Blog Yazıları - Gastronomi ve Restoran Rehberi

Cağaloğlu Hamamı & Lokanta 1741: İstanbul’un En Prestijli Deneyim Noktası

10 Dec 2025

Karaköy’ün En Rafine Ocakbaşı Deneyimi: Ali Ocakbaşı Karaköy

09 Dec 2025

İstanbul’un Lezzet Klasiklerinden: Köşebaşı Levent’te Mangal Kültürünün Zamansız...

09 Dec 2025

Reztoran’da Bu Hafta

09 Dec 2025

Sultanahmet’in Zarafet Noktası: Four Seasons Hotel Sultanahmet’te Avlu Restauran...

09 Dec 2025

Kanyon’da Japon Mutfağının Zarif Yorumu: Ken Sushi & More Deneyimi

09 Dec 2025

İstanbul’da İlk Buluşmaların Büyüsü: Şehrin En Romantik ve En Şık 5 Mekânı

09 Dec 2025

Köşebaşı İstinye: Geleneksel Türk Mutfak Kültürünü Modern Şıklıkla Buluşturan Bi...

09 Dec 2025

Reztoran'da Bu Hafta

09 Dec 2025

250 Yıllık Tarihi Handan Modern Mutfağa Uzanan Lüks Bir Restoran Hikâyesi

09 Dec 2025

Ali Ocakbaşı Karaköy: İstanbul’un Közde Yükselen Bib Gourmand Lezzet Efsanesi

09 Dec 2025

İstanbul’un Bib Gourmand Gururu: Ali Ocakbaşı Karaköy, Tatbak, Nazende ve Pandel...

09 Dec 2025

REZTORAN CORPORATE MEMBERSHIP AGREEMENT

THIS DOCUMENT IS THE LEGAL AGREEMENT EXECUTED BETWEEN REZTORAN ELEKTRONİK İLETİŞİM YAZILIM TİCARET A.Ş. ("REZTORAN") AND THE RESTAURANT ("CUSTOMER") WISHING TO BENEFIT FROM SUCH SERVICES, IN RELATION TO THE SERVICES PROVIDED ONLINE (VIA WEBSITE AND/OR MOBILE APPLICATION OR APPLICATIONS THAT MAY BE DEVELOPED ON SIMILAR PLATFORMS) BY REZTORAN. ACCEPTANCE OF THIS AGREEMENT IS REQUIRED IN ORDER TO BENEFIT FROM REZTORAN SERVICES AND TO USE THE REZMANAGER PORTAL.

YOU ACCEPT THIS AGREEMENT BY CHECKING THE BOX CONTAINING THE STATEMENT "I HAVE READ AND ACCEPT THE CORPORATE MEMBERSHIP AGREEMENT IN ITS ENTIRETY" LOCATED AT THE RELEVANT LINK, AFTER HAVING READ IT IN FULL. IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A LEGAL ENTITY, BY CHECKING THE SAID BOX, YOU ARE DEEMED TO HAVE DECLARED AND UNDERTAKEN THAT YOU HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT ON BEHALF OF AND FOR THE ACCOUNT OF THE RELEVANT LEGAL ENTITY. IN THE EVENT THAT THE AGREEMENT IS ENTERED INTO ON BEHALF OF AND FOR THE ACCOUNT OF A LEGAL ENTITY, THE TERM USER USED BELOW SHALL ALSO ENCOMPASS THE SAID LEGAL ENTITY AND ITS AFFILIATED COMPANIES.

IF YOU DO NOT ACCEPT THE TERMS AND CONDITIONS OF THIS AGREEMENT OR IF YOU DO NOT HAVE THE AUTHORITY TO REPRESENT THE LEGAL ENTITY, YOU MUST NOT ACCEPT THE AGREEMENT AND MUST NOT USE REZTORAN SERVICES.

1. SUBJECT OF THE AGREEMENT

The subject of this Agreement is to determine the terms and conditions of the service relating to the Customer's receipt of reservations through software, website, mobile application owned by REZTORAN, or through the telephone line owned by REZTORAN, and the tracking of such reservations.

2. SCOPE OF SERVICE

2.1. Services to be Provided via the RezManager Module

2.1.1. Upon execution of this Agreement together with its annexes, the Customer shall, for the duration of this Agreement, hold a limited, non-sublicensable, non-transferable, non-assignable and non-exclusive license to use the online accessible application named "RezManager" ("Portal"), all legal rights of which belong to REZTORAN, hosted on the servers used by REZTORAN. REZTORAN reserves the right to revoke this license at any time. All rights not expressly granted herein are reserved by REZTORAN and/or the relevant licensors.

2.1.2. The usage license granted under this Agreement is limited to accessing and using the Portal through tablets, computers and similar devices owned by the Customer or provided by REZTORAN, and to using the services offered by the Portal; any use beyond these shall constitute a violation of the license right and the Agreement. In this regard, the Customer;

(i) shall not license, sublicense, sell, transfer, make available for use by others whether for consideration or free of charge, or dispose of the Portal,
(ii) shall not modify the Portal in whole or in part, create derivatives from the Portal, reproduce, reverse engineer, disassemble or decompile it,
(iii) shall be obligated to notify REZTORAN in the event of detecting or suspecting any security breach or improper use relating to the Portal.

2.1.3. In order for the Customer to benefit from the services under this Agreement, the Customer must register on the Portal and open a restaurant account by entering all information required for registration, including but not limited to address, working hours, number of tables, table layout, reservation conditions and the Customer's other branded restaurants and branches.

2.1.4. After the Customer opens a restaurant account on the Portal, the Customer shall be able to record and track reservations taken directly by the Customer on the Portal and manage all reservations through the Portal.

2.1.5. The Customer shall communicate the Portal package of its choice to REZTORAN via the form in ANNEX-1, and the services to be received through the Portal shall be limited to the content of the chosen package. The Customer may request REZTORAN to upgrade the chosen package at any time, subject to accepting the price change. In order for such request to be processed, the Customer shall mark the desired upper package and other services on the form to be sent by REZTORAN, sign it and deliver the original to REZTORAN.

2.2. Services to be Provided via REZTORAN Website/Mobile Application/Telephone Line

2.2.1. Subject to the Customer opening a restaurant account within the Portal, the Customer shall begin receiving online reservations through the www.reztoran.com website or through REZTORAN's mobile applications, and simultaneously REZTORAN shall begin taking reservations by telephone on behalf of the Customer.

2.2. Reservation Information and Portal Usage

2.2.2. In order for the Customer to receive reservations pursuant to Article 2.2.1., the Customer must enter all mandatory information when opening the restaurant account. Such information includes, without limitation, the dates and times during which reservations may be made, the restaurant's working hours, full address, telephone number, contact and transportation information, as well as the number of tables, table layout and similar information. The Customer may also add photographs, brand, logo and visuals belonging to the restaurant to the Portal.

