MOTTO DAN. ENG. AND TECHN. LTD. CO.

PERSONAL DATA PROTECTION INFORMATION TEXT

Data Controller Identity
As Motto Danışmanlık Mühendislik ve Teknoloji Ltd. Şti. (the “Company”), registered with the Istanbul Trade Registry Office under number 940522-0 and operating at Orhanlı Mahallesi Derviş Caddesi No: 24 GAT Plaza K: 2, Tuzla, Istanbul, acting as the data controller, we hereby inform you of the following matters within the scope of our obligation to inform you in order to ensure our compliance with Personal Data Protection Law No. 6698 (“Law”) with respect to the personal data we obtain from our customers.

For What Purposes Will Personal Data Be Processed?
Your personal data, consisting of your identity data, contact data, financial data, signature data, visual/audio data, and vehicle data, is processed by the Company in accordance with the basic principles stipulated in the Law. Because you are a Company customer, the Company will process your personal data for the following purposes:

Executing relevant financial processes, including offers, orders, and payments, and ensuring internal company controls;
Executing processes related to magazines, catalogs, and social media accounts to increase product awareness;
Executing field safety processes within the scope of the Company’s physical location security and occupational health and safety;
Managing post-sale product malfunction processes;
Managing product logistics processes;
Executing assembly and post-assembly delivery processes performed at the Company; and
Executing project and licensing processes related to the Company’s products and services.

In addition, your personal data mentioned above may be stored both digitally and physically in the Company’s physical archives, websites, social media account providers, ERP applications, information systems including email servers and camera recording devices located in the United States, and the systems of magazine and catalog companies. To Whom and for What Purposes May Processed Personal Data Be Transferred
Your collected personal data may be transferred to:

The ERP system service provider, due to the Company’s use of the ERP system;
The occupational health and safety company with which we collaborate to ensure field safety within the scope of occupational health and safety;
The email account provider in Finland, for the purpose of managing email system processes through email correspondence with the Company;
The relevant Regional Gendarmerie Command, for the purpose of managing physical location security;
Relevant social media providers (such as YouTube and LinkedIn) and relevant magazine and catalog companies, as well as third parties who may view posts related to these companies, to increase product awareness;
Third-party companies with which we have partnered to manage product assembly and logistics processes;
The Turkish Standards Institute and TÜV Türk, for the purpose of licensing processes;
Cargo companies, for the purpose of creating and tracking cargo shipments. The Company may be transferred to the Company.

Method and Legal Basis for Collecting Personal Data
Your personal data may be processed and transferred by or through the Company, by automatic or non-automatic means, for the purposes specified in Articles 2 and 3 of this Disclosure Statement, for the legal reasons specified in Articles 5 and 6 of the Law, for the establishment or performance of a contract, and for the legitimate interests of the data controller.

Your personal data is collected by the Company from information submitted to you verbally, physically, and electronically in writing, through applications and software used within the scope of the Company’s activities.

Rights of the Personal Data Owner

Pursuant to Article 11 of the Law, customers whose personal data is processed may contact the Company and make requests regarding the following:

To learn whether their personal data has been processed;
To request information regarding their personal data if it has been processed;
To learn the purpose of their personal data being processed and whether we are using it in accordance with these purposes;
To learn the third parties to whom their personal data has been transferred, whether domestically or internationally; To request correction of personal data if it has been processed incompletely or incorrectly;
To request the deletion, destruction, or anonymization of personal data if the reasons requiring processing no longer exist;
To request notification of such data to third parties to whom data has been transferred in such cases or in the event of correction;
To object if they believe that a detrimental result has been produced by the analysis of their processed data exclusively through automated systems;
To request compensation for any damages suffered due to processing in violation of the law.