Privacy Policy (Global Prıvacy Notice/ Regarding GDPR and Applicable Data Protection Laws)

This Privacy Policy describes how ÜÇGE Elektronik Cihazlar Bilgisayar ve Mağaza Ekipmanları Sanayi ve Ticaret A.Ş. (“Company”, “we”, “us”, “our”) collects, uses, discloses, and protects your personal data when you access or use our website and submit your information, in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

  1. Data Controller[TD1.1]

The Controller responsible for the processing of your personal data under this Privacy Policy is:

Company Name: ÜÇGE Elektronik Cihazlar Bilgisayar ve Mağaza Ekipmanları Sanayi ve Ticaret A.Ş.

Registered Address: Işıktepe Organized Industrial Zone, Kahverengi Street No: 16 Nilüfer, Bursa, Türkiye

Email: kvkk@ucgegroup.com

Phone: +90 224 280 00 00

For any questions regarding the processing of your personal data, you may contact us using the contact details above.

EU Representative (Article 27 GDPR)

If applicable, please insert the details of your EU Representative.

If not applicable, this should be assessed based on your EU-facing activities.[TD2.1]

  1. Personal Data We Process[TD3.1]

When you visit our website or use our contact forms, we may process the following categories of personal data:

  • Identity Data: Name and surname
  • Contact Data: Email address, phone number
  • Company and Business Information: Company name, business sector, job title
  • Location Information: city and country information voluntarily provided by you
  • Communication Data: requests, inquiries, correspondence, and message content
  • Technical and Usage Data: IP address, browser type, device information, log records, cookie identifiers and website usage data

Please do not share special categories of personal data (such as health data, biometric data, religious beliefs, or similar sensitive information) through website forms unless specifically requested by us.

  1. Purposes of Processing[TD4.1]

Your personal data is processed for the following purposes:

  • Responding to contact requests and inquiries
  • Managing pre-contractual and sales processes
  • Providing information regarding requested products, services, quotations and business solutions
  • Managing customer communication, quotation, sales and after-sales support processes
  • Ensuring website and information security
  • Performing website analytics and measuring website performance through consent-based analytics cookies
  • Sending marketing communications, newsletters and promotional content based on your explicit consent
  • Processing requests submitted through contact forms and providing follow-up communication[TD5.1]
  1. Legal Bases for Processing (Article 6 GDPR)

Your personal data is processed based on the following legal grounds:

  • Article 6(1)(b) GDPR: Processing necessary for taking steps prior to entering into a contract, including responding to requests, preparing quotations and managing business communications
  • Article 6(1)(f)GDPR: Processing necessary for the purposes of our legitimate interests, including ensuring website security, preventing fraud, managing communication processes and improving our services
  • Article 6(1)(a)GDPR: Processing based on your explicit consent for marketing communications, analytics cookies, marketing cookies and international data transfers where consent is required
  • Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
  1. Data Recipients

Your personal data may be shared, limited to the purposes stated above, with:

  • IT, software, hosting and CRM service providers
  • Analytics and advertising service providers
  • Business partners involved in service delivery
  • Public authorities where legally required
  • Group companies within ÜÇGE Group, where necessary for operational, sales and marketing coordination purposes

All third parties are subject to appropriate data processing agreements in accordance with GDPR requirements.

  1. International Data Transfers

Your personal data may be transferred outside the European Economic Area (EEA), including to Türkiye, the United States and/or EU-based cloud infrastructure provided, strictly for the purposes of service delivery, IT infrastructure management and data storage. Such transfers are carried out only where one of the following safeguards is in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions issued by the European Commission, where applicable
  • Other appropriate safeguards in accordance with Article 46 GDPR
  • Where none of the above apply, your explicit consent under Article 49 GDPR

 Where required, additional supplementary measures (such as encryption and access restrictions) are implemented to ensure an adequate level of protection.

  1. Data Retention Period

Your personal data is retained only for as long as necessary for the purposes for which it is collected and processed, or for the duration required by applicable legal obligations.

Where processing is based on consent, data will be retained until consent is withdrawn, unless there is another lawful basis for continued processing.

After the retention period expires, personal data is securely deleted, destroyed, or anonymised in accordance with applicable data protection laws.

  1. Your Rights as a Data Subject

Under the GDPR, you have the following rightsright to:

  • The right to access your personal data
  • The right to rectification of inaccurate or incomplete data
  • The right to erasure (“right to be forgotten”)
  • The right to restriction of processing
  • The right to object to processing based on legitimate interests
  • The right to data portability
  • The right to withdraw consent at any time, where processing is based on consent
  • The right to lodge a complaint with a supervisory authority in the EU/EEA country of your residence, place of work, or where the alleged infringement occurred

Requests regarding your rights will be handled in accordance with applicable GDPR timeframes.

You may exercise your rights by contacting us at kvkk@ucgegroup.com or via our postal address stated in this Privacy Policy.

  1. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

Where we use analytics or automated tools for website performance, marketing optimization or statistical analysis, these processes do not result in decisions that significantly affect you.

Automated tools may be used solely for improving user experience and do not produce any legal or similarly significant effects.

  1. Cookies

We use cookies and similar technologies to ensure the proper functioning of our website, improve user experience, and analyze website performance.

Strictly necessary cookies are used to enable core website functionality and do not require consent.

Analytics and marketing cookies are only used where you have given your explicit consent.

You can manage or withdraw your cookie preferences at any time through our cookie settings panel.

Cookies are not activated unless you actively opt in to non-essential cookies.

For more detailed information, please refer to our Cookie Policy.[TD6.1]

  1. Contact[TD7.1]

If you have any questions regarding this Privacy Policy or the processing of your personal data, you may contact us at:

📧 kvkk@ucgegroup.com

📍 Işıktepe Organized Industrial Zone, Kahverengi Street No: 16 Nilüfer, Bursa, Türkiye

📞 +90 224 280 00 00

You may also contact us to exercise your rights under the GDPR as set out in this Policy.