(For Individual Customers and Real Person Representatives of Corporate Customers)
Brotek Teknoloji A.Ş., a company duly incorporated and existing under the laws of the Republic of Türkiye, with its registered office at Esentepe Mah. Büyükdere Cad. No:175/7 Kat:B4 34360 Şişli/İSTANBUL, together with its affiliates and subsidiaries (collectively referred to as “COENSIO”, the “Company” or “we”), processes your personal data in its capacity as a data controller in accordance with the Personal Data Protection Law No. 6698 (“KVKK”).
This information notice (“Information Notice”) explains how such data that identifies you or may be associated with you (“Personal Data”) is collected, used, shared, and protected within the scope of the services offered on our website coens.io (“Platform”).
Within the scope of your capacity as an employer customer, the personal data that may be processed are as follows:
• Identity data: Your name, surname, title, date and place of birth, gender, marital status, nationality, Turkish ID number, etc.
• Contact and location data: Your email address, address, workplace phone number, mobile phone number, registered electronic mail (KEP) address, address number, etc.
• Personnel data: If you are a representative of a corporate customer, your department, division, duty, position, and title information.
• Special categories of personal data: If you choose to share; your race, ethnic origin, political opinions, philosophical beliefs, religion, sect or other beliefs, clothing and attire, membership of associations, foundations or trade unions, biometric data, health data (such as disability information, blood type, personal health data, information regarding medical devices or prostheses used, etc.), location data, etc.
• Customer transaction data: Your service purchase information, contract information, billing and payment records, call center records, invoice, promissory note and cheque information, counter receipts, order and request information, etc.
• Financial data: Your bank account information, tax number, receivables and payables balance, invoice, cheque, and promissory note information.
• Transaction security data: Your IP address, platform access records, user logs, password and credential information, etc.
• Legal transaction data: Information contained in correspondence with judicial authorities, information included in case files, etc.
• Marketing data: Purchase history, survey data, cookie records, data obtained through campaign activities, etc.
Your personal data are collected:
• Through information provided by you and/or your representatives/employees acting on behalf of your company in physical and/or electronic environments, and through data entries made via COENSIO platforms,
• Through the use of the platform within the scope of the establishment and performance of the service agreement between your company and COENSIO,
• Through voice recordings obtained during telephone calls within the scope of our legitimate interest in providing effective customer support services,
• Through cookies used on our website, as explained in detail in our Cookie Policy, within the scope of our legitimate interest in improving our platform and enhancing user experience.
Your collected personal data are processed for the following purposes:
• Establishment and performance of the contractual relationship between you and COENSIO,
• Execution and management of the tests you request,
• Presentation of candidate analysis reports to you,
• Ensuring the security of the platform,
• Conducting quality control, communicating with customers, understanding customer needs, increasing customer satisfaction and service quality,
• Ensuring the management of bulk electronic communications,
• Conducting market analysis, sales and marketing analyses, managerial analyses, and financial planning,
• Interpreting site usage, monitoring whether the platform and other technological services are used properly, and optimizing their functionality,
• Ensuring the proper functioning of the employer customer database,
• Maintaining research and development activities,
• Enabling you to access your information quickly and effectively after logging into the platform and ensuring that such information is remembered so that it does not need to be re-entered during your visit or subsequent visits,
• Using anonymized and aggregated test scores and aggregated demographic data in order to provide benchmarking data and improve our services,
• Fulfilling legal obligations arising from legislation,
• Exercising our rights of proof and defense in potential legal disputes,
• Protecting our legitimate interests within the scope of improving and enhancing the platform through cookies, as explained in detail in our Cookie Policy.
Your personal data are transferred in accordance with the personal data processing conditions and purposes set out in Articles 5 and 6 of the KVKK.
Your collected personal data may be shared with domestic and/or international technical service providers for the purpose of providing data storage and hosting services. In this context, personal data may be transferred to information technology infrastructure service providers, cloud computing, and data hosting service providers. In the event that your personal data are transferred abroad, such transfers shall be made to countries providing adequate protection in accordance with Article 9 of the KVKK, or, in the absence of adequate protection, appropriate safeguards stipulated by the Board shall be ensured.
