Order from £50 and enjoy our full range

What are you looking for?
Shopping Cart
£50.00 more data shipments are free!

Your shopping cart is empty!

GDPR Clarification Text

EXPLANATION TEXT ON THE PROCESSING OF PERSONAL DATA


1- IDENTITY

Data Controller: Chef's Cake

As the Data Controller, Chef's Cake (hereinafter referred to as "Chef's Cake"), within the scope of the Personal Data Protection Law No. 6698 (GDPR) and related legislation; In order to enlighten the data owners regarding the processing, storage and transfer of your personal data, this clarification text has been prepared and presented to your information. (Please read it carefully. You can reach us from the contact information written above or from the Application Form in matters that are not understood.)


2- SCOPE:

as Chef's Cake; By creating this clarification text, by trying to ensure that the personal data of real persons, including our customers, visitors, suppliers and employees, are processed in accordance with our Constitution and the Law on the Protection of Personal Data No. We present to your information. Therefore, but not limited to those listed; Transactions regarding the processing, storage, transfer of data regarding all personal data in oral, written or electronic media that we obtain during our activities, especially our valued clients, our employees, suppliers, customers and users visiting our website Chef's Cake Personal We perform it in accordance with the PRIVACY and COOKIE POLICY for the Protection and Processing of Data.

In order to protect personal data, we take all administrative and technical protection measures required by the nature of the relevant data in accordance with the legislation and current technology.


3- DEFINITIONS:

GDPR: Law on Protection of Personal Data No. 6698


  • a) Personal data: Any information relating to an identified or identifiable natural person,
  • b) Explicit consent: Consent on a specific subject, based on information and expressed with free will,
  • c) Anonymization: Making personal data impossible to associate with an identified or identifiable natural person under any circumstances, even by matching with other data,
  • ç) Relevant person: The real person whose personal data is processed,
  • d) Personal data: Any information relating to an identified or identifiable natural person,
  • e) Processing of personal data: Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, of personal data fully or partially automatically or non-automatically provided that it is a part of any data recording system. All kinds of operations carried out on the data such as bringing, classifying or preventing its use,
  • f) Board: Personal Data Protection Board,
  • g) Institution: Personal Data Protection Authority,


4-OUR PRINCIPLES

This Policy, within the framework of the procedures and principles stipulated in the Personal Data Protection Law No. 6698, of the personal data shared during our commercial or social responsibility and similar activities:

  • a) In accordance with the law and honesty rules
  • b) By making sure that it is accurate and, where necessary, up-to-date.
  • c) For specific, explicit and legitimate purposes
  • ç) Relating to the purpose for which they are processed, with limited and proportionality principles.
  • d) It explains and covers the methods we follow for processing, storing, transferring, deletion or anonymization within the framework of the Principles.


5- PERSONAL DATA PROCESSED AND OUR PROCESSING PURPOSE:

5.1. Pursuant to Article 5 of the GDPR, we do not process personal data without the explicit consent of the person concerned.

In the processing of personal data, we process the fundamental rights and freedoms of individuals, especially the privacy of private life, and by obtaining OPEN CONSENT as the personal data controller, for the purposes stated below:

For planning and executing sales processes of products and services, planning and executing after-sales support services activities, planning and executing member/user/client relations management processes, tracking and concluding member/user/client requests or complaints, contract processes and legal requests, Your personal data obtained when you contact us via e-mail or other means, with your voice call recordings kept in accordance with our personnel or call center standards; Your Identity Information: your name, surname, T.C. your identity number, place and date of birth, marital status, gender and other identification data by which we can identify you, and your Contact Information; your address, telephone number, e-mail address and other information necessary for us to communicate

Collection of payment for the product or service you purchased from Chef's Cake, delivery of the product, transaction security, performance of obligations arising from the legal relationship established for this reason, Follow-up and coordination of finance, accounting, insurance, legal and tax affairs, marketing, advertising , periodic campaigns, and customer "classification" studies aimed at not sending unwanted e-mails, customer profile and behavior classification, evaluation of customer satisfaction complaints and analysis activities, targeting, strategy and efficiency studies, your bank account number, IBAN your financial data such as your number, credit card information, billing information or other financial data you provide in your voice call records kept in accordance with call center standards; and your Identity Information; your name, surname, T.R. identity number, place and date of birth, marital status, c your ancestry and other identifying information by which we can identify you

Corporate communication, logistics, storage activities; Ensuring production, supply and Member/user/client satisfaction, planning and executing activities,

Planning and executing the sales processes of products and services, planning and executing after-sales support services activities, member/user/client request or request, within the scope of carrying out the necessary work by our business units to benefit the persons concerned from the products and services offered by Chef's Cake and executing the relevant business processes. follow-up and conclusion of complaints, follow-up of contract processes and legal requests,

Giving information to authorized institutions based on legislation,

Planning, auditing and executing information security processes, creating, managing and controlling information technology infrastructure,

Social media, written-oral and internet media, search engines, etc. To carry out marketing activities in different channels, to provide general and special offers, products and services to customers and to benefit from the services of the call center in this context, to measure and evaluate the quality of telephone conversations with the customer/client, and to fulfill our legal and contractual obligations, In accordance with Articles 5 and 8 and/or in the presence of exceptions in the relevant legislation, your personal data and sensitive personal data will be processed in line with your consent, or without your consent in cases specified in the relevant law, in line with the above purposes.

