Privacy Policy

A. INTRODUCTION

Each year we, as CLOUDTALK ("Cloudtalk", "We", "Us" or "Host"), bring together the companies ("companies") and attendees ("attendees") from dozens of countries who operate in the cloud sector, at CLOUDTALK GLOBAL ("event"), the largest sectoral networking event in Eurasia.

As CLOUDTALK, we attach great importance to the protection of personal data of all natural persons and data subjects ("You") that we have contacted in any way while carrying out our activities. Since our event is international we are devoted to complying with the Personal Data Protection Law No. 6698 ("KVK") of Turkey, as well as the General Data Protection Regulation ("GDPR") of the EU.

We organize our physical and digital events and provide our services via our website ("website*) at www.cloudtalkglobal.com which is subject to this privacy policy ("Privacy Policy"). We process your ordinary and special categories of personal data via our website.

This policy does not apply to third-party websites of companies and sponsors which are presented on our website as links. We cannot guarantee the reliable and secure processing of your personal data by third-party organizations. We highly encourage you to review the privacy statements of these websites before using them.

As CLOUDTALK, we take all necessary administrative and technical measures within our company for the protection and security of personal data.

This Privacy Policy has been prepared to inform you about the processes and principles of collection, use, transfer, and protection of personal data by CLOUDTALK. We process the personal data of our attendees, presenters, representatives of attending companies and event sponsors, and other natural persons who are in contact with CLOUDTALK.

Best Regards

CLOUDTALK

B. SCOPE

CLOUDTALK aims to process the personal data of natural persons in accordance with KVK and GDPR and relevant legislative provisions in Turkey and the EU.

We state that personal data that you have submitted to our Company and/or obtained by our Company are recorded, stored, protected, reorganized, and transferred at home or abroad under the conditions stipulated by KVK, GDPR, and related legislation. We may share personal data with public organizations if required by law. It is your obligation to provide accurate and up-to-date data. We keep your submitted personal data as accurate and up-to-date as possible as a "Data Controller".

We encourage you to read this privacy policy in order to understand how and under which conditions we process your personal data as well as our Cookie Policy (www ………) which defines the rules for data processing via the cookies on our sites.

This Policy concerns all your personal data, that are processed either by automated means or non-automated means as a part of our data filing system. The data obtained from you in accordance with your consent or other lawfulness cases listed in the Law will be used for the purpose of providing you the best experience that you should get from our events, increasing the quality of the services we provide.

C. WHICH PRINCIPLES DO WE FOLLOW?

CLOUDTALK processes personal data in accordance with the procedures and principles stipulated in KVK, GDPR, and other relevant legislation (Article 4 of the KVK, Article 5 of the GDPR) :

  1. Fairness and lawfulness: CLOUDTALK questions the source of the data it collects or comes from other companies and places importance on obtaining them within the framework of lawfulness and good faith.
  2. Accuracy and up-to-dateness: CLOUDTALK pays attention to the fact that all the data we process is accurate and does not contain false information under available conditions. Personal data is updated when necessary and when it is possible. We consider your statement of your personal data to be true. We are not obliged to investigate the accuracy of the data declared by our data subjects.
  3. Purpose limitation: CLOUDTALK processes data only for purposes that it offers and receives consent from people during service. It does not process, use and make use of data other than for business purposes.
  4. Data minimization: We do not collect data that we do not require. Information that is not required for the purpose is either not recorded in the system or will be deleted or anonymized. These data can be used for statistical purposes. The data collected are sufficient, appropriate, and limited to what is required for the purposes for which they are processed.
  5. Storage Limitation: We preserve personal data within the scope of retention periods stipulated in KVK and GDPR, and the requirements of commercial and tax law. However, when these aims disappear, we review whether the purpose of processing data remains. As a result of this review, we may continue the processing of the data within regulatory limits, or we may delete, anonymize or destroy it according to KVK and GDPR. Personal data may be stored for longer periods, subject to the application of appropriate technical and regulatory measures required in accordance with the KVK and GDPR, as long as the data is processed for statistical purposes and to guarantee the rights and freedoms of the data subject.
  6. Confidentiality: We respect the confidentiality of personal data. No one may use, copy, duplicate, transfer to others, or use for other than business purposes this data without agreement or law compliance and for purposes other than those set by CLOUDTALK. Only authorized people can access personal data within the company. All necessary technical and administrative measures are taken to protect the personal data collected and to prevent unauthorized access and the data subject to suffer. In this context, we comply with software standards and carefully select third parties. We require third parties that we share personal data to be in accordance with the laws.
  7. Accountability: As a data controller, we are responsible for acting in accordance with the principles and rules set out above, and this policy makes it visible that we act in accordance with these principles and rules.

