Personal Data Protection and Privacy Policy

Xometry Türkiye, İTÜ Ayazağa Kampüsü Teknokent Arı 4 Binası Katar Cad. No: 2/50/6 Sarıyer / İstanbul, Türkiye

As Xometry TR Teknoloji Anonim Şirketi(“Xometry Türkiye”), we attach great importance to ensuring the privacy of users and protecting their personal data in order for the users of our website www.xometry.com.tr (“Xometry Türkiye Website”) to benefit from our services we provide on Xometry Türkiye Website in a safe, peaceful and complete manner. Accordingly, this Personal Data Protection and Privacy Policy (hereinafter referred to as the “Policy”) is integrated with our Cookie Policy on our Xometry Türkiye Website. Therefore, we recommend that you review this Personal Data Protection and Privacy Policy and our Cookie Policy together.

This Policy has been prepared in order to process the personal data of Xometry Türkiye Website users in accordance with the Law No. 6698 on the Protection of Personal Data (“Law”) and to inform users about this issue. Furthermore, with this Policy, Xometry Türkiye aims to determine the conditions regarding the use of personal data shared with Xometry Türkiye by all kinds of users (generally referred to as “Data Owner”) during the operation of the Xometry Türkiye Website or generated by Xometry Türkiye during the use of the Xometry Türkiye Website by the Data Owner.

Xometry Türkiye Website users can access comprehensive information regarding the protection and privacy of their personal data regarding their use of Xometry TürkiyeWebsite in this Policy text.

WHAT PERSONAL DATA IS PROCESSED?

The user data that are considered personal data in accordance with the above-mentioned Law and processed by Xometry Türkiye are as follows: Identity Information, Contact Information, User Information, User Transaction Information, Transaction Security Information, Financial Information, Marketing Information, Request Management Information.

Unless otherwise stated, the term “Personal Data” shall cover the above-mentioned data within the scope of the conditions provided under this Policy. However, it should be noted that, pursuant to Article 7 of the Law, data that are irreversibly anonymized will not be considered as Personal Data in accordance with the provisions of the Law. Processing activities regarding the data created in this way are carried out independently of the provisions of this Policy.

HOW AND WHY?

Xometry Türkiye collects Personal Data from the transactions of users through the Xometry Türkiye Website and processes and transfers it for the purposes and reasons specified in this Policy.

Xometry Türkiye may process Personal Data provided by the Data Subject for the purposes listed below:

Making membership registration within the scope of Xometry Türkiye Website and keeping records related thereto.
Planning and execution of Xometry Türkiye’s commercial or business strategies
Ensuring the legal, commercial and technical security of Xometry Türkiye and its business partners.
Ensuring that users effectively benefit from the services provided through Xometry Türkiye Website.
Identifying system errors and monitoring performance and improving and developing the functioning of Xometry Türkiye Website.
Carrying out the necessary work by the relevant business units for the realization of commercial activities carried out by Xometry Türkiye.
Carrying out the necessary work by the business units to enable users to benefit from the products and services offered by Xometry Türkiye.
Carrying out the necessary procedures to recommend and promote the products and services offered by Xometry Türkiye to the relevant users by customizing them according to the tastes, usage habits and needs of the users.

In case of explicit consent of the Data Subject, Xometry Türkiye will be able to process Personal Data for the following purposes by following the movements of the Data Subjects on the Xometry Türkiye Website:

Creating statistics and profiling.
Enhancing user experience.
Direct marketing and remarketing.
Creating user-specific promotions and communicating them to the relevant user.
Use of the data obtained within the specified scopes in advertising and material content.

It should be noted that Xometry Türkiye may share Personal Data in the following ways and with the specified parties under the conditions set out above.

HOW IS IT TRANSFERRED?

Xometry Türkiye may transfer the Personal Data of Data Owner users and the new data it obtains to third parties whose services it utilizes, in line with the purposes and principles set out in this Policy. In addition, Xometry Türkiye may transfer Personal Data and the new data it obtains with this data to outsourcing service providers, hosting service providers, research companies, call centers and law offices if necessary for the following purposes:

Conduct operational assessment,
To ensure the security of the Data Subject user,
Detecting fraudulent or unauthorized use,
Xometry Türkiye to eliminate errors that occur in the Website services and similar purposes.