2.2.3. The Customer is obligated to keep the Portal up to date in order to ensure the accuracy of reservations received through the REZTORAN website, mobile application or telephone. Accordingly, REZTORAN shall accept reservations, particularly those received by telephone, based on the availability status communicated by the Customer through the Portal, and shall transmit the received reservations to the Customer's system. The Customer shall be exclusively responsible for any reservation errors arising from the Portal not reflecting the current status.

2.3. Training Services

REZTORAN shall provide one (1) employee designated by the Customer with a complimentary one-hour hands-on training regarding the use of the Portal. In the event that the Customer requests additional training for each new one (1) employee, REZTORAN shall provide the requested training at the most convenient time based on availability, at a man/hour rate. Any additional services requested shall likewise be charged on a man/hour basis.

2.4. Gift Points and Gift Voucher Usage

2.4.1. The Customer shall, within the scope of the Gift Point System, the terms and conditions of which are published on the www.reztoran.com website, provide a discount from the total bill of the person making the reservation ("User") in an amount equal to the one-to-one Turkish Lira equivalent of the total accumulated Gift Points collected by the User in exchange for reservations made through REZTORAN.

2.4.2. The Customer is obligated to provide the User with the discount specified in the paragraph above for as long as the Gift Point system remains in effect, and in the event of breach of this obligation, the Customer shall be obligated to pay REZTORAN, for each breach, a penalty clause in addition to performance in the amount of 30 (thirty) times the discount amount that should have been applied, immediately upon demand, in cash and in full. In such case, REZTORAN reserves the right to exercise its rights arising from other laws or this Agreement.

2.4.3. The Customer has agreed to participate in the gift voucher campaign that will continue until 31.12.2020, and the Parties have mutually determined the terms of the said campaign as set forth in ANNEX-3.

2.5. Additional Services

If the Customer requests the additional services set forth in ANNEX-1, the Customer may obtain them from REZTORAN for a fee. Furthermore, REZTORAN may offer special campaigns, promotions, special discounts, and additional services (paid or free of charge) to its customers as determined according to its own criteria. The conditions relating to all such additional services shall be determined separately in writing by REZTORAN and communicated to the Customer upon request.

3. RESERVATION AND CANCELLATION CONDITIONS

3.1. The Customer is obligated to enter the reservation and cancellation conditions applied at the restaurant for which an account has been opened on the Portal, in a detailed, clear and comprehensible manner. The information entered on the Portal shall be added to REZTORAN's website and mobile application, and reservations taken by telephone shall be received in accordance with these conditions. The Customer declares, accepts and undertakes to comply with the reservation and cancellation conditions entered on the Portal and to apply them as a prudent merchant.

3.2. The Customer is obligated to immediately enter on the Portal all changes made to the reservation and cancellation conditions entered on the Portal, and such changes shall be valid for reservations made thereafter.

3.3. REZTORAN shall receive reservations and cancellations communicated by the User in accordance with the reservation and cancellation conditions entered by the Customer on the Portal, and shall immediately notify the Customer of received reservations and cancellation requests through Portal updates. In the event of a no-show (the User not appearing for the reservation), the Customer shall communicate the necessary notification to REZTORAN pursuant to this article within 2 (two) business days following the relevant reservation time of the User.

3.4. The Customer is obligated to immediately enter on the Portal any reservation changes or cancellations communicated directly by the user to the Customer.

3.5. The Customer is responsible for managing reservations in accordance with the restaurant's capacity, availability status and working days. The Customer irrevocably declares, accepts and undertakes to immediately enter all reservations taken on the Portal and update the restaurant's reservation status, to enter on the Portal at least 10 (ten) business days in advance the days on which the restaurant will be closed or will not be open to any outside customers for various reasons (private events, etc.) and to close the account for reservations for those days. In the event that the account is not closed for reservations in violation of this article, any and all damages arising from the cancellation of User reservations taken on behalf of the Customer shall be borne by the Customer, and the Customer shall be obligated to take the necessary steps to remedy any dissatisfaction experienced by the User.

3.6. The Customer is obligated to accept all reservations taken by REZTORAN on behalf of the Customer and to provide the User with the services requested by the User.

3.7. In the event that reservations duly received in accordance with this Agreement are not accepted by the Customer or the services requested by the User are not provided fully and properly, the Customer shall be obligated to pay REZTORAN, for each breach, a penalty clause in addition to performance in an amount equal to 5 times the annual standard membership fee, immediately upon demand, in cash and in full. In such case, REZTORAN reserves the right to exercise its rights arising from other laws or this Agreement.

4. FEES

4.1. The Customer shall pay the fees for the service package and additional services chosen in the form in ANNEX-1 against the invoice to be issued by Reztoran at the end of the month in which the service is provided. Invoice payments shall be made within 5 (five) days following the date the invoice reaches the Customer, to the bank account to be separately communicated by Reztoran.

4.2. A late payment interest of 2% (two percent) per month shall be applied to payments not made within the due period.

4.3. In the event that the Customer fails to pay three invoice amounts in full and on time, whether consecutively or within a six-month period, Reztoran shall have the right to terminate this Agreement pursuant to Article 9.2.

4.4. Reztoran reserves the right to increase the fees set forth in ANNEX-1 at the beginning of each year, at a rate no less than the inflation rate, at any rate it deems appropriate.

4.5. In the event that the Customer charges the user a reservation fee under the name of booth rental, advance payment or any other designation, such payments may be collected through the Virtual POS available on the website or mobile application. The Customer accepts, declares and undertakes that payments made through the Virtual POS shall be transferred to the Customer's account after the commissions and other deductions applied by the RELEVANT Virtual POS company have been deducted and, if applicable, after Reztoran's receivables have been paid to Reztoran.

5. GENERAL OBLIGATIONS

5.1. The Customer accepts and undertakes that all information entered on the Portal is accurate and complete, and that all changes and updates to such information shall be promptly communicated to REZTORAN in writing and entered on the Portal without delay throughout the term of this Agreement.

5.2. The Customer is wholly and exclusively responsible for the content about its restaurant (location, address, capacity, menu, etc.) and for the regular updating of such content on the Portal.

5.3. The Customer's failure to fulfill any of its obligations arising from this Agreement in full and/or on time shall be deemed a breach of this Agreement. All damages arising from the breach of this Agreement by the Customer and all claims brought by third parties shall be exclusively borne by the Customer.

