Each year we, as CLOUDTALK ("Cloudtalk", "We", "Us" or "Host"), bring together the companies ("companies") and attendees ("attendees") from dozens of countries who operate in the cloud sector, at CLOUDTALK GLOBAL ("event"), the largest sectoral networking event in the Eurasia.
As CLOUDTALK, we attach great importance to the protection of personal data of all natural persons and data subjects ("You") that we have contacted in any way, while carrying out our activities. Since our event is international we are devoted to comply with the Personal Data Protection Law No. 6698 ("KVK") of Turkey, as well as General Data Protection Regulation ("GDPR") of the EU.
This policy does not apply to third-party websites of companies and sponsors which are presented on our website as links. We cannot guarantee the reliable and secure processing of your personal data by those third party organizations. We highly encourage you to review the privacy statements of these websites before using them.
As CLOUDTALK, we take all necessary administrative and technical measures within our company for the protection and security of personal data.
CLOUDTALK aims to process personal data of natural persons in accordance with KVK and GDPR and relevant legislation provisions in Turkey and the in the EU.
We state that personal data, that you have submitted to our Company and/or obtained by our Company are recorded, stored, protected, reorganized and transferred at home or abroad under the conditions stipulated by KVK, GDPR and related legislation. We may share personal data with public organizations if required by law. It is your obligation to provide accurate and up-to-date data. We keep your submitted personal data as accurate and up-to-date as possible as a "Data Controller".
This Policy concerns all your personal data, that are processed either by automated means or non-automated means as a part of our data filing system. The data obtained from you in accordance with your consent or other lawfulness cases listed in the Law will be used for the purpose of providing you the best experience that you should get from our events, increase the quality of the services we provide.
CLOUDTALK processes personal data in accordance with the procedures and principles stipulated in KVK, GDPR and other relevant legislation (Article 4 of the KVK, Article 5 of the GDPR) :
1. Fairness and lawfulness: CLOUDTALK questions the source of the data it collects or comes from other companies and places importance on obtaining them within the framework of lawfulness and good faith.
2. Accuracy and up-to-dateness: CLOUDTALK pays attention to the fact that all the data we process is accurate and does not contain false information under available conditions. Personal data is updated when necessary and when it is possible. We consider your statement of your personal data to be true. We are not obliged to investigate the accuracy of the data declared by our data subjects.
3. Purpose limitation: CLOUDTALK processes data only for purposes that it offers and receives consent from people during service. It does not process, use and make use of data other than for business purposes.
4. Data minimization: We do not collect data that we do not require. Information that is not required for the purpose is either not recorded in the system or it will be deleted or anonymized. These data can be used for statistical purposes. The data collected are sufficient, appropriate and limited to what is required for the purposes for which they are processed.
5. Storage Limitation: We preserve personal data within the scope of retention periods stipulated in KVK and GDPR, and the requirements of commercial and tax law. However, when these aims disappear, we review whether the purpose of processing data remains. As a result of this review, we may continue the processing of the data within regulatory limits, or we may delete, anonymize or destroy it according to KVK and GDPR. Personal data may be stored for longer periods, subject to the application of appropriate technical and regulatory measures required in accordance with the KVK and GDPR, as long as the data is processed for statistical purposes and to guarantee the rights and freedoms of the data subject.
6. Confidentiality: We respect the confidentiality of personal data. No one may use, copy, duplicate, transfer to others, or use for other than business purposes this data without agreement or law compliance and for purposes other than those set by CLOUDTALK. Only authorized people can access personal data within the company. All necessary technical and administrative measures are taken to protect the personal data collected and to prevent unauthorized access and the data subject to suffer. In this context, we comply with software standards and carefully select the third parties. We require third parties that we share personal data to be in accordance with the laws.
7. Accountability: As a data controller, we are responsible for acting in accordance with the principles and rules set out above, and this policy makes it visible that we act in accordance with these principles and rules.
These principles are effectual for the data we collect with or without your explicit consent.
We process personal data of our representatives of sponsors, customers and participating organizations, as well as personal data of our employees, attendees, third party service providers and as such.
We will collect your personal data for the purposes listed below:
1. For Event Registration
You are required to register in order to attend and participate our events. We store your data to avoid repeating of logging to our site, to use when you need to contact with us, to allow you take part in our networking events, for the reasons related to the execution agreements, billing and payment and for general evaluation of our services.
For this purpose, your IP address, name, surname, company name, company position, e-mail address, country and phone number will be processed. Your personal data will be processed upon your consent. For both of our digital and physical activities we require your accurate and true personal information for confirmation and security purposes. In that regard, you will not be able to attend our events if you do not give your open consent. This requirement is only binding for your registration. You are free to give or not to give your open consent for sharing your information with third parties.
We may share your personal data with other attendees, companies and sponsons that take part in our events, as well as third party software service providers within or without Turkey and/or European Union. Our digital events are held on "Hubilo" Online Event Management platform ("Hubilo") which acts a "data processor" in this case.
We carefully select third parties that we share data and establish proper measures to secure the transfer of data in accordance with the law.
