We know that you care how your personal information is used and with whom it is shared. In order not to disappoint your trust, we treat the protection of your personal information with the greatest care and sensitivity.
1. Data Controller
Safaş Tekstil Turizm İnşaat Sanayi ve Ticaret Anonim Şirketi is the data controller of the collected and processed personal data through Fioretta Services.
2. What Personal Data We Collect About You
Here are the types of personal information we collect:
- Information you give us: We receive and store any information you provide to us in relation to Fioretta Services. You can choose not to provide certain information, but then you might not be able to take advantage of some of our Fioretta Services. You provide information to us when you:
- add or remove an item from your cart, place an order via Fioretta Services, or otherwise use Fioretta Services;
- provide information in your account or your profile;
- upload your contact details;
- configure your cookie settings, provide data access permission, or otherwise interact with the Fioretta website;
- communicate with us by phone, email, or otherwise;
- complete a questionnaire;
- sign up to our newsletter.
As a result of these actions, you might provide us with the following information: Your name, address and phone numbers, payment information, your age, your location information and your IP address.
- Automatic information: We automatically collect and store certain types of information about your use of Fioretta Services, including the information about your interaction with the content and provided services. Like many websites, we use “cookies” and other unique identifiers and we obtain certain types of information when your web browser or your device accesses Fioretta Services or other content served by or on behalf of Fioretta on other websites. Information we collect and analyse include:
- the Internet protocol (IP) address used to connect your computer to the Internet;
- e-mail address and password for log-in;
- the location of your device or computer;
- device metrics such as when a device is in use, application usage, connectivity data, and any errors or event failures;
- Fioretta Services metrics (e.g., occurrences of technical errors, your interactions with service features and content, your settings preferences and backup information, location of your device);
- version and time zone settings;
- purchase and content use history, which we sometimes aggregate with similar information from other customers to create features like top sellers;
- the full Uniform Resource Locator (URL) clickstream to, through and from our website, including date and time, products and content you viewed or searched for, page response times, download errors, length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse overs);
- phone numbers used to call our customer service number.
We may also use device identifiers, cookies, and other technologies on device applications, and our web pages to collect browsing, usage or other technical information.
- Information from other sources: We might receive certain kind of information about you also from other sources.The information we receive from other sources include:
- updated delivery and address information from our carriers or other third parties, which we use to update our records and to improve our future deliveries;
- account information, purchase or financial information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfillment, advertising, or other services;
- information about your interactions with products and services offered by our subsidiaries;
- search results and links, including paid listings (such as Sponsored Links);
- o credit history information from credit bureaus, which we use to help prevent and detect fraud and to offer certain credit or financial services to some customers.
3. How We Use Your Personal Data
We use your personal data to operate, provide, develop, and improve the products and services we offer to our customers. In this light, we use your personal information for the following purposes:
- Administrative and business purposes such as taking and handling orders, delivering products and services and processing payments.
- Troubleshooting and improvement of Fioretta Services to provide better functionality, analyze performance, fix errors, and improve the overall usability and effectiveness of Fioretta Services.
- Recommendations and personalization of our services. We use your personal data to recommend you features, products, and services that might be of interest to you, to identify your preferences, and to personalize your experience with Fioretta Services.
- Advertising purposes such as interest-based ads for features, products, and services that might be of interest to you. In this process we do not use any information that may personally identify you.
- Communication in relation to Fioretta Services via different channels (e.g., by phone, email, chat).
- Fraud prevention analysis to protect the security of our customers, our brand, and others.
- Consent-based specific purposes. We may ask for your consent to process your personal data for a specific purpose that we have specified to you. After you provide such consent, you are free to withdraw it at any time. When you withdraw your consent, we will stop processing your data for this purpose.
4. Who we share your personal information with
- Third-party service providers: We employ other companies and individuals to perform services on our behalf. The purposes of sharing include fulfilling orders for products or services, delivering packages, sending postal mail and email, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), and processing payments. These third-party service providers have access to personal information needed to perform their services but are not allowed to use it for other purposes.
- Protection of Fioretta and others: We disclose account and other personal information when we believe that such disclosure is appropriate, comply with the applicable law, enforce or apply our agreements or protect the rights, property or safety of Fioretta, our users or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
In all other situations not covered by the above provisions, you will be notified if your personal information might be shared with third parties, and you will have an opportunity to choose whether your information shall be shared.
5. How We Secure Your Personal Information
We design our systems with your security and privacy in mind:
- We protect the personal information during data transmission by using encryption protocols and software.
- We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of customer personal information. It also means that we may ask you to verify your identity before we disclose you your personal information.
It is also important for you to be protected against any unauthorized access to your password and to your computers, devices, and applications. Therefore we recommend using a unique password for your Fioretta account that is not used for any other online accounts. If you use a shared computer, be sure to sign out of your account after every session.
6. Legal Rights and Contact
6.1. Your Legal Rights in Relation to Your Personal Information
You have certain rights in relation to your personal data. You have the rights to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons of which you will be notified, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the accuracy of the personal data; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need the personal data for the purposes set out above, but they are required by you for the establishment, exercise or defence of legal claims; or (d) you have objected to our use of your data but we need to verify whether there might be some overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or to a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information for which we initially received your consent to use it or where we used the information to perform a contract with you.
- Withdraw your consent at any time where we are relying on a consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain features of the services to you.
6.2. How YouCan Contact Us
If you have any questions or objections about how we collect and process your personal information, please contact us at email@example.com.
You can convey applications and requests regarding your personal data also by;
- Sending your wet-signed requestto the Company’s address by post or by other means,
- Personally applying to Fioretta with your identity document.
In accordance with the Communiqué on the Procedures and Principles of Application to the Data Controller, it is obligatory to include a name, surname, signature (if the application is in writing), the identity number, the place of residence or a workplace address for the notification, the e-mail address, telephone number and/or fax number and information about the subject of the request.
Therefore, no matter how your application is made, make sure that it contains the above information. The applicant must clearly and comprehensibly state all the matters requested.
Information and documents related to the application must be attached to the application. If the application is made on behalf of someone else, the documents proving that such a person is authorized for the transaction as well as the documents confirming their identity must be attached to the application. Requests made by unauthorized third parties will not be considered.
Submitted requests meeting all necessary requirements will be concluded within 30 (thirty) days, depending on the nature of the request.
7. How Long We Keep Your Personal Information
We keep your personal information for no longer than necessary, taking into account any legal obligations we have (e.g. to maintain records for tax purposes) and any other legal basis we have for processing your personal information e.g. your consent, performance of a contract with you or our legitimate interests as a business.
8. On Which Legal Grounds We Process Your Personal Data
According to the GDPR (General Data Protection Regulation) and Law on Protection of Personal Data, we must have legal grounds to process your personal data. Our legal reasons vary according to the purpose for which we use the data.. We rely on the following legal grounds:
- Performance of contract including the processing of personal data to receive and manage your orders, deliver our products and services, handle payment processes etc.
- Our legitimate interests and those of our customers including the service development, fraud prevention and protection of safety of our customers, our brand or others.
- Your consent to the processing of your personal data for a specific purpose, which you can withdraw at any time by contacting us.If you do so, we will stop processing your data for the aforementioned purpose.
- Fulfillment of legal obligations, for example, we collect merchants’ domicile and address information for authentication purposes.