1) Purpose and Scope
This Privacy Policy explains the principles for processing personal data in connection with the use of the ParsConnect mobile and web applications (together, the “Application”) developed by GENÇLER ELEKTRONİK SAN. TİC. LTD. ŞTİ., in compliance with the Turkish Personal Data Protection Law No. 6698 (KVKK), the EU General Data Protection Regulation (GDPR) where applicable, and relevant secondary legislation.
The scope covers customer user accounts, authorized operators, supplier/partner users, and individuals who visit or try the Application.
2) Data Controller
GENÇLER ELEKTRONİK SAN. TİC. LTD. ŞTİ. is the data controller.
| Company | GENÇLER ELEKTRONİK SAN. TİC. LTD. ŞTİ. |
|---|---|
| Address | Kavaklı Mahallesi Kavaklı Caddesi No: 56, Beylikdüzü/İSTANBUL – TURKEY |
| [email protected] | |
| Phone | +90 212 407 18 80 |
| KEP | [email protected] |
| Data Protection Contact/DPO | [email protected] |
3) Categories of Personal Data Processed
- Account & Identity: name–surname, company/site, title, username, password (cryptographic hash), authorization/role.
- Contact: e-mail, phone, business address.
- Device & Session: IP address, device model/OS version, browser info, session timestamps, cookies/similar identifiers, MFA token metadata.
- Usage & Logs: in-app transaction logs (login, role changes, report views, cost updates, order/work-order actions), error/performance logs.
-
Operational Production Data (generally non-personal, but may be linkable to
personal data when associated to accounts):
- Machine data (throughput, line speed, thickness, grammage, runtime, downtime/status, raw-material ratios/consumption, layers, recipe/order relations).
- Cost data (unit costs in TRY/USD/EUR, update history, projections).
- Report data (user-defined, shift and order reports, exports to PDF/Excel).
- Support & Communications: feedback, support requests, call/e-mail records.
4) Purposes and Legal Bases of Processing
| Purpose | Examples | Legal Basis |
|---|---|---|
| Provision of services / performance of contract | Account creation, authorization, live monitoring, reporting, order & work-order management | KVKK Art. 5/2-c; GDPR Art. 6/1-b |
| Security & abuse prevention | Access logs, anomaly detection, unauthorized action reviews | KVKK Art. 5/2-f; GDPR Art. 6/1-f |
| Debugging & performance improvement | Application logs, error reports | Legitimate interests |
| Compliance with legal obligations | Audits, requests, dispute processes | KVKK Art. 5/2-ç; GDPR Art. 6/1-c |
| Marketing/communications (optional) | Newsletters, product updates (with consent) | KVKK Art. 5/1; GDPR Art. 6/1-a |
Special-category personal data (KVKK Art. 6) is not processed under ParsConnect. If required, it will only be processed with explicit consent and/or under applicable legal exemptions.
5) Cookies and Similar Technologies
The Application may use strictly necessary cookies/local storage for authentication, session continuity, security, and preferences. Marketing/analytics cookies are enabled only with your explicit consent and can be managed at any time.
6) Data Retention Periods
- Account/contact data: for the term of the contract and applicable limitation periods.
- Access/usage logs: for security/audit for a reasonable period (e.g., 12–24 months) or longer as required by law.
- Operational production/report data: per customer instructions, contract and internal policies.
- Billing/accounting data: as required by tax and commercial laws.
7) Transfers, Sharing and Recipients
- Service providers: cloud hosting, backup, e-mail/SMS, error tracking, security vendors.
- Group companies and authorized partners: deployment/support, integrations.
- Competent authorities: as required by law.
For international transfers, appropriate safeguards under KVKK Art. 9 (adequate countries list, undertakings/consent mechanisms) or, under GDPR, Standard Contractual Clauses (SCC) are used.
8) Security Measures
- TLS encryption for app–server communications.
- Password hashing and role-based access controls.
- Logging, intrusion detection and anomaly alerts.
- Regular backups and disaster recovery.
- Contractual and technical security requirements for third parties.
9) Data Subject Rights
Under KVKK Art. 11 and GDPR Arts. 15–22, you have rights to access, rectification, erasure (right to be forgotten), restriction, objection, and data portability. You may opt out of marketing communications at any time.
To exercise your rights, e-mail [email protected] with the subject “KVKK/GDPR Application”. Additional info/documents may be requested to verify your identity.
10) Children’s Privacy
The Application is designed for enterprise/business use and is not intended for persons under 18. Personal data in this category is not knowingly collected.
11) Third-Party Integrations
ParsConnect may integrate with IoT gateways, ERP/MES systems, e-mail/SMS providers and analytics tools. Integrations are enabled only upon customer instruction and protected by contractual safeguards.
12) Data Accuracy and User Responsibilities
You are responsible for keeping your account information up to date. Protect your password and MFA details; promptly report any unauthorized use.
13) Changes to this Policy
This Policy may be updated. In case of material changes, notifications are made via e-mail and/or in-app announcements. The most current version is always available in the Application and/or on our website.
14) Contact
Questions about our privacy practices: [email protected]