5.4. The service provider has established a system that enables users to make online reservations at the restaurant through the website, based on the information and reservation conditions provided by the restaurant itself, and the restaurant is making reservations by utilizing this system under this agreement. Unless an error attributable to the use of the website is identified, the service provider shall have no legal or criminal liability whatsoever for any situation, event or consequence arising from the user's reservation request and the place and service the restaurant allocates to the user pursuant to the reservation, users' cancellation of their reservations, receipt of service at the restaurant, the restaurant's provision of food and beverage service, i.e., in short, the service relationship between users and the restaurant, as well as all access to and use of the website and the restaurant account on the site. The restaurant accepts and declares this in advance.

5.5. REZTORAN shall not be liable for problems arising from defective equipment on which the Portal is used or from incorrect use of the website or equipment by the Customer or the Customer's employees, including inability to make reservations, reservation cancellations or related loss of revenue during the period in which such equipment is defective.

5.6. The Customer shall immediately notify REZTORAN in writing upon discovering any error or inaccuracy on the website and shall take the necessary measures to minimize any problems that may arise in connection with such error.

5.7. The Customer shall not share the login name and password for the restaurant account with third parties, shall not permit their access, and shall maintain the confidentiality of such information.

5.8. The Customer accepts and declares that the Portal may be out of service from time to time due to updates, maintenance and other reasons, and that no specific or minimum availability of the Portal is guaranteed.

5.9. REZTORAN has the right to request Users to comment on and rate the service(s) they have received from the Customer through the website/mobile application/telephone, and has the right to publish such comments and ratings on the www.reztoran.com website and mobile application. REZTORAN shall bear no responsibility or liability for the content and consequences of any comment, rating or evaluation (including the publication or distribution thereof), regardless of by whom or how it was made.

5.10. The Customer is obligated, for the duration of this Agreement, to take the necessary measures at the software and hardware level to prevent the loss of data and information created or loaded through the use of the Portal, to ensure all security relating to the network through which access is obtained and data and information are loaded, and to protect the network through which the Portal is accessed, as well as its own servers, against virus attacks or third-party attacks through protections provided by third parties with appropriate experience and expertise.

5.11. The Customer declares and undertakes that, within the scope of this Agreement, it shall not engage in the following acts and conduct, including but not limited to: • placing or using on the website any advertisement or content that is illegal, misleading, false, contains viruses or is otherwise determined by REZTORAN to be objectionable; • preventing or attempting to prevent other restaurants from using REZTORAN services; • accessing, reaching, modifying or gaining access to sections of the Portal for which the Customer has no access authorization, including information relating to other restaurant accounts; • removing, disregarding, disabling, damaging or otherwise circumventing security-related features of the Portal; • decompiling, disassembling, reverse engineering or otherwise attempting to reconstruct or discover the source code, interface, underlying ideas or algorithms of the Portal, the website, the mobile application or REZTORAN's software.

5.12. Failure by the Customer to fulfill the obligations set forth in this Agreement in full and on time shall constitute a breach of the Agreement and a state of default, without the need for any separate notice or grace period. In such case, REZTORAN's termination rights under Article 9 and other legal rights are reserved.

6. PERSONAL DATA

6.1. REZTORAN shall, through the www.reztoran.com website, REZTORAN's mobile applications, or REZTORAN's telephone line, in the reservations collected on behalf of the Customer, transmit the following information belonging to the User to the Customer through the Portal, provided that the User has given consent:
(i) User's name-surname and telephone number,
(ii) User's e-mail address (if provided by the User),
(iii) All dining preferences specified by the User, as well as personal information such as food allergies, dietary restrictions, specific table preferences or whether the reservation is for a special occasion, if specified,
(iv) If available, information regarding the User's previous visits to the Customer's restaurant(s).

6.2. The items set forth in Article 6.1. above, together with all personal information of the User notified to the Customer by REZTORAN, including name, surname, telephone, address, e-mail address, invoice information, Turkish ID number, identity information, membership information, membership passwords, contact information, date of birth, age, gender, occupation, preferred language and similar personal information, as well as transaction and voting information collected on the REZTORAN website, mobile application or Portal, application behaviors, habits and preference information compiled through cookie applications, information collected about mobile devices, and call and SMS data, constitute personal data within the scope of Personal Data Protection Law (Law No. 6698) and other applicable legislation, and are of a personal data nature pursuant to Personal Data Protection Law (Law No. 6698) ("PDPL") and other relevant legislation. REZTORAN transfers such information to the Customer solely for the purpose of creating, tracking, managing and terminating reservation records, and subject to deletion or anonymization when requested by REZTORAN or required by the applicable legislation. With respect to such information, the Customer is in the position of data processor and is therefore responsible for fulfilling all obligations and responsibilities imposed by the PDPL.

6.3. REZTORAN does not have access to the personal data of Users that the Customer directly collects and records on the Portal, and with respect to such data, the Customer is directly responsible, as both data controller and data processor under the PDPL and other legislation, for obtaining the necessary consents from Users and providing the required notifications, for the protection, storage, processing, other use, and deletion or anonymization of such data.

6.4. In the event that the Customer processes Personal Data in violation of these provisions, REZTORAN's Personal Data Processing and Protection Policy set forth in ANNEX-2, or the current Personal Data Protection Law and other applicable legislation, the Customer shall be liable for all direct and indirect damages incurred or to be incurred by REZTORAN (including administrative fines imposed on REZTORAN).

7. INTELLECTUAL PROPERTY RIGHTS AND USAGE

7.1. All usage rights, license rights and other intellectual and industrial property rights pertaining to the "REZTORAN" brand and the "RezManager" portal belong to REZTORAN. The scope of these rights includes, without limitation, copyrights, registered or unregistered design and trademark and trade name rights, and all other similar rights worldwide and within national borders, and all intellectual and industrial property rights arising therefrom worldwide and/or within the borders of Turkey belong to REZTORAN.

7.2. All intellectual and industrial property rights other than the "REZTORAN" brand used within the Portal or on the website, such as other brands, logos, photographs, company or product names, belong to the relevant companies or individuals.

7.3. The Customer may use the trade name, brand, logo and other identifying marks belonging to REZTORAN, subject to obtaining REZTORAN's prior written consent and notifying the manner of use in writing, solely within the scope of activities under the Agreement. Any use without REZTORAN's prior written consent shall constitute a violation of REZTORAN's intellectual and industrial property rights, and REZTORAN shall have the right to pursue legal remedies and to terminate this Agreement immediately, unilaterally, without the need for any separate notice or grace period, and without any obligation to pay compensation, fees or similar.

