ParkPalet Privacy and Disclosure Text

The purpose of this Privacy Policy and Disclosure Text ("Policy") is to inform the users and visitors of the website located at "www.navlungo.com" ("Site"), managed by Navlungo Logistics and Technology Joint Stock Company ("Company"), about the terms and conditions regarding the processing of personal data obtained from real and legal person Users and their employees and representatives during the use of the Site, concerning the services provided through the Site ("Services"). Definitions not specified in this Policy shall refer to the definitions in the User Agreement published on the Site ("Agreement").

You may feel safe while using the Site. However, please remember that no system is entirely secure. Even if we take all necessary steps to protect your data, there is always a possibility of remaining outside of security. Therefore, we would like to remind you that you must be very careful when sharing your personal data. Data transmitted by you without the Company's request, apart from the data requested by the Company, shall not be considered as personal data processed by the Company under this Policy. Therefore, we strongly advise you not to share your images and your other personal data not requested by the Company, without any request from the Company, through email messages or any other communication channel.

Which of Your Data is Processed?

Under this heading, the collected data, which are processed within the scope of the services provided by the Company and considered personal data pursuant to the Law on the Protection of Personal Data No. 6698 ("Law"), as well as the data that is not personal and the data collected through cookies, are categorized below. Unless explicitly stated otherwise, the term "personal data" in this Policy includes the information listed below.

• Personal Data:

• Data Collected for Membership Transactions:

• Data Collected from Real Person Users:

Identity Information: Name, surname

Contact Information: Email address, phone number, address information

Financial Information: Bank IBAN no, Credit card number (Requested only when you decide to purchase the service.)

Identity Verification, Security, and Tracking Information: Turkish Republic Identification Number (TCKN)

Other Information: The company the person works for

Data Collected from Representatives of Legal Person Users:

Identity Information: Name,

Contact Information: Email address, phone number, address information

Data Collected for Invoice Information: Name surname, Trade Title, Turkish Identification Number, Tax Number, Address Information, Phone Number, Email Address

Data Related to Third Parties: During the use of the Services accessed through the Site, personal data belonging to a third party account that is shared related to the Services, e.g., email address, any username, etc.

Other Data -** Special Category Personal Data:** Special category personal data is defined by the Personal Data Protection Authority as “data that would cause discrimination against or victimization of the relevant person if learned.” The Company does not process the special category data of its Users.

Data Processed via Cookies: Detailed information about your processed data, including primarily the IP Address entered, type of device used, operating system, and browser information, can be found in the “Cookie Policy” published on the Site. In accordance with Articles 3 and 7 of the Law, data anonymized in an irreversible manner shall not be considered as personal data pursuant to the Law, and processing activities concerning this data shall be carried out without being bound by the provisions of this Policy.

The User undertakes that the information related to them that is the subject of this Policy is complete, accurate, and up to date, and they will update this information immediately in the event of any change. The Company shall not be liable for any situations arising from the failure of the User to share their updated information.

Which of the Collected Data Will We Anonymize?

Anonymization of data means preventing the identification of individuals or losing the feature to be identifiable within certain groups in relation to a real person. In this context, the data anonymized will include (i) the entry times of Users and Visitors using the Site, (ii) the products they reviewed and their features, (iii) the frequency of using the Site and purchasing services, (iv) data regarding which city Users are using the Site from or purchasing services, (v) countries where searches are conducted on the Site and how frequently they are searched from these countries.

For What Purposes Do We Process Your Data?

The Company may share the personal data collected from the representatives of legal person Users with third-party firms, located in the position of preferred 3rd parties, for carrying out the necessary logistics operations in the provision of Services. The Company may process the personal data provided by Users and the new data produced by the Company using this personal data for purposes such as enabling Users to utilize the Site seamlessly, executing the necessary operational process while providing Services (allowing Users to access Services without wasting time, being able to see a list of firms they will reach through the Site, eliminating communication errors with the firm they decide to receive services from, etc.), providing and improving the services concerned on the Site, ensuring Users' data security, managing relationships with Users, maintaining coordination among the Company’s units for the continuity of Services, keeping Visitor records, informing Users and Visitors about promotional and advantageous offers, generating statistical data from Visitors' data, fulfilling the Company's obligations arising from laws and regulations, and preventing current or potential legal disputes.