2. For Attending Our Events
As a registered user, you will be able to attend various meetings, seminars and webinars, as well as visit stands and get in touch with your peers. As an attendee to our networking events, you are required to provide accurate and true information such as name, surname country, company name and company position, as well as a real profile picture.
3. For Statistics and Profiling
We also collect statistics on your attendance and use of our Sites and Services as well as collect and process data shared on open and internet sources for business purposes.
For this purpose, we collect information such as your company name, job title, company position, country, meetings and activities that you have attended. For compliance with the law we anonymize such statistical data such that they can no longer be related to any individual and you.
4. For Further Communication
You can contact our team members via email or provide your e-mail so that we can inform you about future events, activities and services as well as enabling you to provide your thoughts, comments and complaints. For communication purposes we will process your name, surname and email address.
5. For Promotional and Information
We design our events to allow attendees and organizations to meet their peers and enhance their networks within the Cloud sector, during and after.
We will also process your name, surname, email address, company name and company position to provide you with messages and emails from our Gold sponsors, about their products and activities. In this case no personal data will be shared with the Gold sponsors and we will play an intermediary role to forward you such messages, including promotions and information. You may unsubscribe from the mailing list and SMS messaging at any time you want.
We may also send you SMS messages and emails about upcoming event, new services and other related topics as a company.
In each of these occasions you are free not to give your consent for promotional and informational messaging and emailing, and also opt out even if you had given your consent in the past. In case you are concerned, you can object at any time against promotional communication using the cancellation link provided within e-mails, block such e-mails or inform us by contacting us. In such case we will also inform relevant parties to cease their promotional and informational activities directed to you.
6. For Advertisement Purposes
We use general advertisements about Sites, Platforms and our Service. We do not collect personal data for advertisement purposes.
7. For Legal Obligations
Personal data may be processed without prior approval, if the processing is clearly stated in the relevant legislation or for the fulfillment of a legal obligation determined by the legislation. The type and scope of data processing must be necessary for the legally permitted data processing activity and comply with the relevant legal provisions.
8. For establishment of Agreements
If a contractual relationship is established with attendees and componies, the personal data collected can be used without the consent of the customer. However, this use takes place for the purpose of better execution of the agreement and the requirements of the service and it is updated by contacting the customers when necessary.
9. For Employees
CLOUDTALK ensures the privacy and protection of its employees' data.
Cases That Do Not Require Explicİt Consent:
The personal data of our employees can be processed in the following situations and in other situations stipulated by law, without the approval and explicit consent of the employee.
Legal Obligations: Employee's explicit consent is not applied for personal data processed in order to fulfill the obligations specified in the Labor Law, Occupational Health and Safety Law and similar laws that regulate the business relationship between CLOUDTALK and its employees.
Transactions for the Benefit of Employees: CLOUDTALK can process personal data without obtaining approval for transactions for the benefit of company employees such as private health insurance. CLOUDTALK can also process employee data for disputes arising from business relationships.
Data Processed by Automated Systems We may organize lottaries among some of our attendees. In that case your personal data may be processed by automated systems to decide the winners.
Assigned Devices and Services
Company assign computers, phones, e-mail and other devices, services and applications to its employees only to be used for business purposes. The employee cannot use any of the tools that the company has allocated to it for private purposes and communication. The company has the right control and examine all data on these types of equipment. The employee undertakes that he/she will not have any other data or information other than work on the computer, telephones or other tools allocated to him/her from the moment he/she starts work.
11. Processing of Minors' Data
Our Site and Services are not designed for use under the age of 18. For this reason, CLOUDTALK does not process data for people under the age of 18.
CLOUDTALK shares the personal data under its responsibility in the context of business efficiency, execution and integration of basic services, business continuity, the fulfillment of legal obligations, online event management and similar business requirements.
1. With Service Providers
CLOUDTALK shares data as a result of its use of SaaS (Software as a Service) applications, email, server, social media and similar service providers. Such service providers provide services in the status of data processor or sub-data processor according to the nature of the service and job. CLOUDTALK carries out the necessary checks and ensures the necessary legal commitments to ensure that such organizations and services from which it receives service as a data controller also fulfill the obligations specified under the KVK and GDPR. In this context,
2. With Cookie Providers
3. With Public Institutions and Judicial Authorities
CLOUDTALK will share your personal data with public institutions and with regard to business, transactions and lawsuits concerning judicial processes with judicial authorities in order to fulfill its obligations as required by the law.
4. With Our Sponsors
We share your data with diamond sponsors, and allow all attendees to see and observe personal of other participants with a commitment to data confidentiality and obliging third parties are to take needed measures to ensure data security.
5. Transfer of Personal Data Abroad
CLOUDTALK has the authority to transfer personal data abroad within the conditions determined by KVK and GDPR, in accordance with the other conditions in the Law and depending on the explicit consent of the person.
Our digital events are held by using technology provided by Hubilo, a brilliant and capable event management SaaS application, whose servers are located in India. And our headquarters are in Turkey.