7.4. The Customer; (i) irrevocably declares, accepts and undertakes that it is the legally authorized rights holder of all information, messages, data, text, photographs, logos, graphics, visuals, links and all related materials and data that it uploads or requests to be uploaded to the Portal, and that it holds the necessary permissions, consents and licenses relating to copyrights and similar rights that must be obtained from third parties,
(ii) that the publication and/or use thereof does not infringe any copyright or intellectual and industrial property right belonging to third parties,
(iii) that it consents to the publication and use of all such materials and data uploaded or requested to be uploaded to the Portal, within the www.reztoran.com website and REZTORAN's mobile applications, and in websites or mobile applications belonging to advertising spaces for advertising purposes, and furthermore to their use and publication by REZTORAN for the purpose of advertising, marketing, promotion of REZTORAN and analysis of REZTORAN services,
(iv) that it shall immediately inform REZTORAN of any change in said ownership rights.

7.5. The Customer declares and undertakes that it has assigned to Reztoran, indefinitely and free of charge, all financial rights enumerated in the Law on Intellectual and Artistic Works (Law No. 5846), including without limitation all rights of publication, adaptation and reproduction, distribution, representation, communication to the public through instruments serving the transmission of signs, sounds and/or images, transfer and assignment to third parties, as well as moral rights relating to the exercise of said financial rights, in respect of all information, messages, data, text, photographs, logos, graphics, visuals, links and all related materials and other data that it uploads or requests to be uploaded to the Portal. In this regard, the Customer has given its consent to Reztoran sharing the Customer's restaurant name on other platforms, referencing and classifying the visual and textual content on the Portal, preparing reports based on all such data, REZTORAN's use of such information and reports, and sharing of reports or statistics with business partners or third parties, whether for consideration or free of charge.

8. CONFIDENTIALITY

8.1. Within the scope of this Agreement, "Confidential Information" means all information disclosed by one party to the other relating to the services that are the subject of the Agreement, users, its own company, software, mobile application, website and content, or other aspects of the relationship between the parties under this Agreement, which, even if not stated to be confidential, has not been shared with the public and which, by its nature, should reasonably be considered confidential. Accordingly, all written and oral information, ideas and estimates, formulas, software, codes, analyses, compilations, studies and proposals, designs, plans, projects, formulas, experiments, static calculations, statistical studies, drafts, advertising and marketing methods, training information, employee-customer-partnership information, all types of contracts, agreements and/or protocols and all other information and documents, including without limitation financial information, commercial-economic information, information proprietary to internal use relating to the parties' products and services, trade secrets, data, commercialization-research strategy, know-how, as well as all Personal Data of Users collected pursuant to Article 6 above, are of a Confidential Information nature.

8.2. Within the scope of this Agreement, the Customer undertakes, indefinitely, to; (i) Use all Confidential Information solely for the purpose of making and managing reservations within the scope of this Agreement, not to give it to any other organization or person, not to copy such information, to prevent unauthorized employees, other businesses and persons from accessing such information, to take the necessary measures to ensure this, and to keep such information as confidential information and to protect it with the utmost confidentiality,
(ii) Not to disclose to any third party in any manner whatsoever, not to share with third parties or make public, unless prior written consent of REZTORAN and the relevant information owner is obtained,
(iii) Not to use, directly or indirectly, for purposes other than the purposes of the commercial relationship established under this Agreement.

8.3. The Customer accepts and irrevocably accepts, declares and undertakes to indemnify all damages that REZTORAN has incurred and will incur due to the Customer's breach of the obligations set forth in this Agreement.

8.4. The confidentiality provisions under this Agreement shall not apply in the following cases:
(i) If the information is clearly accessible by the public or was previously known to the public,
(ii) If it was obtained prior to the execution date of this Agreement,
(iii) If disclosure is required by a court order (In such case, the other party shall be notified prior to disclosure, thereby providing an opportunity to take protective measures).

8.5. All Confidential Information shall be returned to REZTORAN immediately upon request and upon completion of the engagement, and shall be destroyed if requested by REZTORAN.

9. TERM AND TERMINATION

9.1. This Agreement shall enter into force on the date the Customer executes it online.

9.2. In the event that the Basic Package is selected, the Agreement shall remain in effect until terminated by either Party. In such case, the Parties may terminate the Agreement at any time, without any obligation to pay compensation, provided that written notice is given at least 1 (one) month in advance.

9.3. In the event that the Exclusive Package is selected, the Agreement shall be effective for the committed term, and if written notice of termination is not given at least 10 (ten) days prior to the expiry of the committed term, the Agreement shall automatically renew from the end of such term for the same committed period, and the fees for the renewed periods shall be determined by REZTORAN and communicated to the Customer. In the event that the Agreement is terminated prior to the committed term, a penalty clause of net 500-TL shall be payable for each remaining month of the balance period.

9.4. In the event that any of the obligations set forth in this Agreement is breached by the Customer, REZTORAN may terminate the Agreement immediately, unilaterally, without the need for any separate notice or grace period, and without any obligation to pay compensation, fees or similar. In the event of such termination, all amounts paid by the Customer for the period after the termination date, together with deposits and similar payments, shall be recorded to REZTORAN's account as a penalty clause amount, and the Customer shall not be entitled to make any payment or other claim against REZTORAN. Any other penalty clause amounts determined by the parties under this Agreement and other supplementary agreements or protocols shall be claimed by REZTORAN separately and in addition.

9.5. REZTORAN may terminate the Agreement without stating any reason, provided that written notice is given at least 1 (one) month in advance. In such case, any advance payments received for periods in which service was not provided shall be refunded to the Customer.

9.6. In the event of termination or cancellation of this Agreement for any reason;
(i) The Customer's restaurant account shall be deleted from the Portal, mobile application and website.
(ii) The Customer shall pay any outstanding amounts owed for the services provided under this Agreement in cash and in full within 2 (two) business days following the termination/cancellation date, to the bank account to be communicated by REZTORAN.
(iii) Each Party shall immediately remove from written media and cease using the symbols, trademarks and logos belonging to the other Party.
(iv) The Customer shall return all materials, brochures, documents and other equipment provided by REZTORAN by hand delivery to REZTORAN within 2 (two) business days following the termination/cancellation date.

9.7. The provisions of the Agreement relating to Personal Data, Intellectual and Industrial Property Rights, Confidentiality, Limitation of Liability, and penalty clauses shall continue to remain in effect indefinitely after the termination or cancellation of the Agreement.

10. LIMITATION OF LIABILITY

10.1. All services provided under or by means of this Agreement and its annexes are provided on an "as is" and "availability" basis within the terms set forth in the Agreement.

10.2. REZTORAN does not represent, warrant or guarantee the reliability, timeliness, quality, suitability or availability of any service obtained through the use of the Portal, website, mobile application or other methods, or that the service will be uninterrupted and error-free. REZTORAN does not guarantee a specific user potential, a specific number of reservations, or the continuity of use by other restaurants upon execution of the Agreement. Furthermore, REZTORAN does not guarantee the quality, suitability, safety or competence of the service to be provided by the Customer to Users. All risk arising from the use of the services or any service or goods requested in connection therewith shall be borne by the Customer to the maximum extent permitted by applicable law.