Within the scope of fulfilling our legal obligations arising from legislation, your personal data may be shared with authorized public institutions and organizations upon request.
In the event of any dispute, all your personal data, including special categories of personal data, may be transferred to our lawyers or legal advisors in order to exercise our right of defense.
Your personal data are retained for the periods stipulated in the applicable legislation and for the duration of the contractual relationship between you and COENSIO; upon the expiry of the retention period, they are deleted, destroyed, or anonymized.
o Your identity, contact, personnel, legal transaction, customer transaction, transaction security, risk management, financial, professional experience, and marketing data are retained for 10 years for the purposes of fulfilling legal obligations, resolving potential legal disputes, and protecting the legitimate interests of the Company.
o Your location data are retained for the duration of the contractual relationship with the relevant data subject group and are deleted, destroyed, or anonymized upon termination of such relationship.
o Data relating to physical security of premises, such as camera recordings and visitor entry-exit records, are retained for 1 year and securely destroyed at the end of this period.
o Visual and audio recordings are retained for a maximum of 3 years and are deleted or anonymized at the end of this period.
o Among special categories of personal data, your health data are retained for 10 years for the purpose of fulfilling legal obligations and conducting occupational health and safety processes. Personal data relating to criminal convictions and security measures are retained for the periods stipulated in the applicable legislation and securely destroyed thereafter.
Your personal data are processed in accordance with Articles 5 and 6 of the KVKK based on the following legal grounds:
• Explicit consent (Explicit Consent Form regarding the protection of personal data obtained from you during membership),
• Performance of the contract (performance of the service agreement concluded with you),
• Legitimate interests of the Company (such as the management of business processes, service development, and understanding user needs).
Pursuant to Article 11 of the Personal Data Protection Law No. 6698, you may exercise the following rights by applying to us:
• To learn whether your personal data are processed and to request information if they have been processed,
• To learn the purpose of processing your personal data and whether they are used in accordance with such purpose,
• To learn the third parties to whom your personal data are transferred domestically or abroad,
• To request correction of incomplete or inaccurate personal data and to request notification of such correction to third parties to whom the data have been transferred,
• To request deletion, destruction, or anonymization of your personal data within the framework of Article 7 of the KVKK and to request notification of such action to third parties to whom the data have been transferred,
• To object to the occurrence of a result against you by analyzing the processed data exclusively through automated systems,
• To request compensation for damages in case you suffer damage due to unlawful processing of your personal data.
As a Data Subject, your Personal Data is also protected under the GDPR. In cases where the GDPR is applicable (e.g., for European Union citizens or individuals residing in the European Union), Data Subjects may exercise the following rights:
• To obtain confirmation as to whether or not Personal Data concerning them is being processed, and, where that is the case, access to such data (Right of Access, Article 15),
• To request the rectification of inaccurate or incomplete Personal Data (Right to Rectification, Article 16),
• To request the erasure of Personal Data where the conditions set out under Article 17 of the GDPR are met (Right to Erasure, Article 17),
• To request the restriction of processing, for example where the accuracy of the data is contested or the processing is unlawful (Right to Restriction of Processing, Article 18),
• To object to the processing of Personal Data (Right to Object, Article 21),
• Where technically feasible, to request the transfer of Personal Data held by COENSIO to another data controller (Right to Data Portability, Article 20).
You may submit your requests regarding the processing of your Personal Data through the Application Form to the Data Controller in writing, via registered electronic mail (KEP), secure electronic signature, mobile signature, or through your email address registered in the COENSIO system.
In order to verify that the request has been made by you and to ensure the secure protection of your rights, we may carry out additional verification procedures where necessary (e.g., sending a message to your registered phone number or contacting you directly).
For further information, opinions, and suggestions regarding the agreement, please contact us via contact@coens.io mail address.
Data Controller:
Brotek Teknoloji A.Ş. (COENSIO)
Address: Esentepe Mah. Büyükdere Cad. No:175/7 Kat:B4 34360 Şişli/İSTANBUL
E-mail: contact@coens.io
KEP Address: brotekteknoloji@hs01.kep.tr
Website: https://coens.io
