Personal Data Protection and Processing Policy (GDPR/KVKK)

Last Updated: November 28, 2024

1. Introduction

Femaş Metal Sanayi ve Ticaret A.Ş. ("Ferre", "Company", "we" or "our") is committed to protecting your personal data and privacy in accordance with the General Data Protection Regulation (GDPR) and Turkish Law No. 6698 on Protection of Personal Data ("KVKK"). Operating in the kitchen appliances sector since 1978, our company explains through this policy how we collect, process, store, and protect your personal data.

2. Data Controller

The data controller responsible for your personal data is:

Company Name: Femaş Metal Sanayi ve Ticaret A.Ş.
Brand: Ferre
Established: 1978

Headquarters (Kayseri):
Organize Sanayi Bölgesi 9. Cadde No: 17
38070 Melikgazi/Kayseri, Turkey
Phone: +90 352 321 36 00 - 321 36 05 - 321 36 94

Istanbul Office:
Ayazağa Mh. Kemerburgaz Cd. Vadi Koru F Blok No:10 Daire: 30
Sarıyer/Istanbul, Turkey
Phone: +90 212 347 10 06 - 347 10 07

Contact Information:
Email: [email protected]
Service Email: [email protected]
WhatsApp Support: +90 535 691 55 55
Website: www.ferre.com.tr

3. About the Company

Operating under Femaş Group, Ferre brand is one of Turkey's leading kitchen appliances manufacturers with over 45 years of experience. We produce built-in ovens, hobs, table-top cookers, chimney hoods, and free-standing cookers in our production facilities spanning 100,000 m² covered and 170,000 m² open space. With over 1,000 specialized employees, we export to more than 100 countries.

Our Quality Certificates:

ISO 9001, CE, TSE, CB, IECEE, GOST, SASO, ESMA, G-MARK, ISI, RoHS, Intertek, Gastec, ISCIR

4. Categories of Personal Data Collected

We process the following categories of personal data to carry out our business activities and provide our services:

4.1. Identity Information

Name, surname, national identification number, date of birth, place of birth, nationality, gender, marital status, signature.

4.2. Contact Information

Phone number, email address, postal address, fax number.

4.3. Customer Transaction Information

Order information, product/service preferences, purchase history, payment information, invoice details, warranty records, service requests.

4.4. Physical Security Information

Camera recordings, security system records, visitor entry-exit logs.

4.5. Transaction Security Information

IP address, website access logs, passwords, log records, cookie data.

4.6. Job Applicant Data

CV, diploma, certificates, reference information, work experience and education details.

4.7. Marketing Information

Shopping history, product preferences, interests, campaign and survey responses.

5. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

  • Planning, conducting, and monitoring our commercial activities
  • Providing, developing, and improving our products and services
  • Customer relationship management and ensuring customer satisfaction
  • Fulfilling order, delivery, and after-sales services
  • Providing technical service and warranty services
  • Managing invoicing and payment processes
  • Conducting communication activities
  • Planning and implementing marketing, advertising, and campaign activities
  • Providing information to authorized institutions and organizations
  • Fulfilling legal obligations
  • Ensuring business continuity
  • Managing information security processes
  • Ensuring physical premises security
  • Conducting human resources processes
  • Conducting quality and customer satisfaction surveys
  • Product development and R&D activities
  • Conducting export and international trade activities
  • Management and coordination of authorized service network
  • Managing legal affairs and transactions

6. Legal Basis for Processing Personal Data

Your personal data is processed based on the following legal grounds under GDPR and KVKK:

  • Your explicit consent
  • Processing is necessary for the performance of a contract
  • Processing is necessary for compliance with a legal obligation
  • Processing is necessary to protect vital interests
  • Processing is necessary for the performance of a task carried out in the public interest
  • Processing is necessary for the purposes of legitimate interests (provided that fundamental rights and freedoms do not override those interests)

7. Transfer of Personal Data

Your personal data may be transferred to the following recipients in accordance with the purposes stated above and subject to GDPR and KVKK requirements:

  • Business partners and group companies
  • Suppliers and service providers
  • Authorized service centers and dealer network
  • Authorized public institutions and organizations
  • Audit and consulting firms
  • Cargo and logistics companies
  • Banks and payment institutions
  • International distributors and business partners (100+ countries)
  • Legal authorities within the framework of legal obligations