10.3. REZTORAN shall not be liable for any indirect, incidental, special, exemplary, punitive or consequential damages, including loss of profit, loss of data, personal injury and property damage, arising from or in any way connected with the use of the services that are the subject of the Agreement, even if advised of the possibility of such damages.

10.4. REZTORAN shall not be liable for performance delays or failures arising from causes beyond REZTORAN's reasonable control. Furthermore, REZTORAN shall not be liable for;
(i) Changes made to the website, mobile application or Portal, (ii) Permanent or temporary interruptions in the provision of the website (or any feature within the site);
(iii) Deletion, corruption or failure to preserve any content or other communications obtained or transmitted through the Customer's use of the website, Portal or mobile application;
(iv) The account information and other information provided by the Customer to REZTORAN being inaccurate; (v) The Customer's failure to maintain the security and confidentiality of the password or account details;
(vi) Inability to access the website or Portal due to errors, malfunctions or interruptions in the equipment, hardware, infrastructure, system, server or network used by the Customer.

10.5. The Parties have mutually agreed that REZTORAN's liability to the Customer for all damages, losses and legal causes relating to the services that are the subject of this Agreement shall be limited, subject to such liability being evidenced by a final court judgment, to the total service fees collected by REZTORAN from the Customer during the one-year period preceding the event giving rise to such claim for damages.

11. MISCELLANEOUS PROVISIONS

11.1. The Parties irrevocably accept, declare and undertake that the addresses specified in the form in ANNEX-1 are the legal notification addresses of the parties and that, in the event that a change of address is not notified in writing within 15 (fifteen) days at the latest, notifications made to the addresses specified in the Agreement shall constitute valid notification within the framework of the Notification Law and other applicable legislation. Notices of withdrawal or termination from the Agreement shall be made in accordance with the relevant article of the Turkish Commercial Code.

11.2. All notices, warnings and notifications to be made by one Party to the other in relation to this Agreement shall not be valid unless made through a notary public, by registered mail with return receipt, by telegram, or by electronic mail with delivery confirmation.

11.3. In the event that the Customer is a legal entity, upon execution of the Agreement, it shall be deemed declared and undertaken that the Agreement has been entered into by the authorized representative of the legal entity.

11.4. The Agreement constitutes a whole together with all its annexes, and the annexes are integral parts of the Agreement.

11.5. This Agreement and its annexes constitute the final, complete and exclusive entirety of the mutual understanding between the parties regarding the commercial relationship, and supersede all prior or contemporaneous, written or oral understandings and agreements on this subject. No provision of this Agreement shall be construed as a partnership, agency, joint venture or employment contract between the parties.

11.6. The failure to exercise any right arising from the Agreement within the prescribed time shall not mean that such right has been waived. The partial or complete invalidation, elimination or unenforceability of certain articles of this Agreement and the contracts and annexes to be entered into in connection therewith shall not invalidate the Agreement in its entirety. The remaining provisions shall remain in effect.

11.7. The Customer may not assign and/or transfer any of its rights and obligations arising from this Agreement, in whole or in part, to any third party in any manner without the prior written consent of REZTORAN.

11.8. The stamp duty arising from the Agreement shall be borne equally by the Parties.

11.9. The Parties have designated the Courts and Enforcement Offices of Istanbul (Caglayan) as the competent authorities for disputes arising from this Agreement.

ANNEX-1: Service descriptions and fees

ANNEX-2: Personal Data Processing and Protection Policy

ANNEX-3: Gift Voucher Campaign Terms

REZTORAN ELEKTRONİK İLETİŞİM YAZILIM TİCARET A.Ş. PERSONAL DATA PROCESSING AND PROTECTION POLICY

1. ABOUT THE POLICY

This Personal Data Processing and Protection Policy ("Policy") has been prepared for the purpose of determining the procedures and principles regarding the collection, processing, storage and destruction of data belonging to the Natural Persons specified below by REZTORAN Elektronik İletişim Yazılım Ticaret A.Ş. ("Company") in its capacity as Data Controller, pursuant to Personal Data Protection Law (Law No. 6698) and its secondary legislation ("Law"), and for informing the Natural Persons whose data is processed by the Company.

The Natural Persons ("Data Subject(s)") falling within the scope of this Policy are as follows:

• Company Shareholders and Authorized Representatives
• Employees and Interns
• Employee or Intern Candidates
• Customers
• Shareholders, Authorized Representatives and Employees of Legal Entity Customers
• Business Partners
• Shareholders, Authorized Representatives and Employees of Legal Entity Business Partners
• Product and/or Service Suppliers
• Shareholders, Authorized Representatives and Employees of Legal Entity Product and/or Service Suppliers
• Potential Customers and Business Partners
• Shareholders, Authorized Representatives and Employees of Potential Legal Entity Customers or Business Partners
• Family Members and Close Relatives
• Visitors
• Other Third Parties
Pursuant to Article 28/1 of the Law, this Policy and the provisions of the Law shall not apply in the following cases:
• Processing of personal data by natural persons in connection with activities solely concerning themselves or family members residing in the same household, provided that such data is not disclosed to third parties and that obligations relating to data security are complied with;
• Processing of personal data by means of official statistics and rendering anonymous for purposes such as research, planning and statistics;
• Processing of personal data for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, the privacy of private life or personal rights, or does not constitute a crime; • Processing of personal data within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public security, public order or economic security;
• Processing of personal data by judicial authorities or enforcement authorities in relation to investigation, prosecution, trial or enforcement proceedings. The Company may update the Policy when it deems necessary or when required by the legislation. The Policy is made available to Data Subjects through publication on the Company's website at www.reztoran.com.

2. DEFINITIONS

The definitions of the terms listed below, as set forth in this Policy and the Law, are as follows:

TERM	DEFINITION
Explicit Consent	Refers to consent that is related to a specific matter, based on information, and expressed through free will.
Anonymization	Refers to rendering personal data incapable of being associated with an identified or identifiable natural person by any means, even if matched with other data.
Processing of Personal Data	Refers to any operation performed on data, whether wholly or partially by automated means, or by non-automated means provided that it forms part of any data recording system, such as collection, recording, storage, preservation, alteration, reorganization, disclosure, transfer, takeover, making available, classification or prevention of use of data.
Personal Data	Refers to any information relating to an identified or identifiable natural person.
Personal Data Protection Board	Refers to the Personal Data Protection Board established pursuant to the Law.
Special Category Personal Data	Refers to data concerning individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and attire, association, foundation or trade union membership, health, sexual life, criminal convictions and security measures, as well as biometric and genetic data.
Data Controller	The person who determines the purposes and means of processing personal data and manages the place (data recording system) where data is systematically maintained is the data controller.

