Privacy Policy

Welcome and thank you for your interest in Güllüzadem (hereinafter Güllüzadem, us or we), our website https://www.grandbazaar.ee, which we offer and which provides a link to this Privacy Policy, and other communications with individuals in writing. or orally, for example by e-mail or telephone (together with the website, hereinafter the Service).

The Privacy Policy (the “Policy”) describes the information we collect on or through the Service, how we use and disclose that information, and the measures we use to protect that information. The Principles apply when you visit the Website, purchase or use the Service.

The Principles form part of the Güllüzadem Terms of Service and apply to the Principles. Capitalized terms used but not defined in the Principles have the meaning assigned to them in the Güllüzadem Terms of Service.

Definitions Customer means a customer of Güllüzadem, i.e. business users who use the Services as a tool.

Personal data is any information about an identified or identifiable natural person.

Public Area means the area of ​​the Website that is accessible to both Users and Visitors without the need to log in. Information we collect on the Service:

We collect different types of information from or through the Service. The legal basis for the processing of personal data for Güllüzadem is, in particular, that the processing is necessary for the provision of the Service in accordance with the Information we collect on the Service:

We collect different types of information from or through the Service. The legal basis for the processing of personal data by Güllüzadem is in particular that the processing is necessary for the provision of the Service in accordance with Güllüzadem’s Terms of Service and is in Güllüzadem’s legitimate interests, as further explained in the “How we use the information we collect” section. We may also process data with your consent, which we will ask for if appropriate.

2.1 Information provided by the Customer when processing the Customer’s personal data during the provision of the Service to the Customer, the Customer is the chief processor and the authorized processor of Gulluzadem. Examples of personal information include name, email address, postal address, billing address, mobile phone number, password, and credit card or other billing information. Personal data also includes other information, such as geographical area or preferences, where such information relates to information that identifies a particular individual. You may provide us with Personal Information on the Service in a variety of ways. For example, when registering an Account, using the Service, posting Customer Data, communicating with other users of the Service through communication or messaging features, or sending customer service related requests. When using the Service and the Registrar, certain Service Solutions may collect information about your exact location or the movement of your device, or both, if you allow it in your device settings. These specific Güllüzadem Service solutions do not track the Client’s location in real time, but the location at the moment the start or stop button is pressed when using the Registrar.

2.2 Information Collected by Customers. The Customer may store or upload Customer Data in the Service. Güllüzadem has no direct relationship with individuals whose Personal Information is hosted online as part of Customer Data. Each Customer is responsible for ensuring that the Customer has a valid legal basis for processing the Personal Data of its customers, employees or third parties through the Services. Each Customer is responsible for informing its customers, employees and third parties about the purpose for which the Customer collects Personal Data and how this Personal Data is processed as part of the Customer Data in or through the Service. If required by applicable law, each Customer is responsible for obtaining valid consents from its customers, employees or third parties for the processing of their Personal Data through the Service prior to the commencement of the processing of Personal Data.

2.3 “Automatically collected” information. When a Visitor uses the Service, we may automatically store certain information about the Visitor’s device using a variety of technologies, including cookies, screen savers, clear gifs or web bedbugs. This “automatically collected” information may include the IP address or other device addresses or IDs, web browser and / or device type, web pages or pages visited immediately before or after using the Service, pages or other content that the Visitor views or interacts with on the Service. , and the dates and times you visited, accessed or used the Service. We may use these technologies to collect information about a Visitor’s communication in emails, such as whether the Visitor opens, clicks on, or forwards a message. Information is collected from all Visitors and Güllüzadem is the controller responsible for processing such information.

2.4 Integrated services. You may be offered access to or join the Service using the usernames and passwords of certain third-party services (specifically referred to as the Integrated Service), such as through your Google Account, or otherwise allow the Integrated Service to provide us with Personal Information or other information. By allowing us to connect to the Integrated Service, you grant us access to, use, and disclosure of your name, email address (es), date of birth, gender, city of location, profile picture URL, and other information made available to us by the Integrated Service. in accordance with the Principles. You should review your privacy settings in each Integrated Service to understand what information the Integrated Service makes available to us and make changes as necessary. Please read the terms of use and privacy policy for each Integrated Service carefully before using those services and connecting to our Service.

