Clarification Text on the Processing of Personal Data

This Clarification text has been prepared by Doktar Teknoloji Anonim Şirketi ("Doktar"), incorporated at Reşitpaşa Mah. Katar Cad. İTÜ Arı Teknokent 3 No:4 İç Kapı No: B301 Sarıyer İstanbul, acting as the data controller, within the scope of the Law on the Protection of Personal Data numbered 6698 ("KVKK" or "Law") and the "Communiqué on Principles and Procedures to be Followed in Fulfilling the Obligation to Inform." Security measures for the protection of your personal data are provided at an appropriate level considering potential risks, taking into account technological capabilities.

Your personal data may be collected by Doktar's call center team, field agronomists, soil analysis team, and all other personnel, as well as the Orbit application owned by Doktar, through automatic or non-automatic means, in written, verbal, or electronic environments.

1. Purposes and Legal Basis of Personal Data Processing
   1. i. The purposes of processing personal data based on legal reasons such as "cases explicitly envisaged in laws" and "necessary situations for fulfilling a legal obligation" are as follows:
      • Conducting financial and accounting affairs
      • Fulfillment of contractual obligations
      • Conducting activities in compliance with legislation
      • Conducting storage and archive activities
      • Providing information to authorized individuals, institutions, and organizations
      • Conducting information security processes
      • Collection, storage, and sharing of hardware and physical device data
      • Collection, storage, and sharing of data generated by developed software and services
      • Publishing, analysis, reporting, data processing, archiving, debugging, providing of support, processing geographical information systems, geographical visualization, weather information processing
   2. ii. The purposes of processing personal data belonging to the parties of a contract directly related to the establishment or performance of a contract, based on the legal reason "necessity of processing personal data belonging to the parties of a contract directly related to the establishment or performance of a contract" are as follows:
      • Conducting technological activities within the scope of contract processes
      • Conducting soil analyses within the scope of contract processes
      • Facilitating application usage by marking fields on the mobile application
      • Providing periodic notifications
2. 2. Categories of Personal Data

   The categories of personal data processed by Doktar regarding customers are specified in the table below:

   Identity Information	Location Information	Transaction Information	Financial Information	Asset Information	Visual and Audio Recordings
   Customer Transaction Information	Location-Related Information	Transaction Security Information	Business Information, Operational Information	Property Ownership Information	Photographs and Videos

3. Transfer of Personal Data

   Personal data belonging to customers may be shared with independent audit firms, certified public accountant firms, banks, integrator firms, Revenue Administration, Municipalities, Tax Offices, business partners, domestic and international institutions and organizations, in accordance with the principles and conditions stipulated in the Law, for the following purposes:

   • onducting activities in compliance with legislation
   • Conducting storage and archive activities
   • Fulfillment of contractual obligations
   • Providing information to authorized individuals, institutions, and organizations
   • Conducting financial and accounting affairs
   • Publishing, analysis, reporting
   • Archiving, debugging and providing of support,
   • processing geographical information systems, geographical visualization, weather information processing

In order to ensure the security of personal data transfers, commitments regarding data security are obtained from third parties to whom personal data is transferred, and data transfer is carried out securely.

4. Rights of the Data Subject

   At any time, you may exercise your rights under Article 11 of the Law and make requests regarding your rights listed below to Doktar in writing or through other methods specified in the "Communiqué on Principles and Procedures for Application to the Data Controller" or KVKK. Doktar will evaluate your request as soon as possible and will conclude it within a maximum of thirty (30) days.

   • Learning whether your personal data is processed,
   • Requesting information if your personal data has been processed,
   • Learning the purpose of processing your personal data and whether they are used appropriately for their purpose,
   • Knowing the third parties to whom your personal data is transferred domestically or abroad,
   • Requesting correction of your personal data if it is incomplete or incorrect,
   • Requesting deletion or destruction of your personal data within the framework of the conditions stipulated in Article 7 of the Law,
   • Requesting notification of third parties to whom your personal data has been transferred, in accordance with Articles 11(d) and (e) of the Law,
   • Objecting to the occurrence of a result against you by means of exclusively automated systems analyzing your personal data,
   • Requesting compensation for damages in case of suffering any damage due to the unlawful processing of your personal data.

Customer Consent Text for Processing Personal Data

Dear Customer,

With respect to the purposes and details outlined in the document titled "Protection of Your Personal Data: Clarification Text on Processing Personal Data," communicated to you by Doktar Teknoloji Anonim Şirketi ("Doktar") as the data controller under the Law on the Protection of Personal Data numbered 6698 ("KVKK"), and limited to those purposes and details:

By using the Orbit application owned by Doktar, you hereby acknowledge that your explicit consent is given for the installation of technology setups related to your fields, transferring location information of your fields to Doktar's mobile application, conducting soil analysis related to your fields, contacting you via telephone and SMS, and transferring to business partners and suppliers (e.g., consultants, technology solution partners) for the same purposes, and for the storage and processing of this data on servers within Turkey or abroad or in other electronic environments, subject to necessary security measures.