These principles are effective for the data we collect with or without your explicit consent.

D. WHOSE DATA WE PROCESS?

We process personal data of our representatives of sponsors, customers, and participating organizations, as well as personal data of our employees, attendees, third-party service providers, and as such.

E. WHY DO WE COLLECT YOUR DATA?

We will collect your personal data for the purposes listed below:

  1. For Event Registration

You are required to register in order to attend and participate in our events. We store your data to avoid repeating logging in to our site, to use when you need to contact us, to allow you to take part in our networking events, for the reasons related to the execution agreements, billing, and payment, and for general evaluation of our services.

For this purpose, your IP address, name, surname, company name, company position, email address, country, and phone number will be processed. Your personal data will be processed upon your consent. For both our digital and physical activities, we require your accurate and true personal information for confirmation and security purposes. In that regard, you will not be able to attend our events if you do not give your open consent. This requirement is only binding for your registration. You are free to give or not to give your open consent for sharing your information with third parties.

We may share your personal data with other attendees, companies, and sponsors that take part in our events, as well as third-party software service providers within or without Turkey and/or European Union. Our digital events are held on the "Hubilo" Online Event Management platform ("Hubilo") which acts as a "data processor" in this case.

We carefully select third parties that we share data and establish proper measures to secure the transfer of data in accordance with the law.

  1. For Attending Our Events

As a registered user, you will be able to attend various meetings, seminars, and webinars, as well as visit stands and get in touch with your peers. As an attendee to our networking events, you are required to provide accurate and true information such as name, surname, country, company name, and company position, as well as a real profile picture.

  1. For Statistics and Profiling

We also collect statistics on your attendance and use of our Sites and Services as well as collect and process data shared on open and internet sources for business purposes.

For this purpose, we collect information such as your company name, job title, company position, country, meetings, and activities that you have attended. For compliance with the law, we anonymize such statistical data such that they can no longer be related to any individual and you.

  1. For Further Communication

You can contact our team members via email or provide your email so that we can inform you about future events, activities, and services as well as enabling you to provide your thoughts, comments, and complaints. For communication purposes, we will process your name, surname, and email address.

  1. For Promotional and Information

We design our events to allow attendees and organizations to meet their peers and enhance their networks within the Cloud sector, during and after.

We will share your name, surname, email address, company name, and company position with Diamond sponsors of our events. We bind Diamond sponsors with a "data transfer agreement" not to share your data further with other third parties and oblige them to comply with KVK and GDPR in general when processing your data. In that case, Diamond sponsors will become separate "data controllers" and we encourage you to control their privacy policy and other relevant documents and exercise your rights accordingly.

We will also process your name, surname, email address, company name, and company position to provide you with messages and emails from our Gold sponsors, about their products and activities. In this case, no personal data will be shared with the Gold sponsors and we will play an intermediary role to forward you such messages, including promotions and information. You may unsubscribe from the mailing list and SMS messaging at any time you want.

We may also send you SMS messages and emails about upcoming events, new services, and other related topics as a company.

On each of these occasions you are free not to give your consent for promotional and informational messaging and emailing, and also opt-out even if you had given your consent in the past. In case you are concerned, you can object at any time against promotional communication using the cancellation link provided within emails, block such emails, or inform us by contacting us. In such a case, we will also inform relevant parties to cease their promotional and informational activities directed to you.

