Last Updated: April 02, 2025
1. INTRODUCTION AND SCOPE
As CORIUS SOFTWARE AND TECHNOLOGY JOINT STOCK COMPANY ("Corius", "Our Company", "We"), we attach great importance to the privacy and security of the personal data of our users who visit our website (https://corius.com.tr), our customers who benefit from our services, our business partners, and all relevant individuals who contact us. This Privacy Policy ("Policy") has been prepared in accordance with the Law on the Protection of Personal Data No. 6698 ("KVKK") in order to inform you about the personal data processed by our Company.
This Policy explains how personal data we collect through our website, mobile applications (if any), services, events, and all other channels is processed, with whom it is shared, your rights as a data subject, and how you can exercise those rights.
2. DATA CONTROLLER
The party acting as the "Data Controller" with respect to your personal data within the scope of KVKK:
- Title: CORIUS SOFTWARE AND TECHNOLOGY JOINT STOCK COMPANY
- MERSIS No: 212100060600001
- Tax ID No: 2121000606
- Address: Kızılırmak Mah. Dumlupınar Bulvarı Next Level No:3 A Kat:4 D.No:10 PK:06520 Çankaya / Ankara - Turkey
- Phone: +90 312 911 63 81
- E-mail: [email protected]
- Website: corius.com.tr
3. PERSONAL DATA PROCESSED AND COLLECTION METHODS
Depending on your interaction with our Company, personal data in the following categories may be processed:
- Identity Information: First name, last name, national ID number (where required), title.
- Contact Information: E-mail address, phone number, company name, address information.
- Customer Transaction Information: Request information, order information, billing information, project details (within service scope).
- Transaction Security Information: IP address, website login/logout information, log records, cookie data.
- Marketing Information: Cookie records, targeting information, habits and preferences, e-mail consent status.
- Location Information: Approximate location information during website access (from IP address).
- Visual and Auditory Records: Recordings made at events or for security purposes (if applicable and if notice has been provided).
- Personnel Information: Information contained in CVs in the event of a job application.
- Other Information: Information in the content of messages sent to us through contact forms or other channels.
Your personal data is collected through automatic or non-automatic methods such as forms on our website (contact, demo request, etc.), cookies, e-mail, telephone, social media, job applications, contracts, and trade fairs/events.
4. PURPOSES AND LEGAL GROUNDS FOR PROCESSING PERSONAL DATA
Your personal data is processed for the following purposes and based on the legal grounds specified in Article 5 of KVKK:
| Processing Purpose | Relevant Personal Data Categories | Legal Ground under KVKK (Article 5) |
|---|---|---|
| Provision of our services, execution of contract processes | Identity, Contact, Customer Transaction | Being necessary to process personal data belonging to the parties of a contract, provided that it is directly related to the establishment or performance of a contract (5/2-c) |
| Evaluation of requests, complaints and suggestions, responding to communications | Identity, Contact, Customer Transaction, Other | Being mandatory for the legitimate interests of the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject (5/2-f); Being mandatory in order for the data controller to fulfil its legal obligation (5/2-ç) |
| Operation of the website, performance analysis, improvement of user experience | Transaction Security, Location, Marketing (Cookies) | Being mandatory for the legitimate interests of the data controller (5/2-f); Explicit Consent (for non-essential cookies) (5/1) |
| Fulfilment of legal obligations (e.g. billing, official reporting) | Identity, Contact, Customer Transaction | Being explicitly provided for by laws (5/2-a); Being mandatory in order for the data controller to fulfil its legal obligation (5/2-ç) |
| Conducting marketing, promotional, and informational activities | Contact, Marketing | Explicit Consent (5/1) |
| Conducting job application processes | Identity, Contact, Personnel | Being directly related to the establishment or performance of a contract (employment contract) (5/2-c); Explicit Consent (for future positions) (5/1) |
| Conducting information security processes | Transaction Security | Being mandatory in order for the data controller to fulfil its legal obligation (5/2-ç); Legitimate Interest (5/2-f) |
5. TRANSFER OF PERSONAL DATA
Your personal data may be transferred to the following recipient groups, domestically or abroad, in line with the purposes stated above and in accordance with Articles 8 and 9 of KVKK:
- Suppliers and Service Providers: Our business partners from whom we receive services such as hosting, cloud computing, e-mail delivery, web analytics, CRM, and payment systems (with necessary confidentiality commitments and agreements).