2.5 Information from Other Sources We may obtain information, including Personal Information, from third parties and sources other than the Service, such as our partners, advertisers, rating agencies and the Integrated Services. If we combine or link information from other sources with Personal Data we collect through the Service, we will treat the combined information as Personal Data in accordance with the Principles.

3. How we use the information we collect

We use the information we collect in a variety of ways to provide the Services and in the course of our business, including the following:

3.1 Maintenance

We use the information – with the exception of Customer Data – to maintain, preserve, supplement and provide all of the Service’s solutions, to provide the services and information you request, to respond to your comments and questions, and to provide user support to Service users. We process Customer Data only in accordance with the orders given by the respective Customer.

3.2 Additions

We use the information to understand and analyze our Visitors’ usage trends and preferences in order to improve the Service and develop new products, services, solutions and features. If Güllüzadem has to process Customer Data for this purpose, the data will only be used in an anonymised or aggregated form.

3.3 Communications

We may use the Visitor’s email address or other information to contact that Visitor for (i) administrative purposes, such as customer service, to address intellectual property infringement, privacy violations, or defamation charges in connection with Customer Data or Personal Information posted on the Service, or (ii) to notify offers and events related to the products and services we offer or are provided by third parties with whom we cooperate. You may opt out of receiving any promotional material as described in the “Your Choices” section.

3.4 Cookies and other tracking technologies

We use information automatically collected and other information collected on the Service through cookies and similar technologies to: (i) personalize our Service, such as remembering Visitor information so that Visitors do not have to re-enter it during or on subsequent visits; (ii) to provide personalized advertising, content and information; (iii) monitor and analyze the effectiveness of the Service and third party marketing activities; (iv) track aggregate usage of the page, such as the total number of visitors and pages viewed; and (v) track your records, submissions, and status in any advertising or other activities on the Service. More information about cookies can be found at http://www.allaboutcookies.org.

3.5 Analysis

We use Google Analytics to measure and evaluate access and traffic to the Public Area of ​​the Website and to report user navigation to our Website Administrators. Google operates independently of us and has its own privacy policy, which we strongly encourage you to review. Google may use the information collected through Google Analytics to evaluate Visitors’ activity on our Website. Learn more here: Google Analytics Privacy and Data Sharing.

We take steps to protect the technical information we collect when you use Google Analytics. The data collected will only be used on a need-to-know basis to resolve technical issues, administer the Website and identify visitor preferences, but in such cases the data will be in an unrecognizable form. We do not use this information to identify Visitors.

4. To whom we disclose information

Except as described in the Privacy Policy, we do not intentionally disclose to Third Parties Personal Data or Customer Data that we collect or store on the Service without the consent of the respective Visitor or Customer. We may disclose the information to third parties if you consent to us and subject to the following conditions:

4.1 Publicly available information

Any information you choose to voluntarily add to the Public Area of ​​the Service, such as a public profile page, is available to all Visitors who have access to that content.

4.2 Service Providers

We work with third-party service providers who provide us with website, application development, web hosting, maintenance and other services. These third parties may have access to or process Personal Data or Customer Data in the course of providing services to us. The information we provide to these service providers is limited to what is reasonably necessary for them to perform their functions, and the agreements entered into with them oblige them to keep this information confidential.

4.3 Non-personally identifiable information

The ability to make certain automatically collected, aggregated, or otherwise non-personally identifiable information available to third parties for a variety of purposes, including (i) performing various reporting obligations; (ii) for business or marketing purposes; or (iii) to help those individuals understand the interests, habits, and practices of our Customers with respect to certain programs, content, services, and / or features available through the Service.

4.4 Legal protection, legal proceedings and compliance

We may disclose Personal Information or other information if required to do so by law or in good faith, in response to an applicable court order, subpoena or order of a court or other governmental agency, or to otherwise cooperate with law enforcement or other governmental agencies.

We also reserve the right to disclose Personal Data or other information that we believe is bona fide or necessary in good faith to (i) take precautionary measures against liability, (ii) protect ourselves or others from fraud, abuse or illegal use or conduct, (iii) investigate and defend against the claims or claims of any third party, (iv) protect the security or integrity of the Service and any means or equipment used to make the Service available, or (v) protect your property or other benefits, enforce your contracts or protect the rights of others , property or security.

