Protecting your Privacy, our Promise.

Because your data and privacy are so important, we wanted to let you know that when you share your information with us, we take our obligations very seriously indeed. Because your data and privacy are so important, we wanted to let you know that when you share your information with us, we take our obligations very seriously indeed.

Our Notice on Data Protection

1. Introduction

Deris Patent & Trademarks Agency A.Ş., hereafter the company, is committed to protect the privacy and the security ofyour personal data.

We are data controller for the data that you share with us as client, supplier, visitor of our Websites or a candidate applying to a position with our company. In certain circumstances when we work with clients’ data, we may be a data processor. We will assist you should you ever require further information about who is controlling your data and why.

This Privacy Notice explains the types of personal data we may collect about you when you interact with us, via text, video, audio or any other communication channels. It also explains how we store and handle that data and keep itsafe.

First of all, here are a few terms we may use in this document:

•Personaldata”isinformation relating to you as a living, identifiable individual.

•Processing ”means collecting, recording, organising, using, disclosing, storingand deleting your data.

It is likely that we will need to update this Privacy Notice from time to time, and we reserve the right to do so. We invite you to come back and check this regularly, but we will keep you informed on important changes.

2. Why the company needs to process data

When collecting your personal data, we will always make clear to you which data is necessary for each purpose wehave told you about. We are processing your data on the following lawful grounds:

Consent:

We may send you information about our services and which you have requested, such as a newsletter or the participation to one of our events.

Contracts or pre-contractual relationships:

In certain circumstances, we need your personal data to respond to your request, complaint or comment or to render services you have mandated our company to perform for you. We are also processing your job application for employment with us based on this ground (and on consent where applicable).

Other Legal and regulatory compliance:

When the law requires it or when we need to provide your information in a litigation case for example.

Legitimate interest:

For example we need to maintain a record of our activities in our system. We also have a legitimate interest to keep your data for business development or for internal governance, security and case management.

3. Sensitive data

We don’t set out to collect sensitive information about our clients, prospective clients and candidates but we are mindful that such information may be available to us from time to time. In case this should happen, we will obtain your express consent to process it or base this processing on a legal obligation.

4. When we collect your personal data

These occasions will include, but are not limited to:

• Whenyoumandate us to provide you our specialised services, in particular in relation to legal consultancy or IT development or services;

• When you instruct us to protect and defend your intellectual property rights directly or as instructed by another IP firm on your behalf;

• Whenyouvisit our offices or when you participate to events we organise;

• When you or your organisation is a client of ours and uses our services;

• When you supply goods and services to us;

• Whenyouaccess or engage with our website;

• When you write to us about any subject by any means;

• When you post, like, follow or reply on any of our social media feeds;

• When your image or vehicle number plate is recorded on our CCTV system;

• When you send us your application for a job opportunity.

5. What type of data is collected and why we collect it

We collect personal data in order to manage our business and deliver our services to you. We may collect:

• your personal and professional contact information,

• complaints and requests information,

• technical information when you visit our website such as your IP address, previous pages visited, web browser and search criteria entered,

• social media user name if you interact with us through those channels in order to help us respond to yourcomments, questions and feedback.

We may use technology such as cookies to help us deliver relevant and interesting content in our communications inthe future.

If we believe your data is no longer needed for the purpose of which it was collected, we will not process it further unless we have a legal obligation to do so.

6. Your data protection rights

For your security, we use all appropriate organisational and technical security controls to safeguard your data. The company is also committed to your data protection rights, such as:

Right of access and rectification: you have the right to obtain a copy of your information and to correct inaccuracies at any time.

Right to object: you have the right to change your mind and object to the processing of your personal data. Right to deletion: you have the right to ask us to delete your data from our records. We will always uphold this right unless there is a legal obligation upon us to keep your data.

Right to restriction: you have the right to request the restriction of the processing of your personal data in certain circumstances. For example, you object to the accuracy of your personal data or your data has been unlawfully processed.

Right of portability: if we hold information about you and you want us to send it to another company that does similar work to us or provides a similar service, you can ask us to do that.

Right of revocation: you have the right to revoke your consent at any time. For example, you can opt-out by clickingthe “unsubscribe” link in any email communication that we send you. We will then stop any further emails to you, except where we have a legitimate interest to do so, for example when we make substantive changes to this Notice.

