CoSure Technology Privacy Notice

Cosure Teknoloji A.Ş., a company duly registered in Turkey with the contact address of Maslak Mah. Ahi Evran Cad. 42 Maslak B Blok Sit. No: 6/42 Sarıyer / Istanbul ("Company", "we" or "us”) is, according to General Data Protection Regulation (“GDPR”), responsible for your personal information and we take our data protection and privacy responsibilities seriously.

This privacy notice explains how we collect, use and share personal information in the course of our business activities, including:

What personal information we collect and when and why we use it

How we share personal information within Company and with our service providers, regulators and other third parties

Explaining more about Marketing

Transferring personal information globally

How we protect and store personal information

Legal rights available to help manage your privacy

Updates

Third Party Websites

How you can contact us for more support

WHAT PERSONAL INFORMATION WE COLLECT AND WHEN AND WHY WE USE IT

In this section you can find out more about

  • the types of personal information we collect
  • when we collect personal information
  • how we use personal information
  • the legal basis for using personal information

When we collect information

We collect information about you if you:

  • register with, or use, our website www.cosure.co
  • enquire about, or purchase, our services;
  • work with us as a business partner;
  • apply for a job with us;
  • where we collect information about you from third parties; or
  • are present at the premises, site or location where we undertake a survey; collectively ("you").

Personal information we collect and use if you register, or use, our website

If you contact us via the contact form on our website, we collect:

  • your name;
  • email address; and
  • the nature of your enquiry,

so that we can respond to your enquiry via the email address you provide for such purpose.

Personal information we collect and use if you enquire about, and/or purchase, our services

If you enquire about, and/or purchase, our services, we collect:

  • your name;
  • your job title/role;
  • your contact details (including email address, postal address, telephone/mobile number); and
  • relevant information regarding the location of the survey.

We use the above-mentioned information to contact you for the purposes of understanding your service requirements, undertaking scoping exercises, preparing fee estimates/quotations and providing you with relevant company/service-related information.

Personal information we collect and use if you work with us as a business partner

If you work with us as a business partner, we collect:

  • your name;
  • your contact details (including email address, postal address, telephone/mobile number); and
  • (where you are working as a sole trader or partnership) your bank account details.

We use the above-mentioned information for the purposes of evaluating a potential business relationship with you, and (as applicable) establishing/governing such business relationship in accordance with our partnership agreement.

Personal information we collect and use if you apply for a job with us

If you apply for a job with us, we collect:

  • your name;
  • your contact details (including email address, telephone/mobile number);
  • a copy of your CV;
  • copies of any relevant professional qualifications /certifications;
  • references from your previous employers;
  • (where you apply for a job as a Network Risk Engineer) your nationality (as applicable).

We use the above-mentioned information for the purpose of contacting you about your job application, assessing your suitability for the job, for interview purposes and (where successful) the job offer.

Personal information we collect and use from third parties

We collect personal information from third parties who you have authorised to provide your personal information to us. For example, (as set out above) if you apply for a job with us - we ask for references from your previous employer, or if you work for an organisation with whom we have a business relationship (whether as a customer, supplier or business partner) we collect your name, job title, contact details (including email address, telephone/mobile number) and (where applicable) professional qualifications/relevant certifications.

We combine this information with the information we collect directly from you or about you for the purposes set out in this Privacy Notice.

Personal information we collect and use if you are present at the premises, site or location where we undertake services

In order to provide services to our customers, our engineers visit the premises/sites/locations and record live stream real time video.

When we undertake onsite services, we make it clear that live stream real time video is being taken by the use of clear signage and (where appropriate) the dissemination of advance information regards our activities.

If you are present at such a premise/site/location and you are captured by our video, we collect your image and (if you are speaking while the recording takes place) your voice.

Legal basis for using your personal information

We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This is because:

  • we need to use your personal information to perform a contract or take steps to enter into a contract with you; and/or
  • we need to use your personal information for our legitimate interest as a commercial organisation. For example, we record calls to our service centre so that we can review how we handle calls and make any necessary improvements to our services, we share your personal information with our other Group companies to carry out and optimise our services, we may use your personal information to handle any legal claim or regulatory enforcement and any customer queries, complaints and disputes. In all such cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the Legal Rights section below; and
  • we need to use your personal information to comply with a relevant legal or regulatory obligation that we have.

If you would like to find out more about the legal basis for which we process personal information, please contact us.

SHARING PERSONAL INFORMATION WITH OTHERS

In this section you can find out more about how we share personal information:

  • within our group
  • with third parties that help us provide our services; and
  • government organisations and agencies, law enforcement and regulators

We share your personal information in the manner and for the purposes described below:

  • with other companies within our group where such disclosure is necessary to provide you with our services or to manage our business. Click here for a list of the other companies within our group;
  • with third parties who help manage our business and deliver services. These third parties have agreed to confidentiality restrictions and use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us. These include IT service providers who help manage our IT and back office systems;
  • with government organisations and agencies, law enforcement, regulators to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies; and
  • banks and payment providers to authorize and complete payments.

If, in the future, we sell or transfer some or all of our business or assets to a third party, we may disclose information to a potential or actual third-party purchaser of our business or assets.