8. Methods of Collecting Personal Data

Your personal data is collected through the following methods:

  • Through our website (www.ferre.com.tr) and mobile applications
  • Via communication channels such as call center, email, WhatsApp, phone, fax
  • Through our dealers, distributors, and authorized service centers
  • At physical stores and sales points
  • Through social media platforms
  • Through warranty, service, and sales contracts and forms
  • Via camera recording systems
  • During job applications
  • Through events, fairs, and promotional activities
  • During product registration and warranty activation processes

9. Your Rights Under GDPR and KVKK

As a data subject, you have the following rights:

  • Right to be informed about whether your personal data is being processed
  • Right to request information if your personal data has been processed
  • Right to learn the purpose of processing and whether data is used in accordance with its purpose
  • Right to know the third parties to whom your personal data has been transferred domestically or abroad
  • Right to request correction of incomplete or inaccurate data
  • Right to request deletion or destruction of your personal data under certain conditions
  • Right to request notification of correction, deletion, and destruction to third parties
  • Right to object to adverse consequences arising from analysis of data by automated systems
  • Right to claim compensation for damages arising from unlawful processing of your data
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with supervisory authorities

10. How to Exercise Your Rights

To exercise the rights mentioned above, you can submit your request containing the necessary information to identify yourself and the matter you request:

  • In writing: By sending your wet-signed request to "Organize Sanayi Bölgesi 9. Cadde No: 17, 38070 Melikgazi/Kayseri, Turkey"
  • By Registered Electronic Mail (KEP): From your registered electronic mail address to our company's KEP address
  • With Secure Electronic Signature: To our company's email address [email protected]
  • Via Application Form: By filling out the application form available on our website

Your requests will be processed free of charge as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. If the transaction requires an additional cost, a fee may be charged according to the tariff determined by the Personal Data Protection Board.

11. Data Retention and Deletion

Your personal data is retained for the period required by the processing purpose and considering the retention periods stipulated in relevant legislation. Specifically, data collected under warranty and service services is retained considering legal retention obligations and warranty periods.

When the reasons requiring the processing of personal data cease to exist, your data will be deleted, destroyed, or anonymized either automatically or upon your request.

Our company has established a "Personal Data Retention and Destruction Policy" in accordance with GDPR and KVKK regarding the deletion, destruction, or anonymization of personal data.

12. Security of Personal Data

Our company takes all necessary technical and administrative measures to ensure an appropriate level of security to prevent unlawful processing of personal data, unlawful access to data, and to ensure the preservation of personal data in accordance with GDPR, KVKK, and relevant legislation.

Within the scope of our ISO 9001 quality management system, our data security processes are regularly reviewed and kept up to date.

13. Protection of Children's Personal Data

Our website and services are not intended for children under the age of 18. In cases where personal data of children under 18 is processed, explicit consent from the parent or guardian is obtained.

14. International Data Transfers

As a company exporting to more than 100 countries, your personal data may be transferred abroad through our business partners, distributors, and service providers. These transfers are carried out in accordance with Article 9 of KVKK and GDPR requirements, subject to adequate protection in the relevant country or, in the absence of adequate protection, written commitment by data controllers in Turkey and the relevant country for adequate protection and permission from the Personal Data Protection Board. For EU data subjects, appropriate safeguards such as standard contractual clauses approved by the European Commission or adequacy decisions are implemented.

15. Changes to This Policy

This Policy may be amended in accordance with changes in legal regulations and company policies. Changes to the Policy will become effective on the date they are published on our website. We recommend that you regularly visit our website to stay informed about policy changes.

16. Contact Information

For more information about GDPR, KVKK, and the processing of your personal data, or to exercise your rights, please contact us:

Femaş Metal Sanayi ve Ticaret A.Ş.
Brand: Ferre

Headquarters: Organize Sanayi Bölgesi 9. Cadde No: 17, 38070 Melikgazi/Kayseri, Turkey
Phone: +90 352 321 36 00
Email: [email protected]
Website: www.ferre.com.tr

17. Supervisory Authorities

If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with:

Personal Data Protection Authority (Turkey - KVKK):
Website: www.kvkk.gov.tr

For EU residents, you may also contact your local data protection authority.