Personal Data Protection Law

Pursuant to the Law on the Protection of Personal Data No. 6698 (“KVKK”), the privacy and security of your personal data are of great importance to us within the scope of the Modern Form ve Nesiller Website. In this context, all personal data you transmit to us or share via our digital systems is processed, stored, and protected within the framework specified below.

Data Controller

Acting as the “Data Controller” under the KVKK, we process your personal data for the purposes listed below:

Modern Form ve Nesiller Website Address: Yeşilyurt Mahallesi, Sipahioğlu Caddesi No:1/1 Kat:3 Daire:5 Bakırköy – İstanbul Web: modernformunesiller.com and mfninsaat.com E-mail: info@mfninsaat.com Phone: +90 534 488 5663Effective Date: 16.12.2025

Within the scope of the Modern Form ve Nesiller Website, we act in accordance with the following principles while fulfilling our obligations regarding the processing, protection, and storage of personal data under the KVKK.

1. PURPOSE AND SCOPE

The purpose of this Clarification Text (Privacy Notice) is to explain the methods by which personal data processed via the Modern Form ve Nesiller Website or our other communication channels is handled, under what conditions it is shared, and how it is protected. This text covers our websites, contact forms, call/message channels, and all related personal data processing activities.

2. DEFINITIONS

  • Personal Data: Any information relating to an identified or identifiable natural person.

  • Special Categories of Personal Data: Sensitive data such as race, religion, and health information.

  • Data Controller: The natural or legal person who determines the purposes and means of processing personal data.

  • Data Subject (Concerned Person): The natural person whose personal data is processed.

  • Other definitions are as specified in the KVKK and related secondary regulations.

3. PRINCIPLES FOR PROCESSING PERSONAL DATA

  • Compliance with the law and rules of integrity.

  • Being accurate and up-to-date.

  • Processing for specific, explicit, and legitimate purposes.

  • Being connected, limited, and proportionate to the purpose for which they are processed.

  • Retention for the period stipulated in the relevant legislation or required for the purpose for which they are processed.

4. CONDITIONS FOR PROCESSING PERSONAL DATA

Personal data is processed in the presence of at least one of the conditions specified in Articles 5 and 6 of the KVKK. In this context, your data may be processed in the following cases:

  • Your explicit consent exists,

  • It is directly related to the establishment or performance of a contract,

  • It is mandatory for us to fulfill our legal obligations,

  • It is mandatory for the establishment, exercise, or protection of a right,

  • Data processing is mandatory for our legitimate interests (provided that it does not harm your fundamental rights and freedoms).

Special categories of personal data are processed within the framework of stricter security measures stipulated in the KVKK and relevant legislation.

5. OBLIGATION TO INFORM

Pursuant to Article 10 of the KVKK, data subjects are informed in a clear and understandable manner regarding:

  • By whom,

  • For what purposes,

  • By what methods,

  • Based on which legal grounds their personal data is processed,

  • For how long it is processed and to whom it may be transferred.

6. RIGHTS OF THE DATA SUBJECT

Pursuant to Article 11 of the KVKK, as a data subject, you have the following rights:

  • To learn whether your personal data is processed,

  • If processed, to request information regarding this,

  • To learn the purpose of processing and whether the data is used in accordance with its purpose,

  • To know the third parties to whom personal data is transferred domestically or abroad,

  • To request correction of your personal data if it is incomplete or incorrectly processed,

  • To request the deletion or destruction of your personal data if the reasons requiring processing have ceased to exist,

  • To request that the operations carried out be notified to third parties to whom personal data has been transferred,

  • To object to the occurrence of a result against you by analyzing your processed data exclusively through automated systems,

  • To request compensation for damages in case you suffer damage due to the unlawful processing of your personal data.

In this context, you can submit your requests to info@mfninsaat.com or to the following postal address: Yeşilyurt Mahallesi, Sipahioğlu Caddesi No:1/1 Kat:3 Daire:5 Bakırköy – İstanbul

7. PURPOSES OF DATA PROCESSING

The Company processes your personal data for the following purposes:

  • Responding to information requests submitted via websites and managing communication processes,

  • Conducting project, service, and sales processes; customer/potential customer relations and demand management,

  • Conducting after-sales support processes,

  • Conducting information security processes and ensuring business continuity,

  • Product/service marketing, promotion, analysis, reporting, and improvement activities (within the scope of explicit consent where necessary),

  • Fulfilling legal obligations and mandatory notifications based on legislation,

  • Conducting accounting, finance, audit, and operational processes,

  • Complaint and request management, providing satisfaction-oriented service.

8. TRANSFER OF DATA

Your personal data may be transferred, in accordance with Articles 8 and 9 of the KVKK and limited to the purposes specified above, to:

  • Our business partners and suppliers,

  • Legally authorized public institutions and organizations,

  • If necessary, our domestic and foreign service providers (e.g., companies providing IT, hosting/storage, security, call center, CRM/communication infrastructure services).

In the event of data transfer abroad, the transfer is carried out by ensuring the necessary conditions in line with the KVKK and the decisions of the Personal Data Protection Board.

9. DATA SECURITY

To protect the confidentiality, integrity, and accessibility of personal data, the Company takes necessary technical and administrative measures such as:

  • Authorization matrix and access controls,

  • Encryption, logging, firewalls, and similar technical precautions,

  • KVKK and information security training for employees,

  • Confidentiality and data processing agreements signed with third parties.

10. RETENTION AND DESTRUCTION

Your personal data is retained for the period stipulated in the relevant legislation or required for the processing purposes; upon the expiration of these periods, it is deleted, destroyed, or anonymized in accordance with the Company’s Personal Data Retention and Destruction Policy. Destruction processes are carried out and recorded taking into account periodic destruction intervals.

11. AMENDMENTS TO THE POLICY / NOTICE

This Clarification Text may be revised when necessary in line with amendments to the KVKK and relevant legislation or updates in Company practices. Changes become valid from the date they are published on modernformunesiller.comand/or mfninsaat.com.