Back

Privacy Policy

Introduction

At Crimson Innovate (“we”, “our”, or “us”), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, and protect your data when you visit our website or use our services. Our approach aligns with both our commitment to your privacy and our legal obligations under Turkish law and international regulations, including the General Data Protection Regulation (GDPR) where applicable.


Scope of the Privacy Policy

This Privacy Policy applies to information gathered through our website and services. It does not cover the privacy practices of third parties. We are not responsible for the privacy policies or practices of third-party websites linked to our site.


Personal Data

3.1 Data Collection

We collect your personal data primarily to ensure the continuity of our services and for the purposes outlined in our informational notices. The data we collect includes:

  • Personal Identification Information: Name, email address, phone number.
  • Professional Information: Job title, company name.
  • Usage Data: Information on how you use our website and services.
  • Technical Information: IP address, browser type, device information, and browsing behavior.

3.2 Data Processing and Transfer

Your personal data is processed and stored using both automated and non-automated methods, ensuring it is handled in a limited and measured manner. We may share your personal data with:

  • Business partners
  • Affiliates and subsidiaries
  • Suppliers
  • Customers
  • Authorized public institutions

We inform you about the processing or transfer of your personal data and seek your consent when necessary.

3.3 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods vary depending on the type of data and the purpose for which it was collected. We review our retention periods for personal data on a regular basis.

3.4 International Data Transfers

As a global company, we may transfer your personal data to countries outside of Turkey. When we do so, we ensure appropriate safeguards are in place to protect your data, in compliance with applicable data protection laws. These safeguards may include:

  • Transfer to countries deemed to have adequate data protection by the Turkish Data Protection Authority or the European Commission.
  • Use of specific contracts approved by the Turkish Data Protection Authority or the European Commission that give personal data the same protection it has in Turkey or the EU.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Security Measures

We implement various security measures to protect your data during processing, including:

  • Network and application security
  • Security measures for IT systems procurement, development, and maintenance
  • Security for cloud-stored personal data
  • Regular employee training and awareness on data security
  • Firewalls to prevent external access
  • Data Loss Prevention (DLP) systems to monitor data leaks
  • Vulnerability scanning on servers
  • Two-factor authentication for internal network access
  • Security products against email threats
  • Regular maintenance of access logs
  • Institutional policies on access, information security, usage, storage, and disposal
  • Confidentiality agreements
  • Revocation of access for employees who change roles or leave the company
  • Use of up-to-date antivirus systems
  • Inclusion of data security provisions in contracts
  • Monitoring and reporting of data security issues
  • Security of personal data environments
  • Minimization of personal data where possible
  • Backup and security of backed-up personal data
  • User account management and access control systems
  • Regular and random internal audits
  • Identification of existing risks and threats
  • Continuous monitoring and implementation of cybersecurity measures
  • Use of the highest level of software and hardware security in line with current technology

Use of Cookies

Cookies, pixels, and similar tracking technologies (collectively “Cookies”) are small files placed on your devices when you use our website or applications. These technologies help us recognize your device, remember your preferences, manage site traffic, and improve your experience.

For more detailed information about the cookies we use, please refer to our Cookie Policy. You can personalize your cookie preferences through your browser settings.


Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.


Automated Decision Making

We do not make any automated decisions solely based on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.


Your Rights

Under the Turkish Personal Data Protection Law, GDPR (where applicable), and other relevant regulations, you have the right to:

  • Learn whether your personal data is processed
  • Request information about processing activities
  • Learn the purposes of processing and whether data is used in line with these purposes
  • Know third parties to whom your data is transferred, domestically or internationally
  • Request correction of incomplete or incorrect data
  • Request deletion or destruction of data within legal frameworks
  • Object to unfavorable consequences due to processed data analysis exclusively through automated systems
  • Demand compensation for damages in case of unlawful data processing

To exercise your rights, you can contact us through the following means:


Written Request:
Complete our Data Request Form and submit it to the address below:

Crimson Innovate
Sadi Konuralp Caddesi No:5/2, Nejat Eczacıbaşı Binası 34433 Beyoğlu, İstanbul, Türkiye


Email Request:
Send your completed form from your registered email address to contact@crimsoninnovate.com. If your email is not registered with us, your request must be signed with a secure electronic or mobile signature.

We will respond to your request within 60 days. If we require more time (up to 60 days) to process your request, we will inform you in writing within the initial 30-day period.


Updates and Changes

We may update this Privacy Policy to reflect changes in our practices or applicable laws. Any changes will be posted on our website, and the updated policy will be effective as of the date of posting. For significant changes, we will provide a more prominent notice, which may include email notification to registered users.


Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Crimson Danışmanlık ve Yönetim Hizmetleri Tic. Ltd. Şti.
Sadi Konuralp Caddesi No:5/2, Nejat Eczacıbaşı Binası 34433 Beyoğlu, İstanbul, Türkiye

+90 212 252 38 38. – inno@crimsoninnovate.com

This website uses cookies to ensure you get the best experience on our website. By continuing to use our site, you accept our use of cookies. For more details, visit our Cookie Policy