3. PERSONAL DATA CATEGORIES AND COLLECTION METHODS

3.1. Personal Data belonging to Data Subjects is processed by our Company under the following categories:

PERSONAL DATA CATEGORIES	DESCRIPTION
Identity Information	All information pertaining to the identity of the person contained in documents such as driver's license, national ID card, residence certificate, passport, attorney ID card, marriage certificate, civil registry records
Contact Information	Information aimed at establishing communication with the data subject, such as telephone number, address, e-mail
Visual and Audio Information	All visual and audio recordings that can be associated with the Data Subject, such as photographs, camera recordings, audio recordings.
Location Information	All data that serves to determine the location of the Data Subject (GPS location, travel data, etc.)
Customer Information	Information obtained from and generated about customers who benefit from our products and services
Family Members and Close Relatives Information	Identity information and contact information of the Data Subject's family members (e.g. spouse, mother, father, child), close relatives and other persons who can be reached in emergency situations, within the framework of the products and services we offer and/or for the purpose of protecting the legal interests of the Company or the Data Subject
Customer Transaction Information	Records relating to the use of our products and services, and information pertaining to all transactions carried out by customers who benefit from our products and services (all transactions such as reservations, cancellations, etc.)
Employee Transaction Information	Information pertaining to all work-related transactions performed by employees and interns (entry and exit records, meeting notes, e-mail correspondence, etc.)
Transaction Security Information	Personal data processed to ensure our technical, administrative, legal and commercial security in the course of conducting our commercial activities
Customer Transaction Information	Records relating to the use of our products and services, and information pertaining to all transactions carried out by customers who benefit from our products and services (all transactions such as reservations, cancellations, etc.)
Financial Information	Data processed relating to information, documents and records showing the financial results created or obtained pursuant to the legal relationship between the Data Subject and the Company
Employee or Intern Candidate Information	Personal data processed regarding individuals who have applied to become an employee or intern of our Company or who have been evaluated as employee/intern candidates in line with our Company's human resources requirements
Personnel File Information	All data necessary for the establishment and protection of the personnel rights of Company Employees and Interns
Legal Proceedings Information	Data processed for the purpose of determining, pursuing legal claims and rights, fulfilling our debts, and meeting our legal obligations
Special Category Data	Data concerning individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and attire, association, foundation or trade union membership, health, sexual life, criminal convictions and security measures, as well as biometric and genetic data constitute special category personal data
Marketing Information	Personal data processed for the purpose of customizing and marketing our products and services in line with the Data Subject's usage habits, preferences and needs, as well as reports and evaluations generated as a result of such processing
Request/Complaint Management Information	Personal data relating to the receipt and evaluation of all requests or complaints directed to our Company

3.2. Our Company collects Personal Data through automatic or non-automatic methods, through our office, call center, website, social media and digital channels, business partners and similar means, in written, oral, electronic form, by means of image/audio recording or by physically encountering the Data Subject face-to-face, in the event that you contact our Company by any means (visiting the website/becoming a member, calling the call center, physically visiting the Company, participating in events organized or sponsored by the Company, etc.).

3.3. For as long as you benefit from the products and services belonging to our Company, the Personal Data collected may be processed and, when necessary, may be updated to ensure the accuracy and currency of your data.

4. PRINCIPLES AND CONDITIONS REGARDING THE PROCESSING OF PERSONAL DATA

4.1. General Principles Applied in the Processing of Personal Data Our Company, as Data Controller, conducts its data processing activities in compliance with the Personal Data Processing principles determined by Article 4 of the Law and listed below.

• Compliance with the Law and the Principle of Good Faith: Our Company processes Personal Data in compliance with the relevant legislation and the requirements of the principle of good faith and uses them within these limits.
• Being Accurate and, Where Necessary, Up to Date: Our Company ensures that the Personal Data it processes are accurate and up to date, taking into account the fundamental rights and legitimate interests of Data Subjects. In this regard, it carefully considers matters such as ensuring that the sources from which data is obtained are identifiable, that accuracy is verified, and whether updates are needed.
• Processing for Specified, Explicit and Legitimate Purposes: Our Company processes Personal Data only to the extent necessary within the scope of the legitimate purposes set forth in the provisions of this Policy and the Privacy Notice presented to Data Subjects within the scope of our obligation to inform.
• Being Connected with, Limited to and Proportionate to the Purpose for Which They Are Processed: Our Company processes Personal Data in a manner suitable for achieving the specified purposes and avoids processing personal data that is unrelated to or unnecessary for the achievement of the purpose.
• Being Retained for the Period Stipulated by the Relevant Legislation or Required for the Purpose for Which They Are Processed:
Our Company retains Personal Data (i) for the period determined by the relevant legal regulations, if any, and (ii) in the absence of a period imposed by law, for reasonable periods determined by taking into account the purpose of data processing and Company procedures. Upon the expiry of the period or the elimination of the reasons requiring processing, personal data are deleted, destroyed or anonymized by our Company.

4.2. Conditions for Personal Data Processing Activities

4.2.1. Article 5 of the Law has introduced the condition that the explicit consent of the Data Subject (the relevant person) must be obtained for the processing of Personal Data, and has also determined the cases in which Personal Data may be processed without obtaining explicit consent. Our Company, pursuant to this provision, may process Personal Data without obtaining the explicit consent of the Data Subject in the presence of one or more of the following conditions:

• The personal data processing activity being explicitly provided for by law
• The Company's personal data processing activity being necessary for the protection of the life or physical integrity of the person who is unable to express consent due to actual impossibility or whose consent is not recognized as legally valid, or of another person
• The processing of Personal Data of the parties to a contract by the Company being necessary, provided that it is
directly related to the establishment or performance of a contract • The processing of Personal Data being mandatory for the Company, as data controller, to fulfill its legal obligation
• The Personal Data having been made public (disclosed to the public) by the Data Subject himself/herself
• The processing of Personal Data by the Company being mandatory for the establishment, exercise or protection of a right
• Data processing being mandatory for the legitimate interests of our Company as data controller, provided that it does not harm the fundamental rights and freedoms of the Data Subject

4.2.2. Our Company acts with utmost care in compliance with the regulations introduced by the Law for the processing of Special Category Personal Data and, as stipulated by Article 6 of the Law, processes Special Category Personal Data subject to obtaining the explicit consent of the Data Subject, except in the exceptional cases specified below, and takes the administrative and technical measures to be determined by the Personal Data Protection Board.
• In the event that the processing of Special Category Personal Data of the Data Subject other than health and sexual life (race, political opinion, etc.) is provided for by law, explicit consent is not required.
• Special Category Personal Data relating to the health and sexual life of the Data Subject may be processed without explicit consent only when processed by persons under the obligation of confidentiality or by authorized institutions and organizations, for the purposes of protection of public health, preventive medicine, medical diagnosis, treatment and care services, and planning and management of health services and their financing.

