PRIVACY POLICY FOR WORLD RAKI WEEK
LAST UPDATED: NOVEMBER 2024
1. Introduction
​
This Privacy Policy explains how we, Magnetic London Creative Services Ltd and Mey Icki San. ve Tic. A.S. (“we,” “us,” or “our”), collect, use, disclose, and protect the personal data of visitors to our World Raki Week website, available at worldrakiweek.com. Magnetic London acts as the organizer of World Raki Week events a Mey | Diageo Brand, a member of the Diageo group of companies, and registered in Turkey in the address of Esentepe Mah. Bahar Sok. Ozdilek River Plaza Vyndham Grand Apt. No: 13/25 Merkez Sisli/Istanbul.
We are committed to safeguarding your personal information and ensuring that it is processed in compliance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the EU GDPR, the Data Protection Act 2018, the Turkish Personal Data Protection Law (KVKK) and the UAE PDPL.
Particularly interested in how we use cookies? Please see our dedicated Cookie Policy.
​
2. Legal Purchase Age
You must not provide us with your personal data if you are not of legal age to purchase alcohol in the jurisdiction in which you reside and (if different) in the jurisdiction in which you are accessing the Service.
We do not intend to collect personal data from any individuals under the legal purchase age, or to market alcoholic beverages to anyone under the legal purchase age.
If we receive notice or believe that someone under the legal purchase age has provided us with personal data, we will make every reasonable effort to remove such personal data from our records.
​
3. Personal Data We Collect
​
Personal data is information about an identifiable individual, as defined by applicable law. The personal data we collect includes:
-
We collect personal data when you purchase a ticket to our events. The personal data collected includes:
-
Name and Surname
-
Email Address
-
Year of Birth
-
Country of Residence
-
In addition, at the event venue, we reserve the right to request an ID if we believe that you appear to be under the legal drinking age, to comply with age verification requirements for alcohol-related events.
-
-
Data you provide to us which may include:
-
Identity information including full name, date of birth, gender, national ID number;
-
Contact information including your e-mail address, phone number;
-
Location information including your country of residence, postal address;
-
Data provided as part of questionnaires, lotteries, quizzes, contests, events (including responses to any customer satisfaction surveys or market research);
-
Entries and submissions;
-
Your marketing and mailing preferences, delivery instructions, reference information, customer service preferences;
-
Personal information that you voluntarily choose to disclose it to us in the course of our relationship with you including your communications with us.
-
-
Data we automatically collect/generate or obtain from third parties: These types of personal data may relate to your device (such as your PC, tablet or other mobile device), your use of our websites and apps (as well as certain third-party websites with whom we have partnered), and/or your personal preferences, interests, or geographic location. These types of data include:
-
Information about your device, operating system, browser and IP address, unique identifiers associated with your device;
-
Details of web pages that you have visited on our website;
-
Which products or sections you have looked at online;
-
How long you spend on certain areas of a website or app together with the date and time of your visit/usage, personal data contained within user-generated content.
-
-
We may process your photos or videos during the events if you have consented.
-
We may collect your personal data such as identity, contact, and delivery information for the purpose of conducting your participation in the lottery and organizing the prize.
-
We may collect optional data such as contact information if you opt-in to receive newsletters from Yeni Rakı.
​
4. Purpose of Data Collection
​​
We collect and process your personal data for the following purposes:
-
Event Ticketing and Access: To manage and facilitate your attendance at World Raki Week events, including ticket purchase confirmation and legal age verification where necessary.
-
Communications Activities: If you choose to subscribe, we will use your email address to send you newsletters, promotional messages, and updates regarding Yeni Rakı. If you do not subscribe or not related, your data will not be used for marketing purposes. If you subscribed, you have the right to opt out at any time from receipt of further marketing communications as described in “Your Rights” section. Also, as part of our public communication activities we may share images, photos or video via website, social media if you consented. Additionally, in terms of our communication activities, we may use your contact data to organize our events.
-
Legal Compliance: To comply with UK, EU, Turkey, UEA laws on age verification for alcohol-related events, and to fulfill our legal obligations regarding data protection.
-
Operation of the website: We may use your personal data to provide our website services to you.
-
Marketing analysis: We may use your personal data for marketing analysis, for example, to evaluate the impact and effectiveness of our events, contents, marketing campaigns and promotions, and to analyse the number and types of visitors to our websites and/or users of our apps (including the locations from which such visitors/users access our websites and apps). We often aggregate personal data for these purposes so that it no longer identifies any particular individual.