  1. For Advertisement Purposes

We use general advertisements about Sites, Platforms, and our Service. We do not collect personal data for advertisement purposes.

  1. For Legal Obligations

Personal data may be processed without prior approval if the processing is clearly stated in the relevant legislation or for the fulfillment of a legal obligation determined by the legislation. The type and scope of data processing must be necessary for the legally permitted data processing activity and comply with the relevant legal provisions.

  1. For the establishment of Agreements

If a contractual relationship is established with attendees and companies, the personal data collected can be used without the consent of the customer. However, this use takes place for the purpose of better execution of the agreement and the requirements of the service and it is updated by contacting the customers when necessary.

  1. For Employees

CLOUDTALK ensures the privacy and protection of its employees' data.

Cases That Do Not Require Explicİt Consent:

The personal data of our employees can be processed in the following situations and in other situations stipulated by law, without the approval and explicit consent of the employee.

Legal Obligations: Employee's explicit consent is not applied for personal data processed in order to fulfill the obligations specified in the Labor Law, Occupational Health and Safety Law, and similar laws that regulate the business relationship between CLOUDTALK and its employees.

Transactions for the Benefit of Employees: CLOUDTALK can process personal data without obtaining approval for transactions for the benefit of company employees such as private health insurance. CLOUDTALK can also process employee data for disputes arising from business relationships.

Data Processed by Automated Systems We may organize lotteries among some of our attendees. In that case, your personal data may be processed by automated systems to decide the winners.

Assigned Devices and Services

The company assigns computers, phones, e-mail, and other devices, services, and applications to its employees only to be used for business purposes. The employee cannot use any of the tools that the company has allocated to it for private purposes and communication. The company has the right to control and examine all data on these types of equipment. The employee undertakes that he/she will not have any other data or information other than work on the computer, telephones, or other tools allocated to him/her from the moment he/she starts work.

  1. Processing of Minors' Data

Our Site and Services are not designed for use under the age of 18. For this reason, CLOUDTALK does not process data for people under the age of 18.

E. WHO DO WE SHARE YOUR DATA WITH?

CLOUDTALK shares the personal data under its responsibility in the context of business efficiency, execution and integration of basic services, business continuity, the fulfillment of legal obligations, online event management, and similar business requirements.

  1. With Service Providers

CLOUDTALK shares data as a result of its use of SaaS (Software as a Service) applications, email, server, social media, and similar service providers. Such service providers provide services in the status of data processors or sub-data processors according to the nature of the service and job. CLOUDTALK carries out the necessary checks and ensures the necessary legal commitments to ensure that such organizations and services from which it receives service as a data controller also fulfill the obligations specified under the KVK and GDPR. In this context,

  1. We share all the personal data collected for digital events on Hubilo, a SaaS platform located in India.
  2. We share data With Microsoft, for office and email services,
  3. With our Financial Consultant, for accounting business and transactions,
  4. With Twitter, Instagram (Facebook), and Linkedin for social media presence of our events,
  5. With Whatsapp (Facebook), used for instant messaging in business relationships between our attendees and participating organizations,
  6. With Dropbox and Google Drive, used for the sharing of large files for business purposes,
  7. With Google and Apple, which provide mobile and desktop OS and related services used in daily transactions,
  8. With Cookie Providers

Cookies from third-party cookie providers are used to increase the effectiveness of our sites and to meet user needs, and data is shared with these cookie providers. You can find details on this in our Cookie Policy (www ……).

  1. With Public Institutions and Judicial Authorities

CLOUDTALK will share your personal data with public institutions and with regard to business, transactions, and lawsuits concerning judicial processes with judicial authorities in order to fulfill its obligations as required by the law.

  1. With Our Sponsors

We share your data with diamond sponsors, and allow all attendees to see and observe the personal of other participants with a commitment to data confidentiality and obliging third parties to take needed measures to ensure data security.

