Tuna EduTech logo
Tuna EduTech

Legal

Privacy & Security Policy

1. Data Controller

This Privacy & Security Policy applies to personal data processed within the scope of the services and website operated by TUNA EDUTECH YAZILIM LİMİTED ŞİRKETİ as the data controller.

2. Categories of Personal Data

The following categories of personal data may be processed:

  • Identity information (name, surname, title, etc.)
  • Contact information (e-mail address, phone number, address, etc.)
  • Billing and payment information (invoice title, tax number, etc.)
  • Transaction security information (IP address, log records, date/time information, etc.)
  • Service usage and request information (support requests, forms, content and analysis requests, etc.)

3. Purposes of Processing

Your personal data may be processed for the following purposes:

  • Providing, improving and developing our services,
  • Managing offers, orders, invoicing and payment processes within the contractual relationship,
  • Managing customer relations, support and information processes,
  • Fulfilling legal obligations and responding to requests from competent authorities,
  • Ensuring the security of information systems and preventing misuse and unauthorized access.

4. Transfers of Personal Data

Your personal data may be shared with legally authorized public institutions and organizations, independent audit firms, legal and financial advisors, business partners and infrastructure/service providers, subject to the transfer conditions set out in applicable data protection law and with appropriate security measures in place.

5. Method and Legal Grounds of Collection

Your personal data are collected electronically through forms completed on our website, e-mail correspondence, online meetings, support requests and contract processes.

Your data are processed on the legal grounds stipulated in the applicable legislation (including situations where processing is explicitly provided for by law, necessary for the conclusion or performance of a contract, mandatory for fulfilling legal obligations, required for the establishment, exercise or protection of a right, or based on your explicit consent where necessary).

6. Data Security Measures

In order to prevent unlawful processing of personal data, unauthorized access and to ensure secure storage, reasonable administrative and technical measures are implemented in line with current technological capabilities and good faith principles. Server security, access control, log records and backup procedures are managed within this framework.

Our company protects research data, draft manuscripts and medical/industrial images shared with us within the scope of academic consulting, statistical analysis or image processing services under a strict confidentiality principle. Such data may not be used for any purpose other than performing the relevant service, may not be shared with third parties and are securely destroyed after the statutory retention periods have expired.

7. Rights of the Data Subject

Depending on the applicable data protection law, you may have the following rights in relation to your personal data:

  • To learn whether your personal data are processed,
  • To request information regarding such processing,
  • To learn the purpose of processing and whether your data are used in line with that purpose,
  • To know the third parties to whom your data are transferred at home or abroad,
  • To request the rectification of incomplete or inaccurate data and, where applicable, the notification of such rectification to third parties,
  • To request deletion or destruction of your personal data under the conditions stipulated by law and, where applicable, notification of such actions to third parties,
  • To object to results arising against you from the analysis of data exclusively through automated systems,
  • To request compensation for damages if you suffer damage due to unlawful processing of your personal data.

8. Application Method

You may submit your requests regarding your rights to the data controller in writing or by using the application methods set out in the applicable legislation (such as secure electronic signature, registered e-mail address (KEP), mobile signature or your e-mail address previously notified to our systems). Your applications will be evaluated and concluded as soon as possible and in any case within the legally prescribed period, depending on their nature.