You may exercise your rights by contacting us at the following e-mail address: deris@deris.com.tr

We will process your request as soon as possible.

7. Data retention and how long we may keep data

We only keep personal information as long as needed to carry out services that you requested or to which you have given your consent to the extent specified above or to use tracking advertising and analysis services within the scope of our legitimate interest, e.g. to send you marketing communication, answer to your queries, resolve problems or provide improved and new services, or for legal requirements. We are allowed to retain the data for a reasonable time after you stop using our services. After a certain period, we will destroy or anonymise it in a secure manner, if there is no legal obligation to retain the information for a longer period.

8. International transfers of Data

Occasionally we will need to share your personal data with third parties and our other offices which may be located inside and outside Turkey or to another country.

We may transfer personal data that we collect from you to third-party data processors in countries that are outsideTurkey, such as the USA. For example, this might be required when we store data in a Cloud Service. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed in Turkey and we will treat the information under the guiding principles of this Privacy Notice.

9. How to complain about our processing of your data

Should you be concerned about a possible interference with your privacy or misuse of your personal data by us, or if you have any questions or comments, you can contact us via e-mail at the following address:

deris@deris.com.tr

The EU and EEA residents can contact our Data Protection Representative by

• Sending an e-mail to DataRep at datarequest@datarep.com quoting in the subject line,

• Contacting DataRep on their online webform at www.datarep.com/data-request, or

• Writing to DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany

Switzerland residents can contact our Swiss Data Protection Representative by

• Sending an e-mail to DataRep at datarequest@datarep.com quoting in the subject line, or

• Contacting DataRep on their online webform at www.datarep.com/data-request, or

• Writing to DataRep, Leutschenbachstrasse 95, ZURICH, 8050, Switzerland

If you feel that your data has been handled incorrectly, or you are unhappy with the way we have dealt with your queryregarding the way we use your personal data, you have the right to complain. You should seek advice from the Supervisory Authority in the country that you reside.

If you reside in Turkey please use this information: http://www.kvkk.gov.tr

Privacy Notice Of Deris Attorney-At-Law-Partnership

Protecting your Privacy, our Promise.

Because your data and privacy are so important, we wanted to let you know that when you share your information with us, we take our obligations very seriously indeed. Because your data and privacy are so important, we wanted to let you know that when you share your information with us, we take our obligations very seriously indeed.

Our Notice on Data Protection

1. Introduction

Deris Patent & Trademarks Agency A.Ş., hereafter the company, is committed to protect the privacy and the security ofyour personal data.

We are data controller for the data that you share with us as client, supplier, visitor of our Websites or a candidate applying to a position with our company. In certain circumstances when we work with clients’ data, we may be a data processor. We will assist you should you ever require further information about who is controlling your data and why.

This Privacy Notice explains the types of personal data we may collect about you when you interact with us, via text, video, audio or any other communication channels. It also explains how we store and handle that data and keep itsafe.

First of all, here are a few terms we may use in this document:

•Personaldata”isinformation relating to you as a living, identifiable individual.

•Processing ”means collecting, recording, organising, using, disclosing, storingand deleting your data.

It is likely that we will need to update this Privacy Notice from time to time, and we reserve the right to do so. We invite you to come back and check this regularly, but we will keep you informed on important changes.

2. Why the company needs to process data

When collecting your personal data, we will always make clear to you which data is necessary for each purpose wehave told you about. We are processing your data on the following lawful grounds:

Consent:

We may send you information about our services and which you have requested, such as a newsletter or the participation to one of our events.

Contracts or pre-contractual relationships:

In certain circumstances, we need your personal data to respond to your request, complaint or comment or to render services you have mandated our company to perform for you. We are also processing your job application for employment with us based on this ground (and on consent where applicable).

Other Legal and regulatory compliance:

When the law requires it or when we need to provide your information in a litigation case for example.

Legitimate interest:

For example we need to maintain a record of our activities in our system. We also have a legitimate interest to keep your data for business development or for internal governance, security and case management.

3. Sensitive data

We don’t set out to collect sensitive information about our clients, prospective clients and candidates but we are mindful that such information may be available to us from time to time. In case this should happen, we will obtain your express consent to process it or base this processing on a legal obligation.

