Free shipping on orders of 1000₺ or more
50 shopping points as a gift to everyone who becomes a new member
5% bonus refund on every purchase

Privacy and Personal Data Protection Policy

Protection of personal data is an important issue for Moodart. Moodart, as the data controller, adopts the principles stipulated by the KVK Law in order to comply with the Law on the Protection of Personal Data No. 6698 (“KVK Law”), the processing, deletion, destruction, anonymization, transfer, disclosure of the personal data and fulfills its obligations regarding data security. The Privacy and Personal Data Protection Policy regulated in this context is made available to natural persons whose personal data are processed (“Relevant Person”).

1. Scope and Purpose of Privacy and Personal Data Protection Policy

This Privacy and Personal Data Protection Policy;

  • Personal data collection methods and legal reasons,
  • Which person groups' personal data are processed (Data Subject Person Group Categorization),
  • Which category of personal data is processed in relation to these groups of persons (Data Categories) and sample data types,
  • In which business processes and for what purposes this personal data is used,
  • Technical and administrative measures taken to ensure the security of personal data,
  • To whom and for what purpose personal data can be transferred,
  • Personal data retention periods,
  • Profiling and Segmentation
  • What are the rights of the Related Persons on their personal data and how they can use these rights,
  • How Relevant Persons can change their positive or negative preferences in receiving electronic commercial messages,
  • Sharing personal data with official authorities
  • Cookie Usage and Management

explains.

a. Personal Data Collection Methods and Legal Reasons

Moodart personal data specified in Article 5 of the Personal Data Protection Law No. 6698

  • clearly stipulated in the law
  • it is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract.
  • The person concerned has been made public by himself
  • Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
  • Data processing is mandatory for the establishment, exercise or protection of a right

It collects audio, electronic or written forms through websites, mobile applications of websites, social media accounts, cookies, call center, notifications from administrative and judicial authorities and other communication channels based on legal reasons.

b. Data Subject Person Group Categorization

Moodart categorizes the data subject groups, whose personal data are processed in the personal data processing processes and activities related to these processes, as follows. However, in accordance with the personal data processing conditions specified in Articles 5 and 6 of the KVK Law, and in line with the legal reasons specified in this Privacy/Personal Data Protection Policy, personal data of other groups of individuals (consultant, educator, blogger) may also be processed.

c. Data Categories and Example Data Types

one. a) Member Customer

 

  • Identity Information: Name, surname, date of birth, gender, TR identity number
  • Location Information: City of residence, county (delivery address of purchase made via https://moodart.net)
  • Contact Information: mobile phone, e-mail address, address, zip code, landline phone
  • Financial Information: Tax office, invoice information
  • Customer/Member Information: Membership information, membership ID number
  • Customer/Member Transaction Information: Purchased product/s, shopping amount, shopping date, call center call records, commercial communication permission, used campaigns/competitions, coupons used, order information
  • Risk Management Information: IP address
  • Transaction Security Information: Password, password information
  • Marketing Information: Cookie records, targeting information, reviews showing habits and likes
  • Audio Data: Call center call recordings
  • Legal Action and Compliance Information: The start and end time of the service provided, the type of service used, the amount of data transferred, the consent of the Relevant Person for commercial electronic messages in electronic environment, the membership agreement approved by him, the corporate membership agreement, the services provided by Moodart. other legal texts and contracts
  • Direct Marketing Information: SMS, e-mail messages or calls made by the call center for marketing purposes sent based on the commercial electronic message permission given by the person concerned.
  • Request/Complaint Management/Reputation Management Information: Records of the complaints and/or requests submitted by the relevant person via the website, mobile application, social media accounts or call center regarding the product or service purchased, and the transactions performed during the evaluation or management of these requests

b) Guest Customer (users who shop on the site without being a member)

