Pati Teknoloji Dis Ticaret Anonim Sirketi (“ Pati Teknoloji” Or "Company") is committed to protecting the privacy and personal data of its users in accordance with applicable data protection laws, including the No. 6698, (“PDP Law”). This Privacy Policy outlines how we collect, use, store, protect, and share the personal data of our users and explains their rights regarding their personal data.
Data we collect are adequate, relevant and limited to what is necessary for the following purposes for which they are collected.
Subject to your approval and consent, Pati Teknoloji collects and uses your data for specific purposes in accordance with the regulations described in this policy. Although these data are primarily used to provide you with a better user experience, they may also be used to maintain activities of our organization, and to improve your user experience, specifically for the purposes described below. To improve your user experience, including: To track your use of our services to help us learn more about your activities and understand your preferences and tendencies, so that we can personalize your experience, provide you with offers and notifications that are tailored to you, and otherwise enhance your user experience, To protect all our users from any kind of cheating, crime, or fraud related to our services, and to ensure the safety of all our users during their experience (limited to our services), To provide you with services appropriate for your age in accordance with the laws of your country of residence, To identify and correct service and technical errors that may occur in our services, To provide you with the opportunity to participate in our application tests, upon your request to participate in the testing processes of our applications, To register your participation in events held by us and/or our business partners, such as sweepstakes, campaigns, contests etc., and to contact and inform you if and when you win a prize in such events, To be able to comply with all regulatory and legal requirements, and answer any requests from data protection authorities and/or law enforcement agencies, To facilitate your contributions in social media as to our services, To be able to carry out service management, optimization, research, analysis, and improvement studies, To obtain statistical data which will allow us to take steps to improve user experience, including the actions and steps specified in the previous paragraph, To provide you with a tailored user experience in our applications, and to allow you to smoothly employ features you have subscribed to. To personalize our communication with you, including: To send push notifications to users (for US, who are at least 13 years old, and for Europe, who are at least 16 years old) (this feature is available only if you choose to allow this feature), For our applications that include a chat, post, message, and/or another relevant communication feature, to facilitate communication between you and our other users (by collecting personal data of both sender user and receiver user) when you wish to send a message to another user or a specific user group via chat, post, message, or another relevant in-application communication feature, (Except for communications you make by means of features included in our services, your e-mails, SMS messages, or your messages conveyed through other platforms will never be subject to any kind of data or information collection by us.) To be able to display personalized offers and content for our users, To be able to make choices based on and appropriate for your gender, age and profile while serving ads to you, To serve and measure the effectiveness of advertising, To contact you for events (sweepstakes, contests, campaigns, promotions, etc.) held by us or through our service partners, To send you campaign or marketing-related content, provided that you have given your consent for such communication beforehand (you can contact us to withdraw your consent on this matter), To be able to handle your subscription to, and opting-out of, our newsletters.
The procedures and principles for the transfer of personal data are regulated by Articles 8 and 9 of the Personal Data Protection Law (PDP Law). As a result, the personal data and special categories of data provided by the supplier may be transferred to third parties, both within the country and abroad, as we may utilize servers and cloud systems located overseas. Your personal data may be transferred abroad for the following reasons: Conducting storage and archive activities Conducting business activities Conducting after-sales support services for goods/services In order to facilitate the management of customer relationship management processes, Pati Teknoloji may transfer your personal data to our company's service providers and third-party platforms such as Facebook SDK, Adjust, and Firebase Analytics, which are integrated into our services. This transfer is done for the following purposes: Enhancing user experience: The use of these service providers helps us improve our services and provide a better user experience by analyzing user behavior, preferences, and interactions. Analytics and reporting: We may utilize these third-party platforms to gather data and generate insights regarding the usage patterns, trends, and performance of our services. This information enables us to make informed business decisions and optimize our offerings. Personalized marketing and advertising: The data transferred to these service providers may be used to deliver personalized marketing messages and targeted advertisements based on your interests and preferences. Security and fraud prevention: Sharing data with these providers assists us in maintaining the security of our services and preventing fraudulent activities, such as detecting and mitigating suspicious behavior or unauthorized access. It is important to note that any data transfers are conducted in accordance with applicable data protection laws and regulations, and appropriate measures are taken to ensure the security and confidentiality of your personal data. We disclose identity, communication, and transaction security information to authorized public institutions and organizations as required by law. This is done to comply with legal obligations, monitor and execute legal affairs, and provide information to authorized individuals, institutions, and organizations. We share customer transaction information in order to facilitate after-sales support services, carry out essential business activities, and effectively manage customer relationship management processes.