  1. Transfer of Personal Data Abroad

CLOUDTALK has the authority to transfer personal data abroad within the conditions determined by KVK and GDPR, in accordance with the other conditions in the Law and depending on the explicit consent of the person.

Our digital events are held by using technology provided by Hubilo, a brilliant and capable event management SaaS application, whose servers are located in India. And our headquarters are in Turkey.

In that regard as an EU resident, we process your personal data in Turkey, the USA, and India. All three countries are not regarded as countries with adequate protection in line with GDPR. And therefore we need your explicit consent for the transfer of your data to these countries.

And as Turkish citizens, we process your personal data in India and the USA, which again are not regarded as countries with adequate protection in line with KVK. Therefore we need your explicit consent for the transfer of your data to these two countries.

CLOUDTALK elaborates to take relevant measures stipulated by the law, for data transfers made to countries that are not yet authorized to have an adequate level of protection yet. CLOUDTALK transfers personal data to its international suppliers only within the limits of the purpose of the services provided to carry out its commercial activities.

F. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

CLOUDTALK acknowledges that the data subject has the right to give his/her explicit consent before and to determine the fate of his data during and after processing of his/her data under the KVK and/or GDPR.

The data subject has the rights listed below according to Article 11 of the KVK and Article 15 etc. of the GDPR. In order to facilitate the exercise of these rights, an application form is also prepared by CLOUDTALK and presented to you on your web page.

Data subjects whose personal data are processed,

  1. According to KVK

if they are citizens of the Republic of Turkey or they are in Turkey during the data processing have the following rights within the scope of the KVK,

  1. To learn whether your personal data is processed or not,
  2. To demand information on the processing of personal data,
  3. To learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose,
  4. To know the third parties to whom your personal data has been transferred at home or abroad,
  5. To request the rectification of the incomplete or inaccurate data, if any, and to request notification of the transaction in this context to third parties to whom your personal data has been transferred,
  6. Although it has been processed in accordance with the provisions of KVK and other relevant laws, within the framework of the conditions stipulated in article 7 of the KVK, to request the deletion or destruction of your personal data if the reasons requiring its processing are no longer valid and to request notification of the transaction in this context to third parties to whom your personal data has been transferred,
  7. To object to the occurrence of a result against you by analyzing the data processed solely through automated systems,
  8. To claim compensation for the damage arising from the unlawful processing of your personal data.
  9. According to GDPR

Data subjects in the European Union at the time of processing have the following rights under the GDPR.

  1. To confirm whether personal data related to him/her has been processed,
  2. To request access to the processed personal data,
  3. To request information• regarding processing purposes,
  1. To request correction of the processed personal data,
  2. To request the completion of the missing part of the processed personal data,
  3. To request restriction or deletion of processing of processed personal data,
  4. To object against the processing of personal data and profiling,
  5. To complain to a supervisory authority,
  6. To learn the data source in cases where personal data are not obtained from him/her,
  7. To be informed about the assurances that provide data security in case of transfer to countries and international organizations outside the EU,
  8. To request a copy of personal data processed in a structured, widely used, and easily readable format with any device provided not to restrict the rights and freedoms of third parties,
  9. To request the transfer of personal data to another data officer,
  10. To request correction or deletion of incorrect personal data immediately (Except the right to delete the data given to the data controller under GDPR m.17) and/or to request that data processing be restricted until the accuracy of the data is provided,
  11. To demand not to be included in the decision processes given automatically as a result of automated processing activities.

As CLOUDTALK, we respect these rights as the data controller without prejudice to our rights and exceptions arising from KVK Law and GDPR.

However, data subjects do not have any sort right of rights related to anonymized data within the Company. CLOUDTALK may share personal data in accordance with the business and contractual relationship with the relevant institutions and organizations for the purpose of a judicial duty or state authority to exercise its legal powers.

