top of page
  • BOTIM
  • Whatsapp

   Protection of Personal Data

 

   PRIVACY AND PERSONAL DATA PROTECTION PRINCIPLES

   1. PURPOSE, SCOPE AND DATA CONTROLLER

 

   These Privacy and Personal Data Protection Principles (“Principles”) regulate the principles accepted by ELENS GLOBAL LIMITED (“Company”) or “Data Controller”) regarding the protection of personal data, determine the personal data processing principles regarding the processing of personal data of Visitors, Customers, Prospective Customers, Suppliers, Supplier/Subcontractor Employees, Employee Candidates, Online Visitors (“Person Groups”) and aim to inform the said person groups in accordance with the Law on the Protection of Personal Data No. 6698 (hereinafter referred to as “KVKK No. 6698”).

   2. PRINCIPLES REGARDING PROCESSING OF PERSONAL DATA

 

   As the Company, we process your personal data in the capacity of Data Controller within the framework of the following principles.

   2.1 Processing in Accordance with Law and the Principle of Honesty

   In the processing of your personal data, we act in accordance with the principles introduced by legal regulations and the general rule of trust and honesty. In accordance with this principle, we take into account your interests and reasonable expectations while trying to achieve our personal data processing purposes as the Data Controller, we do not abuse our rights and act in accordance with the principle of transparency in our data processing activities.

   2.2 Ensuring that Personal Data is Accurate and Up-to-date when Necessary

   In line with this principle that emphasizes the importance of the accuracy and up-to-dateness of personal data, your legitimate interests are taken into consideration and periodic checks and updates are made to ensure that the processed data is accurate and up-to-date, and the necessary measures are taken in this direction. In this context, systems are established within the Company to check the accuracy of personal data and make the necessary corrections. In addition, the accuracy of the sources from which personal data is collected is checked and requests arising from inaccuracy of personal data are taken into consideration. Therefore, this principle is also applied in accordance with the right to request correction of your personal data pursuant to the KVKK No. 6698.

 

   2.3 Processing for Specific, Clear and Legitimate Purposes

 

   Your personal data is processed based on clear, clear and legitimate data processing purposes. In this context, we ensure that our personal data processing activities are clearly understandable to the relevant persons, and we determine and clearly state the purposes and legal processing conditions they are based on in Articles 5 and 7 of these Principles.

 

   2.4 Being Related, Limited and Proportionate to the Purpose for Which They Are Processed

 

   Your personal data is processed in a proportionate, purpose-related and limited manner in order to achieve the intended purpose(s) and the processing of personal data that is not related to the achievement of the purpose or is not needed is avoided. Again, within the scope of this principle, personal data is not collected or processed for purposes that do not exist and are planned to be realized later.

 

   2.5 Storage for the Period Stipulated in the Relevant Legislation or Necessary for the Purpose of Processing

   

   Your personal data is stored only for the period stipulated in the relevant legislation or necessary for the purpose of processing. In this regard, as the Data Controller, we take and implement the relevant administrative and technical measures. In this context, first of all, it is determined whether a period is stipulated in the relevant legislation for the storage of personal data, if a period is specified, this period is complied with, if a period is not specified, personal data is stored for the period necessary for the purpose of processing. In the event that the period expires or the reasons requiring processing are eliminated, and if there is no legal reason allowing them to be processed for a longer period, your personal data is deleted, destroyed or anonymized in accordance with the personal data protection legislation.

 

   3. CONDITIONS FOR PROCESSING PERSONAL DATA

 

   Your personal data can be processed by the Company under the conditions set out below.

   3.1 Being Clearly Stipulated in Laws

 

   The basic rule is that personal data cannot be processed without the explicit consent of the relevant persons, and according to this exception, in cases where the processing of personal data is explicitly stipulated in the laws, your personal data can be processed.

