1. General Information

This Privacy Policy explains our policy regarding the protection and processing of personal data collected through the fitosmile.com website operated by Etabsan Arge Teknoloji A.Ş. operating under the brand Fitosmile (hereinafter referred to as “our Company”, “we”, or “Fitosmile”).

This policy has been prepared in accordance with the Law on the Protection of Personal Data No. 6698 (“KVKK”) and related legislation.

2. Data Controller

3. Collection and Processing of Personal Data

3.1 Collected Personal Data

The following personal data may be collected when you visit our website and use our services:

• Identity Data: First name, last name
• Contact Data: Email address, phone number, address details
• Customer Transaction Data: Order history, payment information, delivery information
• Marketing Data: Marketing permissions, communication preferences
• Technical Data: IP address, cookie information, browser type, pages visited

3.2 Methods of Collecting Personal Data

Your personal data is collected through the following methods:

• Registration processes via the website
• Order and purchase transactions
• Contact forms
• Conversations with customer service
• Cookies and similar technologies
• Social media platforms

4. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

• Conducting the sale of products and services
• Managing order tracking and delivery processes
• Providing customer service
• Fulfilling legal obligations
• Carrying out marketing activities (with your explicit consent)
• Ensuring website security
• Improving user experience
• Conducting statistical analysis

5. Legal Grounds for Processing Personal Data

Your personal data is processed based on the following legal grounds stated in Article 5 of the KVKK:

• Your explicit consent
• Being directly related to the establishment or performance of a contract
• Fulfilling a legal obligation
• Protection of legitimate interests

6. Retention Period of Personal Data

Your personal data is retained for the duration necessary in connection with the purposes for which they are processed. This period includes:

• Legal retention obligations (Tax law: 5 years, Turkish Code of Obligations: 10 years)
• Durations required by business processes
• Periods necessary for resolving legal disputes

7. Sharing of Personal Data

Your personal data may be shared with third parties in the following cases:

• Service Providers: Cargo companies, payment institutions, IT service providers
• Business Partners: Suppliers and distributors
• Legal Obligations: Public institutions and organizations (in case of legal obligation)
• Group Companies: [If there are group companies]

8. Rights of the Data Subject

Pursuant to Article 11 of the KVKK, you have the following rights:

9. Application Methods

As a personal data subject, you can apply to exercise your rights through the following methods:

10. Cookie Policy

Cookies are used on our website to improve user experience and analyze site performance. For detailed information on cookie usage, please review our [Cookie Policy] page.

11. Security Measures

The following technical and administrative measures have been taken to ensure the security of your personal data:

• Encrypted data transmission with SSL certificate
• Secure servers and databases
• Access control systems
• Regular security tests
• Personnel training

12. Third-Party Links

There may be links on our website redirecting to third-party websites. The privacy policies of these sites are not under our control and are not covered by this policy.

13. Children’s Privacy

Personal data of children under the age of 13 are not processed without parental or guardian consent. Special protective measures are taken for products or services targeting children.

14. Policy Changes

Changes to this Privacy Policy become effective upon being published on our website. Registered users are informed of significant changes.

15. Contact

For questions regarding the Privacy Policy: