KVKK Information Form

Law on the Protection of Personal Data Information Form

INFORMATION FORM ON THE PROTECTION OF PERSONAL DATA

Gravis Insurance CO.LTD. Basic information regarding the protection of personal data transferred is mentioned below. Gravis, Law No. 6698 about Personal Data Protection("KVKK") m. It submits the following explanations to the attention of our customers and third parties who use our website so that they fulfill the lighting obligation arising from the 10th. Gravis reserves the right to update this statement related to the Protection of Personal Data at any time according to the framework of the changes that can be done in the actual legislation.

According to the Law No. 6698 about the Protection of Personal Data ("KVKK") published in the Official Newspaper dated 07.04.2016 and numbered 29677, all kinds of personal information ("personal data" obtained / to be obtained by our company with the title of data controller or that you share / will share by our company ), will be processed by our company within based on the described framework below and in the manner provided in the mentioned Law, and all kinds of transactions done on your information, including obtaining, recording, storing, preserving, changing, disclosing, transferring, making available your information automatically or not, We inform you that it means "processing of personal data". Moreover, the Law No. 6563 about the Regulation of Electronic Commerce includes provisions on the protection of personal data. In some cases, criminal sanctions are made for the purpose of personal data protection through the provisions of the Turkish Penal Code No. 5237. On the other hand, it is necessary to collect and use data in order to fulfill our obligations arising from the Law on Consumer Protection No.6502 and the Regulation on Distance Contracts.

THE PURPOSE OF PROCESSING YOUR PERSONAL DATA AND LEGAL REASONS

Our company is a part of all national / international legislation and secondary regulations published by national / international competent authorities based on these or the obligations (identification, information storage, reporting, information, etc.) fulfillment; Your personal data are processed by our company for purposes such as the establishment of contracts for all kinds of products and services you request from our company and the arrangement of all other records and documents (in paper or electronic media), the provision of such products and services, and for legal reasons.

WHAT ARE GRAVİS SİGORTA CO.LTD PERSONAL DATA USED FOR?

Gravis Insurance Co.Ltd In cases and in accordance to legislation permission, it will be able to record, store, update, disclose to third parties, transfer, classify and process your personal information.

Your personal data are used for the following purposes:

- Confirming the identity information of the shopper / shopper through the website / mobile applications,
- To record the address and other necessary information for communication,
- To communicate with our customers about the conditions, current status and updates of the contracts we have concluded under the relevant articles of the Law on the Distant Sales Agreement and Consumer Protection, to be able to provide the necessary info

to organize all applications on electronic systems ( internet/mobile etc) and paper based enviroment.

To fulfill the obligations taken according to the contracts we have concluded under the relevant articles of the Distance Sales Agreement and the Law on the Protection of the Consumer,

- Providing information to public officials on public security issues upon request and in accordance with the legislation,
- To provide a better shopping experience to our customers, to inform our customers about our products that our customers may be interested in, "taking into account the interests of our customers", to convey the campaigns,
- To be able to offer suggestions to our customers by our contracted institutions and solution partners, to inform our customers about our services,
- To be able to evaluate customer complaints and suggestions regarding our services,

According to our agency agreement, you can access the clarification text of Sompo Sigorta A.Ş., to which your personal data is transferred, from the link https://www.somposigorta.com.tr/kurumsal/ legaluyguimler/musteri-aydinlatan- text.

https://www.gravissigorta.com.tr/ in order to provide you with better service and to benefit its members from the benefits of the membership and shopping platform based on its legal obligation, with a condition of not using it outside the purposes and scope specified in this Privacy / Personal Data Protection Statement. will collect, process, and store your information securely.

https://www.gravissigorta.com.tr/ monitors your browsing information and / or your membership usage history on the site in order to improve the content of the website or mobile application for you and / or to determine your preferences. You can remove persistent cookies and reject both session cookies and persistent cookies by following the instructions given in your internet browser's "help" file or by visiting www.allaboutcookies.org or www.youronlinechoices.eu. If you refuse persistent cookies or session cookies, you may continue to use the website, but you may not be able to access all functions of the website or your access may be limited.

https://www.gravissigorta.com.tr/, the data provided by our customers, are processed by Gravis according to the consent of our customers and the provisions of the legislation. Gravis Insurance Co.Ltd. In order to provide better service to its visitors and based on its legal obligation, it will collect, process, share with third parties and keep it securely, provided that it is not used for the purposes and scope specified in this Statement on the Protection of Personal Data.