4.5 Change of ownership

Visitor Information, including Personal Data, may be disclosed and otherwise communicated to the acquirer, successor or transferee in a merger, acquisition, debt financing, sale of assets or other transaction, and in the event of insolvency, bankruptcy or administration of the from the Company’s assets and only if the Recipient of the Visitor’s data undertakes to comply with the Privacy Policy, the terms of which are substantially in accordance with these Privacy Policy.

Customer data may be transferred in physical or electronic form to the acquirer or successor or transferee in a merger, acquisition, debt financing, sale of assets or other transaction, and in the event of insolvency, bankruptcy or administration, to one or more third parties only as part of our for the purpose of continuing and only on the condition that the Recipient of the Customer Data undertakes to comply with the Privacy Policy, the terms and conditions of which are substantially in accordance with these Privacy Policy.

5. Your choices

5.1 Access, correction, deletion

We respect your right to privacy and give you reasonable access to Personal Information that you may have provided to us in the course of your use of the Services. If you wish to access or modify any other Personal Data we process about you as a controller, or request that we delete or transmit any information about you that we have received from the Integrated Service, you may contact us “How to Contact Us” as set out in section. At your request, we will delete or block all references to you in our database.

You may refuse to share certain Personal Information with us, in which case we may not be able to provide you with some of the solutions and features of the Service.

You may object to the processing of your Personal Data at any time on a legitimate basis, unless otherwise permitted by applicable law. If you believe that your right to privacy under applicable data protection law has been violated, please contact the Güllüzadem Data Protection Officer at [email protected]. You also have the right to complain to the competent data protection authority.

Clause 5.1 does not apply to Personal Data that is part of the Customer Data. In this case, the Customer’s own Privacy Policy applies to the management of Customer Data (excluding information automatically collected by Güllüzadem) and any request for access, correction or deletion should be made to Customer, who is responsible for uploading and storing such data on the Service.

Güllüzadem has no direct relationship with the Client’s clients, employees, project owners or third parties whose Personal Data it may process on behalf of the Client. An individual who wishes to access or correct, change, delete inaccurate data or withdraw consent for further communication should make his / her request to the Customer or User with whom they communicate directly. If the Customer requests the removal of data from the Güllüzadem, we will respond to this request within thirty (30) days. We will delete, modify or block access to the Personal Data we retain only if we receive a written request to that effect from the Customer who is responsible for that Personal Data, unless we have a legal right to retain that Personal Data. We reserve the right to retain a copy of this data for archival purposes or to protect our rights in litigation. Any request regarding Customer Data should be addressed as set out in the “How to Contact Us” section and should contain sufficient information to enable Güllüzadem to identify the Customer or its customer or a third party and the information to be deleted or changed.

5.2 Navigation information

You may opt out of collecting navigation information about your visit to the Website through Google Analytics using the Google Analytics opt-out solution.

6. Third Party Services

The Service may include solutions or links to websites and services provided by third parties. Any information you provide on third party websites or services is provided directly to the operators of those services and is subject to the privacy and security policies of those operators, if any, even if you use them through the Service. We are not responsible for the content or privacy and security practices of third party websites or services that are linked to or accessed through the Service. We encourage you to read the privacy and security policies of third parties before providing them with information.

7. International Data Transfers, Privacy Shield and Terms and Conditions

Güllüzadem stores all European Customer Data only in EU data centers. Güllüzadem may transfer your Personal Data to countries other than your country of residence. If Güllüzadem transfers Personal Data from the European Union or Switzerland to other countries where an adequate level of data protection is not guaranteed under data protection law, we will apply the following security measures:

EU-US Privacy Shield and Switzerland-US Privacy Shield. To comply with European Union and Swiss data protection laws, Homepastries will only disclose your data to partners who hold an EU-US Privacy Shield and a Switzerland-US Privacy Shield framework certificate. These frameworks were created to enable companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. You can read more about the Privacy Shield program at https://www.privacyshield.gov

European Union standard terms and conditions. Güllüzadem uses European Union Standard Contractual Clauses to meet adequacy and security requirements for Customers operating in the European Union and for other international transfers of Customer Data to a third party who processes your data in countries that do not apply the same data protection standards as in the EEA. thus an adequate level of protection guaranteed by local law. In accordance with the Privacy Shield principles, Güllüzadem undertakes to resolve complaints regarding the collection and use of your personal data by us. EU individuals who have inquiries or complaints about our Privacy Shield policies should first contact the Homepastries Data Protection Officer at [email protected]. In addition, Güllüzadem is committed to cooperating with EU data protection authorities in relation to unresolved Privacy Shield complaints concerning the transfer of personal data from the EU in the context of an employment relationship.

