CONDITIONS OF USE

Login

Welcome to DineWho.

This site has its registered office in Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Kat:4 Office No:405 Şişli/İstanbul, is an initiative of Erik Medya, a company registered with the Kağıthane Tax Office. Your access to this website or your use of any information on this website means that you accept the following terms.

Registrations and Bookings

Dinner registrations open every Tuesday morning for Wednesday of the following week and close on Monday at 23:59. Dinner registrations are only accepted via www.dinewho.com. No email or telephone registrations are accepted.

Evening Meals

Dinners are held every Wednesday at 20.00 and last approximately two hours. The exact address of the restaurant will be communicated on the day of the dinner. We try to choose restaurants where the average price of a meal is between 400 and 1000 TL (excluding drinks) Participants are responsible for their own bills. We reserve the right to make changes to groups a few hours before dinner to ensure the smooth running of the experience. DineWho is not responsible for what happens in the restaurant or the amount of the bill to be paid.

Refunds can be made until 23.59 p.m. on the Monday before the Wednesday before the dinner.

For example, registration for the dinner on Wednesday, 15 May closes at 23.59 on Monday, 13 May. For 15 May tickets to be refunded, the refund request must be sent to iptal@dinewho.com by 23.59 on Monday 13 May.

OTHER CONDITIONS

DineWho is not liable for any direct or indirect damages that may arise due to breach of contract, tort, or other reasons due to accessing this website, using the site or the information and other data, programmes, etc. on the site. DineWho, as a result of breach of contract, tort, negligence or other reasons; does not accept any responsibility for interruption of the transaction, error, negligence, interruption.

DineWho reserves the right to change all kinds of services, products, conditions of using the site and the information provided on the site without prior notice, to reorganise the site, to stop the publication. Changes take effect at the time of publication on the site. These changes are deemed to be accepted with the use of the site or access to the site. These conditions also apply to other linked web pages.

DineWho, as a result of breach of contract, tort, negligence or other reasons; does not accept any responsibility for interruption of the transaction, error, negligence, interruption, deletion, loss, delay of transaction or communication, computer virus, communication error, theft, destruction or unauthorised entry, modification or use of records.

This website may contain links or references to other websites that are not under the control of DineWho. DineWho is not responsible for the content of these sites or any other links they contain.

DineWho is the owner or licensee of the general appearance and design of this website and all information, images, DineWho brand and other trademarks, www.dinewho.com domain name, logo, icon, demonstrative, written, electronic, graphic or machine-readable technical data, computer software, applied sales system, business method and business model on the website, including all materials ("Materials") and all intellectual and industrial property rights related to them and are under legal protection. No Material on the Website, including code and software, may be modified, copied, reproduced, translated into another language, republished, uploaded to another computer, posted, transmitted, presented or distributed without prior permission and without acknowledgement of source. The whole or part of the website may not be used on another website without authorisation. Any behaviour to the contrary entails civil and criminal liability. All other rights of DineWho not expressly stated herein are reserved.

DineWho reserves the right to update the content of this disclaimer page at any time and advises its users to visit the disclaimer page each time they access the website.

MEMBERSHIP AGREEMENT

  1. PARTIES

This Membership Agreement ("Contract"); Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Kat:4 Office No:405 Şişli/İstanbul; DineWho ("The Company.") and the user ("Member.", "Members") between the Member and the mobile application and/or website where DineWho offers this Agreement to the Member ("Platform") to become a member of DineWho and to determine the terms and conditions for DineWho to benefit from other services mentioned in the Agreement.

The Member becomes a member of the Platform under the conditions set forth in the Agreement by approving this Agreement and/or downloading and using the Platform and/or making transactions on the Platform.

  1. RIGHTS AND OBLIGATIONS OF THE PARTIES

2.1. The Member declares and undertakes that the personal and other information provided while becoming a member of the website www.dinewho.com is correct before the law and that the Company will fully and immediately compensate all damages that the Company may incur due to the untruthfulness of this information. In the event that a contrary situation is detected, DineWho shall have the right and authority to partially or completely restrict, block, suspend or terminate the Member's membership.

The Member shall update his/her information immediately in case of any change in his/her information. The Member shall perform these update procedures on the website. My Account will be able to update it from the section.

2.2. The membership account is exclusive to the Member who creates this account; the Member shall not make his/her membership account available to a third party and shall not use the membership accounts of other Members.

2.3. DineWho, in accordance with the Law No. 6563 on the Regulation of Electronic Commerce "electronic commerce intermediary service provider" in accordance with the Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed through These Publications "hosting provider" position. DineWho is not responsible for the authenticity, reliability, accuracy or lawfulness of any visual, written or other content on the Platform, except for the products/services offered for sale by DineWho itself, and DineWho has no obligation to check such content or to investigate whether there is any illegal activity on the Platform.

2.4. The Member accepts, declares and undertakes that he/she will act in accordance with the provisions of this Agreement, the rules of the Platform announced/notified by DineWho in any way, the applicable legislation and the rules of morality in all kinds of business and transactions carried out on the Platform, and that the legal and criminal liability for such business and transactions belongs to him/her.

2.5. The Member is responsible for the completeness and accuracy of all information registered on the Platform, including the username and password information of the Member, updating them on time, completing the deficiencies, and keeping them complete and accurate at all times. It is the sole responsibility of the Member to determine the password of the membership account securely and to change it periodically, to ensure the security of the membership account and the information associated with the membership account, not to share this information with third parties, to protect its confidentiality and to take all necessary measures in this context. The Member accepts, declares and undertakes that DineWho has no liability, including any damages that may arise from the acquisition of this information by third parties. In case of any doubt regarding the use of the password and/or the security of the membership account and password, DineWho has the right and authority to partially or completely restrict, block, suspend or terminate the Member's membership, without prejudice to any claims, lawsuits and follow-up rights.

2.6. The Member accepts, declares and undertakes that the works and transactions carried out by using the user name and password belonging to him/her shall be deemed to have been carried out by him/her, that the responsibility arising from the works and transactions belongs to him/her, that he/she cannot assert any defence and/or objection that he/she did not carry out the works and transactions and/or cannot avoid fulfilling his/her obligations based on this defence or objection and that DineWho shall not have any responsibility in this regard.

2.7. The Member shall use the Platform and the content, materials and elements on the Platform in accordance with this Agreement, the rules of the Platform announced / notified by DineWho in any way, the provisions of the relevant legislation and the rules of ethics, and that the legal and criminal liability that may arise from their contrary use shall belong to them personally, The Member accepts, declares and undertakes that DineWho shall have the right and authority to partially or completely restrict, block, suspend or terminate the Member's membership, without prejudice to any claims, lawsuits and follow-up rights, in the event that DineWho detects a violation at its sole discretion.