Xometry Türkiye may share the Personal Data of Data Subject users with Xometry Türkiye company officials, shareholders, business partners and authorized public and private institutions and organizations in accordance with the conditions specified in Articles 8 and 9 of the Law. On the other hand, Xometry Türkiye may transfer such Personal Data abroad within the framework of the conditions specified in Article 9 of the Law, in line with the decisions of the Personal Data Protection Board.

RIGHTS OF THE DATA SUBJECT

Pursuant to Article 11 of the Law, Data Subjects have the rights listed below:

To learn whether Personal Data related to them has been processed or not, and to request information if their Personal Data has been processed,
To learn the purpose of processing Personal Data and whether it is used in accordance with its purpose, to know the third parties to whom Personal Data is transferred domestically or abroad,
To request correction of Personal Data in case of incomplete or incorrect processing and to request notification of the transaction made within this scope to third parties to whom Personal Data is transferred,
Although it has been processed in accordance with the provisions of the Law and other relevant laws, to request the deletion or destruction of Personal Data in the event that the reasons requiring its processing disappear and to request notification of the transaction made within this scope to third parties to whom Personal Data is transferred,
Object to the occurrence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems and
In case of damage due to unlawful processing of Personal Data, to demand the compensation of the damage.

Requests for the exercise of such rights may be submitted by the owners of Personal Data through the methods specified on Xometry Türkiye’s website www.xometry.com.tr domain name of Xometry Türkiye. Xometry Türkiye aims to finalize such requests within 30 (thirty) days. Xometry Türkiye reserves the right to charge a fee over the fee tariff (if any) for such requests.

CLARIFICATION TEXT

Xometry TR Teknoloji Anonim Şirketi

CLARIFICATION TEXT ON THE PROTECTION OF PERSONAL DATA

As Tridi Teknoloji Anonim Şirketi (Xometry Türkiye), we show great sensitivity and importance to the protection of your personal data. With this awareness, we process all kinds of personal data belonging to all persons associated with Xometry Türkiye in accordance with the Law No. 6698 on the Protection of Personal Data (KVKK) and other relevant legislation.

1 Definitions

Xometry Türkiye, in its capacity as “Data Controller” as defined in the KVKK, processes your personal data carefully and carefully for the purposes and methods described below, within the limits set by the legislation, by complying with the destruction requirements and deadlines;

As stated in this Personal Data Protection Clarification Text;

Personal data: All kinds of data relating to an identified or identifiable natural person (name, surname, T.R. identification number, address, telephone, system login/logout times, current location, resumes, place of birth, date of birth, e-mail address, image records and all other similar data),

Sensitive Personal Data: All kinds of data (race, ethnic origin, political opinion, religious belief, sect, clothing, trade union membership, health, biometric data and all other similar data) that, if learned, may cause discrimination or victimization of the person concerned and which should be protected much more strictly than other personal data,

Processing of Personal Data: Any operation performed on personal data, including obtaining, recording, storing, modifying, sharing with third parties and transferring personal data abroad by automatic means or by non-automatic means provided that it is a part of any data recording system,

KVKK Law No. 6698 on the Protection of Personal Data, which entered into force after being published in the Official Gazette on April 7, 2016,

Communiqué Communiqué No. 30356 on the Procedures and Principles to be Followed in Fulfillment of the Disclosure Obligation, which entered into force upon publication in the Official Gazette on March 10, 2018,

Institution: Personal Data Protection Authority,

Data Processor: A natural or legal person who processes Personal Data on behalf of the Data Controller based on the authorization granted by the Data Controller,

Data Controller: The natural or legal person who determines the purposes and means of processing Personal Data and is responsible for the establishment and management of the data recording system,

Data Subject: The natural person whose Personal Data is processed,

Contact Person: The person who provides communication with the Authority and liaison with Data Subjects,

Xometry Türkiye or Company: Tridi Teknoloji Anonim Sirketi

means “personal data”.

