Skip links

PRIVACY POLICY

Due to ongoing technical innovations and changes in the relevant legal framework, it is necessary for us to make changes and/or corrections to the following Privacy Policy from time to time. Therefore, we kindly ask you to review this Privacy Policy before each visit to this website and take into account the changes and/or corrections.

  1. Entrance

We, as  Softcand Yazılım Hizmetleri A.Ş. (“ Supsis ”), attach great importance to the privacy of our Visitors and Users, regardless of the country from which they access  the website https://supsis.com/ (“ Website ”) and the Supsis Application (together, the “ Supsis Platform ”).

  1. Purpose of Policy

This Privacy Policy (“ Policy ”) has been prepared with a confidentiality-based approach in order to provide detailed information about the identity of Supsis, the data controller, its data processing activities, purposes and legal reasons, and the rights of Visitors and Users (together, the “ Data Owner ”) with respect to Supsis.

  1. Scope of the Policy
  • In terms of legislation Although Supsis is a company headquartered in Turkey, it sometimes becomes difficult to determine which data protection legislation will be applied to its business and activities due to the fact that it has Visitors and Users from many different countries. Therefore, Supsis declares that it will make the necessary efforts to comply with different privacy and data protection legislation. In this regard, Supsis makes great efforts to comply with the General Data Protection Regulation (“ GDPR ”), Personal Data Protection Act No. 6698 (“ KVKK ”), California Consumer Privacy Act (“ CCPA ”) and other applicable data protection legislation.



  • This Policy includes provisions for different Data Owners who access the Supsis Platform for various purposes, such as registering, logging in and upgrading their subscriptions. Although Data Owners are considered as Visitors or Users for the purposes of accessing the Supsis Platform, information and provisions for all Data Owners will be included in this Policy.



  • In terms of Data , the scope of this Policy includes data that enables the relevant person to be identified directly or indirectly by other persons (“ Personal Data ”). Accordingly, confidential information that cannot be considered personal data is excluded from the scope of this Policy.

  1. Identity of Data Controller

Within the scope of all data processing activities carried out during access to the Supsis Platform, Çınardere Mahallesi, Akseki Sokak, No:15/1 34896 Pendik / İstanbul Softcand Yazılım Hizmetleri Anonim Şirketi (“ Data Controller ”) is the data controller.

  1. Data Processing Processes

Supsis carries out data processing activities through the situations specified below, but not limited to these.

  • Accessing the Supsis Platform,
  • Creating an account via the Supsis Platform,
  • Using the Supsis Platform,
  • Sending feedback to the Supsis Platform,
  • Purchasing and using subscription services on the Supsis Platform,
  • Contacting Supsis regarding different requests and questions.
  1. Personal Data Processing Principles

The principles set out below are taken into account in Supsis’s Personal Data Processing activities:

Personal Data Processing activities;

  • in a legal, fair and transparent manner,
  • kept accurate and up to date when necessary,
  • for specific, clear and legitimate purposes,
  • related, limited and proportionate to the purpose for which they are processed,
  • Ensuring the security of Personal Data and ensuring that the Data Owner’s identity is not determined for more than the necessary period within the scope of data processing reasons.

is being carried out.

  1. Processed Personal Data

Personal Data Collected by Us

 

Name-Surname

Cookies

Company Email Address

User Feedback

Phone Number

IP Address

Feedbacks

Device & Browser Type

Message Content

Usage Information

Company or App Name

 

Language Preference

 

Login Information

 
  1. Purposes and Legal Reasons for Processing Personal Data

Personal Data collected by us or provided to us is processed only for a reasonable purpose and if there are legal grounds for processing. The purposes and legal grounds for data processing are listed in this Policy in a limited manner, and in the event of a possible change, the relevant Policy provisions will be updated.

  • Name and Surname

Purposes of Processing

Legal Reasons

Account creation

Establishment of the contract

  • Company Email Address

Purposes of Processing

Legal Reasons

Account creation

Establishment of the contract

To be able to inform you about your upgraded subscription

Performance of the contract

Notifications regarding changes within the Supsis Platform can be made.

Performance of the contract

Providing guidance on password renewal processes

Performance of the contract

  • Phone Number

Purposes of Processing

Legal Reasons

Matching the phone number with the membership account

Legitimate interest

Notifications regarding changes within the Supsis Platform can be made.

