Updated in March, 2023
Thank you for visiting our web site and reading our privacy and security statement.
Basic Information About Our Approach to Data Security and Privacy
Springfox’s network of companies has dedicated itself to ensuring the security of your personal data in all of its information systems. For Springfox, privacy and security matters form the basis of the relation between us and our customers. Springfox understands your particular concern about your confidentiality and security and place utmost importance on that matter.
Springfox Privacy Statement is applicable to all data processed by Springfox, including Personal Data collected or transmitted via our websites in Springfox’s network, our software and self-service applications, mobile applications or social media accounts and other online or off-line channels.
Protection Of Personal Data
Springfox acts in the capacity of a data controller in line with KVKK no. 6698 and provisions of any other legislation applicable to the protection of personal data. Accordingly, personal data shall be processed only by Springfox personnel authorized to implement any privacy and security policy as well as services falling within the scope of duty of Springfox’s management office and the personnel named in the privacy and security authorization matrices, and those natural/legal persons authorized by Springfox for such purpose by fulfilling the condition of informing the data subjects.
Electronic Messages
Subject to communication consents provided by you during your communication with us regarding electronic (e-mail) messages and through any other Springfox channel, you will be deemed to have accepted to receive e-mail messages through your contact details, for the promotion of services offered by Springfox and its business partners, information on new products and services, announcements on issues regarding legislation, and other matters that may be of interest for you. In this respect, you may contact Springfox to request that messages are no longer sent to you through one or more than one communication channel.
Cookies
Cookies are program bits that are usually in the form of text files that may be embedded in laptops, desktop PCs and mobile devices, which collect various data.
Please click Cookie Policy for details.
Purpose Of Using Your Data
We may use your personal data which we record during your visits to our website, via automated or non-automated means, or which you may disclose to us in communication forms, e-mails or via other electronic transactions, primarily for the purpose of satisfying your requests and subsequently for ensuring improvement of the services offered to you. Overall purposes of use of such data may be listed as follows:
Please do not disclose such data that you would not want us to collect for the purposes above. Please remember that unless you provide such data, we will be unable to contact you, and that your certain data may still be collected by means of cookies during your visit to this website.
Data Security
Springfox places utmost importance on the security of your data. We take measures conforming to sector standards to prevent unauthorized collection and use of your data. Exchange of information on the İnternet is not generally secure. Therefore, we recommend you to exercise due care by user when exchanging information through our websites and online systems. If you don't take this care, Springfox cannot guarantee you about security of your information and communication on the website or capture them by third parties.
When your information arrives at Springfox, it is protected in accordance with our security and privacy standards. Your data are stored for the purposes set out above and only for the durations required by the needs of our business process or as prescribed by law.
Data Transfer
We may transfer the personal information we collect about you to other countries different from the country we collect the data, as we use their services of the internet service providers, hosting companies, e-mail providers, domain providers. Data protection laws and regulations applied in these countries may differ from the laws applicable in Turkey.
Hereby, we will protect your information in accordance with the applicable law as described in this Privacy Policy while transferring to other countries.
Protection for Children’s Online Activities
We support parents willing to supervise and control online activities of their children. In no event do we ask children on purpose to share their personal data. If we come to know that a person whose personal data are collected by us is younger than 13 years old, we may use such data to try to promptly inform his/her parents.
Designing New Processes In Line With Privacy Rules
Springfox takes the most appropriate technological and organizational measures to ensure confidentiality when developing new systems and applies necessary developments for the processing of personal data in line with their intended purposes.
‘INFORMATION ON KVKK’
The Company has different policies that cover protection of personal data along with the information security as regards certain work activities and functions. Unless this Policy has additional provisions or higher standards for the protection of personal data, the other different data protection provisions of the company shall prevail.
The relevant regulation provisions shall be first to apply in processing and protecting personal data; and if there happens any contradiction between the articles of this Policy and the legislation, then current legislation clauses shall prevail.
Herein this Policy is prepared in accordance with the rules and procedures foreseen in KVKK and related law for the protection of personal data. In his context, as Data Controller is also liable to prevent illegal processing of personal data and access and protect the personal data from being accessed illegally in accordance with KVKK, he/she must take all necessary technical and administrative measures.