 

   3.2 Failure to Obtain the Explicit Consent of the Relevant Person Due to Actual Impossibility

 

   If the processing of personal data is mandatory for the protection of the life or physical integrity of the relevant person or another person who is unable to express his/her consent due to actual impossibility or whose consent cannot be recognized as valid, your personal data can be processed. Accordingly, it is foreseen that personal data can be processed provided that it is mandatory for the protection of the life or physical integrity of the persons in cases where the consent cannot be expressed or is not valid.

 

   3.3 Directly Related to the Establishment or Execution of the Contract

 

   If it is directly related to the establishment or execution of the contract, your personal data may be processed if it is necessary to process personal data belonging to the parties to the contract. With this condition, in case of processing personal data belonging to the parties for the purpose of fulfilling the obligations in a valid contract, there will be no need for explicit consent.

 

   3.4 Fulfillment of Legal Obligations of the Company

 

   If processing is mandatory to fulfill legal obligations as the data controller, your personal data may be processed.

   3.5 Making Personal Data Public

 

   If your personal data is made public by you, that is, shared with the public by you, it may be processed. At this point, it is accepted that the legal interest to be protected is eliminated.

   3.6 Data Processing is Mandatory for the Establishment or Protection of a Right

 

   If data processing is mandatory for the establishment, exercise or protection of a right, your personal data may be processed.

   3.7 Processing of Data Based on Legitimate Interest

 

   Your personal data may be processed if data processing is necessary for the legitimate interests of the Company. Accordingly, the Company may process personal data for purposes such as promotions, salary increases or regulation of social rights of employees, provided that it does not harm the fundamental rights and freedoms of its employees. On the other hand, even in such cases, the basic principles regarding the protection of personal data will be complied with and the balance of interests of the relevant person will be observed.

 

   3.8 Processing Based on Explicit Consent

 

   Although the main rule is that personal data is processed based on explicit consent, the explicit consent of the relevant person is not relied upon in the presence of other conditions specified in this article. Otherwise, abuse of the right may be mentioned. In this context, in cases where your personal data cannot be processed based on any of the conditions specified in these Principles, it is processed based on explicit consent.

   4. CATEGORIZATION OF PERSONAL DATA

 

Data Owner

  • Customer,

Data Category;

  • Identity Information

  • Financial Information

  • Legal Transaction Information

  • Visual and Audio Information

  • Transaction Security

  • Physical Location Security Information

  • Contact Information

  • Marketing Information

  • Customer Transaction Information

 

Data Owner

  • Employee Candidate,

Data Category;

  • Identity Information

  • Contact Information

  • Physical Space Security Information

  • Professional Experience Information

  • Personal Information

  • Transaction Security Information

Data Owner

  • Prospective Customer,

Data Category;

  • Identity Information

  • Contact Information

  • Marketing Information

  • Transaction Security Information

  • Physical Location Security Information

 

Data Owner

  • Visitor

Data Category;

  • Identity Information

  • Physical Space Security Information

  • Process Security Information

  • Health Information

  • Other (HES Code) Information

 

Data Owner

  • Supplier/Business Partner Representative

Data Category;

  • Identity Information

  • Contact Information

  • Financial Information

  • Legal Transaction Information

  • Transaction Security Information

 

 

Data Owner

  • Supplier/Subcontractor Employee

Data Category;

  • Identity Information

  • Contact Information

  • Health Information

  • Legal Transaction Information

  • Physical Space Security Information

  • Professional Experience Information

  • Personal Information

  • Transaction Security Information

 

Data Owner

  • Online Visitor-Member

Data Category;

  • Identity Information

  • Contact Information

  • Transaction Security Information

 

   5. PURPOSES OF PROCESSING PERSONAL DATA

   The Company may process personal data for the following purposes, depending on the relevant person group, within the scope of the personal data processing conditions specified in Articles 5 and 6 of the KVKK No. 6698.

   5.1 CUSTOMER

  • Purpose of Processing

Carrying out the necessary business and operational processes to benefit from the products and services offered by the company.