2.8. In the following, contrary uses/behaviours are listed by way of sampling:

  • Failure/unwillingness to pay for orders placed at the restaurant during dinner.
  • Behaving in a manner and behaviour that may disturb the participants at the dinner.
  • Any material / moral action that may put the restaurant where dinner will be eaten in a difficult situation.
  • Failure to attend the dinner without any notification before the relevant period despite having made the payment.
  • Any damage to DineWho, the Platform and/or third parties in any way while performing transactions on the Platform,
  • Use of the Platform to create, control, update and/or modify databases, records or directories on behalf of any person;
  • Use of the Platform in whole or in part for the purpose of disrupting, modifying and/or reverse engineering;
  • Making transactions using false information or someone else's information, creating unreal Membership accounts by using false or misleading personal data and using these accounts in violation of this Agreement, the Platform rules announced / notified by DineWho in any way, applicable legislation and / or ethical rules, unauthorised use of another Member's account;
  • Use of any other technology, malware or virus that damages the Platform, the Platform's database, any content on the Platform;
  • Accessing the My Account page via robot or automatic login methods;
  • Engaging in activities that will create unreasonable or disproportionately large loads on the communications and technical systems determined by the Platform or damage the technical functioning; using "screen scraping" software or systems such as automatic programmes, robots, web crawlers, spiders, data mining and data crawling on the Platform; and/or unauthorised copying, publishing or use of all or part of any content on the Platform by any similar process;
  • Failure to take necessary measures, including the use of necessary protective software and licensed products, against any programmes, viruses, software, unlicensed products, trojan horses and other hazards that may damage the Platform;
  • Using the Platform in a way that will adversely affect the Platform experiences of the Members, making attacks on the personality and property rights of other Members.

2.9. The links on the Platform may take the Member to other websites/applications. DineWho does not give any guarantee and commitment regarding the content, accuracy, reliability, security and/or functionality of these websites/applications and is in no way responsible for any damages that may arise from access, use, downloads, sharing and/or changes in terms of these websites/applications.

2.10. DineWho may, at its sole discretion, at any time and without giving any reason, reject membership applications, terminate memberships, or condition the acceptance or continuation of the membership application or the use of the Platform on additional terms and conditions. Changes, additional terms and conditions, provisions, guidelines and policies to be introduced by DineWho after the Member's membership process and to be announced / notified / published in any way will be binding for the Member from the moment of publication without the need for any further notification or approval after their publication on the Platform and the Member will be deemed to have accepted them by continuing to use the Platform / benefit from the services offered through the Platform; However, in the event that the provisions of the relevant legislation order them to be expressly approved by the Member, DineWho shall have the right and authority to restrict, block, suspend or terminate the Member's membership partially or completely unless they are approved by the Member.

2.11. The Member may unilaterally terminate his/her membership at any time without giving any reason. The membership will be terminated by DineWho no later than 72 hours after the Member submits his/her request to close his/her membership account via e-mail to info@dinewho.com. After the Member initiates the procedures to close his/her account and this request is received by DineWho, the account closure request will be finalised in accordance with the rule sets determined by DineWho for the purposes of ensuring account security and preventing abuse. The Member agrees that he/she understands that after the closure of his/her membership account, he/she will not be able to re-use his/her membership account and / or take back the rights and advantages defined under the account and transfer them to various accounts.

2.12. DineWho may, at its sole discretion, partially or completely, permanently or temporarily remove, modify, make paid, update, suspend, stop and/or open additional services on the Platform and/or the services offered through the Platform. DineWho shall have no liability to the Member and/or third parties in relation to the matters listed in this article and other matters of a similar nature.

  1. PROTECTION OF PERSONAL DATA

3.1. DineWho attaches importance to the processing, security and protection of personal data within the scope of this membership agreement in accordance with all kinds of legislation, including KVKK. DineWho processes and shares the personal data obtained during the establishment and execution of this contract, the personal data of the Member, especially for the purposes of providing the services specified in this contract, the formation of the order and the realisation of the delivery, carrying out activities to increase the satisfaction of the Member, ensuring the security of their accounts, fraud, fraud, misuse of the Platform, resolving disputes arising from issues that may constitute an offence within the meaning of the Turkish Penal Code.

3.2. The Member is authorised to use the Disclosure Text on the Protection of Personal Data ("Disclosure Text on the Protection of Personal Data"), which is available under the Platform and is an integral part of this Agreement, about the activities of processing and sharing personal data.Clarification Text") and agrees that he/she understands that he/she can obtain detailed information. The Member agrees that DineWho reserves the right to update the Clarification Text at any time within the framework of changes that may be made in the applicable legislation or company practices.  

3.3. In order to obtain detailed information regarding his/her personal data being processed and to direct his/her rights and requests within the scope of the LPPD, the Member may apply to the Data Controller in a manner to include the mandatory elements specified in Article 5 of the Communiqué on the Procedures and Principles of Application to the Data Controller, through the application methods specified in the Clarification Text or via the e-mail address registered in the membership account kvkk@dinewho.com can apply to DineWho by sending an e-mail to the address.

3.4. With the termination of the membership agreement / closure of the membership account, personal data whose purpose of processing and storage is eliminated is deleted in accordance with the legislation; The personal data of the Member, which must be kept in accordance with the legislation, will continue to be processed by DineWho until the purpose of processing is eliminated.

3.5. DineWho shall take all necessary measures to ensure that such personal data are stored securely in accordance with Article 12 of the KVKK and to prevent unauthorised access and unlawful data processing.

  1. COMMERCIAL ELECTRONIC COMMUNICATIONS

4.1. DineWho may send commercial electronic messages to the Member for the purpose of promoting and marketing its products and services through the electronic mail address registered on the Platform or by making a call to the phone number, sending SMS or sending messages from WhatsApp, if the Member consents to commercial electronic messages. The Member is obliged to keep the e-mail address and telephone number registered on the Platform accurate and up-to-date.

4.2. The Member has the right not to consent to the sending of commercial electronic messages or to withdraw his/her consent. In this context, it may withdraw its consent by the methods listed in accordance with the relevant legislation. Related to the subject info@dinewho.com can reach the address via e-mail.

  1. INTELLECTUAL PROPERTY RIGHTS

All kinds of elements and content related to the Platform and the Platform (all kinds of trade names, works, copyright, invention, patent, trademark, design, graphic, logo, other identifying names and signs, domain name, software, program flow, algorithm, source and object code, program and user interface, data, database, record, code, process, idea, text, animation, clip, music, video, photograph, picture, figure, drawing, image, trade dress, slogan, screen, know-how, project, concept, programme, application, including but not limited to) ("DineWho Contents") and all rights in connection therewith (including but not limited to intellectual and industrial property and proprietary rights) belong to DineWho. Any content, including but not limited to personal information, photos, videos, ideas, expressions, comments and correspondence shared by other Members through the Platform ("Other Member Content") belongs to the Member who shares them through the Platform, without prejudice to DineWho's full licence thereof. Creating a membership account, authorising the Member to access the Platform, to use the Platform and/or to benefit from the services offered through the Platform and/or any provision under this Agreement does not mean that the Member is granted any rights regarding the Platform, DineWho Content and/or Other Member Content. In this context, the Member may not use, quote, copy, reproduce, modify, reverse engineer, decompile (decompile) the Platform, DineWho Content and/or Other Member Content in whole or in part, directly or indirectly, except for the intended use of the Platform, backing up, transmitting, storing, processing, selling, sharing, disseminating, distributing, renting, lending, adapting, transferring or subjecting to any other business, transaction or disposition and/or encouraging and/or facilitating the same is strictly prohibited. The Member agrees that he/she shall be liable to indemnify DineWho and/or third parties for any damages that may arise in the event that he/she violates the prohibition under this article. In this case, DineWho also has the right and authority to partially or completely restrict, block, suspend or terminate the Member's membership, without prejudice to any claims, lawsuits and follow-up rights.