Performance of the contract

  • Company or App Name

Purposes of Processing

Legal Reasons

Matching the membership account with the relevant data

Legitimate interest

  • Message Content

Purposes of Processing

Legal Reasons

To resolve requests and questions directed by the Relevant Person

Legitimate interest

  • Feedback Information

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  • Language Preference

Purposes of Processing

Legal Reasons

Allowing the User to use the Supsis Platform in the language of their choice

Performance of the contract

  • User Feedback

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  • Usage Information

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  • Cookies

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  • IP Address

Purposes of Processing

Legal Reasons

Ability to fulfill legal obligations

Fulfillment of a legal obligation

  • Login Information

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  • Device & Browser Type

Purposes of Processing

Legal Reasons

Supsis Platform can be improved

Legitimate interest

  1. Data Owners’ Rights

In order to ensure that their Personal Data can be processed in accordance with legal bases, Data Owners are granted certain rights. The Supsis Platform  has been designed in accordance with the principles of Privacy by Design  and  Data Protection by Design  . Accordingly, together with the rights specified below, Data Owners have the right to opt-out, which allows their membership accounts within the Supsis Platform to be deleted.

  1. The Data Owner has the right to obtain information regarding his/her Personal Data processed by Supsis  ,
  2. The Data Owner’s right to access his/her Personal Data processed by Supsis  ,
  3. The Data Owner has the right to have his/her Personal Data processed by Supsis corrected for being incomplete or inaccurate  ,
  4. The right to restrict the processing of the Data Owner’s Personal Data  ,
  5. The right to have the processed Personal Data erased upon the Data Owner’s request  ,
  6. The Data Owner’s right to request his/her Personal Data in a machine-readable format and/or the right to data portability, which allows the transfer of his/her Personal Data from Supsis to another data controller  , 
  7. The right to object to the Data Controller’s decision to stop the processing of Personal Data processed by Supsis  ,
  8. If the Data Owner’s Personal Data is used in analyses performed by automated systems,  the right to have the data processing activity carried out by automated systems stopped upon request.
  1. Personal Data Transfer

Transfers of Personal Data by Supsis to third parties are made only with the explicit consent of the Data Owner, except in cases where the transfer is based on the legal grounds specified below.

  1. Competent Authorities and Legal Obligation:  Supsis may disclose the Personal Data it stores in cases where it is legally required to do so, including, but not limited to, legal claims, legal investigations, legal demands and legal proceedings.
  2. Mobile Application Server and Infrastructure Service Providers:  Name-Surname, Company Email Address, Phone Number, Company Name or Application Name and data regarding the answers given to the questions may be transferred to the companies from which server and infrastructure services are received.
  3. Third Party Marketing Services:  Usage Information, User Feedback and Cookie data may be transferred to Facebook and Google to enable the core features of the Supsis Platform to be provided free of charge and to conduct marketing/remarketing activities.
  • Facebook Pixel and Software Development Kits (‘SDK’),
  • Firebase and Google Analytics Software Development Kits (‘SDK’),
  • Google Ads for website advertising activities,
  • For website performance analysis, Google Analytics and Hotjar,

The transfer activity in question is restricted only within the scope of using the Facebook Pixel, Facebook Software Development Kits (‘SDK’), Google Software Development Kits (‘SDK’), Google Ads, Google Analytics and Hotjar services. Users who wish to restrict data processing activities for targeting/advertising purposes must activate the ” Limit Ad Tracking ” feature on the device they are using. Users may also   visit www.facebook.com/ads/settings  and  www.adssettings.google.com to submit their opt-out requests to the relevant service providers.

Supsis’s use of information received from Google APIs and its transfer to any other application will be in accordance with the Google API Services User Data Policy, including the Limited Use requirements  .

  1. Storage Period

In line with the Data Minimization Principle, Supsis stores Personal Data only for as long as necessary. Storage periods are determined by the nature of the relevant Personal Data, possible risks of Personal Data breaches, processing purposes or whether any of these reasons exist.

  1. Personal Data Security Methods

In order to prevent any Personal Data breach that may occur in the form of accidental or unauthorized destruction, loss, theft or unauthorized use, alteration or disclosure of personal data, the necessary security, protection and encryption activities are carried out and appropriate technical and administrative measures are taken.

In this direction, Supsis;

  1. We sign confidentiality agreements with parties that have limited or unrestricted access to Personal Data;
  2. The organization organizes data protection awareness training;
  3. It carries out the necessary authority matrix processes in line with the job descriptions of the employees;
  4. Personal Data transfer activities are carried out in a way that is ‘specific to the relevant service and person’;
  5. It ensures that Personal Data is stored on secure and encrypted cloud servers.
  1. Supsis Contact Information

Data Owners may forward any questions, feedback or comments they  may have to Supsis via info@supsis.com  and the Supsis website.

Last update date:  20.01.2024