Last Updated: 10.05.2022
Getir Perakende Lojistik A.Ş. (“Getir”) respects your right to privacy. This Privacy Policy explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Policy only applies to personal information that we collect through our career website at https://career.getir.com (“Website”).
If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the bottom of this Privacy Policy.
We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Policy, then you can click on the relevant link below to jump to that section.
Getir is an on-demand delivery service that offers customers the opportunity to purchase products and have them delivered directly to their door.
If you wish to order our products, please use our App, which is available at App Store and Google Play Store.
Personal information is all data that can be related to you personally, e.g., name, address, e-mail addresses, Website transaction records.
If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes.
The personal information that we collect about you falls into the following categories:
We have embedded our service provider’s recruiting job board on our Website to collect information as part of our job application procedures. In line with this, we may ask you to provide personal information voluntarily: for example, we may ask you to provide your contact details, such as your first name, last name, email address, phone number, and work experience details to complete your application for a position at Getir.
For personal information that we collect when you use or interact with the above-mentioned job board in our Website, please see our Candidate Privacy Policies.
When you visit the Website, we may collect certain data automatically from your device. Specifically, we collect your IP address and user transaction records which includes data about how your device has interacted with the Website, including the pages accessed and links clicked. We may also collect your device type, unique device identification numbers, browser type, broad geographic location (e.g., country or city-level location) and other technical information.
| Global Processing activities & purposes | EU - UK (Legal Basis) | Turkey (Legal Basis) |
| Collecting this information enables us to better understand the visitors who come to the Website, where they come from, and what content on the Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of the Website to our visitors. | The processing of this data is based on our legitimate interest (Art. 6 (1) (f) GDPR). For further details, please refer to “Legal basis for processing personal information (EU – UK visitors)” heading below. | Personal data processing is mandatory for our legitimate interests (Art. 5/2-f of the Law on the Protection of Personal Data numbered 6698 (“TR Law”)) |
| Turkey specific processing activities & purposes |
| We are collecting this information to comply with our obligations arising from Law No. 5651 on the Law on the Regulation of Broadcasts via Internet and Prevention of Crimes Committed through Such Broadcasts and its secondary regulations. |
| Legal Basis |
| Processing of personal data to fulfill our legal obligations (Art. 5/2-ç of the TR Law) |
You can visit this Website and search for jobs without providing personal data. However, our recruitment software provider collects certain information automatically from your device when you interact with our job boards, which will be processed as detailed in Greenhouse Privacy Policy.
We may disclose your personal information to the following categories of recipients:
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will collect and process your personal information
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
If we collect and use your personal information in reliance on our legitimate interests, this interest will normally be to operate the Website and communicating with you as necessary to provide our services to you and for our legitimate commercial interest, for instance, when responding to your queries, or improving the Website. We may have other legitimate interests and if appropriate we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to contact us” heading below.
We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Specific measures we or our third-party service providers use include anti-virus software and firewalls, access controls, encryption and detection and prevention software to detect and prevent cyber-attacks.
As our group companies, third party service providers and partners operate around the world, your personal information will be transferred to a location outside of the EU, United Kingdom, USA or Turkey (as appropriate).
When your personal information is transferred outside the the regions mentioned above, we are required to ensure that it is subject to an equivalent level of protection as it would within the EU, United Kingdom, or Turkey (as appropriate). Therefore, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with applicable data protection law and with this Privacy Policy.
These include, for example, implementing the Turkish Data Protection Authority’s, Information Commissioner’s Office’s or European Commission’s Standard Contractual Clauses for transfers of personal information between our group companies, which require all group companies to protect personal information they process from data subjects residing in the relevant jurisdictions in accordance with the applicable data protection law.
A copy of the Standard Contractual Clauses can be provided on request. We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.
Your personal information will be stored and retained for us in accordance with the applicable laws on data protection, and to the extent necessary for the processing purposes set out under this Privacy Policy or resulting from such laws.
When it is no longer necessary to process your personal information for the purposes for which it is processed, we will either aggregate, delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Notwithstanding the above provisions of this Privacy Policy, we may retain your personal information where such retention is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.
| Website visitors from EU & UK |
You have the right to receive information from us at any time, upon request, about the personal information we process that concerns you within the scope of Art. 15 GDPR. To do this, you can send a request by post or email to the addresses below.
You have the right to request that we correct personal information relating to you without delay if it is incorrect. To do so, please contact us at the addresses below.
You have the right, under the conditions described in Art. 17 GDPR, to demand that we delete the personal information relating to you. These conditions provide in particular for the right to erasure if the personal information are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of a duty to erase under Union law or the law of the Member State to which we are subject. For the period of data storage, please also see section “data retention” of this Privacy Policy. To assert your right to deletion, please contact us at the addresses given below.
You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal information is disputed between the user and us, for the period of time required to verify the accuracy, as well as in the event that the user requests restricted processing instead of erasure in the case of an existing right to erasure; furthermore, in the event that the data is no longer necessary for the purposes pursued by us, but the user requires it for the assertion, exercise or defence of legal claims, as well as if the successful exercise of an objection is still disputed between us and the user. To exercise your right to restrict processing, please contact us at the addresses below.
You have the right to receive from us the personal information relating to you that you have provided to us in a structured, commonly used, machine-readable format in accordance with Art. 20 GDPR. To exercise your right to data portability, please contact us at the addresses below.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal information relating to you which is carried out, inter alia, on the basis of Art. 6(1)(e) or (f) GDPR, in accordance with Art. 21 GDPR. We will stop processing your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.
You also have the right to contact the competent supervisory authority in case of complaints. The competent supervisory authorities are (i) Information Commissioner’s Office - ICO (for UK visitors); and (ii) Autoriteit Persoonsgegevens (for EU visitors). We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. |
| Website visitors from Turkey | Article 11 of the TR Law regulates the rights of the data subjects (real persons whose personal data are processed). You may exercise the rights pursuant to Article 11 of the TR Law which are as follows:
|
We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.
You can see when this Privacy Policy was initially published by checking the “last updated” date displayed at the top of this Privacy Policy.
If you have any questions or concerns about our use of your personal information, or you wish to exercise your rights under this Privacy Policy or the applicable law on data protection, please contact us using the following details: (i) privacy@getir.com (for EU, UK and US visitors); and (ii) kisiselveriler@getir.com (for TR visitors).
The data controller of your personal information is Getir Perakende Lojistik A.Ş whose headquarters office is located at Tanburi Ali Efendi Sk. No 13/334 Etiler, Istanbul, Turkey.