  1. CONTRACT MODIFICATIONS AND WAIVER

6.1. DineWho may, at its sole discretion, unilaterally change this Agreement and any policies and rules, terms and conditions contained in the Platform at any time it deems appropriate, by announcing/notifying by any means. Unless otherwise stated by DineWho, the amendments and additions shall become effective on the date they are announced/notified and/or published on the Platform without the need for further approval, and the remaining provisions shall remain in full force and effect and shall continue to give rise to their provisions and consequences; the Member shall be deemed to have accepted these amendments and additions by continuing to use the Platform / benefit from the Services. DineWho recommends that Members visit the Membership Agreement page before each transaction they will make on the Platform. DineWho may restrict, block, suspend or terminate the Member's membership partially or completely if the relevant legislation provisions order the changes to be expressly approved by the Member and the changes are not approved by the Member.

6.2. Waivers not signed by DineWho are not valid. DineWho's failure to exercise, in whole or in part, any of its rights under the Agreement, its failure to require the Member to comply with any term or condition of the Agreement and/or its waiver of any breach by the Member shall not be construed as a waiver of any subsequent breach or restrict the subsequent performance of any such term or condition.

  1. FORCE MAJEURE

Employer-employee disputes including riots, embargo, state intervention, rebellion, occupation, war, mobilisation, strikes, lockouts, labour actions or boycotts, cyber-attacks, communication problems, infrastructure and internet failures, improvement or renewal works related to the system and failures that may occur for this reason, power failure, fire, explosion, storm, flood, earthquake, migration, epidemic or other natural disaster, bad weather, changes in legislation, decisions taken by the competent authorities, or other events beyond DineWho's control, which are not due to its fault and cannot be reasonably foreseen ("Force Majeure") prevents or delays DineWho from performing its obligations under this Agreement, DineWho shall not be held liable for any obligations whose performance is prevented or delayed as a result of Force Majeure and this shall not be considered a breach of this Agreement.

  1. MISCELLANEOUS PROVISIONS

8.1. The Member accepts, declares and undertakes that in disputes that may arise from this Agreement, DineWho's official books and commercial records, e-archive records kept in its own database, servers, electronic information and computer records, including all kinds of records and documents available with DineWho shall constitute binding, conclusive and exclusive evidence and that this article is an evidential contract within the meaning of Article 193 of the Code of Civil Procedure No. 6100.

8.2. The Law of the Republic of Turkey shall prevail in the interpretation and implementation of this Agreement. Istanbul Central (Çağlayan) Courts and Enforcement Directorates are authorised to settle any disputes that may arise from this Agreement.

8.3. This Agreement constitutes the entire agreement between the Parties with respect to the subject matter hereof and the invalidity, illegality and unenforceability of any provision of this Agreement or any statement contained herein shall not affect the force and effect of the remaining provisions of this Agreement.

8.4. The Member may not transfer or assign this Agreement and/or its rights, interests and/or obligations arising from this Agreement to third parties in any way without the prior written consent of DineWho. Any assignment or transfer made without the prior written consent of DineWho shall be void. However, DineWho may transfer and assign this Agreement and/or its rights, interests, receivables and/or obligations arising from this Agreement to its parent companies, subsidiaries, affiliates, business partners and/or third parties without obtaining the prior written consent of the Member. 

8.5. All rights and powers of DineWho pursuant to the terms and conditions of this Agreement and the provisions of the relevant legislation are of a nature that can be used together; in other words, the exercise of any right or power of DineWho pursuant to the terms and conditions of this Agreement and the provisions of the relevant legislation does not in any way prevent DineWho from exercising any other right and/or power.

8.6. The Parties accept, declare and undertake that in case of any conflict between the versions of this Agreement in different languages and this version, the provisions of this Agreement shall apply to the relationship between them.  

8.7. Consisting of 8 (eight) articles, this Agreement has been approved electronically by the Member by reading and fully understanding each provision. This Agreement has entered into force indefinitely as of the moment of approval.

DISCLOSURE TEXT ON COOKIES

As DineWho (Erik Medya initiative) ("Company"); the confidentiality and security of your personal data is among our top priorities. In this context, we would like to inform you about your personal data in order to fulfil our disclosure obligation arising from Article 10 of the Personal Data Protection Law No. 6698 ("KVKK"). Personal data means any information that makes your identity specific or identifiable.

The website you are visiting ("Website"), which belongs to the Company, is a site that uses cookies. Cookie; It is a small text file of low size, mostly consisting of letter and number combinations, which allows the device in question to be detected by being stored on the terminal devices being used.

The purpose of this Clarification Text on Cookies is to provide you with information about what types of cookies we use for what purposes and how you can manage these cookies regarding the processing of your personal data obtained automatically through the placement of cookies used on our Website on your terminal devices.

  1. WHAT TYPES OF COOKIES ARE USED BY THE COMPANY?

It is possible to classify the types of cookies into three categories: cookies according to their intended use, cookies according to their duration and cookies according to their parties.

1.1. Cookies by Purpose of Use

As a company, we use four types of cookies according to their intended use. These are: Performance Identification (Analytical) Cookies, Targeting Cookies, Functional Identification Cookies and Mandatory Identification (Strictly Necessary) Cookies. In the mobile application, the SDK (Software Development Kit) of the relevant application is used instead of cookies. (All mobile applications and/or websites of our company will be referred to as "Platform" together).

1.1.1. Performance Identification (Analytical) Cookies: These cookies help us monitor visits and traffic so that we can measure and improve the performance of the Website; learn which pages are the most and least popular and see how customers navigate the site. All information collected by these cookies is anonymised. If you do not allow these cookies, it cannot be known when you visit our site and your performance cannot be monitored. For example Tracking your click frequency.

1.1.2. Cookies for Targeting Purposes: These cookies are used to offer products for your preferences and interests and can be set by our advertising partners from the Website. In this way, targeting cookies can be used by our advertising partners to create a profile of your interests and to show relevant advertisements on other sites. Targeting cookies do not directly store your personal data; however, they allow your browser and internet device to be identifiable. If you do not allow targeting cookies, you will be less likely to encounter targeted advertisements. For example Identifying the pages you visit frequently and providing you with personalised service/product recommendations.

