​

SERVICE PROVIDER

Trade Name: Mİ DANIŞMANLIK VE ORGANİZASYON HİZMETLERİ - ZÜMRA ATALAY KÜÇÜKASLAN

Address: Ferahevler Mah. Yavuz Sk. No:17/1 Sarıyer, İstanbul

Phone: +90 530 240 49 17

Web: https://www.mindfulnessinstitute.com.tr/

E-Mail: bilgi@mindfulnessinstitute.com.tr

Mİ DANIŞMANLIK VE ORGANİZASYON HİZMETLERİ CLARIFICATION TEXT AND PRIVACY POLICY

This Clarification Text has been prepared by Mİ DANIŞMANLIK VE ORGANİZASYON HİZMETLERİ (Mindfulness Institute) (hereinafter referred to as the "Data Controller", "Company", or "Mindfulness Institute") in order to ensure that the personal data of visitors to our website is processed in accordance with the relevant legislation—primarily the Constitution of the Republic of Turkey, international conventions on human rights to which our country is a party, and the Personal Data Protection Law No. 6698 ("KVKK")—and to enable the data subjects to exercise their rights effectively. All personal data shared with our Company may be processed lawfully, proportionately, and in connection with our operational and service purposes.

Personal Data Processed by the Data Controller

• Identity Information: First name, last name (if contact is established via the contact form).

• Contact Information: E-mail address, phone number, social media accounts, message content (if contact is established via the contact form).

• Transaction Security Data: IP Address, Target IP/Domain Name Records, Device IMEI Number, Device MAC Address, Other Traffic Data (e.g., connection time/duration, amount of communication, etc.).

• Other: Website entry-exit logs, Cookie Records.

• Communication Application Data: WhatsApp group membership, profile picture, phone number, message content, visual/audio shares.

• Visual and Audio Records: Image, voice, participation information, and username collected during meetings held via Zoom and similar platforms.

Purposes of Processing Your Personal Data

Your personal data is processed for the purposes of responding to the requests, identifying and resolving the problems of our visitors who submit complaints, requests, demands, or training/seminar applications through our website, and maintaining communication with individuals during these processes; ensuring the security of our website; resolving potential future legal disputes; making necessary notifications through official channels to authorized public institutions or organizations upon their lawful request; executing product/service marketing processes; conducting information provision and meeting reminder processes via WhatsApp groups and individual messaging channels created within the scope of the Mindfulness Institute community; and recording online meetings, trainings, and community gatherings conducted under the umbrella of the Mindfulness Institute for archiving purposes.

General Principles in the Processing of Personal Data

Pursuant to Article 4 of the KVKK, personal data belonging to the data subject shall be processed by the Company, as the data controller, for the purposes specified in this Clarification Text, in compliance with the rules of being lawful and fair; accurate and, where necessary, kept up to date; processed for specified, explicit, and legitimate purposes; relevant, limited, and proportionate to the purposes for which they are processed; and retained for the period stipulated by the relevant legislation or necessary for the purpose for which they are processed.

Method of Collecting Personal Data and Legal Grounds for Processing

Your personal data is obtained through automated or non-automated methods; via contact forms on the Company’s websites, communication channels managed over WhatsApp, online meeting platforms, and by recording the IP addresses of individuals visiting our website.

The legal grounds for processing your personal data by the Company are based on: the explicit consent provided by the data subject in the Explicit Consent text pursuant to paragraph 1 of Article 5 of the KVKK; the fulfillment of the Data Controller's obligations arising from relevant legal regulations; the establishment of legal, technical, and commercial-job security for the Data Controller or individuals in a business relationship with the Data Controller; or the legitimate interests of the Data Controller, provided that it does not harm your fundamental rights and freedoms.

Transfer of Personal Data

Our Company acts in accordance with the regulations stipulated under the KVKK regarding the transfer of personal data. Except for the exceptional circumstances set forth in the legislation, personal data and special categories of personal data are not transferred to other natural or legal persons by us without the explicit consent of the Data Subject. In exceptional cases stipulated by the KVKK and other relevant legislation, utmost care is taken to comply with the forms and limitations provided for by the laws during the transfer of personal data to authorized administrative, judicial, or private institutions.

Your personal data may be transferred to:

• Authorized official institutions and organizations and legally authorized private individuals for the purposes of fulfilling legal obligations or establishing, exercising, or protecting the rights of the Company;

• Our services, subcontractors, Company employees, cloud service providers, and international external service providers located at the customer's destination, within the scope of the operation of the infrastructure and systems used by the Data Controller, for the purposes of resolving customer complaints, meeting customer demands, and ensuring communication with the customer, and subject to your explicit consent;

• The Company's affiliates, subsidiaries, parent companies, group companies, shareholders, and to our business partners and suppliers—limited to the purposes of presenting our products and services—and to the law firm that the Company works with, in accordance with the personal data transfer conditions and purposes specified in Articles 8 and 9 of the KVKK.