- Business Partners: Our business partners with whom we collaborate for the provision of our services (e.g., for a specific technology integration) (where necessary and with legal bases).
- Authorized Public Institutions and Organizations: In accordance with legal requests and in order to fulfil our legal obligations (Courts, Ministries, BRSA, etc.).
- Legal and Audit Firms: Where necessary for the follow-up of legal processes or audit activities.
In the event of data transfer abroad, the conditions specified in Article 9 of KVKK are observed (countries declared by the Personal Data Protection Board to have adequate protection, or in cases where adequate protection does not exist, the parties' written commitment to provide adequate protection and obtaining the Board's permission).
6. RIGHTS OF THE DATA SUBJECT
Pursuant to Article 11 of KVKK, you have the following rights with respect to your personal data:
- To learn whether your personal data is being processed,
- To request information about your personal data if it has been processed,
- To learn the purpose of processing your personal data and whether it is being used in accordance with its purpose,
- To know the third parties to whom your personal data is transferred, domestically or abroad,
- To request the correction of your personal data in the event that it is processed incompletely or inaccurately, and to request that the transaction carried out in this scope be notified to the third parties to whom the personal data has been transferred,
- To request the deletion or destruction of your personal data in the event that the reasons requiring its processing cease to exist, even if it has been processed in accordance with KVKK and other relevant legislation, and to request that the transaction carried out in this scope be notified to the third parties to whom the personal data has been transferred,
- To object to the emergence of a result to your detriment by means of the analysis of processed data exclusively through automated systems,
- To request compensation for damages in the event that you suffer damage due to unlawful processing of your personal data.
7. EXERCISING YOUR RIGHTS
To exercise the rights stated above, you may submit your requests together with documents verifying your identity to our Company by one of the following methods:
- With a Secure Electronic Signature or Mobile Signature: By sending an e-mail to [email protected].
- From your e-mail address previously notified to our Company and registered in our system: By sending an e-mail to [email protected].
Your application must clearly state your first name, last name, national ID number (if the applicant is a foreign national: nationality, passport number, or ID number if available), residential or workplace address for notification purposes, electronic mail address for notification purposes (if any), telephone number, and the subject of your request.
Your applications will be concluded free of charge as soon as possible and within thirty (30) days at the latest, depending on the nature of the request. However, if the transaction requires an additional cost, fees as determined in the tariff set by the Personal Data Protection Board may be requested.
8. SECURITY OF PERSONAL DATA
Our Company takes all necessary administrative and technical measures to provide an appropriate level of security in order to prevent the unlawful processing of, access to, and to ensure the safeguarding of your personal data. In this context, reasonable physical, electronic, and administrative procedures are applied to prevent unauthorized access, protect data integrity, and ensure data confidentiality.
9. RETENTION PERIOD OF PERSONAL DATA
Your personal data is retained for as long as required by the purposes for which it is processed and/or for the retention periods stipulated in the relevant legislation. When the purpose of processing ceases to exist or the legal retention period expires, your personal data is deleted, destroyed, or anonymized ex officio or upon your request.
10. COOKIE POLICY
Cookies are used on our website to improve the user experience, to operate the site effectively, and to conduct analyses. You can access detailed information about our cookie policy at https://corius.com.tr/policies/cookies.
11. PRIVACY POLICY UPDATES
This Privacy Policy may be updated periodically in line with changing legal regulations or changes in our Company's data processing activities. Significant changes to the Policy will be announced on our website or notified to you through other appropriate communication channels. We recommend reviewing the Policy regularly.
12. CONTACT
For any questions, comments, or requests regarding the Privacy Policy or the processing of your personal data, you may reach us through the Data Controller contact information provided in Article 2 above or at [email protected].