8. Interest-based advertising

Interest-based advertising is the collection of data from different sources and across different platforms to predict a person’s preferences or interests and to send that person or his or her computer, smartphone or tablet an advertisement based on his or her presumed preference or interest derived from that person’s profile or data collected on people with interests.

We work with a variety of third parties to try to understand the profiles of individuals who are most likely to be interested in Güllüzadem products or services so that we can send them commercial emails or show them our ads on other entities’ websites and mobile applications.

These third parties include, but are not limited to: (a) advertising networks that collect information about a person’s interests when that person views or interacts with any of their advertisements; (2) ad performance partners, which measure the effectiveness of certain ad channels and ads; and (3) business partners, who gather information when a person views or interacts with one of their ads.

In cooperation with these third parties, we collect information about our customers, potential customers and other individuals over time and through various platforms when they use or interact with these platforms. Individuals may submit information directly to our Websites or platforms operated by third parties, or through communications with us, our advertisements, or emails received from us or third parties. We may use special tools that are commonly used for this purpose, such as cookies, webbugs, pixels, tags, mobile ad IDs, player cookies, and similar technologies. We may have access to databases of information collected by our business partners. Information collected by us or third parties allows us to know what purchases a person has made, what ads or content the person sees, what ads or links the person clicks on, and other actions the person takes on our Websites or responding to our emails or visiting or using third parties. Platforms for individuals.

We or third parties we work with will use the information we collect as described above to understand the different activities and behaviors of our customers, visitors to the Website and others. We do this or these third parties do so for a variety of reasons including: identifying new or past visitors to our Website; to provide more personalized content; To provide more useful and relevant ads – for example, if we know which ads are showing you, we may try not to show you the same ads repeatedly. to identify devices, sales channels, third-party websites, and visitors across the Websites, or to display or send personalized or targeted advertisements and other customized content that is more focused on a person’s anticipated interest in products or services similar to ours. Our interest-based ads may be served to you via email or on third-party platforms. We may display these advertisements for our products and services or send commercial communications directly or through these third parties. Visitors may opt out of receiving interest-based advertising from ad networks that may be sent to them on our platform and other websites by visiting the following websites: http://www.aboutads.info/consumers and http://www.networkadvertising.org. These solutions remove the Visitor from many, but not all, interest-based advertising activities that we or third parties engage in.

9. Principles of non-monitoring

Some browsers include “non-tracking” solutions. Most of these solutions send a signal or preference when turned on to the website or web-based service that the user is visiting, indicating that the visitor does not want to be followed. As there is currently no common understanding of how to interpret non-tracking signals, we are not responding to a non-tracking signal at this time. We will continue to work with the web industry to define a common understanding of how to handle non-tracking signals.

However, you may opt out of receiving interest-based advertising from ad networks that may appear on our platform and other websites by visiting the following websites. If you would like to opt out of this behavioral advertising, please visit http://www.aboutads.info/consumers and http://www.networkadvertising.org.

These features remove you from many, but not all, interest-based advertising activities that we or third parties engage in. The choices you make may vary depending on your web browser or device. If you delete your cookies or use another web browser or other computer or device, you may need to update your opt-out options. Other third-party Websites offer visitors the option to opt out of receiving interest-based advertising on your Website, which you must verify through your Website settings. For example, to prevent Google from using your online behavior for advertising purposes, visit the Google Ad Settings page.

10. Third Party Cookies

We allow third parties with whom we have a separate agreement to use cookies and other technologies to collect information about how you use the Website. These third parties include, but are not limited to: (a) business partners who collect information when you view or interact with any of their advertisements on the Website, and (2) ad networks that collect information about your interests when you view or interact with any of their advertisements.

