Developments in the field of technology and the internet have increased the number of e-commerce companies with the emergence of the Covid-19 pandemic. People were forced to close to their homes with the pandemic and began ordering even their most basic necessities, such as food, from online platforms. This situation has led to an increase in demand for e-commerce companies, namely e-commerce sites.
The number of e-commerce sites is increasing day by day with advances in technology and the Internet. In order to make online purchases on almost every e-commerce site, it becomes mandatory to enter basic personal information such as name, surname, telephone number and address on these sites. This is because orders placed on e-commerce sites cannot be delivered without this information. This information can also be used for marketing and advertising purposes through cookies.
This information shared with e-commerce sites for shopping purposes raises many questions about the use of personal data. Users are often concerned about the theft and use of their address and contact information by third parties against it. However, under the Personal Data Protection Law (KVKK), which came into force in 2016, e-commerce companies' responsibilities regarding user data are clearly stated. In addition, Article 10 of the Law No. 6563 on the Regulation of Electronic Commerce contains statements on the protection of personal data.
E-commerce companies are subject to both the articles on the protection of personal data in KVKK and Law No. 6563 within the scope of the protection of personal data. If we briefly summarize the responsibilities of e-commerce companies under KVKK;
E-commerce companies are obliged to prevent unlawful processing of personal data, access and ensure the protection of personal data within the scope of KVKK.
E-commerce companies within the scope of KVKK:
- If the person collecting the data has their information,
-For what purposes the collected personal data will be used,
- To whom and for what purposes the processed personal data may be transferred, and
-Obliged to clearly state the method and legal reason for collecting personal data.
On e-commerce sites, companies are obliged to obtain explicit consent from data subjects, i.e. users, that they provide their information of their choice, such as “I agree” or “do not accept”.
E-commerce companies must specify the purpose for which users' information will be collected and used on e-commerce sites with the disclosure text and privacy policy. In addition, the purposes of the data collected through cookies should be specified.
When the user is informed about cookies, the purposes for which cookies are used and the aspects of how each cookie will be used by which platform should be used must be explained in detail and clearly with the cookie policy. In addition to this information, visitors to the e-commerce site must have the option to accept or reject the cookie policy.
Disclaimer: All rights to any articles and content published belong to Efilli Software. All or part of any content, such as text, audio, video, and even if the source is shown or the active link is provided, cannot be used, published, shared or modified.
