Personal Data Protection Disclosure Statement

Flexamus® INNOIT (Data Controller) prioritizes the security and privacy of its valued users, particularly safeguarding fundamental rights and freedoms, including the right to privacy. In accordance with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018, we provide the following information within the scope of our obligation to inform you.

1. Purpose of Processing Your Personal Data

As the Data Controller, Flexamus® INNOIT records and stores your personal data to establish a service relationship, ensure the continuity of services, and fulfill our legal obligations. This data is processed to provide services, ensure security, and execute contractual processes such as billing.

2. Methods and Legal Grounds for Collecting Personal Data

Your personal data, including your name, surname, address, contact information, identification number, and billing details, are collected via our website, call center, or customer representatives. Additionally, documents required for domain name registration may also be requested. This data is processed based on the following legal grounds outlined in Article 6 of the GDPR:

• When processing is necessary for the performance of a contract,
• When processing is required to comply with legal obligations,
• When processing is based on your explicit consent.

3. Processing and Sharing of Personal Data

Your personal data may be shared with our affiliates, business partners, legal teams, financial advisors, and other service providers, either domestically or abroad, for purposes limited to legal obligations and service provision. Data sharing required by third-party entities, such as domain name registrars, will also be conducted in compliance with the GDPR.

4. Sensitive Personal Data

Sensitive personal data includes information such as race, ethnicity, political opinion, religious beliefs, biometric, and genetic data. As a general rule, Flexamus® INNOIT does not request sensitive personal data. However, if such data is included in mandatory documents for processes like domain name registration, it will be processed only if necessary for completing the respective procedure.

5. Protection of Your Personal Data

Your personal data is protected by Flexamus® INNOIT through technical and administrative measures. The highest security standards are applied to safeguard your data from unauthorized access.

6. Your Rights Regarding Your Personal Data

In accordance with Articles 12 to 22 of the GDPR, you have the following rights concerning your personal data:

• To learn whether your data is being processed and request information about it,
• To understand the purposes for processing your data,
• To know the third parties, domestically or abroad, to whom your data is transferred,
• To request corrections of incomplete or inaccurate data,
• To request the deletion or destruction of your data,
• To object to the processing of your data, and
• To request compensation if you incur damages due to the unlawful processing of your data.

Additionally, you have the right to data portability and to object to automated decision-making and profiling.

7. Applications and Contact

You can submit your requests concerning your personal data to Flexamus® INNOIT in writing. Your applications will be reviewed within the timeframe specified under the GDPR. Our company reserves the right to charge fees for your requests, as stipulated in the regulations.