Regarding Cookies

The Company may obtain information about Users’ usage of the Site through cookies, which are a technical communication file, and may process data in this context, and may transmit it to third parties only to the extent required for the processing of their analysis services. The mentioned technical communication files are small text files sent by the Site to Users' browsers to be stored in the main memory. A technical communication file facilitates internet use by saving status and preference settings regarding a website. It is designed to obtain statistical information about how many people use the Site at a certain time, for what purpose a person visits the Site, how many times they visit, and how long they stay, and to assist in dynamically producing advertisements and content from user pages designed specifically for Users. Technical communication files are not designed to obtain any other personal data from the main memory. Most browsers are designed to accept technical communication files by default; however, Users may change their browser settings at any time to prevent technical communication files from being sent or to be warned when a technical communication file is sent. Details regarding cookies can be found in the “Cookie Policy” on the Site. In case of necessary situations for identifying system-related problems and promptly resolving these problems, the Company may detect and use Users' IP addresses. IP addresses may also be used to generally identify Users and to collect comprehensive demographic information.

Legal Reason for Data Collection

The fundamental reason for collecting the mentioned data is the obligations in the relevant legislation. Additionally, we collect the classified personal data above due to our contractual relationship with Users, our legitimate interests, and the commercial principles we adhere to.

Who Can Access Your Data?

The Company may share personal data provided by Users and Visitors and new data generated from this personal data using for the provision and/or development of Services, enhancing Users' experiences and for any purpose specified under the title “For What Purposes Do We Process Your Data?” of this Policy, to execute the service operation to be performed by the firm reached through the Site that will provide the service the User wants from the Site.

Additionally, under Articles 5 and 8 of the Law and/or in case of the existence of exceptions in the relevant legislation, the Company may process and share the data subject to this Policy without obtaining the Users' consent. The primary situations where this may occur are outlined below:

As explicitly stipulated in the laws, It must be necessary to process personal data for the protection of the life or bodily integrity of an individual unable to disclose their consent due to physical impossibility or whose consent is not legally valid, Provided that it is directly related to the establishment or performance of a contract, including a contract, it is necessary to process personal data, It must be necessary for the Company to fulfill its legal obligation, They have been disclosed by Users themselves, Processing of data is necessary for the establishment, exercise, or protection of a right, Processing data for the legitimate interests of the Company is necessary without damaging Users' fundamental rights and freedoms. The Company shall have the right to transfer the personal data collected for the data hosting service only under the scope of fulfilling the objectives mentioned above:

In cases where you have given explicit consent, cases provided for by the Law exist, and where there is sufficient protection in the country to which the data will be transferred and even if there is no sufficient protection, guaranteeing sufficient protection by the data controller in the related country and also obtaining the approval of the Personal Data Protection Authority (“Authority”).

ATTENTION OF USERS:

As for data knowingly shared with third parties, the User is solely responsible, and the Company has no liability regarding these shared data.

Your Right to Access Your Data and Your Requests for Correction

Users have the right to learn whether personal data concerning them are processed, and to:

Learn whether personal data is processed, Learn the purpose of processing personal data and whether they are used in accordance with their purpose, Know third parties to whom personal data is transferred, Request correction of personal data in case of incomplete or inaccurate processing, Request deletion or destruction of personal data in accordance with the conditions stipulated in the relevant legislation, Request that the rectification, deletion, and destruction activities performed in accordance with the relevant legislation be notified to third parties to whom personal data has been transferred, Object to the emergence of a result against the person himself by automated systems solely analyzing the processed data, Request compensation for damages in case of damage due to unlawful processing of personal data. Users can exercise their rights arising from the law in accordance with Article 13 of the Law, Paragraph 1, and other relevant provisions of law through one of the methods specified below or through other methods to be determined by the Personal Data Protection Authority. The current methods specified in the Law are as follows:

Filling out the Application Form for Personal Data Protection Law on the Site (“Application Form”) and sending it to the Company's headquarters at Sanayi Mah. Teknopark Blvd. Teknopark 4A Apt. No: 1/4A/101 Pendik/Istanbul after wet signing (Submission by the applicant in person with an identity-increasing document.) Sending the signed Application Form after being filled out with a “secure electronic signature” as defined in the Law No. 5070 on Electronic Signature to the email address “info@navlungo.com” (The subject of the email will be noted as “Personal Data Protection Law Information Request.”) Sending the signed Application Form after being filled out via notary to the Company’s headquarters at Sanayi Mah. Teknopark Blvd. Teknopark 4A Apt. No: 1/4A/101 Pendik/Istanbul (the notification envelope will be marked “Information Request Within the Scope of the Personal Data Protection Law.”) A special power of attorney prepared in the name of the person to be requesting must be available in order for someone other than the applicant to make a request.

Retention Period of Personal Data

The Company will act in accordance with the provisions of Law No. 6698 and the Regulation on the Deletion, Destruction, or Anonymization of Personal Data (“Regulation”). The Company will retain the personal data provided by Users for 10 years from the last day on which the service was provided to Customers and from the date communication permissions are revoked for the data collected from Visitors for fulfilling the obligations arising from the nature of the Services specified in this Policy, and, after the date when the obligation to delete personal data arises under the Regulation, will delete the personal data in the first periodic deletion process. The Company will fulfill its obligations arising from Article 12 of the Regulation regarding Users who request the deletion of their personal data under Article 13 of the Law.

Measures and Commitments Regarding Data Security

The Company undertakes to take necessary technical and administrative measures to ensure an adequate level of security to prevent:

The unlawful processing of personal data, Unlawful access to personal data, The Company shall not disclose the personal data obtained about Users contrary to this Policy and the provisions of the Law No. 6698 and shall not use it for purposes other than processing. If links to other applications are provided through the Site, the Company shall not be liable for the privacy policies and contents of these applications.

Communication Consent

You have consented to the collection, storage, processing, and transfer of your personal data, which is stated in this Policy and to which you have given consent for electronic communication, to provide various advantages to you, and for any purposes such as electronic communication for advertisements, sales, marketing, surveys, reservation privileges, and similar communications; The Company will contact Users through email to validate during registration, verify the correct person when the password is forgotten, creating a website, advertising through the website, sharing the site, etc., for security notifications, and via phone or SMS for verification of phone numbers during registration, notifying as a two-factor verification method, and for notifications intended for security purposes. The Company will take all necessary measures to ensure the secure storage of such personal data in accordance with Article 12 of the Law, and to prevent unauthorized accesses and unlawful processing of data.

User Privacy Regarding Age Limit

The Company will not intentionally collect or record the data of individuals under the age of 18. If you are under 18 years old, we inform you that you should not use the Platform and Services or share any of your personal data with the Company. Upon learning that data of an individual under the age of 18 have been collected, the Company will take reasonable steps to delete the data immediately.

Changes to the Policy

The Company may amend the provisions of this Policy at any time by publishing it on the Site. The provisions of the Policy shall become effective on the date of publication. To inform Users about changes made in this Policy, the Company will carry out necessary notifications.

Dispute Resolution

This Policy is subject to the laws of the Republic of Turkey. All disputes arising from this Policy or related to this Agreement shall be resolved in the judicial and enforcement offices of Istanbul Central (Çağlayan).

We would like to state that if this Policy is not approved by Users, you will not be able to benefit from the Services.