1.1.3. Functional Cookies: These cookies allow the Website to offer enhanced functionality and personalisation. Functional identification cookies may be set by the Company or by third party providers to whom we add our services to our pages. If you do not allow functional identification cookies, some or all of these services may not function properly. For example: Settings you make regarding your language preferences.

1.1.4. Mandatory Identification (Strictly Necessary) Cookies: These cookies are cookies that are mandatory for the operation of the Website and cannot be switched off by our systems. Mandatory identification cookies are used compulsorily in order to fulfil an information society service requested by the user (for example; log-in, form filling, remembering privacy preferences). You can set your browser to block or warn you about mandatory cookies; however, in this case, some parts of our website will not function properly.

1.2. Cookies according to their duration

As a company, we use two types of cookies according to their duration. These are session cookies and persistent cookies.

1.2.1. Session (session - non persistent) Cookies: The session cookie, also called temporary cookie, is used by the Company to ensure the continuity of the session. When you close your internet browser, session cookies are also deleted automatically. For example Determining that you are visiting the Website for the first time.

1.2.2. Persistent Cookies: Persistent cookies, which are not automatically deleted when the Internet browser is closed, are automatically deleted on a certain date or after a certain period of time. For example To ensure that you do not re-enter the login information each time you log in to your account on the Website.

1.3. According to the parties:

1.3.1. First Party Cookies
It is placed directly on the device by the Website visited or the Company.

1.3.2. Third Party Cookies
Cookies placed on the device by a third party, such as an advertiser or analytical system in cooperation with the Company.

The types of cookies used may also vary depending on the browser you access the Website. You can access detailed and up-to-date information about the types of cookies used by the Company (cookie name, cookie type, purpose of cookie use and cookie duration) via the "Cookie Preferences" button at the bottom of the main page of the Website.

  1. LEGAL REASON FOR THE USE OF COOKIES BY THE COMPANY AND THE PURPOSES OF USE OF COOKIES

The Company has included the name and intended use of each cookie in the table on the screen you will access via the "Cookie Preferences" button at the bottom of the main page of the Website. The Company processes your personal data for the purposes specified in the table in question, based on the reasons for compliance with the law specified in Article 5 of the KVKK and given below. Your personal data collected through cookies;

  • Based on the legal reason that it is necessary to process your personal data, provided that it is directly related to the establishment or performance of the contract; In order to perform basic functions with mandatory identification cookies to enable you to benefit from the services offered by the Platform,
  • Based on the legal reason that data processing is mandatory for the establishment, exercise or protection of a right; Personal data processed through all types of cookies used on the Platform, for the purpose of conducting legal and litigation affairs in the event of a legal dispute or if public institutions request information,
  • Based on the legal reason that data processing is mandatory for the legitimate interests of our company, provided that it does not harm fundamental rights and freedoms; In order to carry out activities to develop and improve the performance and functionality of the Platform and to ensure ease of use of the Platform,
  • Based on the legal reason of your explicit consent; Performance Identification Cookies, Targeting Cookies and Functional Identification Cookies are used to improve your shopping experience, to provide our services and to make special promotion for you, to offer promotions and marketing offers, to improve the content of the Website or mobile application according to you and / or to determine your preferences, to carry out activities to increase your satisfaction.
  1. TO WHOM AND ON WHAT LEGAL GROUNDS AND FOR WHAT PURPOSES DOES THE COMPANY TRANSFER YOUR PERSONAL DATA COLLECTED THROUGH COOKIES?

The Company takes care to process your personal data collected through cookies in accordance with the "need to know" and "need to use" principles in accordance with the provisions of the KVKK on the transfer of personal data, by complying with the principle of data minimisation and taking the necessary technical and administrative security measures.

The Company may use cookies to activate "advertising technology" in order to provide you with advertisements that it thinks may be of interest to you when you visit search engines, the Website, the mobile application and/or the websites advertised by the Website. Advertising technology uses information about your previous visits to the Website / mobile application and the websites / mobile applications advertised by the Website in order to provide you with special advertisements. When serving these advertisements, a unique third-party cookie may be placed in your browser so that the Website can recognise you. Personal data obtained through such third-party cookies may be shared with the relevant social media channels if you log in to the Company through social media channels. The Company also uses Google Analytics, a web analytics service provided by Google Inc. Google Analytics uses cookies to analyse how users use the Website, mobile application and/or mobile site with statistical information/reports. For more information about the use of Google Analytics (including refusal options), here you can visit the address.

The Company may share your personal data with its Suppliers and Service Providers for the purposes of improving its services by customising them to you and carrying out the cookie management process in accordance with your cookie preferences.

  1. HOW CAN YOU CONTROL THE USE OF COOKIES?

You can manage your cookie preferences by switching the buttons on the cookie management panel on or off according to your preference from the "Manage Consent Preferences" section you encounter when you press the "Settings" button on the cookie wall that appears when you visit the Company Website. It is recommended that you refresh the page to activate your settings.

You can always check your cookie preferences via the "Cookie Preferences" button at the bottom of the main page of the Website and the cookie management tool and make changes to your cookie preferences.

Since the use of mandatory cookies is essential for the operation of our site, you do not have the ability to manage this type of cookie.

You can also manage your cookie preferences using the methods below:

Google Chrome : You can allow or block cookies from the "cookies" tab by clicking the "lock sign" in the address section of your browser.
Internet Explorer : You can manage cookies as "allow" or "do not allow" by clicking the security tab in the "Tools" section at the top right of your browser.
Mozilla Firefox : Click on the "open menu" tab in the upper right corner of your browser. You can manage cookies using the "Privacy and Security" button by clicking the "Options" image.
Opera : You can manage cookies from the "cookies" section by selecting "Advanced" in the "Preferences" section of your browser.
Safari : You can select the "safari" tab from the "Settings" section of your phone and manage all your cookies from the "Privacy and Security" section.

In addition to the above options; to have information about all cookies and for cookie management: https://www.allaboutcookies.org, https://www.youronlinechoices.eu/ or you can use the "Privacy Badger" application (https://www.eff.org/tr/privacybadger). If you reject persistent cookies or session cookies, you may continue to use the Website, mobile application and mobile site, but you may not be able to access all functions of the Website, mobile application and mobile site or your access may be limited.

  1. HOW DOES THE COMPANY PROTECT YOUR PERSONAL DATA?

Personal data shared with the Company are under the supervision and control of the Company. The Company has assumed the responsibility as the data controller to establish the necessary organisation and to take and adapt technical measures in order to protect the confidentiality and integrity of the information in accordance with the provisions of the relevant legislation in force. Being aware of our obligation in this regard;

  • Penetration tests are carried out periodically in accordance with international and national technical standards on data confidentiality.
  • Your personal data that you transmit to the Company through the Website, mobile site and mobile application are protected using SSL (Secure Sockets Layer) technology.
  • Risk analyses are regularly conducted regarding personal data processing activities and actions are taken to mitigate risks.
  • Access and authorisation controls are implemented to prevent unauthorised access to personal data.
  • Data processing policies are updated at regular intervals.
  1.  CONTACT FOR YOUR RIGHTS AND DEMANDS

You can send your questions about your personal data and your rights and requests under Article 11 of the KVKK to the e-mail address with the extension kvkk@dinewho.com via your e-mail address linked to your membership registered in our system with a petition prepared in accordance with the conditions specified in the Communiqué on the Procedures and Principles of Application to the Data Controller or with the "DineWho Application Form". Application Form from here you can reach.

