Mahmood Rice

Mahmood Rice Privacy Policy

Last updated: 25.09.2025

1. Introduction

As Mahmood Rice (“Company”), we place great importance on the confidentiality and security of your personal data. This Privacy Policy explains for which purposes and on what legal grounds your personal data is processed when you visit our website or contact us.

2. Scope and Data Controller

This policy applies to all visitors using our website and individuals who contact us through our communication channels.
Data Controller: Mahmood Rice
Contact: [contact email]

3. Personal Data Collected

  • Identity Information: name, surname, etc.
  • Contact Information: email address, phone number, etc.
  • Electronic Data: IP address, device/browser details, cookie data, session information.
  • Usage Data: page views, interactions, preference logs, feedback content.

4. Purposes of Processing

  • Operating and ensuring the performance of the website,
  • Responding to user requests and support inquiries,
  • Improving service quality and conducting analysis/reporting,
  • Marketing and promotional activities (only with your explicit consent),
  • Fulfilling legal obligations and using data as evidence in possible disputes.

5. Legal Grounds

  • Explicit consent (Article 5/1 of the KVKK),
  • Necessity for establishing or performing a contract (Art. 5/2-c),
  • Compliance with legal obligations (Art. 5/2-ç),
  • Protection of our legitimate interests (Art. 5/2-f), provided that your fundamental rights and freedoms are not harmed.

6. Transfer of Personal Data

Your personal data may be shared with the following recipient groups, with appropriate security measures and limited to the specified purposes:

  • Suppliers and service providers: hosting, infrastructure, maintenance, analytics, email/SMS services, customer support tools,
  • Business partners: limited to what is necessary for jointly conducted projects,
  • Authorized institutions and organizations: within the scope of legal requests and audits.

7. International Data Transfer

If infrastructure or service providers are located abroad, your data may be transferred abroad in accordance with the necessary protection and transfer conditions under Article 9 of the KVKK.

8. Retention Periods

Your personal data is retained for a reasonable period aligned with the purpose, in accordance with legal requirements and internal policies. Once the purpose ends, the data is deleted, destroyed, or anonymized.

9. Cookies and Similar Technologies

Our website may use mandatory, functional, and (with explicit consent) analytical/marketing cookies. You can manage your cookie preferences through your browser settings. For details, see our Cookie Policy.

10. Security Measures

To protect your data, we apply administrative and technical measures including access control, encryption, logging, authorization, and employee training. Appropriate security obligations are also required from third parties through relevant agreements.

11. Your Rights

Under Article 11 of the KVKK, you have the right to:

  • Learn whether your personal data is processed,
  • Request information regarding processed data,
  • Learn the purpose of processing and whether it is used accordingly,
  • Learn the third parties to whom data is transferred within Turkey or abroad,
  • Request correction if your data is incomplete or inaccurate,
  • Request deletion or destruction of your data under the KVKK,
  • Request notification of these actions to third parties who received your data,
  • Object to decisions made solely through automated processing that may produce negative results,
  • Request compensation if you suffer damages due to unlawful processing.

12. Application and Contact

You may submit your requests regarding your rights to [contact email]. Your applications will be finalized within 30 days in accordance with the KVKK and relevant legislation.

13. Changes to the Policy

This policy may be updated when necessary. Updates become effective on the date they are published on our website.