Migros Ticaret A.Ş. Privacy and Data Security Policy

Migros Ticaret A.Ş. (“Migros”) Privacy and Data Security Policy (“Privacy and Security Policy”) aims to assist you in understanding why, how we collect data and what data we collect, what we do with this data and how we ensure its security. This information is important. Therefore, we recommend you to take the time to read our Privacy and Security Policy carefully. Also, if you are a member of a Migros web site, application or Money Club Card, we remind you that you can find the controls necessary to manage your information, to protect your privacy in Membership Procedures section of your relevant membership, which you access with your password. You can utilize Membership Procedures section of our service channel that you share this information, or this link or our following service to correct/update your personal data:

Our Customer Services Centre: 444 10 44

Migros Management considers the application of Migros Information Security Policy as one of the vital processes of the company.

It is important for us you to know clearly how we use your information, how we you ensure your security and how you protect your privacy while you are using our services.

Our Privacy and Security Policy explains the following:
• What information we collect and how we use it?
• How our customers access and update their information?
• How we protect the collected information?

You can let us know your questions, concerns or complaints regarding Our Privacy and Security Policy through our 444 10 44 call centre. Please contact us for all your requests and questions in this respect.

What information we collect and how do we collect it?

As Migros, we collect your personal information from you with the intention of offering better services to you, our customers. Personal information we collect enables us to notify you about the latest products, shopping deal opportunities, personal deal offerings and future activities of Migros. Moreover, the data we collected from you also enable us to receive feedback from you in the most accurate way about our services and departments by maintaining information exchange with you, the customers.

If you want to take a look at our Migros web sites, e-trade sites of Migros, Money Club card privileges and/or our applications, we do not request any personal information from you; however, if you want to participate in any features and services offered by our websites, applications and/or services, we may ask you to provide various personal or demographic information. Any information defining you personally and/or being used for communication is defined as personal information in our Privacy and Security Policy. These may include, for example, your name, postal address, e-mail address, telephone number, date of birth, age, sex or fields of interest and preferences associated with your personal data.

Your personal data is only collected with your consent (for example, if you provide them deliberatively by using online forms found on our websites and/or applications or during Money Club card application) and information collection process is generally materialized as follows:

• When you enrol in/become a member of websites or applications
• When you take part in message boards and other online activities
• When you send an announcement or notice to your friend
• When you participate in questionnaires/votes
• When you send feedback through "Contact Us" form
• When you enter information with respect to business (for example, curriculum vitae delivery, media requests, etc.)
• When you have request of any kind requiring personal data input
• When you are spotted out by in-store camera recording system

Type and amount of information collected with respect to abovementioned characteristics will vary depending on the activity. The data we collect during Migros service and website memberships (Apart from credit card information) are stored by us. This information may contain the following (but not limited to these):

• Name, surname
• Postal address
• E-mail address
• Telephone number
• Shopping information

You may be asked to create a user name and/or password for some activities or memberships. Moreover, you may be obliged to provide additional demographic information. This information may include the following:

• Your age or date of birth
• Your gender
• Your frequency of use
• Other information about you


Mobile applications prepared within Migros may collect some information from the users automatically. This information includes;

• Brand-model of your mobile phone,
• Internet Protocol address (IP) of your mobile phone,
• Operating system of your mobile phone,
• Location information


(Within the framework of permission you have given on your phone for use of location information). You can stop this information flow at any time by removing the application from your phone (You can adjust the data collected through your phone from the application settings and permissions section on your phone).

Social Media program of Migros covers platforms such as Facebook, Twitter and Instagram, etc… Social media content and the features being used are subject to own privacy policy of the relevant platform. Please read the privacy policies of the aforementioned companies (Facebook, Twitter, Instagram, etc.) in order to obtain information about the social media privacy policy.
 

Cookies and Other Technologies

We may use cookies while collecting the data to be processed in line with the purposes explained in our Privacy and Security Policy. Cookies are small text files stored on your computer or mobile device when you visit an internet site, and they keep various information concerning your visit.

Nowadays, many internet browsers have cookie blocking mode while visiting internet sites. If you activated cookie blocking mode on your web browser, you may not benefit from some features we developed for you on our web site.

As in the case of many websites, some information such as Internet Protocol (IP) addresses, browser type and license, internet service provider (ISP), referring and exit pages, operating system, date/time stamp and clickstream data are collected and saved automatically.

Another technology we use on our website is the “web beacon”. Web beacons (pixel tag), collect information such as the number of times our web site being displayed.

