Personal Data Protection Policy (KVKK)

1. Purpose

The purpose of this policy is to ensure that personal data is processed lawfully, fairly, and transparently by Fonerix for specified legitimate purposes.

2. Data Controller

Fonerix LTD. acts as the data controller and is responsible for processing your personal data.

3. Legal Basis and Scope

Data is processed only if:

• The data subject has given explicit consent
• It is required for the performance of a contract
• It is required by law or for the data controller’s legitimate interest

4. Collected Data Categories

• Identity information (name, surname, ID)
• Contact information (address, email, phone)
• Customer transaction data (orders, preferences)
• Marketing data (if explicit consent is given)

5. Data Transfer

Personal data may be transferred to authorized institutions or business partners, domestically or abroad, only when legally allowed or with explicit user consent.

6. Data Security

We apply technical and administrative measures to protect your data against unauthorized access, modification, or disclosure. These include firewalls, encryption, and access controls.

7. Data Subject Rights

Under Article 11 of KVKK, you have the right to:

• Learn whether your data is processed
• Request information and corrections
• Request deletion/anonymization if legal grounds no longer exist
• Object to decisions made by automated systems
• Request compensation in case of unlawful use