GENERAL INFORMATION NOTICE ON THE PROTECTION AND PROCESSING OF PERSONAL DATA

Elvan Lapis Jewellery Limited Company (“ELVAN LAPIS” or the “Brand”), located at “Gayrettepe Mah. Yıldız Posta Cad. Ayyıldız Sitesi B Blok No: 26 İç Kapı No: 13 Beşiktaş/İstanbul”, attaches the utmost importance to the security of your personal data. With this awareness, we place great emphasis on processing and storing personal data belonging to the individuals we interact with, in accordance with Law No. 6698 on the Protection of Personal Data (“Law” or “KVKK”), secondary regulations enacted under the Law (regulations, communiqués, etc.), and binding decisions of the Personal Data Protection Board.

With full awareness of this responsibility, as the “Data Controller” defined by the Law, we process your personal data within the limits imposed by the legislation, as explained below, while taking all necessary technical and administrative measures to prevent unlawful processing, prevent unlawful access, and ensure the safe retention of personal data.

With this information notice, Elvan Lapis aims to publicly declare, in full compliance with the principle of transparency, the personal data it processes as part of its core business operations. This document serves as a disclosure notification regarding the Brand’s personal data processing activities within its primary business and operational processes.

1. Information About the Data Controller

Elvan Lapis is a company engaged in personal consultancy, astrological training, ThetaHealing and astrology sessions, and the delivery of designs made with natural, precious, and semi-precious stones to their owners, aiming to elevate collective consciousness.

2. Purposes of Processing Personal Data

Your personal data is processed by the Brand in accordance with the boundaries set by the Law, always in connection with, limited to, and proportionate to the purposes listed below:

• Ensuring that the Brand’s commercial activities are carried out in compliance with the law and Brand policies,
• Determining, planning, and implementing the Brand’s short, medium, and long-term commercial policies,
• Managing corporate communication and information security processes,
• Ensuring the commercial and legal security of individuals with whom the Brand has business relationships,
• Managing business continuity activities and service production & operational processes,
• Conducting risk management and ensuring the security of data controller operations,
• Carrying out reporting activities related to control, data management, analysis, social activities, process development, and similar operations.

3. Method and Legal Basis for Collecting Personal Data

Your personal data is processed by the Brand through direct verbal, written, or electronic means provided by you, as well as through the Brand’s website and similar applications and software, either in whole or in part through automated or non-automated means as part of a data recording system.

For further details on each category of personal data and the purpose of processing, relevant individuals may be informed through separate notices tailored to specific Brand processes and operations.

4. Transfer of Personal Data and Purpose of Transfer

Your personal data may be transferred for the purposes specified above and to ensure uninterrupted operation of the Brand’s commercial processes, based on your explicit consent under Article 8/1 of the Law. In other cases, data transfers may be carried out under Article 8/2(a) of the Law, where:

• The transfer is explicitly provided for by law,
• The transfer is necessary for the fulfillment of the data controller’s legal obligations,
• The transfer is necessary for the establishment, exercise, or protection of a right,
• The transfer is necessary for the legitimate interests of the data controller, provided that it does not violate the fundamental rights and freedoms of the data subject.

Your personal data may be transferred to:

• Legally authorized public institutions and organizations, judicial and administrative authorities,
• Private legal and natural persons permitted by law,
• Private auditing firms and public institutions authorized to audit the Brand.

5. Rights of Data Subjects Under the Law

You may contact Elvan Lapis at any time and exercise your rights under Article 11 of the Law, including:

• Learning whether your personal data is processed,
• Requesting information if your personal data has been processed,
• Learning the purpose of processing and whether your data is used in accordance with this purpose,
• Knowing the third parties to whom your personal data is transferred, both domestically and internationally,
• Requesting correction of incomplete or inaccurate personal data,
• Requesting deletion or destruction of personal data under the conditions stipulated in Article 7,
• Requesting notification of the actions taken under (e) and (f) to third parties to whom personal data has been transferred,
• Objecting to the occurrence of a result against you due to automated processing of personal data,
• Requesting compensation if you suffer damage due to unlawful processing of personal data.

You may submit your requests in writing to “Gayrettepe Mah. Yıldız Posta Cad. Ayyıldız Sitesi B Blok No: 26 İç Kapı No: 13 Beşiktaş/İstanbul” via a notary, registered mail with return receipt, or in person. You can also email your request from your registered electronic mail (KEP) address to kvkk@astrologelvan.com.

By visiting www.elvanlapisjewellery.com, you acknowledge that you have read and accepted the above terms.

THIS NOTICE WAS UPDATED ON JUNE 23, 2024.