Safeguarding user privacy and personal information is of utmost importance to us. We take significant measures to ensure the confidentiality of any personally identifiable information you share with us. Only authorized employees, contractors, agents, and trusted third-party service providers with a legitimate need are granted access to this information. Their access is strictly limited to providing, operating, developing, maintaining, supporting, or improving the service. To protect your information, we employ various security measures such as password protection, access logs, and system monitoring. These measures are in place to maintain the confidentiality and security of all user data. Accordingly, Pati Teknoloji takes the following technical and administrative measures regarding the personal data it processes Anti-virus Application:Pati Teknoloji ensures the security of its information technology infrastructure by installing regularly updated anti-virus applications on all computers and servers. Firewall: Pati Teknoloji takes the security of its data center and disaster recovery centers seriously. To safeguard the servers hosted in these facilities, the company employs periodically updated software-loaded firewalls. These firewalls, including next-generation firewalls, are responsible for controlling the internet connections of all staff members. They provide essential protection against viruses, as well as other similar threats, during the monitoring and control of internet traffic. By implementing these measures, Pati Teknoloji aims to maintain the integrity and security of its infrastructure and ensure the safety of the data it processes. VPN: Pati Teknoloji has implemented SSL-VPN (Secure Socket Layer Virtual Private Network) as a means for suppliers to access their servers or systems. This VPN is configured on the firewalls and allows suppliers to establish secure connections to the authorized systems. Each supplier is assigned a unique SSL-VPN identification, ensuring that they only have access to the specific systems they need or are authorized to use. This approach helps in controlling and limiting the access rights of suppliers, ensuring that they can interact with Pati Teknoloji's systems securely and within their designated scope of work or authorization. User Identifications: Pati Teknoloji strictly controls and manages employee access to its systems through user identifications. The authorization granted to employees is limited to the extent necessary for their specific job descriptions. In case of any change of authority or duty, systemic authorizations are also updated. Information security threat and event management: Pati Teknoloji has implemented an "Information Security Threat and Event Management" (SIEM) system to monitor and track events occurring on its servers and firewalls. This SIEM system serves as a centralized platform that collects and analyzes security-related events and logs. By utilizing a SIEM system, Pati Teknoloji enhances its ability to proactively monitor and manage security events, enabling a timely response to potential threats and vulnerabilities in its infrastructure. Encryption: Sensitive data is stored with cryptographic methods and if required, transferred through environments encrypted with cryptographic methods and cryptographic keys are stored in secure and various environments. Logging: All transaction records regarding sensitive data are securely logged. Two-factor authentication: Remote access to sensitive data is allowed through at least two-factor authentication. Penetration test: Pati Teknoloji conducts periodic penetration tests on its servers to assess the security posture. Any security gaps discovered during the tests are promptly addressed and remediated. In addition to manual penetration tests, Pati Teknoloji also employs an Information Security Threat and Event Management System that automatically performs penetration tests. The results of these tests, whether manual or automated, are recorded and monitored. Information Security Management System (ISMS): At the ISMS meetings made within Pati Teknoloji, the topics contained in the control forum are audited monthly by the director of information technology and the director of financial operations. Training: Pati Teknoloji places a strong emphasis on increasing employee awareness and minimizing the impact of human factors in information security incidents. To achieve this, regular training sessions are conducted for employees. Backup: Pati Teknoloji follows a regular backup process to ensure the preservation of stored data. This involves utilizing backup facilities offered by cloud infrastructure providers and developing custom backup solutions when necessary, as long as they comply with relevant legislation and the provisions outlined in the company's policy. By periodically backing up data, Pati Teknoloji mitigates the risk of data loss and ensures the availability of information in the event of unexpected incidents or system failures. Non-disclosure agreement: Non-disclosure agreements are concluded with employees taking part in sensitive personal data processing. Transfer of sensitive personal data: If transfer of sensitive personal data is required through email; such transfer is done through (i) encrypted corporate email or (ii) Registered E-mail. Pati Teknoloji is committed to protecting personal data and taking necessary information security measures to prevent unauthorized access or attacks. However, in the unfortunate event of personal data being compromised due to attacks on Mentor AI or the Pati Teknoloji system, despite the security measures in place, Pati Teknoloji will promptly notify affected users about the situation. This notification allows users to take appropriate actions to protect their personal information. Additionally, if required by applicable regulations or laws, Pati Teknoloji will also report the incident to the relevant data protection authority. This ensures that the appropriate authorities are informed of the breach and can initiate any necessary investigations or actions.