In addition, you may apply to the Data Controller with a petition organised in accordance with the conditions specified in the Communiqué on the Procedures and Principles of Application to the Data Controller or with the "DineWho Application Form" to Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Kat:4 Office No:405 Şişli/İstanbul in person or through a notary public or by signing with Secure Electronic Signature or Mobile Signature to our Registered Electronic Mail (KEP) address (ozan.corumlu@hs02.kep.tr). It is obligatory for the Relevant Persons who will apply in this way to submit documents to prove their identity.

ABOUT THE CLARIFICATION TEXT

The Company reserves the right to update this Clarification Text on Cookies at any time within the framework of changes that may be made in the legislation in force.

Updated Date: 15/04/2024

CLARIFICATION TEXT ON THE PROTECTION OF PERSONAL DATA

As DineWho ("Company"); the confidentiality and security of your personal data are among our top priorities. Our Company processes your personal data in accordance with the regulations of the Personal Data Protection Law No. 6698 ("KVKK"). Your personal data means any information that makes your identity specific or identifiable.

On the mobile applications and/or websites of our Company (collectively referred to as "Platform") from the services provided (collectively referred to as "Platform Services") by accepting the Membership Agreement in order to benefit from "Platform Member", we would like to inform you about your personal data processed in the event that you are a "data subject".

Which personal data are processed by our company?

If you are a Platform Member, the following personal data are processed.

  • Your User Account Information: your first name, surname, customer number, membership e-mail address and telephone number if added to your user information, gender, date of birth. (also all questions from our personality test)
  • Your Customer Transaction Details: your order and invoice information, your transaction history information about your purchases, your request and complaint information, your Platform usage information, the information you personally share in your comments and questions in case you make comments and / or ask questions about the products on the Platform, information about the content of conversations via WhatsApp,
  • Payment Information: Your information regarding the payments made by you and payment methods, 
  • Your Transaction Security Information: your device information, IP address information, password and password information, cookie information, platform access logs, login method (via Google/Facebook),
  • Legal Action Information: information in correspondence with authorised persons, institutions and organisations, information in lawsuits and enforcement files, your legal information request information,

What are the legal reasons, purposes and collection methods of processing your personal data?

Your personal data are collected by our Company through fully or partially automated or non-automated means, provided that they are part of any data recording system, electronically through the mobile application or websites where the Platform Service you benefit from of our Company within the scope of our membership agreement; When you contact live help, call centre or e-mail channels, it is collected electronically through the channel you contact and physically if it is transmitted to our Company via printed forms, notification, mail or notified by legal authorities. Our Company processes your personal data for the purposes listed in the table below and on the basis of the following reasons for compliance with the law specified in Article 5 of the KVKK.

Your Personal Data Processed by Our Company Legal Reasons for Processing Your Personal Data Our Company's Purposes of Processing Your Personal Data
Your User Account Information, Customer Transaction Information,  Explicit consent. Carrying out marketing, advertising and promotional activities, providing you with special advantageous offers, carrying out activities to increase your satisfaction by getting to know you better and sending commercial electronic messages within this scope.
Your User Account Information, Customer Transaction Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information,  It is clearly stipulated in the laws. 6563 Law on the Regulation of Electronic Commerce, Turkish Commercial Code No. 6102, Turkish Criminal Code No. 5237 and Law No. 6502 on the Protection of Consumers, to fulfil the obligations arising from the legislation to which our Company is subject, to carry out the Platform activities in accordance with the legislation, to fulfil the obligations of data sharing and preservation by our Company in accordance with our obligations arising from the legislation.
Fulfilment of our company's legal obligations. Fulfilling the legal obligations specified in the secondary legislation to which our Company is subject and/or in the decisions, guidelines and guides published by the competent authorities, especially the Regulation on Distance Contracts and the Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce, carrying out the procurement processes of the product or service groups on the Platform, informing the authorised persons, institutions and organisations, ensuring that the activities are carried out in accordance with the legislation, following and carrying out legal affairs, carrying out financial and accounting affairs.
Your User Account Information, Your Transaction Security Information. It is necessary for the establishment of our membership agreement between you and us. Carrying out the processes for the establishment of the membership contract, managing the processes of creating and closing the Platform Member profile, ensuring the security of the operations related to the Platform.
Your User Account Information, Customer Transaction Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information,  It is necessary for the performance of our membership agreement between you and us. Carrying out the processes for the establishment and execution of the membership agreement, carrying out the activities for the realisation of your purchase transactions through the Platform, carrying out and auditing the business activities of the Company, carrying out information security processes and conducting examinations for suspicious transactions, ensuring the security of operations regarding the Platform.
     
Your Payment Information, User Account Information, Customer Transaction Information It is necessary for the performance of our membership agreement between you and us. Execution and supervision of finance and accounting processes, execution of invoicing processes.
Delivery Information, User Account Information, Customer Transaction Information. It is necessary for the performance of our membership agreement between you and us. Tracking the delivery processes of the product you ordered, carrying out logistics activities.
Your User Account Information, Customer Transaction Information It is necessary for the performance of our membership agreement between you and us. Carrying out communication activities, evaluating requests, complaints and suggestions regarding our products and services, carrying out support activities for your orders, carrying out after-sales support services for goods and services.
Your Transaction Security Information, User Account Information, Customer Transaction Information. It is necessary for the performance of our membership agreement between you and us. Carrying out information security processes and examining suspicious transactions, ensuring the security of operations related to the Platform.
Your User Account Information, Customer Transaction Information, Delivery Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information,  Processing for the establishment, use or protection of a right. Conducting legal and litigation affairs, responding to your legal requests, examining and responding to your applications duly made as the relevant person, resolving legal disputes, sharing information with authorised persons, institutions and organisations upon request.
Your User Account Information, Customer Transaction Information, Order Information, Transaction Security Information, Legal Transaction Information,  It is mandatory for the legitimate interest of our company. Ensuring that you can quickly and easily access products that are suitable for your preferences and interests, providing a better user experience in service transitions between Platform Services of our Company, developing and improving our user experience, improving our service quality, conducting analysis and reporting studies, ensuring the security of Platform Service operations.
Your User Account Information. It is mandatory for the legitimate interest of our company. Providing a better user experience in service transitions between our Company's Platform Services.

To whom and for what reasons does the company transfer your personal data?