Data Category

Identity, Communication, Customer Transaction, Marketing

  • Purpose of Processing

Monitoring and execution of legal affairs

Data Category

Identity, Communication, Visual and Audio, Legal Transactions, Finance, Customer Transactions

  • Purpose of Processing

Conducting and supervising business activities

Data Category

Identity, Finance, Legal Transaction, Audiovisual, Transaction Security, Communication, Customer

Transaction, Physical Space Security, Marketing

  • Purpose of Processing

Following up financial and accounting work

Data Category

Identity, Communication, Finance, Customer Transaction

  • Purpose of Processing

Planning and executing customer relations management and customer satisfaction activities

Data Category

Identity, Communication, Marketing, Customer Transaction

  • Purpose of Processing

Following up customer demands and complaints

Data Category

Identity, Contact, Customer Transaction

  • Purpose of Processing

Planning, creating infrastructure and managing, supervising and executing information security processes

Data Category

Identity, Communication, Transaction Security

   5.2 EMPLOYEE CANDIDATE

  • Purpose of Processing

Planning and execution of human resources processes

Data Category

Identity, Communication, Professional Experience, Personnel

 

  • Purpose of Processing

Fulfillment of obligations arising from legislation

Data Category

Identity, Communication, Professional Experience, Physical Space Security, Transaction Security

 

  • Purpose of Processing

Execution of personnel supply processes

Data Category

Identity, Communication, Professional Experience

 

   PROSPECTIVE CUSTOMER

 

  • Purpose of Processing

Execution of necessary business and operational processes to benefit from the products and services offered by the company

Data Category

Identity, Communication, Customer Transaction, Marketing

 

  • Purpose of Processing

Execution and audit of business activities

Data Category

Identity, Finance, Legal Transaction, Audiovisual, Transaction Security, Communication, Customer Transaction, Physical Space Security, Marketing

 

  • Purpose of Processing

Planning and execution of customer relations management and customer satisfaction activities processes

Data Category

Identity, Communication, Marketing, Customer Transaction

 

  • Purpose of Processing

Planning, creation of infrastructure and management, auditing and execution of information security processes

Data Category

Identity, Communication, Transaction Security

 

  • Purpose of Processing

Carrying out activities in accordance with legislation

Data Category

Physical Space Security

 

  • Purpose of Processing

Ensuring the security of building and facility premises and/or facilities

Data Category

Identity, Communication, Physical Space Security, Health Information

 

  • Purpose of Processing

Creating and monitoring visitor records

Data Category

Identity, Communication, Physical Space Security

 

  • Purpose of Processing

Ensuring the security of fixed assets and/or resources

Data Category

Identity, Physical Space Security

 

  • Purpose of Processing

Ensuring technical and commercial work safety

Data Category

Identity, Physical Space Security

 

  • Purpose of Processing

Ensuring the security of institution operations

Data Category

Identity, Physical Space Security

 

  • Purpose of Processing

Providing information to authorized institutions and organizations based on legislation

Data Category

Identity, Physical Space Security

 

   SUPPLIER / BUSINESS PARTNER REPRESENTATIVE

 

  • Purpose of Processing

Carrying out the necessary business and operational processes to benefit from the products and services offered by the company.

Data Category

Identity, Communication, Finance, Transaction Security, Legal Process

 

  • Purpose of Processing

Carrying out the necessary work for the realization of commercial activities carried out by the company and carrying out related business processes.

Data Category

Identity, Communication, Finance, Transaction Security, Legal Process

 

   SUPPLIER / SUBCONTRACTOR EMPLOYEE

 

  • Purpose of Processing

Planning and execution of human resources processes

Data Category

Identity, Communication, Health, Legal Procedures, Physical Space Security, Professional Experience, Personnel, Transaction Security

 

  • Purpose of Processing

Conducting personnel activities

Data Category

Identity, Communication, Health, Professional Experience, Personnel

 

  • Purpose of Processing

Fulfilling obligations arising from legislation

Data Category

Identity, Communication, Health, Legal Procedures, Physical Space Security, Professional Experience, Personnel, Transaction Security

 

  • Purpose of Processing

Conducting necessary business and operational processes to benefit from the products and services offered by the company

Data Category

Identity, Communication.

