Pursuant to the European Union General Data Protection Regulation (“GDPR”), your personal data is protected by Eteration Bilişim Çözümleri Ticaret A.Ş. (“Eteration” or the “Company”), acting in its capacity as the Data Controller. Within the framework of the GDPR, the Company implements all necessary technical and administrative measures, leveraging its technological and infrastructural capabilities, to ensure the lawful processing and secure retention of personal data.
The purpose of this Privacy Notice is to fulfill the disclosure and notification obligations under applicable law and the GDPR regarding the processing of personal data collected by the Company and/or voluntarily provided by users during:
- Your use of, and communication through, the website managed by the Company with the extension [https://www.eteration.com/contact-us](the “Website”), and
- Your communications with us via Eteration’s corporate email addresses, LinkedIn, and Instagram social media accounts (collectively referred to as “Communication Channels”) and the subsequent provision of services to you.
This notice clarifies how, for which specific purposes, and under which legal bases your personal data is collected, its transfer to third parties, and your rights as a data subject under applicable local legislation and the GDPR.
This Privacy Notice shall become effective immediately upon its publication by Eteration. Eteration reserves the right to amend this Privacy Notice at any time as necessary. Any such amendments shall take effect immediately upon publication of the updated Privacy Notice at [https://www.eteration.com/].
2. Methods and Legal Bases for the Collection of Personal Data
Your personal data, as detailed in Section 3 of this Privacy Notice titled “Data Categories and Data Types,” is processed within the scope of your relationship with the Company and the services provided by the Company, based on the following legal grounds set forth in Article 6(1)(a), (b), (c), and (d) of the GDPR:
- (a) The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- (b) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- (c) Processing is necessary for compliance with a legal obligation to which the controller is subject;
- (d) Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
In scenarios where your explicit consent is required, your personal data will be processed strictly limited to the scope of the explicit consent provided by your own free will. We hereby remind you that you retain the right to withdraw your explicit consent at any time.
3. Data Categories and Data Types
Within the scope of the aforementioned legal bases, the following categories of personal data are processed by the Company:
Data Category
Location Information
Information regarding the city/province where the customers utilizing the Website are located.
Transaction Security Information
System and user account credentials (usernames, log records, etc.), IP addresses, and Website traffic data (login/logout stamps).
Marketing Information
Cookie identifiers and tracking records associated with the data subject.
Evaluations and Requests
Feedback, evaluation details, and request information submitted by you regarding our services.
4. Purposes of Processing Personal Data
Your personal data specified in Section 3 will be collected and processed in connection with your relationship with our Company and the services rendered to you, in accordance with the legal grounds listed in Section 2, for the following targeted purposes:
- Executing operational processes to ensure the proper delivery of required services;
- Verifying your corporate or individual identity;
- Managing customer relationship management (CRM) processes and conducting customer satisfaction activities;
- Providing information regarding proprietary products and services;
- Establishing information technology infrastructures, as well as executing and auditing information security processes and operations;
- Personalizing and enhancing your customer experience to increase overall service quality;
- Managing, evaluating, and finalizing your requests and complaints;
- Defining and governing the information access privileges of business partners;
- Preventing fraud and malicious activities;
- Presenting service history logs as evidence in potential legal disputes.
5. Authorized Transferees and Purposes of Data Transfer
We may share your personal data with parties from whom we receive operational support for the establishment, execution, and termination of your relationship with us, including third parties with whom we cooperate to enable you to benefit from our products and services, and entities that provide products or services on our behalf.
Furthermore, your personal data may be shared with legally authorized public authorities and private entities within the strict boundaries of their statutory jurisdictions.
6. Use of Cookies
As Eteration, we utilize technologies such as cookies, pixels, and gifs (collectively "Cookies") to optimize your user experience during your visits to our digital assets. The utilization of these technologies is conducted in strict compliance with the legislation we are subject to, primarily including the local Law (KVKK).
To obtain detailed information regarding cookies, please review our Cookie Policy available at https://www.eteration.com/.
7. Your Rights Under Data Protection Legislation
Pursuant to Articles 15 through 21 of the GDPR, you possess the following rights regarding your personal data:
- To learn whether the Company is processing personal data relating to you, and if so, to request information regarding such processing;
- To learn the purpose of the processing of your personal data and whether such data is being used in accordance with its intended purpose;
- To know the third parties to whom your personal data is transferred, whether domestically or internationally;
- To request the rectification of your personal data if it is incomplete or inaccurate;
- To request the erasure or destruction of your personal data within the framework of the conditions stipulated in the relevant legislation;
- To request that the operations of rectification, erasure, or destruction be notified to third parties to whom your personal data has been transferred;
- To object to the processing of your personal data where it results in an automated decision-making outcome that negatively affects you;
- To claim compensation for damages suffered due to the unlawful processing of your personal data.
Furthermore, you have the following explicit rights:
Right of Access
You have the right to request a copy of your personal data from our Company. A nominal fee may be charged for this service.
Right to Rectification
You have the right to request that our Company correct any information you believe is inaccurate. You also have the right to request the completion of information you believe is incomplete.
Right to Be Forgotten (Erasure)
Under certain conditions, you have the right to request that our Company erase your personal data.
Right to Restriction of Processing
Under certain conditions, you have the right to request that our Company restrict the processing of your personal data.
Right to Object to Processing
Under certain conditions, you have the right to object to our Company's processing of your personal data.
Right to Data Portability
Under certain conditions, you have the right to request that our Company transfer the personal data we have collected to another organization, or directly to you.
Pursuant to Article 15, you may submit your requests set forth in your application to the Data Controller in writing or via a commonly used electronic format. You may utilize the contact details provided below to exercise any of the rights enumerated above.
Additional Information for Data Subjects Within the Scope of the GDPR
If your personal data falls within the jurisdictional scope of the GDPR (i.e., if you are an individual located within the European Economic Area - EEA), we remind you that in addition to the rights of access and rectification, you also have the right to request data portability, or the restriction/cessation of processing, where applicable. The restriction or erasure of data is only enforceable if the processing activity is built upon consent or legitimate interest.
If the data processing activity is based on your explicit consent, you retain the right to withdraw your consent at any time; however, such withdrawal shall not affect the lawfulness of any processing carried out based on consent before its withdrawal. To exercise your right to withdraw consent, you may use the contact details specified below.
If you believe that the Company's processing of your personal data does not comply with the GDPR, you have the right to lodge a complaint with the competent supervisory authority.
CONTACT INFORMATION
Corporate Title: Eteration Bilişim Çözümleri Ticaret A.Ş.
Email Address: kvkk@eteration.com
Website: https://www.eteration.com
Registered Address: Reşitpaşa Mah. Katar Caddesi İTÜ Ayazağa Kampüsü Teknokent ARI-3 B202 34469 Maslak, İstanbul, Turkey