  • Identity Information: Name, surname, date of birth, TR ID number
  • Location Information: City of residence, county (delivery address of purchase made via https://moodart.net)
  • Contact Information: mobile phone, e-mail address, address, zip code, landline phone
  • Financial Information: Tax office, invoice information
  • Guest Customer Transaction Information: Purchased product/s, shopping amount, shopping date, call center call records, commercial communication permission, used campaigns, order information
  • Risk Management Information: IP address
  • Transaction Security Information: Password, password information
  • Marketing Information: Cookie records, targeting information, reviews showing habits and likes
  • Audio Data: Call center call recordings
  • Legal Action and Compliance Information: The start and end time of the service provided, the type of service used, the amount of data transferred, the commercial electronic message permission given by the Relevant Person in the electronic environment, other legal texts and contracts that enable to benefit from the services offered by Moodart
  • Direct Marketing Information: SMS, e-mail messages or calls made by the call center for marketing purposes sent based on the commercial electronic message permission given by the person concerned.
  • Request/Complaint Management/Reputation Management Information: Records of the complaints and/or requests submitted by the relevant person via the website, mobile application, social media accounts or call center regarding the product or service purchased, and the transactions performed during the evaluation or management of these requests
2. Online Visitor

 

  • Transaction Security Information: Password, mobile phone, password information
  • Legal Transaction Information/Risk Management Information: IP address
  • Legal Action and Compliance Information: Start and end time of the service provided, type of service utilized, amount of data transferred.
3. Person on whose name the Purchased Product will be Delivered

 

  • Identity Information: Name, surname, date of birth, gender, TR identity number
  • Location Information: City of residence, county (delivery address of purchase made via https://moodart.net)
  • Contact Information: mobile phone, e-mail address, address, zip code, landline phone
  • Financial Information: Tax office, invoice information
4. Vendor/Supplier/Candidate Vendor/Vendor or Supplier Employee or Official

 

  • Identity Information: TR Identity Number, Name Surname
  • Contact Information: e-mail address, telephone, KEP address, address, mobile phone
  • Financial Information: Account No, Tax Office, Tax Identification Number, tax plate, IBAN
  • Legal Transaction and Compliance Information: Signature circular, activity certificate,
  • Special Qualified Personal Data/Legal Transaction Information: Signature
  • Visual Information: Photo

D. In Which Business Processes and For What Purposes Personal Data Are Used

one. a) Member Customer Personal Data

 

  • Execution of membership transactions,
  • \"https://moodart.net\" e-commerce platforms (“platform”) operated by Moodart; Improving the services offered on the website, developing new services and informing about it,
  • For the purpose of performing the Membership Agreement established with the Member Customer, for the Member Customers with commercial electronic message approval; Analyzing the preferences, tastes and needs of the Member Customer and providing special promotions, opportunities and benefits to the Member Customer,
  • Remarketing, targeting, profiling and analysis in line with the express consent of the Member Customer, and promoting and marketing the applications, goods/products and services in line with the Member Customer's preference and liking,
  • Resolving member customer problems and complaints,
  • Improving the Member Customer experience on both the platform and the mobile application,
  • Follow-up of accounting and purchasing transactions,
  • Legal processes and compliance with legislation,
  • Answering information requests from administrative and judicial authorities,
  • Ensuring information and transaction security and preventing malicious use,
  • Making necessary arrangements in order to ensure that the processed data is up-to-date and correct.

b) Guest Customer (users who shop on the site without being a member) Personal Data

  • To be able to shop from the platforms as a “guest”,
  • Improving the services offered on the platforms, developing new services and informing about it,
  • For Guest Customers with commercial electronic message approval; Analyzing the preferences, tastes and needs of the Guest Customer and providing special promotions, opportunities and benefits,
  • Remarketing, targeting, profiling and analysis in line with the express consent of the Guest Customer, and promoting and marketing applications, goods/products and services in line with the Guest Customer's preference and taste,
  • Resolving guest customer problems and complaints,
  • Improving the Guest Customer experience on both the platform and the mobile application,
  • Follow-up of accounting and purchasing transactions,
  • Legal processes and compliance with legislation,
  • Answering information requests from administrative and judicial authorities,
  • Ensuring information and transaction security and preventing malicious use,
  • Making necessary arrangements in order to ensure that the processed data is up-to-date and correct,
  • Fulfillment of legal obligations
2. Online Visitor Personal Data