The Company takes all necessary technical and administrative measures in the event that your personal data is transferred domestically or abroad. Data processing activities involving the transfer of data abroad shall only be carried out on the condition that the "explicit consent" of the data subject is obtained. The Company will make reasonable efforts to ensure that such third parties take the necessary technical and administrative measures to protect the transferred personal data.

Retention Period of Personal Data

The Data Controller shall act in accordance with Law No. 6698 and the Regulation on the Deletion, Destruction, or Anonymization of Personal Data (the "Regulation"), and in compliance with the provisions of the relevant legislation and the periods stipulated by authorized public institutions, organizations, and judicial authorities, solely limited to the scope required by law. Pursuant to Article 13 of the KVKK, the Data Controller shall duly fulfill its obligations arising from Article 12 of the Regulation toward applicants who request the destruction of their personal data.

Your Rights as a Data Subject

Pursuant to Article 11 of Law No. 6698, we would like to remind you of your rights as a data subject. Within this scope, you may exercise the following rights through the specified procedures and methods.

The Applicant has the right to apply to the Data Controller and request to:

1. Learn whether their personal data is being processed,

2. Request information if their personal data has been processed,

3. Learn the purpose of the processing and whether the data is being used in accordance with that purpose,

4. Know the third parties to whom their personal data is transferred domestically or abroad,

5. Request the rectification of personal data if it is incomplete or inaccurately processed,

6. Request the erasure or destruction of personal data within the conditions stipulated under Article 7 of the KVKK,

7. Request notification of the operations carried out pursuant to sub-paragraphs (5) and (6) to third parties to whom the personal data has been transferred,

8. Object to the processing, exclusively through automated systems, which leads to an unfavorable analysis/result for the user,

9. Claim compensation for damages suffered due to the unlawful processing of personal data.

Data Subject Application Methods

Personal data subjects, defined as the relevant person ("data subject") under Personal Data Protection Law No. 6698 ("KVKK"), are granted certain rights regarding the processing of their personal data in Article 11 of the KVKK. Pursuant to the first paragraph of Article 13 of the KVKK; applications regarding these rights to the Data Controller must be submitted in writing and through the following methods determined by the Personal Data Protection Board ("Board"). Within this framework, applications to be made "in writing" to the Data Controller by printing out this form shall be based on Turkish applications.

You may submit your requests to us:

• By the Applicant in person,

• Via a Notary Public,

• Via registered mail with return receipt,

• By being signed with a "secure electronic signature" as defined in the Electronic Signature Law No. 5070 by the Applicant and sent to the registered electronic mail address of the Data Controller.

You may send your requests regarding your rights as a data subject to our correspondence address, via e-mail verified with a secure electronic signature, or in writing with a wet signature to the address below. Your requests will be concluded free of charge as soon as possible and within 30 days at the latest, depending on the nature of your request. However, if the transaction requires an additional cost, the fee specified in the tariff determined by the Personal Data Protection Board may be charged.

 

If your request is to be made on behalf of someone else, a power of attorney obtained on this matter and other documents verifying your identity must be attached to your application. Upon your application, if a response containing personal data needs to be provided or an action needs to be taken regarding the processed personal data, and the application was not made in person with proper identification, through a notary public, or via KEP (Registered Electronic Mail), the Data Controller may request you to verify your identity to prevent data from being delivered to the wrong individuals or to prevent transactions by malicious individuals other than the actual data subject.

 

Correspondence Address: Mİ DANIŞMANLIK ORGANİZASYON - ZÜMRA ATALAY (MINDFULNESS INSTITUTE). Halaskargazi Mh. Vali Konağı Cad. No:65/2 Şişli İstanbul

E-mail: bilgi@mindfulnessinstitute.com.tr

Mİ DANIŞMANLIK ORGANİZASYON - WEBSITE VISITORS EXPLICIT CONSENT FORM

Mİ DANIŞMANLIK VE ORGANİZASYON HİZMETLERİ ("Data Controller") processes and protects your personal data in accordance with the Personal Data Protection Law No. 6698 ("Law") and its secondary regulations ("KVKK legislation"), within the framework of the Website Visitors Clarification Text.

The Law regulates the requirement of explicit consent or other personal data processing conditions where explicit consent is not sought for processing your personal data. Apart from the personal data processing conditions regulated under Articles 5.2 and 6.3 of the Law—where your explicit consent is not required—your personal data subject to our data processing activities will be processed based on your explicit consent, limited to the processing purposes, in the event you are associated with the products and services subject to the activities specified below.