 

  • Purpose of Processing

Conducting necessary studies to carry out commercial activities carried out by the company and carrying out related business processes

Data Category

Identity, Communication

 

   ONLINE VISITORS

 

  • Purpose of Processing

Conducting marketing analysis studies

Data Category

Identity, Communication, Transaction Security

 

  • Purpose of Processing

Conducting advertising / campaign / promotion processes

Data Category

Identity, Communication, Transaction Security

 

  • Purpose of Processing

Conducting communication activities

Data Category

Identity, Communication, Transaction Security

 

  • Purpose of Processing

Conducting product and service development studies

Data Category

Identity, Communication, Transaction Security

 

  • Purpose of Processing

Conducting activities in accordance with legislation

Data Category

Identity, Communication, Transaction Security

 

   6. TRANSFER OF PERSONAL DATA

 

   Your personal data may be transferred to our group companies, business partners, suppliers, legally authorized public institutions and private individuals located in Turkey and abroad, within the framework of the principles and purposes set forth in Articles 3 and 5 of these Privacy and Personal Data Protection Principles and the personal data processing conditions and purposes set forth in Articles 8 and 9 of the KVKK No. 6698, in a limited manner.

 

   7. METHOD AND LEGAL REASON FOR COLLECTING PERSONAL DATA

 

   Your personal data transmitted to the Company electronically is processed according to the relevant person groups as follows.

   7.1 CUSTOMER

 

   Customer personal data is processed automatically by obtaining it from the person or a third party as part of the data recording system, in physical and electronic environments, through written or verbal data transfer tools, based on the legal reasons stated in Article 5 of the KVKK No. 6698, “the processing of personal data belonging to the parties to the contract is necessary, provided that it is directly related to the establishment or execution of a contract”, “it is mandatory for the data controller to fulfill its legal obligation”, “the processing of data is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person”, and “explicit consent”.

 

   7.2 CANDIDATE CUSTOMER

   Personal data of the candidate customer is processed automatically by being received from the person or a third party as part of the data recording system, in physical and electronic environments, with written or verbal data transfer tools, based on the legal reasons of “being made public by the relevant person”, “data processing is mandatory for the establishment, exercise or protection of a right”, “data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person”, “it is mandatory for the data controller to fulfill its legal obligation”, “explicit consent” as stated in Article 5 of the KVKK No. 6698.

 

   7.3 CANDIDATE EMPLOYEE

   Employee Candidate personal data is processed automatically by filling out an application form electronically, by filling out a physical form, as part of the data recording system, from the person or a third party, based on the legal reasons stated in Article 5 of the KVKK No. 6698, in the context of an employment contract that may be established, “the processing of personal data belonging to the parties to the contract is necessary, provided that it is directly related to the establishment or execution of a contract”, “it is mandatory for the data controller to fulfill its legal obligation”, “the processing of data is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person”.

   7.4 VISITOR

   Visitor personal data is processed automatically by filling out an application form electronically, as part of the data recording system, from the person or a third party, based on the legal reasons stated in Articles 5 and 6 of the KVKK No. 6698; Based on the legal grounds that “it is mandatory for the data controller to fulfill its legal obligations” and “data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person” or with your explicit consent, images are recorded and processed automatically through security cameras located in the service area of ​​the entrance doors, building exterior, meeting rooms and event areas, dining areas, cafeteria, entrance waiting area, car park, elevators and floor corridors within our service building.

   7.5 SUPPLIER / BUSINESS PARTNER OFFICIAL

   Supplier / Business Partner authorized person personal data is processed automatically by receiving it from the person or a third party as part of the data recording system in physical and electronic environments, through written or verbal data transfer tools, based on the legal reasons stated in Article 5 of the KVKK No. 6698, “the processing of personal data belonging to the parties to the contract is necessary provided that it is directly related to the establishment or execution of a contract”, “it is mandatory for the data controller to fulfill its legal obligation”, “the processing of data is mandatory for the legitimate interests of the data controller provided that it does not harm the fundamental rights and freedoms of the relevant person”.