Migros web sites may also use other technologies such as online services, interactive applications, e-mail messages and ads, cookies and web beacons. Information collected by cookies and other technologies is considered as non-personal information and is used only to improve the service we offer to you. Your visit to our web sites means you give your consent to use of cookies and web beacons within the scope of this policy.

Link clicking URLs connecting to the content on the Migros web site are used in some of our e-mail messages. When customers click on one of these URLs, they pass through a separate web server before reaching target page on our web site. These link clicking data are monitored with the intention of determining interest in certain subjects and measuring the effectiveness of our customer communication. If you do not want to be monitored in this manner, you must not click on the text or graphic link incoming in e-mail messages.

In-store Camera Recording System

Camera recording system is used in our stores for the safety of our customers and operational purposes (for example, state of in-store traffic, etc.). Relevant recordings may be shared with the official authorities under circumstances requiring legal procedures.

How Do We Use the Collected Information?

The information being collected from you is used in line with the purpose you provided us your information, during collection of information or in line with the purposes explained in our Privacy and Security Policy. Option may be offered to use of your information for a different activity or service other than the activity or service you requested while enrolling to our websites and/or applications, providing information or updating your information.

Also, we may use your personal and/or demographic information for our analysis works. In this way, we can continually improve, personalize, customize the products and services we offer you and meet your requirements in a better way. These include merging, updating or expanding in different ways sometimes the data we obtained from external sources and/or third parties and your personal data collected through our websites and/or applications. We do not sell, rent and/or exchange your personal data.

We use and store your personal data in compliance with the statues at large with the intention of;

• Making our website and application easier to use,
• Promoting our products and services,
• Sending your online and mobile orders to your address,
• Acquainting ourselves with our members and improving our communication,
• Offering general and special campaigns/advantages,
• Running marketing activities and advertising campaigns,
• Making our departments and services customer specific and personalized,
• Performing data analysis, research, surveys and other customer satisfaction applications/notifications

We need your information in order to exceed customer expectations, to ensure their satisfaction expected from us by reaching out to them and to remain closer to the people we serve. Your personal data is not used aside from the purposes indicated above.

Migros Customer Communication Program (“Program”) is customer oriented marketing program offering general and special campaign, promotion, discount, introduction, opportunity to benefit from clubs-specific advantages and similar benefits that may also be performed together with the Program partners included in;

Money Club Program Partners
Migros E-Trade Sites Program Partners


and updated list, to the program members in all places of business including those in the electronic environments operated by Migros.

By becoming a member of our service and departments, our customers warrant commercial electronic message to be sent to them through all kinds of electronic media by Migros and Program partners, within the framework of the applications that may be carried into effect directly or indirectly by the Program, with respect to general and special campaigns, advantages, product, service introductions, advertising, market research surveys and other customer satisfaction applications, notices.

Members give permission for their personal data such as shopping information, name, surname, mobile phone numbers, date of birth, home city, sex, etc., location information that can be accessed due to electronic programs and non-personal information to be collected in order to be used with the intention of good and service promotion, image building, product, service and communication improvement, getting acquainted with its members, auditing, data analysis, research, understanding trends, and also to be used in marketing and advertising services, being stored in data recording systems, being shared with the execution partners such as Program partners, GSM Operators / Social Networking Sites / Cargo companies, etc. for the abovementioned purposes. Unless member indicates otherwise, he/she acknowledges his/her current data to be stored, shared, processed, in line with similar purposes listed within the scope of this article, also after the expiry of his/her membership.

Migros may share cumulative (batch) customer statistics with third parties such as its business partners (including its investors), press, etc. in a manner not to contain the personal data in the individual detail.

The Principles We Observe When Processing Your Data

When we are processing your data, we observe:

• Data to have specific scope,
• Procedures to be performed for legal purposes,
• Procedures being in compliance with law and good faith,
• Data being related, limited and restrained with the purposes that its being collected or processed,
• Processing being performed with up-to-date data,
• Data being stored throughout the necessary period for the purpose of processing.

Accessing and Updating Information

You can make sure that your contact information, preferences and other personal data are correct, complete and up-to-date by accessing your account through our websites and/or applications. Password, user name, credit card information or other personal data are never requested from you through e-mail. This method aimed at stealing and using your personal data in bad faith is called “Phishing”. When you receive a message appearing to be sent by us, but requesting your personal data, you must not reply to such message.

We are aiming to enable you access your personal data whenever you use our services. If this information is incomplete or inaccurate, we run the process necessary for you to update or delete this data (if it is not required to be retained for a justified ground concerning the company or legal purposes). We may ask you to verify your identity first to fulfil your request when you update your personal data.

