Codeway Dijital Hizmetler Anonim Sirketi

隐私政策和个人数据文本

                                  Update Date: [19.11.2021]

1. 目标

Codeway Dijital Hizmetler Anonim Sirketi ("Codeway" or "Company"), aims to process the personal data of users in accordance with general principles of privacy and the provisions of the applicable data protection legislation to the relevant person, particularly Law on Personal Data Protection No. 6698,  ("PDP Law") and other applicable legislation

您提供/将提供给我司的和/或我司通过任何外部方式获取的您的个人信息，可能会被我司作为“数据控制者”处理；

• In the context of the objective of processing your personal data and in connection with this purpose, in a limited and measured manner,
• By maintaining the accuracy and up-to-date version of the personal data as reported or notified to our Company,
• May be recorded, stored, preserved, reorganized and be transferred to the institutions authorized to request such personal data by law and shall be transferred, classified and shared with third parties within the country or abroad under the conditions stipulated by legislation and upon your explicit consent if necessary, and  they may be processed  by other means  listed under the legislation and be subject to other procedures set forth in the legislation.

本隐私政策是为了根据 PDP 法中规定的原则继续和改进 Codeway 开展的活动而制定的。

本隐私政策描述了我们收集哪些数据，我们打算如何使用、存储、保护和共享我们收集的数据，您如何撤回对处理这些数据的同意，以及如何更正和修改数据。

2. 个人信息的收集及方法

Codeway 可能会根据本隐私政策中指定的目的处理您的个人数据。

The personal data of users collected and used by Codeway in particular, are as follows:your name and surname, e-mail address, phone number which we will receive once you contact Codeway, facial feature data you have uploaded to Codeway applications (Codeway Apps) and identifier for advertisers designated in your mobile device used in accessing our services (The Identifier for Advertisers-IDFA), identifier for vendors/developers designated your mobile device (The Identifier for Vendors-IDVF) and Internet Protocol Address-IP Address).

数据类别和数据类型

‍

我们可能会通过电子或物理媒介、您的移动设备、第三方应用程序或第三方来源直接从您那里收集您的上述数据，您可以通过这些媒介访问我们的应用程序，例如 Apple App Store、Google Play App Store、Amazon App Store（类似平台统称“应用商店”），以遵守法律义务、增强我们的服务、管理您对我们服务的使用，以及使您能够享受和轻松浏览我们的服务。

我们可能会收集您在使用我们的服务/应用程序（通过我们的产品或第三方产品）时生成的日志数据。此类日志数据可能包括您设备的互联网协议（“IP”）地址、设备名称、操作系统版本、使用我们的服务/应用程序时的应用程序配置、您使用服务/应用程序的时间/日期以及其他统计信息。

个人信息处理的一般原则

In accordance with this Privacy Policy, personal data are processed by Codeway as a data controller in line with the basic principles named here: (i) being in accordance with law and good faith, (ii) being accurate and, where necessary, up-to-date, (iii) being processed for specific, explicit and legitimate purposes, (iv) being limited for the purpose for which they are processed and data minimization; and (v) being stored for the period stipulated in the relevant legislation or required for the purpose for which they are processed.

3. 处理个人数据的目的和法律原因

您的个人数据将通过自动或非自动方式处理，用于下述目的，符合适用法律和 PDP 法第 5 条和第 6 条的规定，在法律明确允许的情况下，建立合同或与合同的执行或履行直接相关，并为了 Codeway 的合法利益，前提是您的根本权利和自由受到保护。

a) 处理个人数据的目的

根据本文，您的个人数据将按照上述一般条件用于以下目的：

‍

此外，处理个人数据的目的可能会根据我们公司政策和法律规定的义务进行更新；特别是，

• Creating user accounts for the service recipients/application users,
• Customizing our Services, understanding our users and their preferences to enhance user experience and enjoyment using our Services and improve our users' experience,
• Informing about new products, services and applications and delivering you information regarding advertisements and promotions,
• Carrying out a digital subscription and In-app purchase processes of service recipients,
• Carrying out the auto-renewable subscriptions for giving users access to content, services, or premium features in our service,
• Carrying out the processes of information security,
• Conducting activities in accordance with legislation,
• Fulfilling the demands of competent authorities,
• Conducting the processes of finance and accounting transactions,
• Conducting communication activities,
• Conducting the processes of contracts,
• Carrying out strategic planning activities,
• Following up requests and complaints,