   7.6 SUPPLIER / BUSINESS PARTNER EMPLOYEE

   Personal data of Supplier / Business Partner employees are processed automatically by obtaining it from the person or a third party as part of the data recording system in physical and electronic environments, with written or verbal data transfer tools, or based on the legal reasons stated in Articles 5 and 6 of the KVKK No. 6698, such as “the processing of personal data belonging to the parties to the contract is necessary provided that it is directly related to the establishment or execution of a contract”, “it is mandatory for the data controller to fulfill its legal obligation”, “the processing of data is mandatory for the legitimate interests of the data controller provided that it does not harm the fundamental rights and freedoms of the relevant person” or by obtaining explicit consent.

   7.7 ONLINE VISITOR

   Online Visitor / Member, personal data is processed automatically based on the legal reasons of “data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person” and “it is mandatory for the data controller to fulfill its legal obligation” as stated in the Law No. 5651 on Regulation of Publications Made on the Internet and Combating Crimes Committed Through These Publications and Article 5 of the KVKK No. 6698.

 

   8. SECURITY OF PERSONAL DATA

   In order to ensure the security of personal data and prevent unlawful processing, the Company takes reasonable measures to prevent unauthorized access risks, accidental data loss, deliberate deletion of data or damage to data.

All necessary technical and physical measures are taken to prevent access to personal data by people other than those authorized to access it. In this context, the authorization system in particular is designed in a way that prevents individuals and systems from accessing more personal data than necessary.

   The Company conducts and has the necessary audits carried out in its own institution or organization in order to ensure the implementation of the provisions of the Law No. 6698 on Personal Data Protection Law.

   9. COMMITMENTS REGARDING THIRD PARTY PERSONAL DATA

   The Personal Information of Third Parties transmitted by the Person Groups is accepted by the Person Group and consent is given to be processed by the Company. The Relevant Person Group also undertakes to provide the necessary information and obtain permissions in accordance with Law No. 6698 on Personal Data Protection Law regarding the transmitted individuals and their information. Otherwise, any damages that may occur will remain with the Relevant Person Group.

 

   10. APPLICATION PROCEDURES AND PRINCIPLES

   As the relevant person, if you have a request regarding your rights stipulated in Article 11 of Law No. 6698; You can apply in writing to our address UNIT 501 LEROY HOUSE 434-436 ESSEX ROAD LONDON ENGLAND N1 3QP by filling out the Related Person Application Form that you can obtain from our web page and in any case meeting the minimum conditions stipulated by the Communiqué on the Procedures and Principles of Application to the Data Controller; with the e-mail address registered in our system to or with a secure e-signature, in person or through a notary public. We will finalize your application free of charge as soon as possible and within 30 days at the latest, depending on the nature of your request, as . However, if the transaction requires an additional cost, the fee determined by the Personal Data Protection Board will be collected by . In this context, you have the following rights as the related person;

 

• To learn whether personal data has been processed,

• To request information if personal data has been processed,

• To learn the purpose of processing personal data and whether they are used in accordance with their purpose,

• To know the third parties to whom personal data is transferred domestically or abroad,

• To request correction of personal data if it is processed incompletely or incorrectly,

• To request deletion or destruction of personal data within the framework of the conditions stipulated in the relevant legislation,

• To request notification to third parties to whom personal data is transferred,

• To object to the emergence of a result against the person by analyzing the processed data exclusively through automated systems,

• To request compensation for the damages incurred due to the unlawful processing of personal data.

 

   EXPLICIT CONSENT TEXT REGARDING THE PROCESSING OF HEALTH DATA

   I hereby give my explicit consent, with the right to revoke it, to the processing of my special personal data in the form of health data (lens prescription, eye numbers) that I shared with you online through the website or by phone through the call center or physically in the store, by ELENS GLOBAL LIMITED located in England as the data controller in order to carry out product sales processes in accordance with the legislation.