The information collected by these third parties will be used to predict your interests or preferences so that they may display advertisements or promotional material on this Website and other websites anywhere on the Internet, tailored to your obvious interests.

Business partners and ad networks that offer online advertising on the Services will have limited access to the limited information about your profile and device necessary to provide you with ads tailored to your obvious interests. It is possible that they may re-use this little information on other websites or services.

We do not share information with these third parties that allows us to identify you immediately (such as your email address), but these third parties may have access to information about your device (such as your IP or MAC address). We do not have access to or control over the technologies that these third parties may use to collect information about your interests, and the privacy practices of these third parties are not covered by this Privacy Notice. Except as discussed in this document, we have no control over these third parties.

10.1 The following types of cookies are used on the Website:

Strictly necessary cookies – These cookies are necessary for you to be able to navigate the website and use its solutions, for example to gain access to the secure areas of the website. Without these cookies, you will not be able to provide the services you have requested. These cookies do not collect information that the visitor identifies.

Performance-related cookies – These cookies collect information about how visitors use the website, such as which pages visitors visit most often and whether they receive error messages on the pages. These cookies do not collect information that the visitor identifies. All information collected by these cookies is aggregated and therefore anonymous. It is only used to improve the operation of the website.

Functionality cookies – These cookies allow the website to remember the choices you make (for example, the language or region in which you live) and to offer improved and more personalized solutions. For example, a website may be able to provide you with local weather or traffic news by storing your current location in a cookie. These cookies can also be used to remember choices related to text size, font style and other editable parts of the website. They can also be used to provide the services you want, such as watching a video or commenting on a blog. The information collected by these cookies can be made anonymous and cannot track your browsing on other websites.

Behavioral Targeted Advertising Cookies – These cookies are used to serve you ads that are more relevant to you and your interests. They are also used to limit the number of times you see your ad and to help measure the effectiveness of your advertising campaigns. These cookies are usually placed by the advertising network with the permission of the website administrator. They will remember that you have visited the website and this information will be shared with other organizations, such as advertisers. Often, targeting cookies or advertising cookies are related to the functionality of a website provided by another organization.

11. Privacy of minors and children

Protecting the privacy of young children is very important. Our Service is not intended for children under the age of 18, and we do not knowingly collect Personal Information from children under the age of 18 without parental consent. If you are under 18, please do not use the Service at any time or in any way. If we become aware that Personal Data has been collected on the Service from persons under the age of 18 and without the consent of the supervised parent, we will take appropriate action to delete that information. If you are a parent or guardian and you become aware that your child under the age of 18 has received a Service Account, you can notify us at [email protected] and request that we delete that child’s Personal Data from our systems.

The Service is not intended for use by minors and is not intended for posting content to share in public or with friends. To the extent that a minor has posted such content on the Service, the minor has the right to have that content deleted or removed using the deletion or removal options described in the Privacy Policy. If you have any questions about this topic, please contact us as described in the “How to contact us” section. Please note, however, that although we offer the option to delete, removing content may not guarantee the complete or complete removal of that content or information.

12. Data security

We adhere to generally accepted standards to protect the information you provide to us, both during and after we receive it. We maintain appropriate administrative, technical and physical security measures to protect Personal Data from accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful processing of Personal Data in our possession. This includes firewalls, password protection, and other access and authentication controls. We use SSL technology to encrypt data transmitted over the public Internet, and we also apply application layer security solutions to further anonymize Personal Data.

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot and do not guarantee the security of the information you transmit or store to us on the Service, and you do so at your own risk. Nor can we guarantee that this information will not be accessed, disclosed, altered or destroyed in violation of our physical, technical or managerial security measures. If you believe that your Personal Information has been compromised, please contact us as described in the “How to Contact Us” section.

If we become aware of a breach of security systems, we will notify you and the authorities of the breach in the manner required by law.

13. Data retention

We retain Personal Data collected from the User only for as long as we need it for the purpose for which we originally collected it, unless otherwise required by law. We store and use the information as necessary to fulfill our legal obligations, resolve disputes and perform contracts as follows: the contents of closed accounts will be deleted within 3 months from the date of closure; backups are kept for 3 months; information related to invoices shall be kept for 7 years from the date of their submission to the Güllüzadem in accordance with Estonian accounting and tax laws; Information on legal transactions between the Client and Güllüzadem is retained for 10 years from the date of its submission to Güllüzadem in accordance with the general limitation periods for civil claims set out in the general part of the Estonian Civil Code.