Our company takes care to process your personal data in accordance with the principles of "need to know" and "need to use", by ensuring the necessary data minimisation and taking the necessary technical and administrative security measures. Since the execution or supervision of business activities, ensuring business continuity, and the operation of digital infrastructures necessitate continuous data flow with different stakeholders, we are obliged to transfer the personal data we process to third parties for certain purposes. In addition, it is very important that your personal data is accurate and up-to-date in order for us to fulfil our contractual and legal obligations fully and properly. For this purpose, we have to work with various business partners and service providers.

Our company shares your personal data with the relevant recipient groups to the extent necessary for the purposes listed in the table below and based on the reasons for compliance with the law:

Your Personal Data Shared by Our Company Recipient Groups to whom Your Personal Data is Transferred Legal Reasons for Sharing Your Personal Data Our Company's Purposes of Sharing Your Personal Data
Your User Account Information, Customer Transaction Information Affiliates, service providers and business partners. Explicit consent. Carrying out marketing, advertising and promotional activities, offering you special advantageous offers, carrying out activities to increase your satisfaction by getting to know you better.
Your User Account Information, Customer Transaction Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information Regulatory and supervisory bodies and authorised public institutions and organisations such as courts and enforcement offices. It is clearly stipulated in the laws. Fulfilment of the obligations arising from the legislation to which our Company is subject and execution of the Platform activities in accordance with the legislation.
Fulfilment of our company's legal obligations. Providing information to authorised persons, institutions and organisations, ensuring that activities are carried out in accordance with the legislation, following and conducting legal affairs, carrying out financial and accounting affairs.
Processing for the establishment, use or protection of a right. The exercise and protection of a right in the event of a legal dispute.
Your User Account Information, Customer Transaction Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information Lawyers, auditors, tax consultants, forensic experts, cyber security consultants, our group companies, subsidiaries, other third parties and business partners from whom we receive consultancy and services. Processing for the establishment, use or protection of a right. Carrying out the audit activities of our company, carrying out legal counselling processes, ensuring the security of company operations, examining suspicious transactions.
It is necessary for the conclusion or performance of the contract.
Your User Account Information, Customer Transaction Information, Payment Information. With the seller or service provider of the product you want to buy. It is necessary for the conclusion or performance of the contract. Ensuring that you benefit from the Platform Services, establishment and execution of the membership agreement, execution of invoicing processes, execution of purchasing processes.
Your User Account Information, Customer Transaction Information, Payment Information. With the seller or service provider of the product you want to buy. Fulfilment of our company's legal obligations. 6563 Law on the Regulation of Electronic Commerce, Turkish Commercial Code No. 6102, Law No. 6502 on Consumer Protection, Regulation on Distance Contracts and Regulation on Service Providers and Intermediary Service Providers in Electronic Commerce, especially the fulfilment of the obligations arising from the legislation to which our Company and our seller you purchase products are subject.
     
      Execution of logistics activities and follow-up of delivery processes.
Your User Account Information, Customer Transaction Information, Order Information,  Our business partners offering call centre services, our service providers providing customer support services. It is necessary for the conclusion or performance of the contract. Providing goods and services sales and after-sales support services, ensuring customer satisfaction, meeting customer demands and complaints.
Your User Account Information, Customer Transaction Information, Order Information, Transaction Security Information, Legal Transaction Information,  Our business partners, group companies, subsidiaries, private integrators, technology companies, business partners and service providers that provide independent audit, customs, financial advisor/accounting services. It is necessary for the conclusion or performance of the contract. Controlling the quality of the products and services offered by our Company, carrying out activities for the development and improvement of the products and services offered by our Company, risk identification and analyses, procurement of information, technology and software services, quality control, complaint management and risk analysis of services.
It is mandatory for the legitimate interest of our company.
Your User Account Information, Customer Transaction Information, Order Information, Payment Information, Transaction Security Information, Legal Transaction Information. Our business partners, consultants and service providers, banks, e-invoice business partners, private integrators, independent auditors, customs, financial advisors/accounting service providers. Fulfilment of our company's legal obligations. Execution of invoicing processes, sending e-invoice to the customer electronically, physical contract or invoice delivery, management of financial and accounting processes, detection and evaluation of risks, prevention of frauds.

How Does the Company Protect Your Personal Data?

Personal data shared with the Company are under the supervision and control of the Company. The Company has assumed the responsibility as the data controller to establish the necessary organisation and to take and adapt technical measures in order to protect the confidentiality and integrity of the information in accordance with the provisions of the relevant legislation in force. Being aware of our obligation in this regard;

  • Penetration tests are carried out periodically in accordance with international and national technical standards on data confidentiality.
  • Your personal data that you transmit to the Company through the website, mobile site and mobile application are protected using SSL (Secure Sockets Layer) technology.
  • Risk analyses are regularly conducted regarding personal data processing activities and actions are taken to mitigate risks.
  • Access and authorisation controls are implemented to prevent unauthorised access to personal data.
  • Data processing policies are updated at regular intervals.

Your Rights Regarding the Protection of Your Personal Data

By applying to our Company by the methods specified in the "Contact for Your Rights and Requests" section of this disclosure text,

  • To learn whether your personal data is being processed,
  • If processed, to request information about it,
  • To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
  • Knowing the third parties to whom it is transferred domestically or abroad,
  • To request correction of personal data in case of incomplete or incorrect processing,
  • To request the deletion or destruction of your personal data within the framework of the conditions stipulated in the KVKK,
  • To request notification of the actions taken pursuant to your rights to rectification, deletion and destruction mentioned above to third parties to whom personal data have been transferred,
  • To object to the occurrence of a result against you by means of analysing your processed personal data exclusively with automated systems,
  • You have the right to demand compensation for your damages in case you suffer damage due to the processing of your personal data in violation of the relevant legislation.

Contact for your rights and requests

You can submit your questions and requests regarding your personal data with a petition organised in accordance with the conditions specified in the Communiqué on the Procedures and Principles of Application to the Data Controller or with the "DineWho Application Form" by the following methods. Application Form from here you can reach.

Application Method Application Address
Written Application in Person Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Floor:4 Office No:405 Sisli/Istanbul
Notary Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Floor:4 Office No:405 Sisli/Istanbul
Registered Electronic Mail (KEP) by Signing with Secure Electronic Signature or Mobile Signature ozan.corumlu@hs02.kep.tr
From your e-mail address previously notified to our Company and registered in the system kvkk@dinewho.com

*It is obligatory for the Relevant Persons who will apply for the "Written Application in Person" to submit documents to prove their identity. In this context, Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Kat:4 Office No:405 Şişli/İstanbul, we kindly request that only the front side of the identity card photocopy (so that the blood group and religion section is not visible) be submitted together with the application form.

**In the notification envelope of the application form or in the subject line of the e-mail, write "Personal Data Protection Law Relevant Person Request" should be written.

As personal data owners, if you submit your requests regarding your rights to the Company, the Company will finalise your request free of charge within 30 (thirty) days at the latest. However, if the response to your application requires a cost in accordance with the legislation, the Company may charge the fee in the tariff determined by the Personal Data Protection Board.