4. When we collect your personal data

These occasions will include, but are not limited to:

• Whenyoumandate us to provide you our specialised services, in particular in relation to legal consultancy or IT development or services;

• When you instruct us to protect and defend your intellectual property rights directly or as instructed by another IP firm on your behalf;

• Whenyouvisit our offices or when you participate to events we organise;

• When you or your organisation is a client of ours and uses our services;

• When you supply goods and services to us;

• Whenyouaccess or engage with our website;

• When you write to us about any subject by any means;

• When you post, like, follow or reply on any of our social media feeds;

• When your image or vehicle number plate is recorded on our CCTV system;

• When you send us your application for a job opportunity.

5. What type of data is collected and why we collect it

We collect personal data in order to manage our business and deliver our services to you. We may collect:

• your personal and professional contact information,

• complaints and requests information,

• technical information when you visit our website such as your IP address, previous pages visited, web browser and search criteria entered,

• social media user name if you interact with us through those channels in order to help us respond to yourcomments, questions and feedback.

We may use technology such as cookies to help us deliver relevant and interesting content in our communications inthe future.

If we believe your data is no longer needed for the purpose of which it was collected, we will not process it further unless we have a legal obligation to do so.

6. Your data protection rights

For your security, we use all appropriate organisational and technical security controls to safeguard your data. The company is also committed to your data protection rights, such as:

Right of access and rectification: you have the right to obtain a copy of your information and to correct inaccuracies at any time.

Right to object: you have the right to change your mind and object to the processing of your personal data. Right to deletion: you have the right to ask us to delete your data from our records. We will always uphold this right unless there is a legal obligation upon us to keep your data.

Right to restriction: you have the right to request the restriction of the processing of your personal data in certain circumstances. For example, you object to the accuracy of your personal data or your data has been unlawfully processed.

Right of portability: if we hold information about you and you want us to send it to another company that does similar work to us or provides a similar service, you can ask us to do that.

Right of revocation: you have the right to revoke your consent at any time. For example, you can opt-out by clickingthe “unsubscribe” link in any email communication that we send you. We will then stop any further emails to you, except where we have a legitimate interest to do so, for example when we make substantive changes to this Notice.

You may exercise your rights by contacting us at the following e-mail address: deris@deris.com.tr

We will process your request as soon as possible.

7. Data retention and how long we may keep data

We only keep personal information as long as needed to carry out services that you requested or to which you have given your consent to the extent specified above or to use tracking advertising and analysis services within the scope of our legitimate interest, e.g. to send you marketing communication, answer to your queries, resolve problems or provide improved and new services, or for legal requirements. We are allowed to retain the data for a reasonable time after you stop using our services. After a certain period, we will destroy or anonymise it in a secure manner, if there is no legal obligation to retain the information for a longer period.

8. International transfers of Data

Occasionally we will need to share your personal data with third parties and our other offices which may be located inside and outside Turkey or to another country.

We may transfer personal data that we collect from you to third-party data processors in countries that are outsideTurkey, such as the USA. For example, this might be required when we store data in a Cloud Service. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed in Turkey and we will treat the information under the guiding principles of this Privacy Notice.

9. How to complain about our processing of your data

Should you be concerned about a possible interference with your privacy or misuse of your personal data by us, or if you have any questions or comments, you can contact us via e-mail at the following address:

deris@deris.com.tr

The EU and EEA residents can contact our Data Protection Representative by

• Sending an e-mail to DataRep at datarequest@datarep.com quoting in the subject line,

• Contacting DataRep on their online webform at www.datarep.com/data-request, or

• Writing to DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany

Switzerland residents can contact our Swiss Data Protection Representative by

• Sending an e-mail to DataRep at datarequest@datarep.com quoting in the subject line, or

• Contacting DataRep on their online webform at www.datarep.com/data-request, or

• Writing to DataRep, Leutschenbachstrasse 95, ZURICH, 8050, Switzerland

If you feel that your data has been handled incorrectly, or you are unhappy with the way we have dealt with your queryregarding the way we use your personal data, you have the right to complain. You should seek advice from the Supervisory Authority in the country that you reside.

If you reside in Turkey please use this information: http://www.kvkk.gov.tr