Effective: 09.01.2021

Samsung Electronics Co., Ltd. (Data Controller) (“Samsung”) knows how important privacy is to its customers and their employees and partners, and we strive to be clear about how we collect, use, disclose, transfer and store your information. The Data Controller Representative of Samsung in Türkiye is “Samsung Electronics Istanbul Pazarlama ve Ticaret Ltd. Şti.”. This Privacy Policy (“KVKK Notification Text”) provides an overview of our information practices with respect to personal information collected through Samsung Knox services (accessible via https://www.samsungknox.com/) with commercial customers or other services that link or refer to this KVKK Notification Text (collectively, the "Business Services"). 

Samsung aims to process personal data of Samsung Knox users in accordance with the international data protection provisions and the provisions of the Law No. 6698 on Protection of Personal Data (the “KVKK- also known as LPPD in English abbreviation”) and other legislation.

We hereby inform you that your personal data that you have provided/will provide to Samsung and/or are obtained externally by any means by Samsung due to your being a Samsung Knox user shall be processed by Samsung acting as of “Data Controller”: 

• within the framework of the purpose for which they are required to be processed and as relevant, limited, and proportionate to such purpose,
• by preserving the accuracy and the most up-to-date state of such personal data as they have been provided to Samsung by you or otherwise,
• and by complying with the conditions stipulated in the KVKK.

With this KVKK Notification Text (Obligation to Inform Text), it has been aimed to continue and develop the activities carried out by Samsung in accordance with the principles contained in the KVKK.

This KVKK Notification Text may be updated periodically to reflect changes in our personal information practices with respect to the Business Services or changes in the applicable law. We will indicate at the top of this KVKK Notification Text when it was most recently updated. If we update this KVKK Notification Text, we will let you know in advance about changes we consider to be material by placing a notice on the Business Services or by emailing you, where appropriate.

What information do we collect?

Samsung shall process your personal data for the purposes and legal grounds specified in this KVKK Notification Text. If there is any change in the purpose for which your personal data are processed or in the legal grounds thereof, this KVKK Notification Text shall be updated and re-published by Samsung.

We will collect various types of personal information in connection with the Business Services. Your personal data are collected through electronic media, via all kinds of information, documents and certificates you have submitted to Samsung and collected through the application, both before and after the establishment of the contractual relationship and during such contractual relationship.

• We will collect personal information that you provide, such as your name, address, e-mail address and contact details, job title and position, company, language, registration details, information about the managed devices (such as IMEI, serial number, model name) and any communications you send or deliver to us;

• We will collect data about your use of the Business Services, including the time and duration of your use; information stored in cookies that we have set on your device; and information about your device settings;

• We will collect information about the products and services you or your employer have bought or received and payment data and other information provided in connection with a transaction;

• We also may receive personal information about you from your employer or service provider or from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you (as permitted by law, or otherwise with your separate consent).

Through the Business Services, we collect personal information about your online activities on websites and connected devices over time and across third-party websites, devices, apps and other online features and services.  We may use third-party analytics services on the Business Services, such as those of Google Analytics.  The service providers that administer these analytics services help us to analyze your use of the Business Services and improve the Business Services.  The information we obtain may be disclosed to or collected directly by these providers and other relevant third parties who use the information, for example, to evaluate use of the Business Services, help administer the Business Services and diagnose technical issues. To learn more about Google Analytics, please visit http://www.google.com/analytics/learn/privacy.html and https://www.google.com/policies/privacy/partners/.

How do we use your information?

We may use information we collect for the following purposes:

• to provide products and services that you (or your employer) requested and to register or authenticate you or your device;
• to respond to your questions or requests for information;
• to offer better and more customized products and services that take into account your company’s purchasing history and service record and other relevant information;
• subject to your separate consent where required by applicable law, to inform you about new products and services;
• for assessment and analysis of our market, customers, products, and services (including asking you for your opinions on our products and services and carrying out customer surveys);
• to understand the way companies use the Business Services so that we can improve them and develop new products and services;
• to provide maintenance services and to maintain a sufficient level of security on the Business Services;
• to protect the rights, property, or safety of Samsung, or any of our respective affiliates, business partners, employees or customers, for example, in legal proceedings, internal investigations and investigations by competent authorities;
• otherwise with your separate consent where required by applicable law or as described to at the time your information is collected.