5.2 Processing and conditions of special categories of personal data

Pursuant to Article 6 of the GDPR No. 6698; Data on race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, disguise and dress, membership in associations, foundations or unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data are of special nature. is personal data. We do not process sensitive personal data without the explicit consent of the person concerned.


EXCEPTIONAL:

However, personal data other than health and sexual life listed in paragraph 5.2 of this clarification text may be processed without seeking the explicit consent of the person concerned, in cases stipulated by the laws. Personal data related to health and sexual life are only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing, by persons or authorized institutions and organizations under the obligation of secrecy without seeking the explicit consent of the person concerned. can be processed.


6- LEGAL BASIS:

Your personal data, in line with the realization of the above-mentioned purposes by Chef's Cake, International laws and regulations, especially our Constitution, Laws, Regulations and Regulations of the Republic of Turkey and Articles 5 and 6 of the Personal Data Protection Law No. 6698, which is the main basis of this text. specified in its articles; within the terms and purposes of personal data processing

With explicit consent,

clearly stipulated in the law,

In cases where it is necessary for the protection of the life or physical integrity of the person or another person, who is unable to express his consent due to actual impossibility or whose consent is not legally valid,

In cases where it is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

If it is necessary for the data controller to fulfill its legal obligation,

The person concerned has been made public by himself,

Data processing is mandatory for the establishment, exercise or protection of a right,

In cases where data processing is necessary for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject,

And "Explicit consent" specified in paragraph 2 of Article 6 and "Special quality personal data specified in paragraph 3, except health and sexual life, can be processed without express consent in cases stipulated by law.


7- PERSONS AND PURPOSE OF TRANSFERRING PERSONAL DATA:

7.1. First of all, we would like to state that personal data and sensitive data will not be transferred by us to other natural persons and legal entities without the explicit consent of the person concerned, without prejudice to the exceptional circumstances in the Legislation.

In case of the explicit consent of the person concerned: Your personal data, which you have transferred to us, processed for the purposes and means mentioned above, may be shared with the specified persons/institutions/organizations within the scope of the requirement written below.


In this context:

In order to provide better quality service to Chef's Cake customers and to enable them to access these services more easily; In case of your request for additional and complementary services to our human resources service, related personnel and services we provide, with our partner institutions/organizations and experts.

Processing data on behalf of Chef's Cake, providing customer satisfaction measurement and profiling support, and providing support in matters where personal data needs to be processed in the field of sales and marketing; Chef's Cake's business partners, third parties from whom we receive support in areas such as storage, archiving and server, hosting, software, cloud information technologies support, information security, for the purposes of carrying out advertising, promotion and promotional activities,

In cases where you purchase services from us by filling out the relevant form on the website from Chef's Cake, your name, telephone number and address information will be shared with national and international cargo companies so that we can reach you.

In order to make your payments in distance sales transactions, we cooperate with national and international banks, finance and payment institutions.

Persons who have a business relationship with Chef's Cake; For the purposes of ensuring legal, technical and commercial occupational safety and rights, and carrying out the necessary work by our relevant departments in order to benefit from the products and services offered by Chef's Cake and to carry out the relevant business processes; Within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the GDPR, but not limited to those listed; In line with the purpose of the service we provide to our affiliates, shareholders, business partners, relevant personnel, legally authorized public institutions and private individuals and other persons, our performance assistants and subcontractors, or in cases stipulated by the relevant legislation, regulatory, supervisory institutions and official authorities may be transferred to the country or abroad.


7.2 Chef's Cake does not share with third parties the information it collects from the member and its members through the website or physically, except for legal obligations and obligations, with third parties without the knowledge of the member in question or otherwise, and for commercial purposes for any reason other than activity. does not use or sell.

Your information can only be transferred without your knowledge if this information is requested by the official authorities with a legal need and in cases where it is obliged to make a statement to the official authorities in accordance with the procedures and principles of the mandatory legislation provisions in force.

Your credit card information requested on the payment page is never kept from Chef's Cake or on the servers of the companies serving it in order to keep its security at the highest level. In this way, all transactions for payment are made between the bank, the brokerage house contracted with these banks and your computer via the Chef's Cake interface. The credit card number stored with us is masked


8- RIGHTS OF THE DATA OWNER (RELATED PERSON):

8.1 Regarding your personal data within the scope of article 11 of the GDPR;

Learning whether your personal data is processed,

If your personal data has been processed, requesting information about it,

Learning the purpose of processing personal data and whether they are used in accordance with its purpose,

Knowing the third parties to whom your personal data is transferred, in the country or abroad,

Requesting correction of your personal data if it is incomplete or incorrectly processed,

Requesting the deletion or destruction of your personal data within the framework of the conditions stipulated in the GDPR legislation,

When you request the deletion or destruction of your personal data with the correction of incomplete or incorrect data, requesting that this situation be notified to the third parties to whom we have transferred your personal data,

Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,

If you suffer damage due to unlawful processing of personal data, you have the right to demand that this damage be remedied.


