Our priority at Empactivo is keeping your data secure and treating it with respect. We aim to handle your data fairly and lawfully at all times. We’re also committed to being transparent about what we do. This statement explains how we collect, use, transfer and store your personal data, the purposes for processing, the parties to whom personal data are transferred and the purposes for such transfers.
Empactivo is the ‘Data Controller‘ for your personal data. This means we have legal responsibility for how we collect and handle your data.
The address and registered office of Empactivo is Ankara Teknoloji Geliştirme Bölgesi 1606. Cadde, Kapı no: 4/A Cyberpark, Cyberplaza A Blok 1. Kat No: A103 06800 Bilkent Çankaya/Ankara/ Turkey.
This Policy is regulated in accordance with the Turkish Law (which Empactivo is subject to) and the relevant regulation of the EU (GDPR). Foreign data owners who are not EU citizens benefit from the principles of protection of personal data based on the rules within the scope of Kişisel Verilerin Korunması Kanunu (“KVKK”), unless there is a separate agreement between their country and Turkey.
1) GDPR Notice
In order to prevent any unlawful access to personal data or leak and to ensure the secure retention of personal data relating to our customers or the third parties who share personal data, such data are only transferred to trusted business partners and on a minimum level, by taking necessary security measures in accordance with the legislation in force. Also Empactivo implements measures to ensure that the customers manage their preferences regarding their own personal data and highly respect our customers’ preferences.
In short, data security, transparency and individuals’ right to have control over their personal data are fundamentals for Empactivo in ensuring compliance with the GDPR.
In line with KVKK and GDPR, We’ve got a few fundamental principles at Empactivo:
- Unless we truly need it, we do not ask you for personal information.
- Except for compliance with the law, developing our products, or protecting our rights, we do not share your personal information with others.
- Unless needed for the ongoing operation of one of our services, we do not store personal information on our servers.
This statement applies :
- Customers and prospective customers;
- Individuals, partnerships and companies (employee names and email addresses, etc);
- People we wish to promote products and services to;
- People who visit our website.
We want to make it as easy as possible for you to monitor what is publicly available, seen by search engines, kept private, and deleted permanently.
2) What types of personal information do we collect?
An identifiable individual (“data subject”) is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, e-mail address, an identification number, location data. Different pieces of information, when collected can lead to the identification of a person, also constitute personal information.
Empactivo may process various types of personal information receives from you depending on the ways you interact with Empactivo (e.g. through our website, mobile application, slack application, Microsoft Teams application and customer relations, etc.). They include the :
- Name and last name,
- E-mail address, address, phone number, fax, country,
- Log in details (user name, password),
- Financial information,
- Reviews, feedback, comments,
- Traffic information such as time and/or duration of your interaction with us,
- IP address of the devices you use to interact with us,
- Information related to your interests (products or services that you are visiting on our website platforms),
- Information related to your requests for information, requests for support and your transactions with Empactivo,
- Cookies preferences, marketing preferences.
3) How do we collect information about you?
You may provide Empactivo with information directly (sign up to be a member of our databases, contact us e-mail, social media or telephone) or Empactivo may collect information automatically (through tracking mechanisms in an app or a website, cookies and web beacons/pixels, third party websites)
Personal data means any information that can be used to identify directly or indirectly a specific individual. This definition includes personal data collected offline through our customer relations, direct marketing campaigns and online through our websites, applications and applications accessed or used through third-party platforms.
4) For what purposes do we use information about you, and on what legal basis?
This section describes the purposes for which Empactivo uses personal information. Please note that, this is a global notice, and if you are not TR or EU citizen and if the laws of your country restrict or prohibit certain activities described in this notice, Empactivo will not use information about you for those purposes in that country.
Depending on who you are, Empactivo may collect personal information for different purposes, such as:
- Performance and execution of contracts,
- Direct marketing,
- Improvements including providing our products or services,
- Responding of your inquiries and fulfill your requests,
- Communicating with you about and to process orders, purchases, returns, services and accounts,
- Compliance with applicable law and legal process,
- Business analytics, statistical purposes,
- Performing analytics, quality control, market research, and determine the effectiveness of our websites, mobile applications and develop new products and services,
- Responding to requests from public and government authorities,
- Enforcing our terms and conditions.
The legal bases (or justified reasons) for processing your personal data are:
- The legitimate business interest of business and management purposes,
- The performance of a contract to which you are a party,
- Compliance with our legal obligations to which we are subject,
- Your specific and informed consent.