G. YOUR REQUESTS AND APPLICATIONS

Data subjects will be able to submit their requests to the company, regarding their rights mentioned above by completing the application form, which they can obtain from our Site, signing it with a wet signature, and sending it with a registered letter with return receipt mail and with identity card photocopy (for the identity card, with a front copy only). Your applications will be answered as soon as possible according to the content of your application or within 30 days at the latest after reaching us. You must make your applications by registered letter with return receipt mail. Only the information that belongs to you will be provided. Any application about your spouse, relative, friends, or any third person will not be accepted.

You can be sure that we will try to meet your requests, applications such as access, deletion, update, phasing out, and correction, to the extent permitted by law and business requirements. If we are unable to fulfill your request, we will notify you about the reason. We would like to state that the copies of your data that you request to delete, correct and update may remain on the publication for a while after the request, as required by technical conditions.

Those who want to apply within the scope of KVK and in Turkish may make their applications by using the application forms at (http://CLOUDTALK.io/kvk/basvuru.html). Those who want to apply within the scope of GDPR and in English may make their applications by using the application forms on the Sites (http://CLOUDTALK.io/gdpr/request.html).

CLOUDTALK may request further information and documents from the applicants when necessary.

  1. Request Information

As a data controller who processes your personal data, we take care to answer all your questions and requests regarding the processing of your personal data in a timely and duly manner.

  1. Access and Correction

CLOUDTALK will take care to meet your acceptable and possible requests to allow you to access and correct your personal data that you have transferred to us, where permitted by law. However, we reserve the right to use your other personal data for the purposes of verifying your identity or for other security and support measures when we consider it necessary. Regarding the personal data we collect about you, you can request access, correction, suspension, or phasing out of data.

  1. Transfer to Third Parties

You may request the transfer of your Personal Data to third parties. However, this transfer can be carried out within the existing technical capabilities of CLOUDTALK and within the time required by the working conditions. The data of the concerned parties are not given to third parties by our company in the cases mentioned above or without their approval and consent.

  1. Deletion of Personal Data

CLOUDTALK protects the personal data it processes in accordance with the KVK, GDPR, and related legal legislation for the periods stipulated in the relevant legislation or required by the processing purpose.

When the legally required periods expire, the judicial processes are completed or other requirements disappear, these data can be deleted spontaneously or upon the request of the person concerned, can be destroyed or anonymized, or after reviewing the GDPR requirement, the processing can be continued provided that the necessary conditions are met again or data can be archived.

H. SECURITY OF YOUR DATA

All necessary technical and administrative measures are taken to protect the personal data collected by the CLOUDTALK and to prevent unauthorized access and prevent our customers and potential customers from being suffered in accordance with KVK and GDPR.

  1. Administrative Measures

In this context, compliance with the standards of software, careful selection of third parties, and compliance with our Privacy Policy within the company are provided. All documents that create obligations signed with the data transmitted parties are examined and revised, and the interlocutors are observed in terms of whether they meet the obligations in the context of KVK and GDPR during the agreement and business stages.

  1. Technical Measures

CLOUDTALK takes all possible technical measures relevant and possible. Security measures are constantly being renewed and developed. In order to reduce misuse and unauthorized access to personal data, we store the data in a separate system after receiving it, we use secure connections (Secure Sockets Layer of SSL) to encrypt all information between you and our website when entering your personal data.

  1. Notification of Infringements

CLOUDTALK acknowledges that when it is notified that there is any infringement related to personal data, it should notify relevant Boards in Turkey and the EU from the date this situation was learned, without delay and within 72 hours at the latest. It minimizes the damage of the concerned and compensates for the damage. When it is understood that the personal data have been intercepted by unauthorized persons, it immediately informs relevant Boards.

You can apply for the notification of infringements according to the procedures stated on our corporate website. Click for Application and Information Request Form

I. VALIDITY AND UPDATES OF POLICY

Our company reserves the right to change our Policy and Guidelines on Personal Data, provided that it complies with the Law and that personal data is better protected. We recommend that you refer to the most current published version of this notification so that you are aware of the changes. Changes to the Privacy Policy are shown in the table below.

We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information