14. Provisions

While we may allow you to change your privacy settings to restrict access to certain Personal Information, please note that no security measures are perfect or impenetrable. We are not responsible for circumventing the privacy settings or security measures of any Service. In addition, even after the information posted on the Service has been removed, the caching and archiving services may have stored that information and other users or third parties may have made a copy or storage of the information available on the Service. We cannot and do not warrant that the information you post or transmit on the Service will not be viewed by unauthorized persons.

15. Transmission of data

We may transmit, process and store Personal Information that we collect through the Services in central databases and with service providers located in the United States. The United States may not have the same data protection framework as the country in which you use the Services. When we transfer Personal Information to the United States, we protect it as described in the Privacy Policy.

The web hosting of the service is in Estonia or the USA. EU customer databases are located in the Homepastries data center in Tallinn, Estonia. Regardless of whether the database is located in the EU, if you choose to use the Service in the European Union or in other parts of the world where there are laws governing the collection and use of data that may differ from US law, please be aware that you may transfer Customer Data and Personal Data outside of those areas. For storage and processing in the United States by our service providers listed in the Güllüzadem Terms of Service. We comply with the requirements of the GDPR, providing adequate protection for the transfer of personal data from Europe to the United States. In addition, we may transfer your data to the United States, the EEA, other countries or regions that, in accordance with the decision of the European Commission, ensure an adequate level of data protection in relation to the storage and processing of data, the execution of your requests and the administration of the Service.

16. Controller and processor

Güllüzadem does not own, control or manage the use of Customer Data that the Customer stores or processes through the Service. Only the Customer has the right to access, receive and control the use of this Customer Data. Güllüzadem is usually not aware of which Customer Data the Customer actually stores or makes available on the Service and does not have direct access to such Customer Data unless the Customer has given permission to do so or is necessary for the provision of the Services to the Customer.

As Güllüzadem does not collect or determine the use of Personal Data contained in Customer Data and does not specify the purposes for which such Personal Data is collected, the way in which this Personal Data is collected or the use of Personal Data, Güllüzadem does not act as a controller within the meaning of the EU General Data Protection Regulation , hereinafter the GDPR) and has no obligations under the GDPR in this regard. Güllüzadem should only be considered as an authorized processor on behalf of Customers to whom the requirements of the GDPR apply in relation to Customer Data containing Personal Data. Except as otherwise provided in the Privacy Policy, Güllüzadem does not independently transfer or otherwise make available to third parties Customer Data containing Personal Data stored in connection with the Services, except to third party subcontractors who may process such data on behalf of Güllüzadem in connection with Güllüzadem. providing services to Customers. These activities are performed or authorized only by the respective Client.

Pursuant to the Regulation, the Customer is the controller responsible for any Customer Data containing Personal Data, which means that this party controls the manner of collection and use of Personal Data and the determination of the purposes and methods of processing such Personal Data.

Güllüzadem is not responsible for the content of the Personal Data contained in the Customer Data or other information stored on its servers (or subcontractors’ servers) at the Customer’s discretion, and Güllüzadem is not responsible for the way the Customer collects, publishes, distributes or otherwise processes this information. If, in addition to the Terms of Service and the Privacy Policy, you need a signed Data Processing Supplement, you can contact our data protection officer at [email protected].

17. Change and Update of Policies

Please visit this page regularly to be aware of any changes to the Policies that we may update from time to time. If we change the Principles, we will make them available through the Service and refer to the date of the latest version and comply with applicable laws. Your continued use of the Service after the revised Policies become effective means that you have read, understood and agreed to the current version of the Policies.

18. How to contact us

Please contact us if you have any questions or comments about the Principles, your Personal Data, our use and publication practices, or your consent options by sending an e-mail to [email protected]. If you have any concerns or complaints regarding the Principles or your Personal Data, you may contact the Güllüzadem Data Protection Officer at the same e-mail address [email protected].

Your company is the chief processor of personal data, your company forwards the personal data necessary for making payments to the authorized processor AS SEB Bank.