As Pati Teknoloji, we securely store, retain, and use your data for as long as you use our services and for as long as necessary to fulfill the purposes we have detailed and explained in the Privacy Policy (in accordance with the applicable laws in your country of residence). However, in order to comply with requests of law enforcement and regulatory agencies, and to resolve actual or possible disputes, a longer retention period could be required. In such case, the collected data are retained and used until the respective request is closed. Please contact us immediately if and when you think you have detected such a violation so that such situations can be resolved as soon as possible following their occurrence. If you do not know how to contact us, please see “Contact Us” section for detailed information.
In order to ensure the safety of our users (during the user experience), we take legal action or launch an investigation against any abuse or unauthorized use of our services, or any other activity we determine to be illegal. We may also disclose your data if required by any law or court order, if the data relates to actual or threatened harmful conduct. In addition, we reserve the right to notify law enforcement agencies of such situations or activities if and when we detect them.
In the event that our company or any of our business lines (including the respective assets) is sold to another party in whole or in part, your data may also be transferred to the buyer. Before such transfer process takes place, if you wish, you can contact us to request your data to be deleted, to be removed, and/or not to be processed. In such case, we will immediately take the necessary actions in line with your request. However, note that such actions may result in a restriction on your access to our services. You can contact us for more detailed information about your questions or issues.
If you would like to exercise any of the rights outlined below, you can reach out to us at any time by sending an email to contact@patigamestudio.com. We will handle and respond to your requests promptly and within one month of receiving the request, unless the complexity of the request necessitates a longer response time. In such cases, our total response time may extend up to three months, as permitted by Article 12 of the General Data Protection Regulation (GDPR).
According to Article 15 of the GDPR, you have the right to request access to the personal data that we process about you. This includes information regarding: The purposes for which your personal data is being processed. The categories of personal data that are being processed. The recipients or categories of recipients with whom your personal data has been or will be shared. The estimated duration for which your personal data will be stored. Additionally, you have the right to obtain a copy of the personal data undergoing processing. It's important to note that access to certain data may be restricted due to intellectual property rights or trade secrets.
You have the right to object to the processing of your personal data if there are grounds relating to your particular situation. This right applies when your personal data is processed based on the legitimate interests pursued by us as outlined in Section 6(1)(f) of the GDPR, as stated in Article 21 of the GDPR. If you exercise this right, we will cease processing your personal data unless there are compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims. Additionally, you have the right to object to the processing of your personal data for direct marketing purposes at any time. Once you object, we will stop processing your personal data for this purpose. It's important to note that exercising this right will result in the automatic cessation of your user license to use the Service.
You have the right to request the rectification of any inaccurate personal data we hold about you, as stated in Article 16 of the GDPR. If you believe that your personal data is inaccurate or incomplete, you can request us to correct or update it accordingly. Furthermore, you have the right to have your personal data erased in certain circumstances, as outlined in Article 17 of the GDPR. The grounds for erasure include: If the personal data is no longer necessary for the purposes for which it was collected or processed. If you have withdrawn your consent for the processing, and there are no other legal grounds for continued processing. If you have objected to the processing, and there are no overriding legitimate grounds for the processing. If the personal data needs to be erased to comply with a legal obligation under Union or Member State law. If the personal data has been unlawfully processed or the personal data has been collected in relation to the offer of information society services. Please note that your right to erasure may be limited if retaining the data is necessary to comply with a legal obligation or to establish, exercise, or defend legal claims.