 

  • Processing of online visitor data within the scope of Law No. 5651,
  • Legal processes and compliance with legislation,
  • Answering information requests from administrative and judicial authorities,
  • Ensuring information and transaction security and preventing malicious use,
  • Fulfillment of legal obligations
3. Personal Data of the Person to whom the Purchased Product will be Delivered

 

  • Execution of product delivery processes,
  • Follow-up of accounting and purchasing transactions,
  • Legal processes and compliance with legislation,
  • Answering information requests from administrative and judicial authorities,
  • Ensuring information and transaction security and preventing malicious use,
  • Making necessary arrangements in order to ensure that the processed data is up-to-date and correct,
  • Fulfillment of legal obligations
4. Personal Data of Seller/Supplier/Candidate Vendor/Vendor or Supplier Employee or Official

 

  • Execution of contract processes,
  • Follow-up of accounting and purchasing transactions,
  • Legal processes and compliance with legislation,
  • Answering information requests from administrative and judicial authorities,
  • Ensuring information and transaction security and preventing malicious use,
  • Making necessary arrangements in order to ensure that the processed data is up-to-date and correct,
  • Fulfillment of legal obligations

to. Technical and Administrative Measures Taken to Ensure the Security of Personal Data

Moodart undertakes to take all necessary technical and administrative measures and to show due diligence to ensure the confidentiality, integrity and security of your personal data.

Moodart takes the necessary measures to prevent unauthorized access, misuse, unlawful processing, disclosure, alteration or destruction of personal data. Moodart uses generally accepted security technology standards such as firewalls and Secure Sockets Layer (SSL) encryption when processing personal data. In addition, when sending your personal data to Moodart via the website, mobile application and mobile site, this data is transferred using SSL.

Regarding the prevention of unlawful access to the personal data that Moodart processes, the prevention of unlawful processing of this data and the protection of personal data:

  • All areas on the website or mobile application from which personal data are obtained are protected with SSL,
  • Creates and implements access authorization and control matrices for its employees so that personal data collected from the website or mobile application is not processed unlawfully,
  • In order to ensure that personal data is not accessed unlawfully; periodically performs penetration tests, tests the system's resistance to unauthorized access,
  • For all secondary data processing other than the primary processing purpose, it uses the Pseudonymization (aliased data) method. It uses encryption methods in the systems where this data is located in order to ensure that the pseudonymous data makes it impossible to identify the person concerned, and applies a stricter access authorization and control policy to this data,
  • It ensures that personal data in paper media is kept in locked cabinets and only accessed by authorized persons.
  • Personal data processed through cookies belonging to third parties from which service is received, are deleted from the systems of third parties if the membership is terminated.

Despite Moodart taking the necessary information security measures, in case personal data is damaged or in the hands of unauthorized third parties as a result of attacks on the platforms operated by Moodart or the Moodart system, Moodart will immediately inform you and the Personal Data Protection Board. and takes the necessary measures.

f. To Whom Personal Data Can Be Transferred And For What Purpose

Moodart transfers personal data to third parties only for the purposes specified in this Privacy and Personal Data Protection Policy and in accordance with Articles 8 and 9 of the KVK Law. Member Customer/Guest Customer data processed in this context and the person to whom the purchased product will be delivered are shared with the seller and the cargo company, and these data can also be accessed by the call center when necessary. The information of the person on whose behalf an invoice will be issued is shared with the cargo company for the purpose of sending the invoice to the relevant person. In addition, your information is shared with the used payment institution (bank virtual pos, İyzico, Lidio).

Mobile phone number and/or e-mail address of the Member Customer/Guest Customer; Based on the commercial electronic message approval, it is shared with the commercial electronic message tool service provider in order to provide promotion, advertisement, benefits and opportunities in line with shopping preferences, tastes and habits.

Website or mobile application usage preferences and browsing history are shared with our domestic/abroad business partners from whom cookie service is obtained, for the purpose of segmentation and communication with the Member Customer/Guest Customer in line with their tastes and preferences. Personal data transfers within this scope are carried out through the secure environment and channels provided by the relevant third party. Depending on the content and scope of the service received from third parties; In all cases where there is no need to transfer the personal data of the Member Customer/Guest Customer, the transfer is made using Pseudonymous data (pseudonym data).

Member Customer/Guest Customer data of Member Customer/Guest Customer are shared with companies that will conduct market research in order to increase customer satisfaction and loyalty.

Within the scope of reporting and statistical studies, the data of the Member Customer/Guest Customer is shared with Moodart, the partners of Moodart.

In addition, your personal data will be shared with our business partners abroad for the purposes of providing business development services, providing statistical and technical services and conducting customer relations.

If the Member Customer/Guest Customer/Online Visitor reaches Moodart via the corporate Whatsapp line, they will have sent their personal data abroad, since the Whatsapp platform is a service offered from abroad. If the Member Customer/Guest Customer/Online Visitor does not want to send their personal data abroad by using Whatsapp, they will be able to use other communication opportunities offered by Moodart.

In addition to the technical measures to ensure their security, the personal data subject to domestic and international transfer we mentioned above; Considering that the other party of the legal relationship is a data controller or a data processor, it is also legally protected thanks to the provisions in line with the KVK Law included in our contracts.

While transferring personal information to countries other than Turkey during the sharing of information as stated above, it is ensured that the data is transferred in accordance with this policy and as permitted by the applicable law on data protection.

g. Personal Data Retention Periods

Moodart preserves the personal data it processes in accordance with the KVK Law for the periods stipulated in the relevant legislation or required by the processing purpose. In our Personal Data Retention and Disposal Policy, these periods are approximately as follows:

Call Center audio recordings 3 years Law No. 6563 and related secondary legislation
Membership and order records 10 years Law No. 6098
All records related to accounting and financial transactions 10 years Law No. 6102, Law No. 213
Cookies Up to 540 days  
Commercial electronic message confirmation records 1 year from the date of withdrawal of consent Law No. 6563 and related secondary legislation
Traffic information about online visitors 2 years Law No. 5651
Information and/or CVs received due to job application 1 year  
Personal data of Member Customer/Guest Customers 10 years after the legal relationship ends; 6563 3 years in accordance with the Law and the relevant secondary legislation Law No. 6563, Law No. 6102, Law No. 6098, Law No. 213, Law No. 6502
Personal data regarding suppliers 10 years after the legal relationship ends Law No. 6102, Law No. 6098 and Law No. 213
Personal data received for the purpose of usability testing research 2 weeks  

You can review our Cookie Policy for the retention periods of the personal data we obtain through cookies.

h. Profiling and Segmentation

Moodart using the personal data processed by the Member Customer/Guest Customer;

  • a. Regarding the Member Customer/Guest Customer who has given consent to receive commercial electronic messages, it carries out profiling and segmentation in order to prepare content more suitable for the Member Customer/Guest Customer's tastes and preferences, and to make advertisements, promotions and discounts.
  • b. In terms of Member Customer/Guest Customer who have not given commercial electronic message approval, profiling and segmentation is carried out;
    • Product improvement (determination of the most sold or unsold product categories),
    • Organizing campaigns for customer groups that have the potential to buy a certain product by making models by analyzing shopping preferences and uploading them to the system,
    • Efforts are being made to take actions to increase the sales potential.

Within the scope of profiling and segmentation studies, the personal data of the Member Customer/Guest Customer, especially name and surname, mobile phone, e-mail or address information, are not used directly, instead, transactions are made with the Member Customer/Guest Customer IDs assigned to them. The personal data of the Customer/Member is protected by the use of the Member Customer/Guest Customer ID or in other words pseudonymous data. Member Customer/Guest Customer IDs are only accessible to relevant persons or departments in Moodart. These IDs assigned to the Member Customer/Guest Customer are kept encrypted within the system by Moodart and access to this section is again only given to limited persons.

