Datenschutzrichtlinien

Due to ongoing technical changes in the relevant legal framework, we are required to make changes and/or corrections to the following Privacy Policy from time to time. Therefore, we request that you review this Privacy Policy and take any changes and/or corrections into account before each visit to this website.

1. Preamble

We as Infoset Teknoloji Anonim Şirketi (“Infoset”), give utmost importance to the privacy of our Visitors and Users during their use of our website with domain name https://infoset.app/ (“Website”) and Infoset Application (collectively “Infoset Platform”) regardless of their country of access.

2. Purpose of This Policy

This Privacy Policy (“Policy”) is prepared with a privacy-prioritizing attitude in order to provide detailed information to Visitors and Users regarding the identity of Infoset as a data controller; data processing and its legal bases, reasons; rights of Visitors and Users (collectively “Data Subject”), which can be exercised against Infoset.

3. Scope of This Policy

• In Terms of Legislation
  
  Since, Infoset is a Republic of Turkey based company but has numerous Visitors and Users from different countries; it is hard to determine which legislation should be applied to its activities and business. Therefore, Infoset intends to reflect its compliance with different legislations about privacy and data protection. For this reason, Infoset shows considerable effort to act in accordance with General Data Protection Regulation (“GDPR”), Personal Data Protection Law No. 6698 (“PDPL”), California Consumer Privacy Act (“CCPA”) and other applicable data protection regulations.
  
  
• In Terms of Related Person
  
  This Policy includes different Data Subjects with various motives such as somehow accessing, signing up, signing in to Infoset Platform and having a paid subscription account on it. Even though Data Subject may be referred as Visitor or User according to their intention for using Infoset Platform, they will be covered in this Policy.
  
  
• In Terms of Data
  
  Information that makes it possible for Data Subject to be identified directly or indirectly by any other person (“Personal Data”) is in the scope of this Policy. Accordingly, it can be safely said that confidential information, which cannot be considered as Personal Data, is excluded from this Policy.

4. Identity of Infoset as a Data Controller

For any and all data processing that occurs through accessing the Infoset Platform, Infoset Teknoloji Anonim Şirketi, registration number is 228720-5 and residing at Aydınevler Mh. Oğuzhan Cd. Ata Plaza No:1-3/32 Maltepe, İstanbul is a data controller (“Controller”).

5. Occasion for Personal Data Processing

Infoset processes personal data during including without limitation below-mentioned situations:

• accessing to Infoset Platform,
• creating an account on Infoset Platform,
• using Infoset Platform,
• providing feedback to Infoset,
• purchasing and using subscription services on Infoset Platform,
• contacting with Infoset regarding different requests and questions.

6. Principles for Processing Personal Data

Infoset considers below-mentioned principles while Processing Personal Data:

• Processing Personal Data lawfully, fairly and in a transparent manner in relation to the Data Subject,
• Processing Personal Data accurately and where necessary, kept up to date,
• Processing Personal Data for specific, explicit, and legitimate purposes,
• Processing Personal Data relevantly, limitedly and proportionately to the purposes for which they are processed,
• Processing Personal Data in a manner that ensures appropriate security of the Personal Data and kept in a form which allows identification of Data Subjects for no longer than it is necessary for the processing reasons.

7. Processed Personal Data

8. Reasons and Legal Bases for Processing Personal Data

Personal Data given to or collected by us shall only be processed when necessary for a reasonable cause and when there is a legal basis for processing. Reasons and legal bases of processing are listed limitedly in this Policy and this Policy will be updated if a reason or a legal basis change.

• First Name and Last Name

• E-Mail Address of Company

• Phone Number

• Company or Application Name

• Message Content

• Feedback

• Language Preference

• User Feedback

• Usage Information

• Cookie

• IP Address

• Login Data

• Device & Browser Type

9. Rights of Data Subjects

Data Subjects are endowed with some rights to ensure their Personal Data to be processed on a lawful basis. Infoset Platform is designed in compliance with the Privacy by Design and Data Protection by Design principles. Therefore, along with the below-mentioned rights, Data Subjects have a right to opt-out from the Infoset Platform which ends up with their accounts to be deleted.

1. Right to be informed, by which the Data Subject may request information about their Personal Data being processed by Infoset.
2. Right of access, by which the Data Subject may request to learn their Personal Data being processed by Infoset.
3. Right of rectification, by which the Data Subject may request Infoset to correct or complete their Personal Data.
4. Right to restrict processing, by which the Data Subject may request to limit the way their Personal Data is used.
5. Right to erasure, by which the Data Subject may request to have their Personal Data erased.
6. Right to data portability, by which the Data Subject may request to receive their Personal Data in a machine-readable format and/or request Infoset to transfer their Personal Data to another controller.
7. Right to object, by which the Data Subject may request Infoset to stop processing their Personal Data.
8. Rights in relation to automated decision-making, by which the Data Subject may request Infoset to stop processing their personal data in cases where Personal Data is being processed via automated decision-making.

10. Transfer of Personal Data

Infoset transfers Personal Data to third parties only when there is an explicit and informed consent from the Data Subject except for the below-mentioned cases, which have their own legal bases for the transfer:

1. Law Enforcement and Judiciary Authorities: Infoset may be obliged to disclose Personal Data when required to do so by law, including but not limited to legal claims, legal investigations, lawful requests or legal proceedings.
2. Mobile Application Server and Infrastructure Services Provider: Name-Surname, E-mail Address of Company, Company or Application Name, Phone Number and answer to questions may be transferred to the company providing server and infrastructure services for Infoset Platform.
3. Third-Party Marketing Services: Usage Information, User Feedback and Cookie data may be transferred to Facebook and Google in order to conduct marketing and remarketing activities, helping us to keep Infoset Platform’s basic functions free.

[Facebook Pixels and SDKs - Firebase or Google Analytics SDKs | Google Ads, Google Analytics and Hotjar for Website]

Such transferring activity is limited to the usage of Facebook Pixel, Facebook Software Development Kits (SDK), Google Software Development Kits (SDK), Google Ads, Google Analytics and Hotjar. To limit such activity, for the tracking purposes, Users should check their device settings to activate “Limit Ad Tracking” function. Users may also visit www.facebook.com/ads/settings and www.adssettings.google.com to opt-out such tracking activities.

Infoset's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

11. Period of Retention

Infoset stores Personal Data in view of Data Minimization Principle, which necessitates Personal Data to be kept only for the required period. Required period is assigned considering the nature of the Personal Data, the potential risks of a Personal Data breach, processing reasons, and whether or not such reasons can be achieved in a different manner.

12. Methods of Securing Personal Data

Appropriate technical and organizational measures are enacted to ensure the safety, protection and the encryption of the Personal Data in order to prevent any Personal Data breach such that may be caused by accidental or unauthorized destruction, loss, theft or; unauthorized use, alteration and disclosure.

In this context, Infoset;

1. Sign non-disclosure agreements with parties who have limited or unlimited access to Personal Data.
2. Organize awareness trainings about data protection inside its organization.
3. Entitles its employees with limited authorization according to their work line.
4. Transfer Personal Data on a ‘need-to-know’ basis.
5. Process and store personal data on safely secured and encrypted cloud servers.

13. Contact Information of Infoset

Data Subjects may contact Infoset in case of having questions, comments, or feedback via kisiselveri@infoset.app, 0850 450 00 40 and Infoset Website.

Last updated: 28.02.2023