You can use the membership section with a password on the website of our service channel that you share this information or this link or our following services to query your information saved in our database or to correct/update your personal data:

Our Customer Services Centre: 444 10 44

Your Rights Concerning Your Data Being Collected

You have certain rights concerning the data we collected within the framework of this policy. You can;

• Find out whether the data was processed or not,
• If processed, obtain information concerning this,
• Find out the purpose of processing and whether used in compliance with the purpose or not,
• If any, find out the third parties it is being shared with domestically and abroad and the data being shared,
• Ask for it to be corrected in the case of it being inaccurate or incomplete,
• In the case of the reasons necessitating its processing being removed or data losing its actuality, ask for your data to be deleted or destroyed,
• If you have requests concerning its deletion or correction, you can ask your request to be notified to the third parties to which the data being transferred.

You can contact us through our 444 10 44 call centre or this link for your relevant requests.

Our Data Security Criteria

Migros takes all the necessary technical and organizational precautions in order to ensure privacy and security of sensitive personal data and your personal data collected over our websites and/or other applications. These precautions feature various subjects also including the following:

• Storage of your personal data in a secure, non-public working environment that can be accessed only by Migros employees (within the scope of nondisclosure agreement made with our employees), our intermediaries and contractors
• Authentication of identity of our users, of whom we store personal data, through website or application before accessing this information


Migros takes the relevant precautions including administrative, technical and physical precautions for the protection of your personal data against loss, theft and misappropriation, and also against unauthorized access, sharing, amendment and destruction. Migros uses Secure Sockets Layer (SSL) protocol encryption in online services such as E-Trade sites and on all websites, where personal data being collected. You must use a SSL-supported browser such as Safari, Firefox, Chrome or Internet Explorer to purchase products from these services. By this means, you can protect privacy of your personal data transmitted over internet.

Migros Privacy and Security Policy and practices applied to ensure privacy are explained to the customer/individual upon the request of the customer/individual. Migros abides by the PCI DSS (Payment Card Industry Data Security Standard) regulations established with the intention of ensuring data security in card payment systems and ensures secure data transmission and operation in card payment systems. Your credit card number is transmitted to your bank after being encrypted by our online credit card application and never shared with third parties. Your credit card information is not stored/retained by Migros.

Migros, at its sole discretion, may require 3D payment option for the customers to complete their orders.

Validty of Privacy and Security Policy

Our Privacy and Security Policy is valid for all services offered by Migros (including advertising and research services, etc.).

Leaving Information and Announcement List

If you do not want to take part in our announcement and information list, you can leave any time by updating your preferences. Accessing and controlling authority of the commercial-electronic messages sent from Migros for notification and communication purposes is in your hands. If you do not want us to contact you while your membership to our service and departments continues, you can use your “CANCEL” right in digital media, and actualize your cancellation procedure by sending free SMS to 7447 or contacting our call centre. You will not be contacted until an approval invalidating this being sent by you. If you do not want to benefit from our services any longer and select to drop out of the membership, you can call our customer services line or apply to information departments found in our stores.

Privacy Questions and Reminders

This policy is subject to change due to continuous changes in internet technologies and internet-based business models not having a constant structure. All kinds of changes within the scope of our Privacy and Security Policy will be announced to our visitors over our websites and/or applications. We recommend you to visit our website periodically to follow the changes to be made on our Privacy and Security Policy.

Please contact us, if you have any questions or concerns about Migros Privacy and Security Policy or data processing.

Spam e-mails

Spamming is sending e-mail with the intention of advertising, marketing or promotion against your will and without your consent.

As Migros, we do not send spam e-mail. Sending advertising intended e-mail without the consent of the other party is illegal. We do not use your personal data (also including your e-mail address) directly for marketing or advertising purposes without your consent. At the same time, we do not share your personal data with any third party, who may use it for spam e-mails.

Our websites, services and applications offer you opportunity to receive marketing information through e-mail. Each e-mail sent to you by Migros offer you the opportunity to stop receiving marketing e-mails at any date.

If you believe for any reason that you are receiving spam e-mail from a Migros company, please contact us immediately.

Causes of Action and Miscellaneous

Migros may be obliged to disclose your personal data due to law, judicial process, actions and/or demand incoming from the public authorities within or outside the country. When it is deemed necessary or appropriate to share your data for national security, enforcement of law or other issues of importance for the public, your data may be disclosed to the relevant official authorities.

Migros Ticaret A.Ş. last amendment date: 28.06.2016
Designed by Dreams&Bytes