You have the right to withdraw your consent to the processing of your personal data. If we have obtained your consent for processing your data, you can withdraw it at any time, as stated in Article 7 of the GDPR. Upon withdrawal, we will cease processing the data for which you have withdrawn consent, unless there is a legal obligation that requires us to retain certain parts of your data. It's important to note that if you withdraw your consent, your user license to use the Services will automatically cease. The withdrawal of consent does not affect the lawfulness of processing based on your consent before its withdrawal.
You have the right to withdraw your consent to the processing of your personal data. If we have obtained your consent for processing your data, you can withdraw it at any time, as stated in Article 7 of the GDPR. Upon withdrawal, we will cease processing the data for which you have withdrawn consent, unless there is a legal obligation that requires us to retain certain parts of your data. It's important to note that if you withdraw your consent, your user license to use the Services will automatically cease. The withdrawal of consent does not affect the lawfulness of processing based on your consent before its withdrawal.
Cookies are small text files that are stored on your browser or the hard drive of your computer or mobile device when you visit a website or use an application. Their purpose is to improve the efficiency of website operations and provide a personalized browsing experience that caters to your specific needs and preferences. Cookies contain information about your browsing history on the internet but do not collect any data from your personal files or store personal information. We may use cookies in various ways, including: Operating our services: Cookies are necessary for the proper functioning of our services, allowing us to deliver the content and features you expect. Enhancing performance and functionality: Cookies help us optimize the performance and functionality of our services, providing you with a smoother and more seamless experience. Delivering relevant content and ads: Cookies enable us to deliver content and advertisements that are tailored to your interests, both on our websites and third-party sites. If you wish to delete existing cookies on your computer or prevent the placement of new cookies in your internet browser, you can adjust the settings in your browser accordingly. Please note that internet browsers are typically set to accept cookies by default. You can refer to the help menu of your browser or application for specific instructions on managing cookies, as the process may vary depending on the browser or application you are using.
“Pati Teknoloji” may send you push notifications through its mobile applications on occasion. These notifications may include updates about the application or information about our services. You have the option to customize and manage these communications and notifications by adjusting the settings on your device. If you prefer not to receive such communications and notifications, you can disable them. Your data will be stored for the duration specified by applicable legislation or for a reasonable period until the purpose of processing no longer exists. In certain cases, “Pati Teknoloji” may continue to retain your personal data even after the initial purpose of its use has expired, if required by other laws or with your separate consent. If you grant consent for “Pati Teknoloji” to store your personal data for an extended period, it will be promptly deleted, destroyed, or anonymized once that additional time has elapsed or when the purpose of processing no longer applies.
Mentor AI may include links to other websites that are not affiliated with Pati Teknoloji, and the content of these linked websites is not under our control. These websites may have their own terms and conditions that differ from those of Pati Teknoloji. Pati Teknoloji cannot be held responsible for the use or disclosure of any information processed by these linked websites. Similarly, we do not assume any responsibility for links from other websites leading to Mentor AI, which is owned by Pati Teknoloji. We collect information from you in a fair and lawful manner, with your knowledge and consent. We also inform you of the reasons for collecting this information and how it will be used. You have the freedom to decline our request for this information, understanding that we may be unable to provide you with certain desired services without it.
Our Company reserves the right to revise this Privacy Policy as deemed necessary. In the event of any changes, we will notify you accordingly. If you continue to access and use Mentor AI without availing yourself of the services offered by Pati Teknoloji after the notification period, it will be deemed that you have accepted the revised Privacy Policy.
If you have any questions, concerns or requests regarding the privacy practices or this Privacy Policy, you can contact us using the following contact information:
Company Title: Pati Teknoloji Dis Tic. As.
Address: Akat Mah, Menekse Sk. No:43, 34335 Besiktas/istanbul
E-mail: contact@patigamestudio.com
By using our services or providing personal data to the Pati Teknoloji, users consent to the collection, use, storage, and processing of their personal data as described in this Privacy Policy. This Privacy Policy is effective as of [June 08,2023 ]