第三方网站和应用程序

Codeway Apps；可能包含指向 Codeway 未知且其内容不受控制的其他网站的链接。这些链接的网站可能包含除 Codeway 文本之外的条款和条件。Codeway 不对这些网站可能处理的信息的使用或披露负责。同样，Codeway 对从其他网站提供到 Codeway 拥有的 Codeway Apps 的任何链接不承担任何责任。

我们会以公平合法的方式收集信息，并征得您的知情和同意。我们还会告知您我们收集信息的原因以及收集信息的用途。您可以自由拒绝我们对此类信息的请求，但请注意，如果没有这些信息，我们可能无法为您提供某些所需的服务。

曲奇饼：

Cookie 是当您访问网页或应用程序时存储在您的计算机或移动设备的浏览器或硬盘上的小型文本文件。Cookie 可确保呈现个性化网页，从而使网站运行更高效，从而让您获得更快捷的访问体验，更适合您的特定个人需求。Cookie 仅包含您通过互联网访问网站的历史记录，不会收集任何信息，包括存储在您的计算机或移动设备上的个人数据/文件。当需要运营我们的服务、增强我们的服务性能和功能以及在我们的网站或第三方网站上提供内容（包括与您的兴趣相关的广告）时，我们可能会使用 Cookie。您可以删除计算机上已存在的 Cookie，并阻止在您的 Internet Explorer 上记录/定位 Cookie。

互联网浏览器默认自动接受 Cookie。由于不同浏览器对 Cookie 的管理方式不同，您可以查看浏览器或应用程序的帮助菜单以获取详细信息。

推送通知：

Codeway 可能偶尔会通过其移动应用程序向您发送有关应用程序升级或有关我们服务的通知的推送通知。您始终可以通过设备上的设置编辑此类通信和通知，并停止接收此类通信和通知。

您的数据将被存储为适用法律规定的期限或在处理目的不再存在之前的合理时间内，或在法定时效内。

Codeway 可能会继续存储您的个人数据，即使在使用目的已过期之后，只要其他法律要求或您在这方面单独授予的权利。

如果您同意Codeway将您的个人数据延长存储时间，则此类数据将在存储期限届满或处理目的不再存在时立即被删除、销毁或匿名化。

技术和行政措施

Codeway 根据相关法律规定，按照相关法律规定或处理目的所需的期限存储其处理的个人数据。Codeway 承诺采取一切必要的技术和管理措施，并采取适当的措施确保个人数据的机密性、完整性和安全性。在此背景下，它采取必要措施防止非法处理个人数据、未经授权访问数据、非法披露、修改或破坏数据。因此，Codeway 对其处理的个人数据采取以下技术和管理措施：

Anti-virus application. On all computers and servers in Codeway's information technology infrastructure, a periodically updated anti-virus application is installed.

Firewall. The data center and disaster recovery centers hosting Codeway servers are protected by periodically updated software-loaded firewalls; the relevant next generation firewalls control the internet connections of all staff and provide protection against viruses and similar threats during this control.

VPN. Suppliers can access Codeway servers or systems through SSL-VPN defined on Firewalls. A separate SSL-VPN identification has been made for each supplier; with the identification made, the supplier only provides access to the systems that it should use or is authorized to use.

User identifications. Codeway employees' authorization to Codeway systems is limited only to the extent necessary by job descriptions; in case of any change of authority or duty, systemic authorizations are also updated.

Information security threat and event management. Events that occur on Codeway servers and firewalls, are transferred to the "Information Security Threat and Event Management" system. This system alerts the responsible staff when a security threat occurs and allows them to respond immediately to the threat.

Encryption. Sensitive data is stored with cryptographic methods and if required, transferred through environments encrypted with cryptographic methods and cryptographic keys are stored in secure and various environments.

Logging. All transaction records regarding sensitive data are securely logged.

Two-factor authentication. Remote access to sensitive data is allowed through at least two-factor authentication.

Training. In order to increase the awareness of Codeway employees against various information security violations and to minimize the impact of the human factor in information violation incidents, trainings are provided to employees at regular intervals.

Physical data security. It ensures that personal data on papers is necessarily stored in lockers and accessed only by authorized persons. Adequate security measures (for situations such as electric leakage, fire, deluge, thievery etc.) are taken based on the nature of the environment where sensitive data is stored.

Backup. Codeway periodically backs up the data it stores.   As a backup mechanism, it uses the backup facilities provided by the cloud infrastructure providers, as well as the backup solutions it develops when deemed necessary, provided that it is in compliance with relevant legislation and provisions of this Policy.

Non-disclosure agreement. Non-disclosure agreements are concluded with employees taking part in sensitive personal data processing.