-
Authentication and access control: We may use your personal data to authenticate your access to our websites or apps and to determine which content to provide you and/or whether you should be granted access to certain content (for example checking your age or location to ensure you are of Legal Purchase Age in the jurisdiction where you are located). We may also use your personal data to verify your identity when responding to any requests to exercise your rights under applicable law.
​
-
Comply with legal obligations and protect against legal claims or liability: We may use your personal data to comply with our legal obligations protect us against legal claims, or to detect, protect, or defend us and/or other third parties against error, negligence, breach of contract, theft, fraud, or other illegal or harmful activity, to comply with our audit and security requirements, or to audit compliance with our corporate policies, procedures, legal, or contractual obligations.
-
Customer service: We will use your personal data to provide specific services that you request from us, as well as to provide additional services that may be of interest. We will also use your personal data to process any orders you submit, to contact you in relation to any enquiries. We may also use your personal data to notify you about changes to our services, our terms and conditions or this Privacy and Cookie Notice.
-
Corporate transactions: We may use your personal data in the event of a sale, merger, consolidation, change in control, transfer of substantial assets, financing, reorganization, or liquidation whereby we transfer, sell, or assign to a third-party data concerning your relationship with us.
-
Technical maintenance: We use personal data for system administration purposes and to diagnose service or technology problems reported by our users or engineers, these types of problem may be associated with the IP addresses controlled by a specific web company or ISP.
​
5. Legal Basis for Processing
The lawful bases for processing your personal data are as follows:
-
Consent: For example, where you have provided your consent to receive certain newsletter or marketing from us. You can withdraw your consent at any time, including by clicking on the “unsubscribe” link at the bottom of any marketing email we send you. [Article 5/1 of the KVKK – Article 6 of the GDPR – Article 4 and 6 of the UAE PDPL]
-
Performance of a contract with you: This would also apply where we need to take steps prior to entering into a contract with you. For example, where you have purchased a ticket for our event and we need to use your contact details and identity information in order to manage and organize the event. [Article 5/2 (c) of the KVKK – Article 6 of the UK EU GDPR – Article 4 and 6 of the UAE PDPL]
-
Compliance with a legal obligation: Where we are subject to a legal obligation and need to use your personal data in order to comply with an obligation. [Article 5/2 (ç) of the KVKK – Article 6 of the UK EU GDPR – Article 4 and 6 of the UAE PDPL]
-
Our legitimate business interests: Where it is necessary for us to understand our users, attendees or data subjects to improve our services and operate effectively as a part of multinational beverages company. It is provided in each case that this is done in a legitimate way which does not unduly affect your privacy and other rights. For example, we will rely on this legal basis when we conduct certain analysis and improve our website. [Article 5/2 (f) of the KVKK – Article 6 of the UK EU GDPR – Article 4 and 6 of the UAE PDPL]
We also have a legitimate interest in improving and personalizing our services based on your needs, requests and suggestions, retaining and evaluating information on your recent visits to our website and how you move around different sections of our website, and contacting you, without affecting your fundamental rights and freedoms.
The processing is necessary for the legitimate interests we pursue as a company, including to benefit from cost-effective services, to offer and market our products to you and ensure the administration of our relationship with our suppliers, fulfil our Code of Business Conduct and internal governance requirements, ensure breach management.
6. Data Sharing and International Transfers
Your personal data may be shared to third parties for the purposes set out in this Policy.
We may disclose your personal data to:
-
Diageo companies and affiliates;
-
Our business partners, suppliers and solution partners;
-
Our service providers and subcontractors, including our affiliates, retained to perform functions on our behalf, or to provide services to us such as credit card and data processing, age verification, monitoring, website hosting and management, information technology and office services, legal, accounting, audit and other professional service providers;
-
Public authorities, legally authorized persons and institutions, regulators, government officials for meeting legal and regulatory requirements, or protecting or defending our rights or property in accordance with applicable laws.
​​
For the compliance with the UK and EU GDPR, we ensure our suppliers and business or solution partners whether they are located outside the EEA or not, to take appropriate technical and organizational security measures including Standard Contractual Clauses and DPA in accordance with applicable data protection laws and use it solely for the purposes specified by us.
For instance, Magnetic may share such personal data with Mey | Diageo, which is based in Turkey. We transfer this data securely under the EU Standard Contractual Clauses and UK DPA to ensure adequate protection for your data..
In addition, we use third-party service providers:
-
WIX Payments (our payment processor) and its affiliated processors, Adyen and Stripe, for secure payment processing.