About the Clarification Text

The Company reserves the right to update this Clarification Text on the Protection of Personal Data at any time within the framework of changes that may be made in the legislation in force.

Updated Date: 15.04.2024

DISTANCE SALES CONTRACT

  1. PARTIES

1.1. Seller (Service Provider):

Erik Media 

Address Kuştepe Mah. Mecidiyeköy Yolu Cad. No:12 Trump Tower Floor:4 Office No:405 Şişli/Istanbul

Telephone: 0 (212) 909 29 48

Email: info@dinewho.com

Website: www.dinewho.com

1.2. Buyer (Customer):

[Name-Surname/Company Name]

[Address]

[Telephone]

[Email]

  1. SUBJECT

This agreement sets out the terms and conditions for the Client's use of the dinner organisation and other services provided by the Seller.

  1. SERVICES

The vendor enables the users who join DineWho as a free member to meet and introduce the groups by making reservations at contracted restaurants after the users fill in the personality test that matches/groups the users with an artificial intelligence supported algorithm and purchase tickets on the website www.dinewho.com.

It is aimed to have 6 people at each table at dinner, but for any reason this number may not be met and there may be a deviation of +2, -2 in the number of people in the group.

  1. PRICING AND PAYMENT

A dinner ticket at DineWho is 359 TL including VAT and payments can only be made on www.dinewho.com and by credit/debit card. Members who purchase a dinner ticket are obliged to pay for the order placed at the restaurant where they will have dinner. 359 TL DineWho dinner ticket price does not include the dinner to be eaten in the restaurants. 

  1. RETURN AND CANCELLATION CONDITIONS

Purchased tickets can be returned until 23.59 on Monday of the relevant week.

For example, registration for the dinner on Wednesday, 15 May closes at 23.59 on Monday, 13 May. For 15 May tickets to be refunded, the refund request must be sent to iptal@dinewho.com by 23.59 on Monday 13 May.

Refunds are made to the paid credit card/debit card and are completed within 1 to 3 business days for credit cards and 7 to 14 business days for debit cards (depending on banks).

If the ticket purchase is made by credit card and in instalments, the credit card refund procedure will be applied as follows:

If the buyer has requested to purchase the ticket in how many instalments, the Bank reimburses the buyer in instalments.

  1. PRIVACY AND SECURITY

All communication and data sharing between the parties will be kept confidential and security measures will be taken.

Our safety page from here you can visit

  1. DURATION

The service period will be determined between the parties and may be extended if necessary.

  1. DISPUTE RESOLUTION

The Law of the Republic of Turkey shall prevail in the interpretation and implementation of this Agreement. Istanbul Central (Çağlayan) Courts and Enforcement Directorates are authorised to settle any disputes that may arise from this Agreement.

This Distance Service Agreement has been accepted by mutual agreement between the parties.

Seller (Service Provider):

[Name-Surname/Company Name]

History [Date]

Buyer (Customer):

[Name-Surname/Company Name]

History [Date]

RETURN AND CANCELLATION CONDITIONS

Dinner registrations open every Tuesday morning for Wednesday of the following week and close on Monday at 23:59. Dinner registrations are only accepted via www.dinewho.com. No email or telephone registrations are accepted.

Refunds can be made until 23.59 on the Monday before the Wednesday before the dinner. The countdown timer on our homepage is set accordingly.

For example, registration for the dinner on Wednesday, 15 May closes at 23.59 on Monday, 13 May. For 15 May tickets to be refunded, the refund request must be sent to iptal@dinewho.com by 23.59 on Monday 13 May.

Refunds are made to the paid credit card/debit card and are completed within 1 to 3 business days for credit cards and 7 to 14 business days for debit cards (depending on banks).

If the ticket purchase is made by credit card and in instalments, the credit card refund procedure will be applied as follows:

If the buyer has requested to purchase the ticket in how many instalments, the Bank reimburses the buyer in instalments.

INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

PURPOSE

The purpose of this policy is to define the information security approach and objectives of the Senior Management regarding the law, legal, regulatory or contractual obligations, all kinds of Information Security Management System requirements of internal and external parties, and to inform all employees and related parties of these objectives.

The Information Security Policy outlines the principles of corporate information security. The Information Security Policy makes arrangements for the secure realisation of information and processing methods in the organisation.

This policy covers all employees and information assets within the scope of the Information Security Management System (ISMS).

RESPONSIBLE

  • The Information Security Board ensures that the Information Security Policy is announced to all employees and relevant third parties.
  • This policy is periodically reviewed by the Information Security Board once a year or when deemed necessary.
  • This policy covers all employees, information assets and related third parties within the scope of [ISO/IEC 27001:2013] ISMS.

DEFINITIONS AND ABBREVIATIONS

Information Security Management System (ISMS):

Management system based on business risk approach to establish, realise, operate, monitor, review, maintain and improve information security.

Information Asset: These are the assets containing information that the organisation has, which are necessary for it to carry out its business without interruption, and which it is obliged to protect.

Confidentiality: Ensuring that only authorised persons have access to information.

Integrity Ensuring the preservation of the accuracy and completeness of the assets.

Accessibility: Accessibility and availability when requested by an authorised entity.

INFORMATION SECURITY POLICY

Senior Management Commitment

DineWho Senior Management undertakes to do what is necessary for the realisation, operation, monitoring, review, maintenance and improvement of information security.

DineWho adopts the following principles regarding information security management;

  • It attaches importance to ensuring the security of its activities regarding the products and services it offers to its customers and stakeholders.
  • It is aimed that all business processes are integrated, harmonised and balanced with each other. Integrated and dynamic business strategy ensures the security of information assets and necessitates its continuity.
  • It adopts the principle of taking measures against risks that may threaten the confidentiality, integrity and accessibility of its products and services that provide value to its customers and stakeholders.
  • Information security targets in line with this policy and the purpose of the organisation are determined and compliance is measured at regular intervals and continuous improvement opportunities are evaluated.

Information Security Policy

Information security is possible by ensuring the confidentiality, integrity and accessibility of information assets.

Knowledge;

  • Confidentiality requirement, that the information is only accessible to authorised persons,
  • Integrity requirement, ensuring the completeness and accuracy of information assets and protecting them from unauthorised changes,
  • The requirement of accessibility refers to the availability of information assets to authorised users when needed.
  • DineWho establishes principles to regulate its own corporate functioning in order to ensure information security. Determining the Information Security Policy, defining security roles and making all relevant updates are carried out with the support of the Senior Management and the coordination of all units. The organisation may seek the opinion of internal and external experts when necessary.
  • Information assets are appropriately classified in the organisation. Assets are valued and their value is calculated to develop an appropriate level of control.

Instructions: Necessary instructions are prepared in order to ensure that the system can be operated properly, that the operation is subject to general rules, auditable, repeatable and improvable.

Risk Assessment and Risk Processing: The process of risk assessment and the preparation and implementation of an appropriate risk handling plan is a continuous process.