3. Collection, Collection Method and Processing of Personal Data

The personal data of our customers, customer stakeholders, customer users, employees, employee candidates, shareholders, suppliers, suppliers, business partners, employees of companies and organizations that we are in cooperation or relationship with, visitors and other third parties. The personal data of the persons under our responsibility, within the framework of the Constitution of the Republic of Türkiye, International Conventions to which our country is a party and the relevant legislation, especially the Law No. 6698 on the Protection of Personal Data, by automatic or non-automatic methods, the relevant units of our Company, contact forms, telephone calls, electronic applications, software, various contracts, electronic mail, social media and similar

verbally, in writing or electronically by verbal, written or electronic means may be collected and processed by our Company.

For this reason, we would like to enlighten you about the Processing of Personal Data in the capacity of a Data Controller within the scope of KVKK.

Pursuant to Article 4 of the LPPD, your personal data;

i. In accordance with the law and good faith,

ii. Accurate and, where necessary, up to date,

iii. For specific, explicit and legitimate purposes,

iv. ii. In connection with, limited and proportionate to the purpose for which they are processed,

v. It will be processed by keeping it for the period stipulated in the relevant legislation or required for the purpose for which it is processed. ‍

4 Purpose of Processing Personal Data

Your collected personal data will be processed for the following purposes within the scope of the personal data processing conditions and scope specified in Articles 5 and 6 of the KVKK and the Communiqué;

i. To ensure that the activities carried out by our Company, which is the purpose of the establishment of our Company, can be carried out by our business units,

ii. Ensuring our communication and relationship with our customers, customer stakeholders, customer users, suppliers, business partners, employees of companies and organizations that we are in cooperation or relationship with, visitors and other third parties,

iii. Ensuring communication and relations with our employees, employee candidates, shareholders and managers,

iv. Ensuring the continuity of collection and procurement activities and accounting/financial affairs functioning,

v. Ensuring the physical security and supervision of our Company’s offices and other locations,

vi. Carrying out evaluation, complaint management, legal compliance, internal audit, analysis and other processes of our Company,

vii. Our employees can benefit from health services,

viii. Safe fulfillment of logistics activities,

ix. Continuation of national and international projects and growth activities in accordance with the law,

x. Proper execution of the financial processes in the internal functioning of our Company,

xi. Proper execution of the human resources processes in the internal functioning of our Company,

xii. Maintaining working life in the office as required,

xiii. Continuation of mandatory and voluntary studies within the scope of Information Technologies,

xiv. Ensuring the legal and commercial security of private and legal persons who have a business relationship with our Company and our Company.

5 Transfer of Your Personal Data

Your personal data may be transferred to, but not limited to, our investors abroad, their employees, shareholders, senior management, business partners, suppliers, business contacts, employees, performance assistants or to third parties at home or abroad in line with the above-mentioned purposes, in accordance with the KVKK and all relevant legislation in force, or in cases stipulated by the legislation on regulatory and supervisory institutions and official authorities.

6 Storage and Deletion of Data

Our Company stores the personal data it processes for the periods specified in the relevant legislation or in the Company policies, provided that they are not contrary to the relevant legislation.

In the event that no additional period is specified in the legislation; personal data are stored for the period required to be processed in accordance with the practices and customs of our Company depending on the services provided by our Company while processing that data, and after this period, only for the periods required in practice to constitute evidence in possible legal disputes. After the expiration of the specified periods, the personal data in question are deleted, destroyed or anonymized by the methods defined in the Company policies.

7 Your Rights as a Data Subject

7.1. Within the framework of Article 11 of the KVKK,

i. To learn whether your personal data is being processed,

ii. Requesting information if your personal data has been processed,

iii. To learn the purpose of processing personal data and whether they are used in accordance with their purpose,

iv. To know the third parties to whom your personal data is transferred domestically or abroad,

v. To request correction of your personal data in case of incomplete or incorrect processing,

vi. To request the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVKK legislation and other legislation,

vii. When you request the correction of incomplete or incorrect data and the deletion or destruction of your personal data, to request that this situation be notified to third parties to whom your personal data has been transferred,

viii. To object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems,

ix. In case you suffer damage due to unlawful processing of personal data, to demand the compensation of this damage,

you have rights.

For your questions regarding the Protection of Personal Data and our Privacy Policy, you can contact us at info@xometry.com.tr e-mail address or 0212 221 06 35.