Samsung processes personal information for the purposes described above. Samsung’s legal basis to process personal information includes processing:

Your personal data are processed being limited to the use of the related service/platform; in compliance with the legislation in force and the Law on Protection of Personal Data; by automated or non-automated methods;

• based on your explicit consent, for the purposes of sending commercial electronic messages to you,;
• based on Article 5, paragraph 2 of the KVKK, sub-paragraph c), which stipulates ‘if it is necessary to process personal data of contractual parties, provided that such processing is directly related to the establishment or performance of the contract’, and sub-paragraph f) thereof, which stipulates ‘if it is mandatory to process personal data for the legitimate interests of the data controller, provided that the fundamental rights and freedoms of the data subject are not violated’:

• for collection purposes stated above other than sending commercial electronic messages to you, and may be updated in line with our obligations arising from the legislation and the company policies.

Your personal data shall be kept for a reasonable period of time until the purpose for which they are processed ceases to exist or until the end of the legal time period specified in the relevant legislation, and in any case until the expiry of the statute of limitations.

To whom do we disclose your information?

The procedures and principles to be applicable to personal data transfers are set forth in Articles 8 and 9 of the KVKK, and the personal data of the data subject may be transferred to third parties in Türkiye and/or abroad.

We will disclose your information internally within our business, but only to those who need it to further provide Services or to help with your requests.

We will also disclose your information to the following entities, only to the extent that this will be necessary to provide the Business Services:

• Affiliates: Other Samsung Electronics Group companies which we control or own, such as developing, operating, and assessing service license servers.

• Service Providers: Carefully selected companies that provide services for or on behalf of us, such as companies that help us with repairs, customer contact centers, customer care activities, server operation, or billing, or that send emails on our behalf.  For example, Samsung SDS Co., Ltd. operates license server and stores your registration data to deliver license keys and related automated emails. These providers are also committed to protecting your information.

• Other parties when required by law or as necessary to protect our business: For example, it may be necessary by law, legal process, or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security.

• Other parties in connection with corporate transactions: We may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the event of a bankruptcy.

• Other parties with your consent or at your direction: In addition to the disclosures described in this KVKK Notification Text, we may share information about you with third parties when you separately consent to or request such sharing.

Submissions that you make to public areas of a website, mobile application, or other online service, such as bulletin boards may be viewable to other users of the Business Services. We do not control, and are not responsible for, how other users of the Business Services may use this information. For example, personal information that you submit in public areas could be collected and used by others to send you unsolicited messages or for other purposes.

How do we keep your information secure?

We take data protection seriously. We’ve put in place physical and technical safeguards to keep the information we collect secure. However, please note that although we take reasonable steps to protect your information, no website, Internet transmission, computer system, or wireless connection is completely secure.

Where do we send your data?

Your use or participation in the Business Services may involve transfer, storage and processing of your information outside of your country of residence, consistent with this KVKK Notification Text. Such countries include, without limitation, the Republic of Korea, the United States of America, Philippines, Canada, and Japan.

What are your rights under KVKK?

In accordance with Article 11 of the KVKK, you may apply to Samsung and make requests on the following issues about your personal data:

1. Learning whether or not your personal data have been processed,
2. Obtaining information on the procedure, if your personal data have been processed,
3. Learning the purpose for which your personal data have been processed and whether or not they are used in line with such purpose,
4. Obtaining information about third parties to whom your personal data are transferred within Türkiye or abroad,
5. Requesting correction of your personal data if they have been processed incompletely or inaccurately and requesting the notification of third parties to whom your personal data are transferred of the correction made in this respect,
6. Requesting deletion, destruction, or anonymization of your personal data if the reasons for which they are processed no longer exist and requesting the notification of third parties to whom your personal data are transferred of such deletion, destruction, or anonymization procedure,
7. Objecting to the occurrence of a result which is detrimental to you as a result of analyzing of your processed personal data exclusively through automatic systems,
8. Requesting indemnification for your damages which are caused by unlawful processing of your personal data.

