KVKK CLARIFICATION TEXT (ON THE PROCESSING OF PERSONAL DATA)

1. DATA CONTROLLER

Pursuant to the Law on the Protection of Personal Data No. 6698 ("KVKK"), your personal data will be processed by PAYTOSKIP BİLİŞİM HİZMETLERİ LTD (Registration No: 00001743) in the capacity of Data Controller, within the scope explained below.

2. PURPOSE OF PROCESSING PERSONAL DATA AND LEGAL GROUNDS

Our Company processes your personal data based on the legal grounds set forth in Article 5 of the KVKK, specifically: "Expressly provided for by the laws," "Performance of the contract," and "Legal obligation." Your Explicit Consent is not sought for the following processes, as they are mandatory due to the nature of the service:

A. Identity Information (Name, Surname, Date of Birth, T.R. Identity No/Passport No)

Purpose: Opening a membership registration, verifying the age limit (18+), issuing invoices, notifying authorized institutions.

Legal Ground: Establishment and performance of the contract, obligation under the Tax Procedure Law.

B. Contact Information (E-mail, Phone, Address)

Purpose: Order delivery, responding to support requests, communication with the user.

Regarding the Use of WhatsApp, Discord, and Telegram: These channels belonging to our Company are used solely for "Customer Support" purposes. No messages containing advertisements or marketing content will be sent to you via these platforms. Since the servers of these channels are located abroad, by contacting us through them, you are deemed to have accepted that your data may be processed abroad.

Legal Ground: Performance of the contract and request management.

C. Financial Information (IBAN, Payment History)

Purpose: Receiving payments, making seller payouts (remittances), refund processes, accounting transactions.

Legal Ground: Performance of the contract and financial obligations.

D. Customer Transaction and Legal Information (Order History, Log Records, IP Address)

Purpose: Transaction security, prevention of fraud, responding to legal requests.

Legal Ground: Law No. 5651 and other legal obligations.

3. TRANSFER OF PERSONAL DATA AND INTERNATIONAL STATUS

Due to the global nature of our services, your data may be transferred to the following groups:

Domestic: Courts, Public Prosecutors' Offices, Tax Offices in case of legal obligation.

Abroad (Technical Infrastructure): Transferred to AWS (Amazon Web Services - Germany/Frankfurt) for server hosting services; to Google LLC and Meta Inc. for site analytics; and to Tawk.to service providers for support infrastructure. (Your approval for this transfer is obtained via the Explicit Consent box during membership.)

Inter-User: When you buy or sell a product, your contact information is shared with the counterparty (Buyer/Seller) to complete the transaction.

4. RETENTION PERIODS AND ACCOUNT DELETION

Our users may close their accounts at any time.

Marketing Data: Deleted immediately upon your account closure request.

Legal Data: Your invoice, payment, and order records must be kept for 10 (ten) years pursuant to the Turkish Commercial Code and Tax laws. At the end of this period, your data will be permanently destroyed.

Passive Members: Data of members who have never made a sale on the site is deleted 6 months after the last transaction.

5. YOUR RIGHTS (KVKK Article 11)

Within the scope of KVKK, you have the rights to learn whether your data is processed, to request correction if it is incomplete or incorrect, to request its deletion, to learn whether it has been transferred abroad, and to object to the processing.

You may submit your requests to [email protected]. Your applications will be answered within 30 days at the latest.