Transfer of sensitive personal data. If transfer of sensitive personal data is required through email; such transfer is done through (i) encrypted corporate email or (ii) Registered E-mail.

如果尽管Codeway采取了必要的信息安全措施，但由于对Codeway应用程序或Codeway系统的攻击而导致个人数据遭到破坏，或者个人数据被未经授权的第三方获取，Codeway会立即将此情况通知用户，并在必要时通知相关数据保护机构并采取必要措施。

4. 将个人数据传输给第三方

《个人数据保护法》第 8 条和第 9 条规定了个人数据转移的程序和原则，并且由于我们可能使用位于国外的服务器和云系统，供应商的个人和特殊类别的数据可能会被转移到国内或国外的第三方。

您的个人信息可能会因以下原因被转移到国外：

• Conducting storage and archive activities  
• Conducting business activities
• Conducting after-sales support services for goods/services
• Managing customer relationship management processes

Codeway 还可能将您的个人数据传输给我们公司的服务提供商、嵌入到我们服务中的第三方（例如 Facebook SDK、Adjust 和 Firebase Analytics），用于以下目的：

• Sharing identity, communication and transaction security information with authorized public institutions and organizations for the purpose of execution of activities in compliance with legislation, monitor and execution of legal affairs, informing authorized persons, institutions and organizations.
• Sharing identity and contact information to manage after-sales support services, conduct business activities and manage customer relationship management processes.
• Sharing identity and contact information, by user to third party applications which areintegrated to the Codeway Apps with the explicit consent of the User.

5. 您作为数据主体的权利

根据《个人数据保护法》第 11 条，您可以向 Codeway 提出申请，要求获取有关您个人数据的以下信息：

• Learn whether or not your personal data have been processed;
• Whether or not your data have been processed;
• Learn the purpose of the processing of personal data and whether data are used in accordance with their purpose;
• Know the third parties in the country or abroad to whom your personal data have been transferred;
• In case the personal data is processed incompletely or inaccurately; requesting notification of the transactions made under this scope to third parties to whom personal data have been transferred;
• Request deletion, destruction or anonymization of personal data if the reasons for the processing have disappeared and request notification of the transactions made under this scope to third parties to whom personal data have been transferred;
• Object to occurrence of any result that is to your detriment by means of the analysis of personal data exclusively through automated systems;
• Request compensation for the damages in case  you incur damages due to unlawful processing of your personal data.

Where General Data Protection Regulation (GDPR) is applicable, data subjects have the following rights:

• Right of access - Learning whether personal data is being processed and, if so, accessing your personal data and the information regarding the processing of your personal data,

• Right to correction -To request the correction of information that you believe is inaccurate or the completion of information that you believe is incomplete by Codeway,
• Right to delete – To request deletion of personal data under the conditions stipulated in GDPR,
• The right to restrict processing - To request the restriction of the processing of personal data under the conditions stipulated in the GDPR,
• Right to object to processing - To object to the processing of personal data under the conditions stipulated in the GDPR,
• Right to data portability - To request the data collected by Codeway to be transferred directly to another organization or under certain conditions,
• Objection to the occurrence of a result against the person himself/herself, by analyzing the processed data exclusively through automatic systems, including profiling.

In the application that includes your explanations about the right you have as the data subject and exercise your rights stated above and that you request to exercise; your request must be explicit and understandable, if the subject of your request is related to you or if you are acting on behalf of someone else, you must be specially authorized in this regard and your authority must be documented, the application must contain identity and address information and documents proving your identity must be attached to the application.Our Company will enable you to file such requests through the 《资料当事人申请表》 at support@codeway.co. In accordance with Article 13 of the PDP Law, our Company will finalize your requests, free of charge, within 30 (thirty) days at the latest depending on the nature of the request. In case the request is rejected, the reason or reasons for the rejection will be notified in writing or electronically along with its justification.

如果您认为我们或我们向其传输您的数据的某人侵犯了您的权利，您可以向您所在国家/地区的数据保护机构和其他主管监督机构提出投诉。

This Privacy Policy may be revised by our Company when deemed necessary. If you continue to access Codeway Apps and use or access Codeway Apps without benefiting from the Services offered by Codeway after the notification period, you shall be deemed to have allowed the changes in this Privacy Policy. You can access the most up-to-date version of this Privacy Policy at https://codeway.co/.

Company Title: Codeway Dijital Hizmetler Anonim Sirketi

Address: Esentepe Mahallesi Buyukdere Cad. Ferkoo Apt. No: 175/141 Sisli/Istanbul

电子邮件: support@codeway.co

Tel: +90-212-807-0096

‍