With this explicit consent text submitted for your approval, you permit the Data Controller to process your personal data limited to the activities and processing purposes set forth below. Within this framework, the activities and purposes for which your personal data will be processed by the Data Controller based on your explicit consent are specified below:

1. Zoom and Other Online Meeting Recordings

Within the scope of online meetings (module meetings, development sessions, presentations, etc.) conducted within the Mindfulness Institute;

• I know that meetings may be recorded,

• During these recordings, my image, voice, first-last name, and my interactions on the platform may be recorded,

• The recordings will only be shared with the relevant module or community members for a limited period,

• They will not be published in publicly accessible media under any circumstances and will be stored in compliance with the KVKK,

• I know that my participation in the meeting implies explicit consent to this recording, and within this scope, I give my explicit consent to the processing of my personal data.

2. WhatsApp Groups and Individual Messaging

Within the scope of participation in Mindfulness Institute WhatsApp groups;

• I know that informative, content-sharing, and reminder messages will be sent via WhatsApp groups or through one-on-one messaging,

• During this process, my phone number, first-last name, profile picture, and message contents will be processed,

• Since the WhatsApp platform is a service provider based abroad, my data may be transferred abroad,

• I know that I can leave this communication channel at any time by sending a written request to bilgi@mindfulnessinstitute.com.tr, and within this scope, I give my explicit consent to the processing of my personal data.

3. Use of Visuals Captured at Events

Regarding my photograph and video recordings captured at face-to-face or online events organized by the Mindfulness Institute;

• I know that they can be shared on the official Instagram, website, and promotional materials of the Mindfulness Institute within the scope of promotion, information, and social media posts,

• These shares will be carried out in a way that will not directly harm my identity or damage my reputation,

• I know that I have the right to withdraw this permission at any time by making a written application, and within this scope, I give my explicit consent to the processing of my visual/data.

4. Data Scope of Website and Application Use

I consent to the processing of my identity, contact, transaction security, cookie, and usage data shared during the application process or while using the site, for the purposes of maintaining the technical infrastructure of the Mindfulness Institute platform, ensuring community interaction, providing access to development content, conducting analysis, and improving user experience.

5. General Data Transfers and Retention Processes

For the purposes of responding to requests, identifying and resolving the problems of our visitors who submit complaints, requests, and demands through our website, and maintaining communication with individuals during these processes; ensuring the security of our website; resolving potential future legal disputes; making necessary notifications through official channels to authorized official institutions or organizations upon their lawful request; and executing product/service marketing processes;

I give my explicit consent to the processing, transfer, storage, and hosting in electronic systems under necessary security measures of my:

• Identity information (first name, last name),

• Contact information (e-mail address, phone number, social media accounts, message content),

• Transaction security information (device information, operating system, IP address information, log records),

• Traffic data within the scope of Law No. 5651,

• Legal information (correspondence with judicial authorities and case/execution file information).

6. Transfer of Data Abroad

Within the scope of all data processing activities specified above, I give my explicit consent to the processing of my personal data on the servers of service providers based abroad such as Zoom, WhatsApp, Google, and similar platforms, and to its transfer abroad. I have been informed that all necessary technical and administrative measures have been taken to ensure the security of this transfer.

7. Scope of Business Development and Infrastructure Services

I accept and declare that I have been informed by the Data Controller regarding the matters stated above and that I have explicit consent within the framework of the KVKK.

I accept and declare that my personal data collected and specified above by the Data Controller may be transferred by the Data Controller—provided that it remains bound by the aforementioned purposes—for providing business development services, procuring statistical and technical services, managing customer relations, establishing, developing, and maintaining technical and administrative infrastructure and electronic systems (website), keeping customer data, and for archiving and storage purposes under necessary security measures; that it may be processed and stored here; and that it may be transferred to electronic environments such as programs and cloud computing, and to business partners and service providers from whom the Data Controller receives services or collaborates with for the execution of services and/or activities to be provided to me, and within this scope, I have explicit consent to the transfer of my personal data abroad.

8. Notification Regarding Text Updates

This explicit consent text may be updated from time to time. The updated version becomes effective from the date it is announced on the Mindfulness Institute platform. By approving this text during registration, you declare that you agree to follow the updates and accept the current versions of the text. In case of significant changes requiring explicit consent under the KVKK, you will be notified separately.

9. Declaration of Accuracy and Currency

Furthermore, I accept and declare that the personal data I have shared with the Data Controller is accurate and up-to-date, and that in the event of any changes to this information, I will notify the Data Controller of such changes.

I declare that I have been informed regarding all data processing activities specified in this text within the scope of the KVKK, and that I give my explicit consent with my own free will.