8.2 How Can You Exercise Your Rights?

If you wish to submit your applications and requests regarding your personal data, through the KVK Application Form (for more detailed information, please click); You can send it to Unit 19 Anglo Business Park Fishpond Road
RG412AN Wokingham with a wet-signed petition and a photocopy of your identity card in person or by mail.

Or, you can send it to our info@chefscakes.co.uk e-mail address from the e-mail address Chef's Cake previously notified by the person concerned and registered in our system.


9- SECURITY OF PERSONAL DATA:

Our obligations as a Data Controller regarding the security of personal data:

Personal data;

To prevent illegal processing,

To prevent illegal access,

We take administrative and technical measures according to technological possibilities and implementation costs in order to ensure that they are stored in accordance with the law.

These measures are:


9.1- Technical measures:

By creating technical infrastructures and related control mechanisms for the deletion, destruction and anonymization of personal data,

By employing employees with technical/technological expertise,

We take the necessary precautions for the safe storage of personal data by creating business continuity and emergency plans against the risks that may occur, using software systems for their implementation, and establishing security systems.


9.2- Administrative measures:

By including our employees in high-level training programs on GDPR, we raise awareness by informing them about the relevant technical and administrative risks.

In cooperation with third parties and contracts made with companies to which personal data is transferred for the storage of personal data; We definitely include the provisions regarding taking the necessary security measures for the protection and safe keeping of the personal data transferred to the persons to whom personal data is transferred, and we sign a commitment on the subject.


10- DELETING, DESTROYING, MAKING ANONOMY OF PROCESSED PERSONAL DATA

As the data controller Chef's Cake, although your personal data obtained with the purposes and methods described above has been processed in accordance with the provisions of the Law on Protection of Personal Data No. 6698 and other relevant laws, in case the reasons requiring processing disappear, at the end of the mandatory storage periods specified in the relevant laws, At the request of you or the person concerned, it is deleted, destroyed or anonymized by our data controller.

10.1 Periodic Destruction Period

Personal data whose storage period has expired is destroyed at the first periodic destruction time following the end of the storage period.

Personal data that has expired and that does not have any other data processing purpose that requires the storage of personal data are anonymized by our data controller within 4 months following the expiry of the storage period.

However, in cases where the data controller has a legitimate interest, personal data can be stored for the purposes of 10 years, which is regulated in the Code of Obligations, provided that the fundamental rights and freedoms of the data owners are not harmed, despite the expiration of the purpose of processing and the periods specified in the relevant laws. may be retained until the expiry of the statute of limitations. After the expiry of the said statute of limitations, personal data will be deleted, destroyed or anonymized according to the procedure set forth in our Privacy Policy.

10.2 How Long Will Your Requests Regarding the Processing of Your Personal Data Be Answered?

Your claims regarding your personal data are evaluated and answered within 30 days at the latest from the date they reach us. In case your application is evaluated negatively, the reasons for rejection are sent to the address you specified in the application by e-mail or postal mail, in particular, by one of the methods selected in the Relevant Person Application Form.


11- COOKIE (COOKIES POLICY)

Chef's Cake uses cookies on Chef's Cake pages in line with the laws and purpose written above. (Click the “Cookies Policy” text for more detailed information.) In this context, remarketing lists based on metrics such as users' IP address, which pages they visit, domain type, browser type, number of pages viewed, duration of visit and number of target completions. It may also use information such as identification, date and time, for statistical evaluation and to provide personalized services and offers. In addition, Chef's Cake may transfer User information to the companies it cooperates with in order to conduct research, create a database and conduct market research in order to provide you with better quality service, and may process User information limited to the above-mentioned purposes by these companies. It can then show this user targeted advertising content on the site or other sites in the Display Network, based on the interests of the users.


13- Chef's Cake GDPR POLICY:

WHAT IS GDPR? : General Data Protection Regulation (GDPR - General Data Protection Regulation) It is a regulation created to protect the personal data of EU citizens across Europe. The GDPR, which entered into force in the member states of the European Union as of May 25, 2018, is about ensuring the security of personal data in large institutions and organizations in the member states of the European Union within the framework of the rules specified in the regulation.

For detailed information on this subject, click on the “GDPR Clarification Text”.

We respectfully submit to the information of all relevant persons as "Data Controller" within the scope of GDPR

Click for "Application Form" Click for "Confidentiality and Terms of Use"

Data Controller: Chef's Cake

Back to top