4.2.3. Our Company, in its capacity as Data Controller, fulfills its obligation to inform Data Subjects pursuant to Article 10 of the Law, immediately before the collection of Personal Data. The Privacy Notice prepared in this regard may be accessed at any time at www.reztoran.com/kvk. Furthermore, in cases where obtaining explicit consent is a prerequisite under the Law for the processing of Personal Data, our Company obtains the explicit consent of the relevant Data Subject in addition to fulfilling its obligation to inform.

4.2.4. Pursuant to Article 28/2 of the Law, our obligation to inform shall not apply in the presence of any of the following conditions:
• Personal data processing being necessary for the prevention of crime or criminal investigation.
• Processing of personal data that has been made public by the Data Subject himself/herself.
• Personal data processing being necessary for the performance of supervisory or regulatory duties and disciplinary investigation or prosecution by competent and authorized public institutions and organizations and professional organizations with the status of public institution, based on the authority granted by law.
• Personal data processing being necessary for the protection of the economic and financial interests of the State in relation to budget, tax and financial matters.

5. PURPOSES OF PERSONAL DATA PROCESSING

Our Company processes Personal Data for specific, explicit and legitimate purposes. In this regard, Personal Data may be processed primarily for the purpose of making and tracking restaurant reservations through our Company and enabling the customer to conveniently make reservations at any time, and additionally for the following purposes:

• Establishment, execution and audit of information security processes
• Provision of call center and remote support services, tracking of call volume and content
• Monitoring and audit of employee activities
• Planning and execution of employee satisfaction and engagement processes
• Establishment and execution of Employee Performance Evaluation Processes
• Establishment and execution of employee/intern candidate application processes
• Establishment and execution of employee/intern selection and placement processes
• Planning of fringe benefits and entitlements for employees and execution of related processes
• Creation of user accounts and e-mail addresses for employees, issuance of company IDs and meal cards
• Planning and execution of employee information access authorizations
• Execution of audit/ethics-related activities
• Planning, monitoring and audit of Finance and Accounting operations
• Provision and monitoring of physical space security
• Monitoring and execution of legal affairs
• Establishment and management of human resources processes
• Establishment, execution and termination of employment relationships/contracts and fulfillment of obligations arising from the Employment Contract and related legislation
• Planning and execution of information access authorizations for business partners and/or suppliers
• Establishment, monitoring and audit of personal data security policies and procedures
• Establishment, execution and audit of product/service production and operation processes
• Establishment, execution and audit of customer relationship management processes
• Execution of activities aimed at customer satisfaction,
• Provision of technology-based services to customers,
• Execution and evaluation of marketing analysis studies
• Execution of advertising / campaign / promotion processes
• Execution of risk management processes
• Execution of storage and archiving activities
• Organization and execution of social responsibility and civil society activities
• Execution of contract processes, conclusion and performance of contracts,
• Execution of sponsorship activities
• Defining users in systems specific to the products and services offered,
• Planning and execution of transportation organization for Company employees and tracking of Company vehicles
• Planning and execution of in-company or external training activities
• Planning and management of organization and event processes organized by the Company
• Establishment, execution and evaluation of Company/Product/Service loyalty processes
• Execution of corporate and partnership law transactions
• Management of requests and complaints
• Planning and execution of commercial activities and commercial relationships in compliance with legislation
• Establishment and management of compensation policy
• Establishment and execution of product/service marketing processes
• Execution and evaluation of market research activities for the sale and marketing of products/services
• Ensuring the security of data controller operations
• Ensuring the accuracy and currency of data
• Execution of investment processes
• Provision of information to authorized persons, institutions and organizations as required by legislation
• Execution of management activities
• Fulfillment of obligations imposed by any legislation in force
• Establishment and tracking of visitor records

6. TRANSFER OF PERSONAL DATA

6.1. Domestic Transfer of Personal Data

Our Company may transfer Personal Data and Special Category Data to a third party domestically, for any purpose set forth in Article 5 of the Policy, as stipulated by Article 8 of the Law;
(i) Without requiring explicit consent, in the presence of any of the exceptional cases listed in Article 4.2.1. of this Policy for Personal Data and in Article 4.2.2. for Special Category Personal Data (subject to adequate measures being in place),
(ii) Subject to obtaining the explicit consent of the Data Subject, in cases where the exceptional cases listed in Articles 4.2.1. and 4.2.2. of this Policy do not exist.

6.2. International Transfer of Personal Data

Our Company may transfer Personal Data and Special Category Data to a third party abroad, for any purpose set forth in Article 5 of the Policy, as stipulated by Article 9 of the Law;
(i) In the presence of any of the exceptional cases listed in Article 4.2.1. of this Policy for Personal Data and in Article 4.2.2. for Special Category Personal Data (subject to adequate measures being in place), and in the foreign country to which the Personal Data will be transferred;
(a) Where adequate protection exists,
(b) Where adequate protection does not exist, provided that data controllers in Turkey and the relevant foreign country undertake adequate protection in writing and the authorization of the Personal Data Protection Board is obtained, without requiring explicit consent,
(ii) Subject to obtaining the explicit consent of the Data Subject, in cases where the conditions listed in paragraph (i) above cannot be met, to a third party abroad, for any purpose set forth in Article 5 of the Policy.

6.3. Recipient Groups to Whom Personal Data May Be Transferred

Our Company may transfer Personal Data and Special Category Personal Data to the recipient groups specified below, in accordance with the principles and obligations set forth in Articles 6.1. and 6.2. of this Policy and Articles 8, 9 and other articles of the Law:

Banks and Financial Institutions
Consultants
Audit Firms
Service Providers
Business Partners (current or potential)
Subsidiaries
Public institutions and organizations authorized by law
Customers (current or potential)
Company Authorized Representatives
Suppliers
Judicial authorities and public authorities

7. LEGAL RIGHTS OF DATA SUBJECTS

7.1. The Data Subject, pursuant to Article 11 of the Law, has the right to apply to our Company and, with respect to himself/herself;

(i) Learn whether Personal Data has been processed,
(ii) Request information if Personal Data has been processed,
(iii) Learn the purpose of Personal Data processing and whether they are used in accordance with their purpose,
(iv) Know the third parties to whom Personal Data has been transferred domestically or abroad,
(v) Request the correction of Personal Data that has been processed incompletely or inaccurately,
(vi) Request the deletion or destruction of Personal Data in the event that the reasons requiring their processing cease to exist, even though they have been processed in accordance with the Law and other applicable law provisions,
(vii) Request that the operations carried out pursuant to correction, deletion and destruction requests be notified to third parties to whom Personal Data has been transferred,
(viii) Object to the emergence of a result against the Data Subject through the analysis of processed data exclusively by automated systems,
(ix) Request compensation for damages in the event that Personal Data has been processed in violation of the law, has the aforementioned rights.