I. What are the Rights of the Related Persons on their Personal Data and How They Can Use These Rights

The rights of the Relevant Person on the personal data processed by Moodart pursuant to article 11 of the KVK Law are listed below:

  • Learning whether personal data is processed or not,
  • If personal data has been processed, requesting information about it,
  • Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
  • Knowing the third parties to whom personal data is transferred at home or abroad,
  • Requesting correction of personal data in case of incomplete or incorrect processing,
  • Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the KVK Law,
  • Requesting notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,
  • Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
  • To request the compensation of the damage in case of loss due to unlawful processing of personal data.

In order to exercise your rights over your personal data; You can access your account from the "My Account" section of the Moodart website, mobile application and mobile site and make the necessary changes, updates and/or deletions. In addition, you can apply and exercise your rights through the methods specified in the "Application Form" issued in accordance with Article 13 of the KVK Law on the website or mobile application of electronic commerce platforms operated by Moodart.

j. How Relevant Persons Can Change Their Positive or Negative Preferences for Receiving Electronic Commercial Messages

You can change or update your positive or negative preferences for receiving commercial electronic messages, which you have given at a later time, when you sign up for the website or mobile application of the electronic commerce platforms operated by Moodart, by accessing the "My Account" section.

Termination of membership does not mean withdrawing your consent to receive commercial electronic messages. For this reason, be sure to complete all the procedures to revoke your consent.

In terms of cookie management, you can follow the steps specified in our Cookie Policy.

k. Personal Data Sharing with Official Authorities

Moodart , your personal data regarding your visit or subscription to electronic commerce platforms and mobile applications operated by Moodart, and your traffic information such as your navigation information; Legally request this information in order for Moodart to fulfill its obligation under the law (in cases where Moodart has a legal or administrative obligation to notify or provide information, including but not limited to the fight against crime, the threat of state and public safety, etc.) It will be able to share it with public institutions and organizations authorized to do so.

l. Cookie Usage and Management

You can review our Cookie Policy for detailed information about the cookies used by Moodart, types of cookies, their purposes, storage periods and cookie management.

2. Terms of Deletion, Destruction and Anonymization of Personal Data

Moodart stores the personal data it processes through its website, mobile application or mobile site for the periods stipulated by the relevant laws and/or for the periods required by the purpose of processing, pursuant to articles 7, 17 of the KVK Law and article 138 of the Turkish Penal Code. In the event that these periods expire, it will delete, destroy or anonymize Personal Data in accordance with the provisions of the Regulation on the Deletion, Destruction or Anonymization of Personal Data.

The deletion of personal data by Moodart means the process of rendering personal data inaccessible and unusable for the relevant users in any way. Moodart creates and implements a user-level access authorization and control matrix for this. It takes the necessary measures to perform the deletion in the database.

Destruction of personal data by Moodart means the process of making personal data inaccessible, unrecoverable and unusable by anyone in any way.

Anonymization of personal data by Moodart means that personal data cannot be associated with an identified or identifiable natural person under any circumstances, even if it is matched with other data.

Moodart explains in detail the methods of deletion, destruction and anonymization and the technical and administrative measures it takes within the scope of the Personal Data Storage and Disposal Policy prepared in accordance with the Regulation on the Deletion, Destruction or Anonymization of Personal Data. In this Policy, the period of time for the periodic destruction stipulated by the Regulation is determined as 6 months.

3. Changes to the Privacy/Personal Data Protection Policy

Moodart can make changes to this Privacy/Personal Data Protection Policy at any time. These changes will become effective immediately upon the publication of the amended new Privacy/Personal Data Protection Policy. You, our members, will be informed about the changes in this Privacy/Personal Data Protection Policy.