PRIVACY POLICY
Due to ongoing technical innovations and changes in the relevant legal framework, it is necessary for us to make changes and/or corrections to the following Privacy Policy from time to time. Therefore, we kindly ask you to review this Privacy Policy before each visit to this website and take into account the changes and/or corrections.
- Entrance
We, as Softcand Yazılım Hizmetleri A.Ş. (“ Supsis ”), attach great importance to the privacy of our Visitors and Users, regardless of the country from which they access the website https://supsis.com/ (“ Website ”) and the Supsis Application (together, the “ Supsis Platform ”).
- Purpose of Policy
This Privacy Policy (“ Policy ”) has been prepared with a confidentiality-based approach in order to provide detailed information about the identity of Supsis, the data controller, its data processing activities, purposes and legal reasons, and the rights of Visitors and Users (together, the “ Data Owner ”) with respect to Supsis.
- Scope of the Policy
- In terms of legislation Although Supsis is a company headquartered in Turkey, it sometimes becomes difficult to determine which data protection legislation will be applied to its business and activities due to the fact that it has Visitors and Users from many different countries. Therefore, Supsis declares that it will make the necessary efforts to comply with different privacy and data protection legislation. In this regard, Supsis makes great efforts to comply with the General Data Protection Regulation (“ GDPR ”), Personal Data Protection Act No. 6698 (“ KVKK ”), California Consumer Privacy Act (“ CCPA ”) and other applicable data protection legislation.
- This Policy includes provisions for different Data Owners who access the Supsis Platform for various purposes, such as registering, logging in and upgrading their subscriptions. Although Data Owners are considered as Visitors or Users for the purposes of accessing the Supsis Platform, information and provisions for all Data Owners will be included in this Policy.
- In terms of Data , the scope of this Policy includes data that enables the relevant person to be identified directly or indirectly by other persons (“ Personal Data ”). Accordingly, confidential information that cannot be considered personal data is excluded from the scope of this Policy.
- Identity of Data Controller
Within the scope of all data processing activities carried out during access to the Supsis Platform, Çınardere Mahallesi, Akseki Sokak, No:15/1 34896 Pendik / İstanbul Softcand Yazılım Hizmetleri Anonim Şirketi (“ Data Controller ”) is the data controller.
- Data Processing Processes
Supsis carries out data processing activities through the situations specified below, but not limited to these.
- Accessing the Supsis Platform,
- Creating an account via the Supsis Platform,
- Using the Supsis Platform,
- Sending feedback to the Supsis Platform,
- Purchasing and using subscription services on the Supsis Platform,
- Contacting Supsis regarding different requests and questions.
- Personal Data Processing Principles
The principles set out below are taken into account in Supsis’s Personal Data Processing activities:
Personal Data Processing activities;
- in a legal, fair and transparent manner,
- kept accurate and up to date when necessary,
- for specific, clear and legitimate purposes,
- related, limited and proportionate to the purpose for which they are processed,
- Ensuring the security of Personal Data and ensuring that the Data Owner’s identity is not determined for more than the necessary period within the scope of data processing reasons.
is being carried out.
- Processed Personal Data
Personal Data Collected by Us | |
Name-Surname | Cookies |
Company Email Address | User Feedback |
Phone Number | IP Address |
Feedbacks | Device & Browser Type |
Message Content | Usage Information |
Company or App Name | |
Language Preference | |
Login Information |
- Purposes and Legal Reasons for Processing Personal Data
Personal Data collected by us or provided to us is processed only for a reasonable purpose and if there are legal grounds for processing. The purposes and legal grounds for data processing are listed in this Policy in a limited manner, and in the event of a possible change, the relevant Policy provisions will be updated.