Intellectual Property Rights: DineWho employees may not use products, software, services or systems that carry intellectual property rights without permission from the owner or without a licence to use.

Education: All personnel and, where appropriate, third party personnel are provided with the necessary training on relevant policies, instructions and processes and information security awareness training. The trainings are repeated after possible changes and updates are realised in the whole of the rules covered by the training.

Legal Compliance: DineWho carries out all necessary work to provide services in accordance with the published laws, regulations and communiqués related to its field of activity.

Business Continuity: The ISMS Committee determines the business continuity principles and ensures that a Business Continuity Plan is created for the realisation of business continuity principles and kept up to date according to changing conditions. The roles and responsibilities related to the current Business Continuity Plan are specified in the Business Continuity Plan. General principles regarding business continuity are included in the Business Continuity Policy.

Continuous Improvement: DineWho continuously improves the Information Security Management System using the information security policy, audit results, analysis of monitored information security incidents, corrective and preventive actions and management reviews.

Information Security Organisation: Information security organisation is determined by the Senior Management and its implementation is monitored. Teams, roles and responsibilities related to information security are specified in the Roles and Responsibilities document. All personnel within the scope are responsible for working in accordance with the responsibilities described in this document.

  • Critical decisions regarding information security are taken, approved and reviewed by the Information Security Board.
  • Security roles related to the protection of assets and the realisation of the policy are assigned to the staff of the organisation. Attention is paid to the necessary supervision for new and inexperienced users who are authorised to access sensitive systems. Employees are made aware of their responsibilities.
  • All staff are responsible for assigning the values of the assets they own.
  • All staff are responsible for overseeing the security of the organisation's assets.
  • Risk assessment and risk processing should be carried out when necessary after possible additions and deletions in assets. The Information Security Board is notified for this process.
  • Security problems and deterioration are immediately reported to the Information Security Board. A reported security problem is handled as a priority. Problems arising from software problems are handled in the same way. It is ensured that the same problems are not experienced again by taking lessons from security problems reported in the past.
  • All personnel are obliged to comply with the principles regarding the creation, processing, storage and destruction of information media (documents, magnetic media, electronic media, etc.).
  • All personnel are obliged to comply with the principles defined by the ISMS when accessing resources and information that require access control.

Third Party Access: Necessary arrangements are made to ensure that third parties' and organisations' access to information systems is secure. Within this framework, risks are analysed, access requirements are determined and classified. Principles are determined and applied for the personnel of contracted organisations and other third parties. Appropriate risk analyses are performed for third party access. Confidentiality Agreements including security responsibilities are prepared.

Physical and Environmental Safety: Arrangements and audits are made to ensure complete physical and environmental security. Places where sensitive assets are located and sensitive processes are carried out must be secure. Safe zones are prepared for this purpose and the security of these zones is ensured. Different security levels can be defined according to the need and different security mechanisms can be activated for each level. Physical security perimeter is created and physical entrance controls are carried out. Offices, rooms and vehicles are secured. The procedures and principles of working in secure areas are determined. Considering hardware security, these devices are protected against threats and dangers such as unauthorised physical access, fire, flooding. Placement of equipment, installation of power supplies and cabling are carried out with security in mind. Regular maintenance of the equipment is carried out. Security principles are taken into consideration during the configuration of the hardware.

Audits DineWho Information Security Management System is audited once a year. In addition, if deemed necessary by the Information Security Board, independent audit services from third party independent auditors or consultancy services for internal audits may be obtained.

Disciplinary Process and Legal Obligations: Employees are obliged to comply with this policy. Employees have obligations regarding information security outside of working hours or outside the working area. In case of non-compliance with the Information Security Policy and instructions, the relevant disciplinary process is applied.

Information Security Objectives

The organisation aims to carry out information security activities for the following purposes without compromising the principles stated above;

  • The Information Security Management System (ISMS) is planned, implemented and developed in accordance with the requirements of the internationally recognised [ISO27001:2017 Information Security Management System] standard.
  • Necessary work is carried out to comply with the relevant laws and regulations.
  • Internal audit, management review, corrective actions and actions required for the identification of risks and opportunities for the continuous improvement of ISMS are provided by the management and the teams to which the management has assigned information security responsibility.
  • All roles and responsibilities related to information security are determined and authorisations are made by the management.
  • Resources are provided by the management to carry out the necessary work within the framework of the Information Security Management System.
  • Together with its stakeholders, material and moral losses that may adversely affect DineWho's competitive advantage are prevented.
  • The scope of the Information Security Management System is determined by the management in line with business strategies by identifying information assets, evaluating the information security expectations of relevant parties such as customers, suppliers and business partners, and analysing legal agreements and obligations, if any.
  • An asset inventory is created in order to classify information assets and to assess the confidentiality, integrity and accessibility of these assets.
  • In order to manage information security risks, risk assessment, risk analysis and risk processing studies are carried out, necessary measures are developed and studies are carried out to prevent possible risks.
  • Information security targets in line with this policy and the purpose of the organisation are determined and compliance is measured at regular intervals and continuous improvement opportunities are evaluated.
  • The privacy of employee personal information is ensured.
  • Customer information is prevented from being accessed by unauthorised persons.
  • Data integrity is ensured.
  • By keeping access records, evidence of access that may be criminal in nature is provided to legal authorities.
  • Information security is ensured at the supplier.
  • Continuous development and protection of operational know-how is ensured.
  • It is ensured that end-user information security awareness and this awareness is continuously increased.
  • By effectively managing information security, damages that may arise from information security are minimised.
  • Necessary work is carried out to reduce the likelihood of an information security breach incident, and in case of an incident, a coordinated response is given.
  • Necessary arrangements are made to prevent interruptions that may occur in critical business processes, and in case of failure, it is ensured that it becomes operational again within the targeted recovery time.
  • Within the scope of the Information Security Management System, the confidentiality, integrity and accessibility of our customers' information assets are ensured. Continuity of critical business processes related to the customer is ensured.
  • Continuous improvement of the Information Security Management System is ensured.
  • In human resources management, processes are established in which rules are determined in terms of ensuring safety before, during and after employment.
  • It is ensured that necessary precautions are taken to ensure security in in-house work areas such as secure work areas, archive rooms, system rooms and around the organisation.
  • In order to carry out supplier relations in a secure manner; policies are established for reviewing supply services, managing the changes that occur, security requirements are determined, especially in agreements made / to be made with information technology suppliers and where information security risks are expressed.

SAFE SHOPPING

As a unique platform, dinewho.com has implemented various security measures to make the experience of dining out and making new social connections as safe as it is enjoyable for all its members.

At dinewho.com, your credit card details are only used during the order process and are never stored in the database.

SSL Certificate is used, which ensures the security of the information transmitted with 128 bit encryption, ensuring that your information is actually sent to dinewho.com.

DineWho, an Erik Medya initiative, is regularly subjected to penetration tests on its platforms by the Erik Medya cyber security team.

Payments are received only by credit card / debit card. We use VakıfBank virtual pos for your security. You can make your payments safely.