In that regard as a EU resident we process your personal data in Turkey, USA and India. All three countries are not regarded as countries with adequate protection in line with GDPR. And therefore we need your explicit consent for transfer of your data to these countries.
And as a Turkish citizen we process your personal data in India and USA, which again are not regarded as countries with adequate protection in line with KVK. Therefore we need your explicit consent for transfer of your data to these two countries.
CLOUDTALK elaborates to take relevant measures stipulated by the law, for data transfers made to countries which are not yet authorized to have adequate level of protection yet. CLOUDTALK transfer personal data to its international suppliers only within the limits the purpose of the services provided to carry out its commercial activities.
CLOUDTALK acknowledges that the data subject has the right to give his/her explicit consent before and to determine the fate of his data during and after processing of his/her data under the KVK and/or GDPR.
The data subject has the rights listed below according to the Article 11 of the KVK and the Article 15 etc. of the GDPR. In order to facilitate the exercise of these rights, an application form is also prepared by CLOUDTALK and presented to you on your web page.
Data subjects whose personal data are processed,
1. According to KVK
if they are citizens of the Republic of Turkey or they are in Turkey during the data processing have the following rights within the scope of the KVK,
2. According to GDPR
Data subjects in the European Union at the time of processing have the following rights under the GDPR.
As CLOUDTALK, we respect these rights as the data controller without prejudice to our rights and exceptions arising from KVK Law and GDPR.
However, data subjects do not have any sort right of rights related to anonymized data within the Company. CLOUDTALK may share personal data in accordance with the business and contractual relationship with the relevant institutions and organizations for the purpose of a judicial duty or state authority to exercise its Legal powers.
Data subjects will be able to submit their requests to the company, regarding their rights mentioned above by completing the application form, which they can obtain from our Site, signing it with a wet signature and sending it with registered letter with return receipt mail and with identity card photocopy (for the identity card, with a front copy only). Your applications will be answered as soon as possible according to the content of your application or within 30 days at the latest after reaching us. You must make your applications by registered letter with return receipt mail. Only the information that belongs to you will be provided. Any application about your spouse, relative, friends or any third person will not be accepted.
You can be sure that we will try to meet your requests, applications such as access, deletion, update, phasing out and correction, to the extent permitted by law and business requirements. If we are unable to fulfill your request, we will notify you about the reason. We would like to state that the copies of your data that you request to delete, correct and update may remain on the publication for a while after the request, as required by technical conditions.
Those who want to apply within the scope of KVK and in Turkish may make their applications by using the application forms at (http://CLOUDTALK.io/kvk/basvuru.html). Those who want to apply within the scope of GDPR and in English may make their applications by using the application forms on the Sites (http://CLOUDTALK.io/gdpr/request.html).
CLOUDTALK may request further information and documents from the applicants when necessary.
1. Request Information
As a data controller who processes your personal data, we take care to answer all your questions and requests regarding the processing of your personal data in a timely and duly manner.
2. Access and Correction
CLOUDTALK will take care to meet your acceptable and possible requests to allow you to access and correct your personal data that you have transferred to us, where permitted by law. However, we reserve the right to use your other personal data for the purposes of verifying your identity or for other security and support measures when we consider it necessary. Regarding the personal data we collect about you, you can request access, correction, suspension or phasing out of data.
3. Transfer to Third Parties
You may request the transfer of your Personal Data to third parties. However, this transfer can be carried out within existing technical capabilities of CLOUDTALK and within the time required by the working conditions. The data of the concerned parties are not given to third parties by our company in the cases mentioned above or without their approval and consent.
4. Deletion of Personal Data
CLOUDTALK protects the personal data it processes in accordance with the KVK, GDPR and related legal legislation for the periods stipulated in the relevant legislation or required by the processing purpose.
When the legally required periods expire, the judicial processes are completed or other requirements disappear, these data can be deleted spontaneously or upon the request of the person concerned, can be destroyed or anonymized, or after reviewing the GDPR requirement, the processing can be continued provided that the necessary conditions are met again or data can be archived.
All necessary technical and administrative measures are taken to protect the personal data collected by the CLOUDTALK and to prevent unauthorized access and to prevent our customers and potential customers from being suffered in accordance with KVK and GDPR.
1. Administrative Measures
2. Technical Measures
CLOUDTALK takes all possible technical measures relevant and possible. Security measures are constantly being renewed and developed. In order to reduce misuse and unauthorized access to personal data, we store the data in a separate system after receiving it, we use secure connections (Secure Sockets Layer of SSL) to encrypt all information between you and our website when entering your personal data.
3. Notification of Infringements
CLOUDTALK acknowledges that when it is notified that there is any infringement related to personal data, it should notify relevant Boards in Turkey and the EU from the date this situation was learned, without delay and within 72 hours at the latest. It minimizes the damage of the concerned and compensates the damage. When it is understood that the personal data have been intercepted by unauthorized persons, it immediately informs relevant Boards.
You can apply for the notification of infringements according to the procedures stated on our corporate website. Click for Application and Information Request Form