MONİST PRIVACY POLICY

1. INTRODUCTION

As MONİST Information Technologies Inc. ("MONİST", "Company", "we"), we are committed to protecting the privacy of our users ("you", "user", "member") and ensuring the security of your personal data. This Privacy Policy explains how we process, protect, and share personal data collected when you use our platform services.

This policy has been prepared in accordance with the Personal Data Protection Law No. 6698 ("KVKK") and related legislation, and applies to all services provided through our platform at www.monist.co ("Platform").

2. DATA CONTROLLER INFORMATION

MONİST INFORMATION TECHNOLOGIES INC.

• Address: Ünalan Mah. Libadiye Cad. Emaar Square Sit. F Blok Kat:11 No: 82F İç Kapı No: 10 34700 Üsküdar Istanbul
• Email: kvkk@monist.co
• Phone: +90 XXX XXX XX XX
• Mersis No: [To be added]

3. PERSONAL DATA COLLECTED

3.1 Identity Data

• Name, surname
• Turkish ID number (for legal requirements)
• Tax number

3.2 Contact Data

• Email address
• Phone number
• Address information (delivery and billing)
• WhatsApp contact information

3.3 Corporate Information

• Company name
• Trade registry number
• Company address
• Authorized person information

3.4 Platform Usage Data

• Username and password
• Session information
• IP address
• Browser type and version
• Operating system information
• Platform usage history
• Preferences and settings
• Behavioral data

3.5 Transaction Data

• Package shipment information
• Sender/recipient information
• Package content information
• Delivery addresses
• Cargo tracking numbers
• Transaction history

3.6 Financial Data

• Bank account information
• Payment card information (through secure payment systems)
• Invoice information
• Credit loading records
• Payment history

3.7 Customer Service Data

• Phone call recordings
• Email correspondence
• WhatsApp messages
• In-platform messages
• Support requests and complaints

4. METHODS OF COLLECTING PERSONAL DATA

We collect your personal data through the following methods:

• Direct Collection: Membership registration, form filling, communication channels
• Automatic Collection: Cookies, log records, analytics tools
• Third Parties: Payment systems, cargo companies
• Customer Support: Phone, email, WhatsApp channels

5. PURPOSES OF PROCESSING PERSONAL DATA

5.1 Service Provision

• Providing and managing platform services
• Creating and managing membership accounts
• Executing package shipment transactions
• Cargo coordination and tracking

5.2 Payment and Financial Transactions

• Processing secure payment transactions
• Credit loading operations
• Billing and accounting processes
• Financial reporting

5.3 Communication and Support

• Providing customer support services
• Making notifications and announcements
• Managing complaints and requests

5.4 Development and Improvement

• Improving platform performance
• Enhancing user experience
• Service optimization
• Personalized service recommendations

5.5 Marketing and Promotion

• New product/service announcements
• Campaign notifications
• Platform updates
• Marketing analyses (with your explicit consent)

5.6 Legal and Security

• Fulfilling legal obligations
• Ensuring platform security
• Preventing fraud
• Resolving disputes
• Auditing and reporting

6. LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process your personal data based on the following legal grounds in accordance with Articles 5 and 6 of KVKK:

6.1 Contract Performance

Data necessary for establishing and performing the Platform Membership Agreement

6.2 Legal Obligation

Obligations under tax law, commercial law, e-commerce regulations and other legal regulations

6.3 Legitimate Interest

• Platform security and business continuity
• Improving service quality
• Internal auditing and reporting

6.4 Explicit Consent

• Marketing activities
• Third-party service promotions
• Optional features

7. SHARING OF PERSONAL DATA

Your personal data may be shared on a limited basis with the following persons and institutions:

7.1 Business Partners and Service Providers

• Cargo Companies: For package delivery operations
• Payment Institutions: For secure payment transactions
• Technology Service Providers: Server, hosting, cloud computing services
• Marketing Agencies: Campaign management (with your consent)

7.2 Legal Authorities

• Courts and enforcement offices
• Tax offices
• Law enforcement agencies
• Regulatory and supervisory authorities

7.3 International Transfers

Due to some technology infrastructures and service providers we use being located abroad, your data may be transferred to countries with adequate protection or with adequate undertakings in accordance with Article 9 of KVKK.

8. SECURITY OF PERSONAL DATA

We implement the following technical and administrative measures for the security of your personal data:

8.1 Technical Measures

• Encrypted data transmission with SSL certificate
• Firewalls and antivirus systems
• Regular security tests and penetration tests
• Data encryption and anonymization
• Backup and disaster recovery systems

8.2 Administrative Measures

• Employee confidentiality agreements
• Data access authorization matrices
• Regular security training
• Data processing inventory and VERBIS records
• Destruction policies and procedures

9. COOKIES AND SIMILAR TECHNOLOGIES

The following types of cookies are used on the Platform:

9.1 Essential Cookies

Cookies necessary for the Platform to perform its basic functions

9.2 Performance Cookies

Cookies used to measure and improve Platform performance

9.3 Functionality Cookies

Cookies that remember your preferences and provide personalized experience

9.4 Marketing Cookies

Cookies used to offer personalized campaigns and offers with your consent

You can manage your cookie preferences from Platform settings or your browser.

10. DATA RETENTION PERIODS

Your personal data is retained considering the periods stipulated in relevant legislation and processing purposes:

• Commercial books and invoices: 10 years (Tax Procedure Law)
• Transaction records: 10 years (Turkish Commercial Code)
• Customer agreements: 10 years after contract termination
• Marketing data: Until explicit consent is withdrawn
• Log records: 2 years

11. DATA SUBJECT RIGHTS

You have the following rights under Article 11 of KVKK:

• To learn whether your personal data is being processed
• To learn the purposes of processing and whether they are used in accordance with their purpose
• To know the third parties to whom they are transferred domestically or abroad
• To request correction if processed incompletely or incorrectly
• To request deletion or destruction within the framework of conditions stipulated in Article 7 of KVKK
• To request notification of correction and deletion operations to third parties
• To object to results against you arising from analysis by automatic systems
• To request compensation for damages in case of harm due to unlawful processing

Application Method

To exercise your rights, you can apply to kvkk@monist.co with information verifying your identity. Your applications will be answered free of charge within 30 days.

12. CHILDREN'S PRIVACY

Our Platform services are intended for persons aged 18 and over. We do not knowingly collect personal data from persons under 18. Parents can contact us if they believe their children's personal data has been accidentally collected.

13. POLICY CHANGES

We may update this Privacy Policy in line with legal regulations or changes in our services. Significant changes will be notified through the Platform or via email. The last update date is indicated at the beginning of the policy.

14. CONTACT

For questions about our privacy policy or requests regarding your personal data:

Email: kvkk@monist.co

Address: Ünalan Mah. Libadiye Cad. Emaar Square Sit. F Blok Kat:11 No: 82F İç Kapı No: 10 34700 Üsküdar Istanbul

Personal Data Protection Authority:

www.kvkk.gov.tr

This Privacy Policy is valid during your use of the MONİST Platform and is an integral part of the Platform Membership Agreement.