   SOCIAL MEDIA INFORMATION TEXT

   As ELENS GLOBAL LIMITED; If you share your identity, communication, customer transaction, health data and other personal data included in the message content by communicating with us through all kinds of social media applications such as Whatsapp, Facebook, Instagram;

 

a) Correct addressing of the person with whom communication is made,

b) Conducting communication activities,

c) Conducting product sales processes,

e) Conducting customer satisfaction processes and following up on customer requests and complaints,

f) Conducting after-sales support services,

 

   It is processed for limited purposes.

   This personal data is not shared with third parties within the scope of the above processing purposes, except for our business partners established abroad, Whatsapp, Facebook, Instagram.

   This personal data is automatically processed through the relevant platform based on the legal reason “it is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person” and explicit consent, as specified in Article 5 of the Law on the Protection of Personal Data (“Law”).

   You can apply for your requests within the scope of Article 11 of the Law regulating the rights of the relevant person; You can send it to our e-mail address info@elens.ae with your e-mail address registered in our system or with a secure e-signature, in writing to our address UNIT 501 LEROY HOUSE 434-436 ESSEX ROAD LONDON ENGLAND N1 3QP

   COOKIE POLICY

  1. Why Are Cookies Used

   A cookie is information stored on your computer by a visited web page. Cookies are not malicious software or applications that harm your computer. On the contrary, cookies are used to remember the preferences you made on your previous visit to the web pages you have visited, thus ensuring that a higher quality service is provided with correct configuration and correct information on second and subsequent visits.

   Information on some types of cookies is provided below:

   Institution Cookies

   Institution cookies are used for purposes such as the page view of the user visiting the web page and also for calculating the number of sessions and users on the page. The web page first accesses the data using the Institution Cookie and can produce its general analysis and report for the page.

   Third Party Cookies

   Third party cookies refer to cookies of other elements outside the visited web page rather than cookies created by the visited web page. Third party cookies are tracked and behavioral actions can be controlled with applications such as social plugins, advertisements or site plugins.

   Session Cookies

   Session cookies are used to track users who connect to the web page and log in there. They are used especially for tracking shopping actions, remembering products added to the cart, etc. These cookies are deleted when the browser is closed.

   Persistent Cookies

   Persistent cookies are a type of cookie that can be included after the browsers used for internet access are closed. They are used especially for username and password use.

   Secure Cookies

   Secure cookies are used only for web pages with HTTPS or SSL certificates to control secure cookies, that is, transactions containing encrypted data.

  1. How and Why Do We Use Cookies?

   As a company, we use Institutional Cookies, Third Party Cookies, Session Cookies, Persistent Cookies and Secure Cookies on our website to distinguish our valued visitors from other users and to provide you with a better quality service.

   We have categorized the cookies we can use on our website as follows:

1. Absolutely Necessary

2. Efficiency and Functionality

3. Marketing (Explicit Consent)

 

   Absolutely Necessary cookies allow you to navigate our website and use basic features such as secure areas. If absolutely necessary cookies are blocked, we cannot guarantee how our website will perform during your visit and its security.

   How Do You Manage Cookies?

   You can ensure that the cookies you allow are not used at any time. If the cookies used are deleted, our website will not process cookies until we receive your permission again. If you reload the page, your explicit consent will be requested again for the use of cookies. If you give explicit consent, cookies can be processed, otherwise they cannot be processed.

   How to Exercise Your Rights?

   If you believe that any personal data we hold is incorrect or incomplete, you have the right to see, correct or delete this information. Please contact us for your requests, suggestions and complaints.

   If you would like to learn more about how we use your personal information, please contact us. We will quickly evaluate your request and provide you with support as soon as possible.

   You can send your requests regarding your rights stipulated in Article 11 of Law No. 6698 to the “Application Form for the Protection of Personal Data” on our website by filling out the relevant form; to the “” KEP address, or to the e-mail address; You can apply for your requests by sending a message with mobile signature or e-signature or by submitting a written application with wet signature in person to the address “UNIT 501 LEROY HOUSE 434-436 ESSEX ROAD LONDON ENGLAND N1 3QP” with the relevant form or through a notary. We will finalize your application free of charge as soon as possible and within 30 days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, the fee determined by the Personal Data Protection Board will be charged.

bottom of page