EXPLAINING MORE ABOUT MARKETING

In this section you can find out more about:

  • how we use personal information to keep you up to date with our services
  • how you can manage your marketing preferences

How we use personal information to keep you up to date with our services

We may use personal information to let you know about our services that we believe will be of interest to you. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.

How you can manage your marketing preferences

To protect privacy rights and to ensure you have control over how we manage marketing with you:

  • we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you; and
  • you can ask us to stop direct marketing at any time - you can ask us to stop sending email marketing, by following the "unsubscribe" link you will find on all the email marketing messages we send you. Alternatively, you can Contact Us. Please specify whether you would like us to stop all forms of marketing or just a particular type (e.g. email).
TRANSFERRING PERSONAL INFORMATION GLOBALLY

In this section you can find out more about:

  • how we operate as a global business and transfer data internationally; and
  • the arrangements we have in place to protect your personal information if we transfer it overseas.

We operate on a global basis. This means that your personal information may be transferred and stored in countries outside of Turkey ,globally, , that are subject to different standards of data protection.

We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights.

To this end:

  • we ensure that any transfer of personal information within our group of companies receives an adequate and consistent level of protection wherever it is transferred within our group of companies;
  • where we transfer your personal information outside our group of companies or to third parties who help provide our services, we obtain contractual commitments from them to protect your personal information; or
  • where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.

You have a right to Contact Us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

HOW WE PROTECT AND STORE YOUR INFORMATION

Security

We have implemented and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or unauthorised disclosure or access to such information appropriate to the nature of the information concerned.

Measures we take include:

  • placing confidentiality requirements on our staff members and service providers;
  • destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected;
  • following strict security procedures in the storage and disclosure of personal information to prevent unauthorised access to it;
  • using secure communication transmission software (known as "secure sockets layer" or "SSL") that encrypts all information you input on our website before it is sent to us. SSL is an industry standard encryption protocol to ensure that the information is reasonably protected against unauthorized interception.

As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect User IDs and passwords, please take appropriate measures to protect this information.

Storing your personal information

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this privacy notice. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

LEGAL RIGHTS AVAILABLE TO HELP MANAGE YOUR PRIVACY

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information. Click on the links below to learn more about each right you may have:

To access personal information

  • To rectify / erase personal information
  • To restrict the processing of your personal information
  • To transfer your personal information
  • To object to the processing of personal information
  • To object to how we use your personal information for direct marketing purposes
  • To obtain a copy of personal information safeguards used for transfers outside your jurisdiction
  • To lodge a complaint with your local supervisory authority

If you wish to access any of the above mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us at Contact Us. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Right to access personal information

You have a right to request that we provide you with a copy of your personal information that we hold and you have the right to be informed of; (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal information may be transferred.

Right to rectify or erase personal information

You have a right to request that we rectify inaccurate personal information. We may seek to verify the accuracy of the personal information before rectifying it.

You can also request that we erase your personal information in limited circumstances where:

  • it is no longer needed for the purposes for which it was collected; or
  • you have withdrawn your consent (where the data processing was based on consent); or
  • following a successful right to object (see right to object); or
  • it has been processed unlawfully; or
  • to comply with a legal obligation to which the Company is subject.

We are not required to comply with your request to erase personal information if the processing of your personal information is necessary:

  • for compliance with a legal obligation; or
  • for the establishment, exercise or defence of legal claims.

Right to restrict the processing of your personal information

You can ask us to restrict your personal information, but only where:

  • its accuracy is contested, to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.

We can continue to use your personal information following a request for restriction, where:

  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.

Right to transfer your personal information

You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:

  • the processing is based on your consent or on the performance of a contract with you; and
  • the processing is carried out by automated means.

Right to object to the processing of your personal information

You can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.

If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to object to how we use your personal information for direct marketing purposes

You can request that we change the manner in which we contact you for marketing purposes.

You can request that we not transfer your personal information to unaffiliated third parties for the purposes of direct marketing or any other purposes.

Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction

You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.

We may redact data transfer agreements to protect commercial terms.

Right to lodge a complaint with your local supervisory authority

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

Updates

We may amend this privacy notice from time to time to keep it up to date with legal requirements and the way we operate our business, and will place any updates on this webpage. Please regularly check these pages for the latest version of this notice. If we make fundamental changes to this privacy notice, we will seek to inform you by notice on our website or email.

Third Party Websites

You might find external links to third party websites on our website. This privacy notice does not apply to your use of a third party site.

CONTACT US

The primary point of contact for all issues arising from this privacy notice is our Data Protection Officer, Kerim Dedeoglu, can be contacted at: kerim@cosure.co, or at the postal Address: Maslak Mah. Ahi Evran Cad. 42 Maslak B Blok Sit. No: 6/42 Sarıyer / Istanbul

If you have any questions, concerns or complaints regarding our compliance with this privacy notice, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact our Data Protection Officer via email or mail. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.

To contact your data protection supervisory authority

You have a right to lodge a complaint with your local data protection supervisory authority (i.e. your place of habitual residence, place or work or place of alleged infringement at any time. We ask that you please attempt to resolve any issues with us before your local supervisory authority.