5) When do we share your information with third parties?
Empactivo only discloses potentially personally identifiable and personally identifiable information to those of its employees, contractors, and affiliated organizations who (i) need to know that information in order to process it on behalf of Empactivo or to provide the services available on the websites of Empactivo and (ii) have agreed not to disclose it to others.
Besides, Empactivo only share your personal information with third parties in the specific cases below:
- Business partners,
- External service providers,
- Other third parties, where required or permitted by law.
Empactivo shares your personal data with selected third-parties in the following circumstances:
: Empactivo shares your personal data with third-party service providers that perform functions on our behalf, such as companies that: host or operate our websites, process payments, analyze data, provide customer service, postal or delivery services. They have access to personal data needed to perform their functions but may not use it for other purposes. Further, they must process this personal data in accordance with this Privacy Notice and as permitted by applicable data protection laws and regulations.
- How do we protect your personal data?
Empactivo has implemented appropriate technical and organizational measures to prevent risks, such as accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to information. Empactivo puts in place the following measures in order to protect your information:
- Limiting physical access to our premises,
- Limiting access to personal information (for instance, only employees on a need-to-know basis have access to your personal information),
- Requiring third-party providers to have acceptable security measures to keep personal information secure and putting in place physical, electronic and procedural safeguards in line with industry standards,
- Using encryption and other technologies that can assist in securing personal information.
7) How long do we retain your information?
Empactivo retains your personal information as long as it is necessary to fulfill the specific purposes, as explained under the section 3. In certain cases a longer retention of your personal information might be required according to legal obligations. In all other cases, Empactivo deletes your personal information once the purpose of processing your information is fulfilled. The period will vary depending on the purposes for which the information was collected. Note that in some circumstances, you have the right to request us to delete the information.
We will actively review the personal data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or consumer need for it to be retained.
8) When do we transfer your personal information?
Empactivo only stores and transfers your personal data to which has an adequate level of protection for personal data and instruments cover the requirements for the transfer of personal data to protect your rights.
Empactivo will follow your instructions and comply with a legal duty within the restricted legal framework.
The general & fundamental safeguards: transfer to another country whose privacy legislation ensures an adequate level of protection of personal data similar or equivalent to the country it was collected in; put in place a contract with the third-party that means they must protect personal data to the same standards as in the country the data was collected in.
9) What are your rights?
According to applicable data protection laws, you have the right to:
- be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights.
- access and rectification. You have the right to access, correct or update your personal data at any time.
- data portability. The personal data you have provided us with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
- be forgotten. Under certain circumstances, you have right to request that we delete your data. If you wish to delete the personal data we hold about you, please let us know and we will take reasonable steps to respond to your request in accordance with legal requirements. If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
- restrict processing. Under certain circumstances, you have the right to restrict the processing of your personal data.
- object. Under certain circumstances, you have the right to object to certain types of processing.
- lodge a complaint with a Supervisory Authority. You have the right to lodge a complaint directly with Supervisory Authority about how we process your personal data.
- withdraw consent. If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal data at any time by contacting us with the details provided below.
By writing a comment, you understand that comments are shown publicly to Empactivo users and providers to help improve Empactivo.com’s services. To help select a service provider, users use comments, and providers use comments as a way to improve their service.
EMPACTIVO AS A DATA PROCESSOR
The main activity area of Empactivo is data processing in order to provide technical support to data controllers due to their requests and instructions. Therefore, Empactivo performs the majority of data processing activities as a “Data Processor”.
As a Data Processor, Empactivo performs data processing activities in line with the requests and instructions of the data controller, in accordance with the law and the contracts concluded with its customers. In the processes where Empactivo is involved as a Data Processor; the data controller who has a contractual business relationship with Empactivo, is in the position of decision maker in the following issues:
– the purpose of processing your personal data and legal reasons,
– the persons or organizations to whom your personal data can be transferred,
– the collection methods of your personal data,
– the method of benefiting from the right to apply as the data subject.
Therefore, in relations where Empactivo is only involved as a Data Processor, you must reach the information within the scope of the Law from the relevant data controller. In cases where data subjects apply to Empactivo based on KVKK or GDPR, please confirm who is the data controller in the relevant “information texts”, as Empactivo cannot provide the relevant information as a Data Processor alone.
For futher question please contact us.