Our Company acts in accordance with the following general principles in all of its Personal Data Processing activities:
Your personal data collected by our company varies according to the quality of the relationship with our company and the legal obligations. Your personal data collected can be listed as follows:
Our company informs data subjects during obtaining personal data due to KVKK and related legislation. In this context, the Company makes a notification/information regarding the purpose of data processing, transfer of the data and to whom the data shall be transferred, the method of collecting personal data and the legal purpose of collecting personal data.
The purpose of processing personal data information varies according to the relationship between the company and personal data subject and legal nature of the business.
The purposes of processing personal data by the Company are as follows:
Within the scope of the company based commercial activities, planning and business development tasks, etc.
Increasing brand awareness;
Within the scope of planning, execution and management of corporate relations;
Within the scope of legal, technical and commercial security measures among parties in relation with the Company data is processed under;
Personal data can be obtained/received by parties who are data subject and/or third parties who have explicit consent from the data subject.
The obtained personal data can be processed by collecting, saving, editing, configuring, storing, adapting, changing, using, transferring, deleting, destroying and anonymizing.
Personal Data may be processed by one or more of the above methods without the explicit consent of the data subject in the presence of one the legitimate reasons listed in Article 5 of KVKK:
Our company takes into account the law and legislation that is in place during processing the personal data. Within this scope, the retention and period of limitations are taken into account on Personal Data Protection activities. In case the processing activity is disposed, and there is no further legal ground to store personal data, relevant data is to be deleted, destroyed and/or anonymized. The personal data shall be subject to retention, disposal or anonymization upon the demand of the data subject and/or the Company’s periodic control in which the Company realizes the reason to process the data is no longer available, due to the Article 7 of KVKK and other related legislation.
The personal data transmitted to us by mistake in any way or in cases where it is understood that the will of the data subject is not directed to give explicit consent, is immediately destroyed by our Company by methods in accordance with the Law.
Our company will not keep personal data for longer than necessary, in connection with the reason for the collection of the data, so as to allow identification of the data subject.
Our company can only store personal data longer than advised, in order to protect the rights and freedoms of the data subject in line with applying technical and organizational precautions only to serve public welfare, scientific or historic research or statistical research.
Including the retention period for each category of personal data and the legal obligations that the Company has to store data, the criteria used in identifying this period are specified in our Company's Personal Data Retention and Destruction Policy and will be applied in all cases.
a. Local Transfers
Personal data is not transferred to any third party without an explicit consent, unless it is legally required due to KVKK, relevant legislation and cases where it is mandatory to be shared with the external parties due to administrative / juridical cases. However, as per to the Article 5 and Article 6 of KVKK, in case legal grounds are present and it is legally required, on third party transferred, consent / explicit consent will not be observed.
Our Company fulfills its obligation to inform the Data Subject regarding this transfer. Accordingly, the institutions, organizations and / or persons that can be transferred are listed below.
b. Transfers to Abroad
The Company may transfer the personal data abroad by obtaining explicit consent of the data subject along with taking appropriate and necessary security measures foreseen in KVKK and related legislation. For the situations in which the explicit consent of the data subject is not sought, it is considered whether the country that the data will be transferred, is in "adequate country" stature and has enough protection or not. If the Authority considers that the transferee country is not in adequate country statute, the Authority approval should be taken, and a data transfer protocol should be signed to guarantee enough protection.
c. Parties Conducting the Transfers
Within the scope of the Labor Law, Obligations Law, Income Tax Law and Procedures, Commercial Law, Private Employment Agencies and relevant legislations;
Apart from these, our Company shall not disclose your personal data in accordance with Articles 8 and 9 of KVKK and take all security measures specified in the relevant legislation;
Our company takes technical measures to prevent data breaches to ensure the security of personal data. In this context, our Company;
Within the scope of Article 11 of KVKK the data subject has the following rights and if he/she wishes, he/she can use his/her rights by reaching the data controller in the methods determined by him/her:
In accordance with KVKK regulations; in cases you have inquiries on your rights, mentioned hereinbelow, by completing the Data Subject Application Form you can send it to the address; “Dudullu OSB Mahallesi DES-2 Cad. Teknopark Building No: 8/29 Ümraniye, İstanbul”along with ID verification documents either by hand or via postage services or by sending an email to [email protected]
If the transaction requires an additional cost, the tariff set by KVKK will be charged.