Samsung or our Data Controller Representative shall receive and evaluate the data subject requests through the “Samsung Electronics Co., Ltd. Data Subject Application Form” available on https://www.samsung.com/tr/info/kvkk/. Samsung or our Data Controller Representative shall conclude your application free of charge in accordance with Article 13 of the KVKK according to the nature of the request, and within 30 (thirty) days at the latest. If the request is rejected, the reason(s) for rejection shall be notified to you in writing or electronically together with the relevant grounds.

However, requesting the deletion of your personal information may also result in a loss of access to the Business Services.

If you request deletion of personal information, you acknowledge that you may not be able to access or use the Business Services and that residual personal information may continue to reside in Samsung's records and archives for some time in compliance with applicable law, but Samsung will not use that information for commercial purposes. You understand that, despite your request for deletion, Samsung reserves the right to keep your personal information, or a relevant part of it, in line with our data retention policy and applicable laws, if Samsung has suspended, limited, or terminated your access to the website for violating the Samsung Terms of Use or any other applicable Samsung policy or applicable law, when necessary to protect the rights, property, or safety of Samsung, or any of our respective affiliates, business partners, employees or customers.

How long do we keep your information?

We won’t keep your personal information for longer than is necessary for the purpose for which it was collected. This means that information will be destroyed or erased from our systems when it’s no longer required.

We take appropriate steps to ensure that we process and retain information about you based on the following logic:

1. At least the duration for which the information is used to provide you with a service;

2. As required under law, a contract, or with regard to our statutory obligations;

3. Only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or for statistical purposes, subject to appropriate safeguards.

What third-party services do we use?

Our Business Services may link to third-party websites and services that are outside our control. We are not responsible for the security or privacy of any information collected by websites or other services. You should exercise caution, and review the privacy statements applicable to the third-party websites and services you use. 

Cookies, Beacons and Similar Technologies

We, as well as certain third parties that provide content, advertising, or other functionality on our Business Services, may use cookies, beacons, and other technologies in certain areas of our Business Services.

Cookies

Cookies are small files that store information on your device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions. Cookies serve many useful purposes. For example:

• Cookies can remember your sign-in credentials so you don’t have to enter those credentials each time you log on to a service. 

Cookies help us and third parties understand which parts of our Business Services are the most popular because they help us to see which pages and features visitors are accessing and how much time they are spending on the pages. By studying this kind of information, we are better able to adapt the Business Services and provide you with a better experience.

• Cookies help us and third parties understand which ads you have seen so that you don’t receive the same ad each time you access our Business Services. 
• Cookies help us and third parties provide you with relevant content and advertising by collecting information about your use of our Business Services and other websites and apps.  

When you use a web browser to access the Business Services, you can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences. The operating system of your device may contain additional controls for cookies.

Please note, however, that some Business Services may be designed to work using cookies and that disabling cookies may affect your ability to use those Business Services, or certain parts of them. 

Beacons

We, along with certain third parties, also may use technologies called beacons (or “pixels”) that communicate information from your device to a server.  Beacons can be embedded in online content, videos, and emails, and can allow a server to read certain types of information from your device, know when you have viewed particular content or a particular email message, determine the time and date on which you viewed the beacon, and the IP address of your device.  We and certain third parties use beacons for a variety of purposes, including to analyze the use of our Business Services and (in conjunction with cookies) to provide content and ads that are more relevant to you. 

Your Choices

We offer you certain choices in connection with the personal information we obtain about you. 

The Business Services may offer choices related to the collection, deletion and sharing of certain information and communications about products, services and promotions If you decline to allow the Business Services to collect, store or share certain information, you may not be able to use all of the features available through the Business Services.

To exercise your choices, please contact us as indicated in the Contact Us section of this Privacy Policy. 

You can make choices about whether to receive promotional communications from us by following the subscribe options made available at the interactive customized services platform and the unsubscribe instructions included in every communication sent by us.

Contact Us

You can contact us to update your preferences, correct your information, submit a request, or ask us questions.

You can contact us at:

Data Controller

Samsung Electronics Co., Ltd.

129, Samsung-ro, Yeongtong-gu,

Suwon-si, Gyeonggi-do 16677, Republic of Korea

dataprotection@samsung.com

Data Controller Representative

Samsung Electronics Istanbul Pazarlama ve Ticaret Ltd. Şti.”

Defterdar Mah.Otakçilar Cad. Sinpaş Flatofis Apt.No.78/46 Eyüpsultan