Ayola employees.
Ayola wants all customers, visitors, and employees to learn how to act following this policy. The company provides correct information about this policy and relevant materials to its employees.

3. DICTIONARY OF TERMS
3.1. Ayola
Ayola greenhouses are a solid solution in modern agriculture.
3.2. Explicit Consent
Limited consent is given for data processing. It is based on free will and is provided for informational purposes only.
3.3. Anonymity
A way to make personal data impossible to associate with an identified or identifiable person, even if compared with other data.
3.4. Employees
The team of the Ayola agency.
3.5. Service Provider
Employees of the Ayola company
3.6. Individual / Client / Visitor
A person whose personal information is stored and processed by Ayola.
3.7. Personal Information / Personal Data
Information about individuals/customers/visitors that allow you to identify them. In this case, the email address and phone number.
3.8. Processing of personal data
Operations for the collection, modification, storage, preservation, editing, or disclosure of personal information in whole or in part automatically.
3.9. Data Controller
The people who decide what personal information will be in the Ayola database and how it will be used.
3.10. Data Processor
Individuals or legal entities that process data under the jurisdiction of the Data Controller.
3.11. KVKK Council
The Personal Data Protection Council (KVKK – abbreviated as "Personal Data Protection" in Turkish).
3.12. KVKK Corporation
Personal Data Protection Corporation.
3.13. KVKK Law
The Turkish Law on the Protection of Personal Data was published in the Government Resmi Gazete in issue No. 29677.
3.14. Policy
Ayola's Personal Data Protection and Processing Policy.

4. ROLES AND RESPONSIBILITIES
4.1. Data Controller
The processing of personal data means operations for the collection, modification, storage, preservation, editing, or disclosure of personal information in whole or in part automatically in accordance with the provisions of the Turkish Law on the Protection of Personal Data.
Ayola collects and uses certain information about visitors or customers to carry out its work. Ayola is the Data Controller following the Law and determines what the data will be used for.
4.2. Data Management Agent
After the Data Management Registration is created, there is a need for a Data Management Agent. This agent must be an expert in ensuring data confidentiality, processing it, and taking the necessary security measures.
4.3. Data Processor
Data processors are natural or legal persons who process personal data. The handler must work under Ayol's permission.
4.4. Responsibilities
In the case of data processing by individuals or legal entities, Ayola and data processors are required to take precautionary measures. As a data controller, Ayola monitors the process between two parties: Ayola and individuals.

5. LEGAL OBLIGATIONS
Ayola has legal obligations for securing and processing personal data following the KVKK Law. Responsibilities include;
5.1. Obligation to Clarify
Ayola undertakes to explain to its visitors and customers in the process of data processing the following elements:
• Identity of the data controller,
• Reasons for saving personal data,
• Legal reasons for storing personal data,
• The rights of individuals.
5.2. Obligation To Inform
In accordance with Article 13 of the Law, KVKK Ayola is obliged to inform individuals. It is also necessary to request information via info@ ayola.com or +90 242 324 54 94.
These specific requests must be written by individuals manually or by any other means determined by the KVKK Board.
5.3. Obligation to Ensure the Security of Personal Data
As data controllers, Ayola must provide the necessary security services following the 12th article of the KVKK Law.
5.4. Obligation to be included in the Register of Data Controllers.
Ayola is obliged to register in the data register in accordance with the 16th article of the KVKK Law.

6. CLASSIFICATION OF PERSONAL DATA
6.1. Personal Data
The name, surname, date, place of birth, identity, social security number, telephone number, email address, address, visual information, payment information, and other information about an individual are considered personal data.
Due to membership terms, Ayola retains some data such as first name, last name, phone number, and email address.
6.2. Private Information
Race, ethnic roots, political views, philosophical beliefs, religion, sect or any other beliefs, membership in any foundation or institution, health issues, sexual life, beliefs, security measures, biometric and genetic data are accepted as private information. It is strictly prohibited to save such data without an individual's consent in accordance with Article 6 of the Turkish KVKK Law.
As a data controller, Ayola only requests such private data if it is specified in the laws.

7. PERSONAL DATA PROCESSING POLICY
7.1. Principles of Data Processing
All collected data is processed according to the 4th, 5th, and 6th articles of the KVKK Law.
• Ayola processes data according to KVKK Law and other legal norms.
• Ayola undertakes to act transparently, follow the obligations to explain and inform customers, observing the Code of integrity.
• Ayola undertakes to process data only legally. The grounds must be specified in the KVKK Law or other legal norms.
• The data must be associated with a specific purpose and limited only to that purpose.
• Ayola undertakes to process data on the required scale. The Code of proportionality must be observed, and the information must be processed only on the necessary scale.
• Ayola should only store data for a certain period (see section 9) and should not store data if this period has expired.
7.2. Purposes Of Data Processing
Ayola does not collect or store customers' personal information to send unsolicited and unsolicited information (spam). Ayola aims to process data for specific purposes, such as:
• Personal and communication data, such as first name, last name, phone number, and email address, are processed for site registries and better communication.
• Data from the website and applications are processed to analyze and collect information of interest to users. This data improves business and operational activities, such as remarketing and communication.
• Social web information is used to provide a better and easier search on the website. Some social websites, such as Facebook, Twitter, and Google Plus, can only be used for the purpose of visiting the Ayola website.
• Location data is used if the user allows them to be used from their mobile phone while browsing. Ayola processes location data to provide information about the nearest offices of the company.
The data is also processed for some other purposes in addition to the above;
• Ayola sends hot offers to email addresses in the format of an informational letter.
• Ayola works with each client individually, answering questions of interest and selecting real estate options based on the client's needs, which the user provides independently.
• Ayola provides information about new services.
• Ayola is engaged in direct marketing.
• Ayola has the right to communicate directly with individuals if necessary.
7.3. Data Processing Takes Place Legally
Ayola takes the following technical precautions to process personal data legally;
• Organization of an intercorporate database for processing and storing personal data following the legislation,
• Creation of a technical infrastructure for a database in which all personal data will be stored,
• Verification of the created technical infrastructure and process,
• Creation of the necessary standards for presenting technical procedures and verification periods.
Ayola takes the following legal precautions to process personal data legally:
• Training and informing Ayola employees about the processing of personal data legally,
• Provision of safeguards against any illegal actions in the processing of personal data on contracts, legal files, and policies,
• Verification of personal data processing by third-party processors and partners.

8. PERSONAL DATA TRANSFER POLICY
8.1. Transfer Of Personal Data Within The Country
Ayola is obliged to act following the KVKK Law, the points of which are appointed by the KVKK Council.
As a data controller, Ayola is obliged to comply with the KVKK Law. Ayola has no right to share personal data or information with third parties without an individual's consent.
However, in case of obligations arising under the KVKK Law and other constitutional laws, Ayola has the right to transfer data to the relevant judicial authorities, state institutions, and legal entities.
8.2. Transfer Of Personal Data Abroad
Ayola can also transfer data abroad for processing and storage. The country that receives the personal data must have the necessary precautions. The KVKK Board should check the precautions. If the required precautions are insufficient, the data controllers from Turkey and the host country must make a written commitment, and the KVKK Board must approve it.
8.3. Which Person or Organization Receives Personal Data?
Authorized state bodies and organizations may receive data upon their request following paragraph 8.1.
Ayola's customer service program, TEKÇE, receives personal data and stores and tracks customers.
Instagram Facebook, Twitter, Instagram, and JivoChat, some third-party programs and tools, such as Bing, Google AdWords, Google Analytics, Yandex Metrica, Yandex Direct, Whatsapp, Facebook, Twitter, Instagram, and JivoChat, receive personal data from cookies to simplify the use of the site.
8.4. Precautions when Transferring Personal Data
Technical Precautions
• Ayola is obliged to take the necessary technical precautions for any unauthorized access and use of personal data by any person or company engaged in data processing, despite the fact that the data processing is Ayola.
Executive Precautions
• Ayola has developed an internal policy on how and for what purpose data should be transferred. Ayola also defines the parties to whom the data should be shared.

9. PRIVACY POLICY
9.1. Data Storage up to a Certain Time
According to the KVKK Law, all information about known or received files is personal. Ayola keeps all data, such as email addresses and phone numbers, safe.
In this regard, Ayola undertakes following the Law when receiving and storing data. The data will be saved until the purpose of saving is exhausted (see 7.2). According to the requirements, the data should be stored for an average of 2 years.
This period varies depending on the Law. For example, according to the Law on Tax Procedure, registers and credentials must be kept for five years.
9.2. Precautions for Processing Personal Data
Technical Precautions
• Ayola takes precautions to ensure the security and reliability of personal data storage. Critical control systems and mechanisms are being created for technical precautions.
Precautions
• Ayola conducts educational activities on the subject of personal data storage among its employees.
• Ayola is responsible for checking precautions when storing personal data.

10. PERSONAL DATA SECURITY POLICY
10.1. Ayola's Data Security Responsibilities
Ayola is responsible for the security of personal data following article 12 of the Personal Data Protection Act. Ayola is responsible for:
• preventing the processing of personal data in violation of any law,
• checking precautions regularly,
• provision of sufficient technical equipment to stop the penetration of personal data,
• informing the authorized bodies in any case of penetration.
10.2. Precautions to Ensure the Security of Personal Data
Ayola takes the necessary precautions to keep personal data safe. These precautions are as follows:

Technical and Administrative Measures
Technical and executive precautions for the processing, transferring, and securing of personal data are set out in the relevant articles. If personal data continues to reach third parties illegally, Ayola is obliged to take precautions to protect individuals.

Precautions and Verification of Personal Data Security
Ayola is preparing a report on the suitability of the data registrar to the KVKK Law. The Registrar is periodically checked, and the information is submitted to the authorized person or the management board.

Precautions in Case of Disclosure of Information without Permission
Ayola must prevent any disclosure activity, take the necessary precautions and create an internal policy. In any case, disclosure without permission, Ayola is obliged to inform the Board of KVKK.

11. RIGHTS OF INDIVIDUAL
11.1. Right of Access to Personal Data
Customers and users of the site have the right to access their personal data without any payments. Individuals can:
• find out if their data is being processed or not,
• request information about operations if the data is being processed,
• ask a question about the purpose of data processing and find out for what purposes the data is used.
11.2. Rights to change or delete your own personal data
Customers and visitors of the site can change or delete their personal data without any payments. Individuals can
• request data correction in case of incorrect or missing information,
• request data deletion if the purpose of data storage is no longer relevant,
• request information about the participation of third parties,
• object to any adverse result that appears when automated systems process data.
11.3. Updating Your Own Personal Data
If you want to access, change or delete your personal data, you can contact us;
by phone: +90 242 324 35 30
by email:info@ ayola.com
in person or by sending a letter: Çağlayan Mah. Barınaklar Bulvarı 5/5, 07235, Antalya, Turkey
11.4. Applications from Individuals and Evaluation
Individuals may request access to their processed data using their rights under the Law. Ayola creates these communication opportunities. All applications received from individuals will be answered within the time provided for in the KVKK Law.
Individuals should consult with representatives from Ayola and be entered in the Data Register. Representatives of the data controller will process these applications for a period of no more than 30 days without payment or with payment, according to the KVKK law.
To start this process, individuals must send their applications to a data controller representative according to the rules of the KVKK Council. Applications must be written in the form of a letter until the Council determines another way. The person must clearly state their requirements and send an official letter to:

Çağlayan Mah. Barınaklar Bulvarı 5/5, 07235, Antalya, Turkey

Applications are accepted or rejected by representatives of the data controller, who in turn respond to them in writing or electronically. If the application is received, the request will be processed by Ayola. If the error belongs to Ayola, the payment will be refunded to the individual.

If the application is rejected, the response is insufficient, or it will not be answered at the specified time, the person can write a complaint letter within 30 days.

12. COOKIE POLICY
The cookie policy is valid for mobile websites and applications offered by Ayola.
Ayola uses cookies for its visitors and provides them with the best web and mobile service. Visitors can permanently block cookies in the browser settings. However, blocking or restricting cookies may affect the failure to transmit information to visitors.
Visitors will receive an uninterrupted supply of cookies until they block or restrict cookies.

13. PUBLICATION AND PRESERVATION OF THE POLICY
The most recent version of the Privacy Policy will govern the collection, use, and disclosure of information about you. If we make significant changes to the Data and Privacy Policy, we will notify you by email or send a notification about the service before the effective date of the changes. By continuing to use this resource after these changes take effect, you automatically confirm the revised Privacy Policy.

14. POLICY UPDATE PERIOD
We may update the Privacy Policy to reflect changes in our information practices. If we make any changes, we will provide a notification on the Ayola website and notify you by email (the notification will be sent to the email address specified in your account). The changes will take effect after the last update date.

Last updated: December 25, 2022. This Privacy Policy is effective immediately for users who visit the Ayola website on or after December 25, 2022.

15. VALIDITY PERIOD
This policy comes into force from the moment it is published on the site and is valid until it is deleted.

16. SECURITY
We have implemented technical and organizational security measures to prevent accidental loss, unauthorized access, disclosure, or modification of your personal data. However, no method of transmission over the Internet or via a mobile device or method of electronic storage is 100% secure. Ayola expressly disclaims any such obligation.

17. INTERNATIONAL DATA TRANSMISSION
For residents of the EEA or Switzerland: Please note that information about personal data that we receive from or about you may be transferred, processed, and stored outside the EEA or Switzerland for the purposes described in this Privacy Policy, including in the United States of America. We take the privacy of our users seriously and therefore take measures to protect your information, including ensuring an adequate level of data protection in accordance with European Standards. These include the implementation of the European Commission's standard contractual provisions for the transfer of personal information between a group of companies, which require all group companies to protect the personal information they process from the EEA by EU data protection laws. We have implemented similar appropriate security measures with our third-party service providers and partners, and more detailed information can be provided upon request.
This site was made on Tilda — a website builder that helps to create a website without any code
Create a website