​
These third parties comply with data protection laws and have their privacy policies in place, which you can review:
We do not sell, rent, or share your personal data with third parties for their own marketing purposes.
​
7. Data Storage, Security, and Retention
​
We take data security seriously and take precautions to keep your personal data secure. We have put in place appropriate physical, technical, and organisational measures to safeguard the data we collect. We implement security measures to protect your personal data, including encryption, access controls, and data minimization.
Data Storage and Retention:
We will retain your personal data for the period necessary to fulfil the purposes outlined in this Notice unless a longer retention period is required or permitted by law. After this period, it will be deleted or in some cases anonymised. For instance:
-
Your data may be stored on WIX’s servers. WIX complies with GDPR and other data protection regulations to ensure secure data storage.
-
Subscribers to Newsletter: Data is stored in Yeni Rakı’s CRM (HubSpot) until you unsubscribe.
-
Non-subscribers: If you do not subscribe, your data will be retained for the period necessary to fulfil our obligations or to be protected by such legal claims or disputes. In the event of a breach or misuse of your personal data, particularly if it poses a direct and serious threat to the privacy and confidentiality of your information, we prioritize prompt action to safeguard your rights. If you believe your personal data has been compromised, you are encouraged to submit a complaint by contacting us through the contact details provided in this notice.
​
8. Your Rights
​
You have the following rights under the data protection laws.
a. If you are from the United Kingdom or the European Economic Area or in certain countries icludinng the UEA, you are also entitled (with some exceptions and restrictions) to:
​
-
Access: You have the right to request information about how we process your personal data and to obtain a copy of that personal data.
-
Rectification: You have the right to request the rectification of inaccurate personal data about you and for any incomplete personal information about you to be completed.
-
Objection: You have the right to object to the processing of your personal information, which is based on our legitimate interests.
-
Deletion: You can delete your account by using the corresponding functionality directly on the service.
-
Automated decision-making: You have the right to object a decision made about you that is based solely on automated processing if that decision produces legal or similarly significant effects concerning you.
-
Restriction: You have the right to ask us to restrict our processing of your personal data, so that we no longer process that personal data until the restriction is lifted.
-
Portability: You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted to another organization in certain circumstances.
-
Complaint: You have a right to lodge a complaint with the authorized data protection authority if you have concerns about how we process your personal data. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.
b. Data subjects under KVKK are entitled to the below rights.
-
Learn whether your personal data are processed or not,
-
Request information as to if your personal data have been processed,
-
Learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose,
-
Know the third parties to whom your personal data are transferred in-country or abroad,
-
Request the rectification of the incomplete or inaccurate data, if any and request reporting of operations as the rectification of the incomplete or inaccurate data to the third parties to whom your personal data have been transferred,
-
Request erasure or destruction of the personal data if there are no applicable legal basis for processing and reporting of operations as the erasure or destruction to the third parties to whom your personal data have been transferred,
-
Object to the occurrence of a result against you; by analyzing the data processed solely through automated systems,
-
Claim compensation for the damage arising from the unlawful processing of your personal data.
​​
To exercise these rights, please contact us at info@yenirakiglobal.com.
​
9. Cookies and Analytics
​
We process personal data through cookies as well. If you want to see the details how we use cookies, please see our dedicated Cookie Policy. For instance, our website uses Google Analytics to help us understand visitor interactions. Google Analytics collects non-personal information and does not identify individual users. Please refer to Google’s Privacy Policy for more information on how they manage data.
We also use cookies on our website to improve your browsing experience. You may manage your cookie preferences directly in your browser settings.
​
10. ID Verification at Events
​
For age verification compliance, we may ask you to show a valid ID at the event venue if you appear to be under the legal drinking age. Failure to present a valid ID may result in denial of entry, and refunds will not be provided in such cases.
​
11. Opt-Out and Consent Withdrawal
​​
If we process your personal data based on your consent, you can withdraw your consent anytime by contacting us at info@yenirakiglobal.com. Also, regarding the Yeni Rakı newsletter, each email you receive will include an unsubscribe link.
​
12. Changes to This Privacy Policy
​
We reserve the right to update this Privacy Policy at any time. Updates will be posted on this page, and we encourage you to review it periodically. If significant changes are made, we will notify users via email or a notice on our website.
​
13. Contact Us
​
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:
​
-
Email: info@yenirakiglobal.com
-
Address: Mey | Diageo, Esentepe Mah. Bahar Sok. Ozdilek River Plaza Vyndham Grand Apt. No: 13/25 Merkez Sisli/Istanbul, Turkey.