Gravis Insurance Co.Ltd You can match the information collected from you on the site at any time or with different methods like information collected online and offline, and use this information together with information from other sources such as third parties.

PERSONS OR ORGANIZATIONS THAT YOUR PROCESSED PERSONAL DATA CAN BE TRANSFERRED FOR THE PURPOSES STATED BELOW

Your personal data is permitted by all the above-mentioned national / international legislation and / or persons or entities (judicial and administrative authorities, other official institutions and corporations and individuals), indirect / direct domestic / foreign affiliates or our subsidiaries, according to our agency agreement, to Sompo Sigorta A.Ş., Gravis Sigorta Co.Ltd. i. can be transferred to domestic / international / international, public / private institutions and organizations, companies and other third persons or organizations that have received service / support / consultancy or cooperated or become project / program / financing partners.

COLLECTING PERSONAL DATA AND LEGAL REASON METHOD

Gravis Insurance Co.Ltd.  Personal data shared with Gravis Sigorta Co.Ltd. is under its supervision and control. Gravis Insurance Co.Ltd. according to the provisions of the relevant legislation in force, it took the responsibility as a data controller to establish the necessary organization as a protection for the confidentiality and integrity of information and to take and adapt technical measures. as an awareness of our obligation regarding this matter, infiltration tests are periodically conducted based on international and national technical standards related to data privacy, and we hereby inform you that we always update our data processing policies.

For the legal reasons explained above, your personal data can be collected verbally, in writing or electronically through our Company's Head Office Units, Branches, internet branch, call center and all other similar channels, automatically or non-automatically.

PROVIDED IN THE ARTICLE 28 OF THE KVKK "EXCLUSIONS", THE RIGHTS UNDER ARTICLE 11 OF THE Aforementioned Law.

According to KVKK, your personal data;

1. Learning whether it has been processed,
2. Requesting information if processed,
3. Learning the purpose of processing and whether it is used appropriately,
4. To know the third persons to whom he / she has been transferred at home / abroad,
5. Requesting correction if incomplete / incorrectly processed,
6. To request their deletion / destruction within the framework of the conditions stipulated in article 7 of the KVKK,
7.Requesting the third parties to be notified of the transactions made pursuant to subparagraphs (d) and (e) above,
8. To object to the emergence of a result against you because it is analyzed exclusively by automatic systems,
9. We would like to remind you that you have the right to demand the compensation of the damage in case you suffer damage due to processing in violation of KVKK.


While contacting our company (a) to learn whether your personal data is processed, if it has been processed, the relevant information, the purpose of processing and whether it is used for this purpose, and the third parties in the country or abroad to whom the data is transferred b) to correct your personal data if it is incomplete or incorrectly processed To request the deletion or destruction of your personal data according to the conditions stipulated in Article 7 of the Law and to notify the third parties to whom the information is transferred to the transactions made by our Company in this context, c) to object to this if a result occurs against you due to the analysis of your personal data exclusively with automated systems, and In case you suffer damage due to unlawful processing, you have the right to demand compensation for the damage. It is possible to use your rights under this article as of 07.10.2016, which is the effective date of the regulation, and we reserve the right to demand from you the expenses to be made by our Company in order to fulfill your requests according to the tariff stated in the 13th article of the KVKK titled "Application to the data controller".

All the provisions mentioned above are supposed to have been read by you and the content fully accepted.