- Name and Surname
Purposes of Processing | Legal Reasons |
Account creation | Establishment of the contract |
- Company Email Address
Purposes of Processing | Legal Reasons |
Account creation | Establishment of the contract |
To be able to inform you about your upgraded subscription | Performance of the contract |
Notifications regarding changes within the Supsis Platform can be made. | Performance of the contract |
Providing guidance on password renewal processes | Performance of the contract |
- Phone Number
Purposes of Processing | Legal Reasons |
Matching the phone number with the membership account | Legitimate interest |
Notifications regarding changes within the Supsis Platform can be made. | Performance of the contract |
- Company or App Name
Purposes of Processing | Legal Reasons |
Matching the membership account with the relevant data | Legitimate interest |
- Message Content
Purposes of Processing | Legal Reasons |
To resolve requests and questions directed by the Relevant Person | Legitimate interest |
- Feedback Information
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- Language Preference
Purposes of Processing | Legal Reasons |
Allowing the User to use the Supsis Platform in the language of their choice | Performance of the contract |
- User Feedback
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- Usage Information
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- Cookies
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- IP Address
Purposes of Processing | Legal Reasons |
Ability to fulfill legal obligations | Fulfillment of a legal obligation |
- Login Information
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- Device & Browser Type
Purposes of Processing | Legal Reasons |
Supsis Platform can be improved | Legitimate interest |
- Data Owners’ Rights
In order to ensure that their Personal Data can be processed in accordance with legal bases, Data Owners are granted certain rights. The Supsis Platform has been designed in accordance with the principles of Privacy by Design and Data Protection by Design . Accordingly, together with the rights specified below, Data Owners have the right to opt-out, which allows their membership accounts within the Supsis Platform to be deleted.
- The Data Owner has the right to obtain information regarding his/her Personal Data processed by Supsis ,
- The Data Owner’s right to access his/her Personal Data processed by Supsis ,
- The Data Owner has the right to have his/her Personal Data processed by Supsis corrected for being incomplete or inaccurate ,
- The right to restrict the processing of the Data Owner’s Personal Data ,
- The right to have the processed Personal Data erased upon the Data Owner’s request ,
- The Data Owner’s right to request his/her Personal Data in a machine-readable format and/or the right to data portability, which allows the transfer of his/her Personal Data from Supsis to another data controller ,
- The right to object to the Data Controller’s decision to stop the processing of Personal Data processed by Supsis ,
- If the Data Owner’s Personal Data is used in analyses performed by automated systems, the right to have the data processing activity carried out by automated systems stopped upon request.
- Personal Data Transfer
Transfers of Personal Data by Supsis to third parties are made only with the explicit consent of the Data Owner, except in cases where the transfer is based on the legal grounds specified below.
- Competent Authorities and Legal Obligation: Supsis may disclose the Personal Data it stores in cases where it is legally required to do so, including, but not limited to, legal claims, legal investigations, legal demands and legal proceedings.
- Mobile Application Server and Infrastructure Service Providers: Name-Surname, Company Email Address, Phone Number, Company Name or Application Name and data regarding the answers given to the questions may be transferred to the companies from which server and infrastructure services are received.
- Third Party Marketing Services: Usage Information, User Feedback and Cookie data may be transferred to Facebook and Google to enable the core features of the Supsis Platform to be provided free of charge and to conduct marketing/remarketing activities.
- Facebook Pixel and Software Development Kits (‘SDK’),
- Firebase and Google Analytics Software Development Kits (‘SDK’),
- Google Ads for website advertising activities,
- For website performance analysis, Google Analytics and Hotjar,
The transfer activity in question is restricted only within the scope of using the Facebook Pixel, Facebook Software Development Kits (‘SDK’), Google Software Development Kits (‘SDK’), Google Ads, Google Analytics and Hotjar services. Users who wish to restrict data processing activities for targeting/advertising purposes must activate the ” Limit Ad Tracking ” feature on the device they are using. Users may also visit www.facebook.com/ads/settings and www.adssettings.google.com to submit their opt-out requests to the relevant service providers.
Supsis’s use of information received from Google APIs and its transfer to any other application will be in accordance with the Google API Services User Data Policy, including the Limited Use requirements .
- Storage Period
In line with the Data Minimization Principle, Supsis stores Personal Data only for as long as necessary. Storage periods are determined by the nature of the relevant Personal Data, possible risks of Personal Data breaches, processing purposes or whether any of these reasons exist.
- Personal Data Security Methods
In order to prevent any Personal Data breach that may occur in the form of accidental or unauthorized destruction, loss, theft or unauthorized use, alteration or disclosure of personal data, the necessary security, protection and encryption activities are carried out and appropriate technical and administrative measures are taken.
In this direction, Supsis;
- We sign confidentiality agreements with parties that have limited or unrestricted access to Personal Data;
- The organization organizes data protection awareness training;
- It carries out the necessary authority matrix processes in line with the job descriptions of the employees;
- Personal Data transfer activities are carried out in a way that is ‘specific to the relevant service and person’;
- It ensures that Personal Data is stored on secure and encrypted cloud servers.
- Supsis Contact Information
Data Owners may forward any questions, feedback or comments they may have to Supsis via info@supsis.com and the Supsis website.
Last update date: 20.01.2024