7.2. In order for Data Subjects to exercise the rights specified above, it is sufficient for the relevant Data Subject to complete the Application Form available at the www.reztoran.com/terms link, together with documents enabling the identification of the relevant Data Subject, and to send (i) a signed scanned copy to the e-mail address [email protected] or (ii) the wet-signed original to the headquarters address provided at the www.reztoran.com/contact link.

7.3. As a rule, our Company fulfills the requests of Data Subjects free of charge. However, in the event that the requested transaction entails an additional cost, the fees specified in the tariff determined by the Board may be charged to the Data Subject.

7.4. Applications submitted via the Form shall be responded to within the shortest time possible and in any event within a maximum of 30 (thirty) days, depending on the nature of the request.

7.5. In the event of circumstances such as incomplete or inaccurate sharing of information in the application, failure to articulate the request in a clear and comprehensible manner, failure to submit or properly submit documents supporting the request, or failure to attach a power of attorney copy in applications made through a representative, our Company may experience difficulty in fulfilling requests and delays may occur in the investigation process. For this reason, compliance with these matters is of importance in exercising the rights specified in Article 11 of the Law. Our Company shall not be held responsible for any delays that may occur otherwise.

7.6. Our Company reserves its legal rights against erroneous, false/unlawful and/or bad faith applications.

7.7. Pursuant to Article 28/2 of the Law, in the presence of any of the cases listed in Article 4.2.4. of this Policy, the rights listed in Article 7.1. shall not be exercisable, with the exception of the right to request compensation for damages.

8. SECURITY OF PERSONAL DATA AND MEASURES TAKEN

Our Company takes all necessary technical and administrative measures to ensure an appropriate level of security in order to prevent unlawful processing of and access to Personal Data and to ensure the preservation of Personal Data. The precautions and measures taken by our Company are set forth below on a non-exhaustive basis:

• Our Employees are subjected to training and informed regarding the security of data and its lawful processing in light of the Law, other legislation and developments therein.
• Commitment letters/contracts are executed regarding the responsibilities and obligations of employees and data processors.
• Our Company takes technical and administrative measures, taking into account the nature of the data to be protected and in accordance with technological capabilities and implementation costs, to prevent inadvertent or unauthorized disclosure, access, transfer or any other form of unlawful access to personal data, and to ensure the storage of personal data in secure environments and to prevent their unlawful destruction, loss or alteration.
• Our Company enters into contracts with business partners, customers and suppliers to whom it has transferred personal data, in order to prevent unlawful processing of personal data and to ensure their processing and storage in compliance with the legislation. These contracts contain provisions safeguarding the confidentiality of data, determine the purposes, scope and duration of Personal Data processing, clearly regulate the responsibilities of the parties, and include provisions imposing sanctions for processing activities contrary to law and contractual provisions.
• Data recording environments are protected from both internal and external unlawful interference through various software/hardware and passwords, primarily virus protection programs, to prevent unlawful access to Personal Data.
• Data recording environments under our Company's custody are regularly subjected to security tests by expert organizations, and any security vulnerability detected is remedied. • Access authorizations to Personal Data are limited and access records are maintained.
• Our Company permits only those persons who, by necessity and by virtue of their duties, need to access personal data to process such data, and takes the necessary technical and administrative measures to detect unauthorized processing activities.
• In the event that personal data processed in compliance with the legislation are obtained by others through unlawful means, our Company carries out the necessary procedures to notify the relevant personal data owner and the Personal Data Protection Board at the earliest opportunity, and takes all measures to prevent any damage.

9. RETENTION PERIOD AND DESTRUCTION OF PERSONAL DATA

9.1. Reasons Requiring the Retention and Destruction of Personal Data In the event that the purpose for which Personal Data was collected or its secondary purposes cease to exist, Personal Data shall be retained by our Company;

• For the purpose of enabling our Company to fulfill its existing or potential legal responsibilities, and in accordance with the measures and/or mandatory periods prescribed by law,
• Data scheduled for deletion and/or anonymization shall be retained in backup/archive and similar environments in a manner that is not readily accessible ("live"), for the purpose of business continuity, prevention of data loss and data protection,
• Data to be destroyed through deletion, destruction or anonymization shall continue to be retained until the next periodic destruction date at the latest.

9.2. Destruction of Personal Data

Pursuant to the Law, the destruction of Personal Data means the deletion, destruction or anonymization of data. Accordingly, subject to the provisions of other laws regarding the deletion, destruction or anonymization of Personal Data, our Company shall destroy Personal Data ex officio or upon the request of the Data Subject in the event that the reasons requiring their processing cease to exist.

Upon the deletion of personal data, such data are destroyed in a manner that renders them completely unusable and irrecoverable. Accordingly, the data are deleted from the documents, files, CDs, floppy disks, hard drives and similar media on which they are recorded in an irreversible manner.

The destruction of data refers to the destruction of the documents, files, CDs, floppy disks, hard drives and similar materials suitable for data storage on which the data is recorded, in a manner that renders the information completely irrecoverable and unusable.

Anonymization of data means rendering Personal Data incapable of being associated with an identified or identifiable natural person by any means, even if matched with other data.

9.3. Retention and Destruction Periods for Personal Data

Our Company primarily complies with the period prescribed by the relevant legislation, if any, for the retention of Personal Data. Upon the expiry of the period prescribed by the relevant legislation for the retention of Personal Data, or in the absence of a prescribed period in the relevant legislation, the following shall apply in order;
(i) The relevant Data shall be classified as personal data and special category personal data within the scope of Article 6 of the Law. All personal data determined to be of a special category shall be destroyed. The method to be applied in the destruction of such data shall be determined based on the nature of the data and the degree of importance of its retention.
(ii) The compliance of the retention of data with the principles specified in Article 4 of the Law shall be audited, and data determined to potentially constitute a violation of such principles shall be destroyed.
(iii) A reasonable retention period shall be determined in line with the processing condition and purpose of the relevant Personal Data, and the relevant data shall be destroyed upon the expiry of the determined period. Pursuant to the above principles, Personal Data whose retention period has expired shall be periodically checked every 6 (six) months, commencing on the first day of the year, and those whose period has expired shall be destroyed, within the framework of the destruction periods set forth in the Retention and Destruction Table in Article 9.4. below. All operations related to the deletion, destruction and anonymization of personal data shall be recorded and such records shall be retained for a minimum of 3 (three) years, excluding other legal obligations.

9.4. Personnel Table Involved in Personal Data Retention and Destruction Processes and Retention/Destruction Periods Table Pursuant to this Policy, the personnel listed in the table below shall be involved in the Personal Data retention and destruction process: