This text, including our customers and employees Suitech Software Bilişim Ve Teknoloji Hizmetleri Limited Şirketi (hereinafter referred to as TheX Protocol(The TheX Protocol)) and the personal data of the persons associated with the personal data within our structure, including our customers and employees of the Constitution and international conventions to which Turkey is a party (ECHR, etc.) and the European General Data Protection Regulation (GDPR), Personal Data Protection Law No. 6698 (KVKK) is the text of enlightening users about personal data within the framework of the relevant legislation, especially.
This disclosure text covers all of the following services of TheX Protocol and the organisations with which TheX Protocol cooperates and 3rd party services, including cookies. For this reason, users should also review the texts of the institutions and organisations with which TheX Protocol is associated. This text is subject to the TheX Protocol Privacy Terms, GDPR Explicit Consent Text and Cookie Text.
Definitions and Abbreviations:
Personal Data Owner (data subject):
Special Categories of Personal Data:
Processing of Personal Data:
Data Controller (Controller):
Personal Data Protection Board:
3. Processing of Personal Data
Suitech Software Bilişim Ve Teknoloji Hizmetleri Limited Şirketi (hereinafter referred to as TheX Protocol), including our customers and employees, and the personal data of the persons associated with us within the framework of the Constitution and international conventions to which Turkey is a party (ECHR, etc.) and the European General Data Protection Regulation (GDPR), within the framework of the relevant legislation, especially the Personal Data Protection Law No. 6698 (KVKK); we attach importance to the protection of your personal data and we inform you about this issue and obtain your explicit consent.
The Site and Tools may evolve over time and this express consent text will change to reflect that evolution. If changes are made, you will be notified by revising the date in the relevant section of this text. In some cases, if significant changes are made, an explanation may appear on the home page. We recommend that you review this text periodically to stay informed.
This text covers all of the following services of TheX Protocol and the organisations with which TheX Protocol cooperates, as well as 3rd party services, including cookies. Users should therefore also review the texts of the organisations and institutions with which TheX Protocol is associated.
TheX Protocol and its affiliated platforms are listed below. The clarification text covers all these platforms, their services and legal texts.
X Protocol Platform (X Protocol):
X Protocol Mobile Applications:
4.Purposes of Processing Your Personal Data:
6. Transfer of Your Personal Data
Personal data cannot be transferred without the explicit consent of the data subject, except for the exceptions specified in Article 6 of the GDPR and Articles 5 and 8 of the KVKK.
TheX Protocol does not transfƒer your personal data to third parties in any way, except for legal, technical and operational obligations. TheX Protocol keeps your personal data in Amazon AWS and Cloudfare Servers in the UK London Server due to technical server requirements in accordance with GDPR and KVKK, and transfers it to Turkey since it carries out transactions in Turkey due to the execution of operations. In addition, your personal data may be transferred to platforms such as legal officer, accounting, wallet company, etc. with which it cooperates for the execution of operations and services.
TheX Protocol, in its policy of transferring personal data, carries out procedures in accordance with the Constitution of the Republic of Turkey, the European Convention on Human Rights, Articles 5 and 6 of the European General Data Protection Regulation (GDPR) and especially Articles 8 and 9 of the Law No. 6698 on the Protection of Personal Data.
Refers to temporary cookies that are kept on your devices until you leave the website. These cookies are there for a better site experience.
Session cookies persist as long as the user keeps the session open. We delete these cookies when the user leaves the session.
Cookies such as filtering options, additions to the basket without logging in are kept.
We do not pass these cookies on to anyone.
These are cookies that must be used in order for the website to function properly and for users to benefit from the services and navigation features offered on the site.
It is stored for a maximum of 2 years until you delete it.
These cookies are needed to protect the system from fake systems. It is necessary for better management of the site.
It includes information such as the session duration of visitors, how they switch from pages, and the buttons they touch.
We do not transfer these cookies to anyone.
|Functional and Analytical Cookies||
These are cookies that contain data about remembering your preferences and using the website effectively. Due to their nature, cookies of this type may contain your personal data. For example; cookies that save your language preference on our website are functional cookies.
It is stored for a maximum of 2 years until you delete it.
We do not share these cookies with anyone.
Cookies that persist on the person's computer until a certain date or until they are deleted by the visitor. These cookies are mostly used to measure the website movements and preferences of visitors.
In accordance with the GDPR, we keep and delete these cookies for 12 months.
Method and Legal Reason for Collecting Your Personal Data
"To be clearly stipulated in the laws."
"Provided that it is directly related to the conclusion or performance of a contract, it is necessary to process the personal data of the parties to the contract."
"It is mandatory for the data controller to fulfil its legal obligation."
"Data processing is mandatory for the establishment, exercise or protection of a right."
"Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject."
It can be processed for legal reasons.
Your Rights Regarding the Protection of Your Personal Data
In accordance with Art. 15 GDPR and Art. 11 KVKK regarding your personal data;
The data subject has the right to verify with the controller whether personal data concerning him/her are being processed and, in the event of processing, to request access to the personal data and the following information
- the purposes of processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the period foreseen for the retention of personal data or, where that is not possible, the criteria used for the purpose of determining that period;
- the existence of the right to request the controller to rectify or erase personal data concerning the data subject or to restrict the processing of such data, or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- if the personal data are not obtained from the data subject, available information on the sources of such data;
- the existence of automated decision-making referred to in Article 22(1) and (4), including profiling, and, at least in those cases, meaningful information on the reasoning carried out, as well as on the significance for the data subject of the processing concerned and objections to the envisaged consequences.
- Requesting information if your personal data has been processed,
- You have the right to demand compensation for damages in case you suffer damage due to unlawful processing of your personal data.
2. If personal data are transferred to a third country or an international organisation, the data subject has the right to be informed of the appropriate safeguards in accordance with Article 46 GDPR in connection with the transfer.
You can send us your request to exercise these rights in writing or, if a separate method is determined by the European Data Protection Board / Personal Data Protection Board, in accordance with this method.
"Kisla District, Sehit Binbasi Cengiz Oytunc Street. Antelsan Business Center Business No:118 No:401 , Antelsan Business Center, Antalya, Mediterranean 07000, TR" address or email@example.com e-mail address.
Our obligation to inform:
- The purpose for which your personal data will be processed,
- Information about our identity and, if applicable, the identity of our representative,
- To whom and for what purpose your processed personal data can be transferred,
- Our method of collecting data and legal grounds,
- We have the obligation to inform the Relevant Person about the rights arising from the law.
As TheX Protocol, we take care that this policy, which is open to the public, is clear, understandable and easily accessible.
Our obligation to ensure data security:
It performs the necessary antivirus and other malware protection,
It cooperates with the company that provides server security in a way to provide optimum security,
3. acts with companies and individuals who will pay attention to security in their contacts and co-operations,
It endeavours to take legal and administrative measures in its relations with both employees and third parties.
Amazon Technologies and Cloudflare technologies are used in the entire infrastructure of TheX Protocol.
All websites belonging to TheX Protocol are encrypted via Amazon SSL and SSL policies have been implemented.
In the websites related to the sales of TheX Protocol, load distribution technologies are applied using AWS Distributed server architectures, accordingly, if the traffic is from a single point in case of DDOS Attack of the platforms, the source of the attack is directly blocked. If the DDOS attack on TheX Protocol comes from different regions in a distributed manner, the source of the attack is absorbed by distributing it to all traffic.
Advanced encryption techniques are used in User Login / Registration stages. All movements of users are controlled by structures we call JWT Tokens.
TheX Protocol applies profile identification techniques, which we call IAM, on its servers. According to these techniques, all ports belonging to the servers are controlled and traffic limits are set.
Evaluation of the Application:
Additional information and documents may be requested during the application or during the evaluation of the application.
If the request is accepted, the relevant procedure is applied and notification is made in writing or electronically. If the request is rejected, the applicant is notified in writing or electronically by explaining the reason.
Right of complaint to the European Data Protection Board and the Personal Data Protection Board:
In cases where the application is rejected, the response to the application is found insufficient or the response is not given in due time; the applicant has the right to file a complaint to the PDP Board or the European Data Protection Board within 30 (thirty) days from the date of learning the response and in any case within 60 (sixty) days from the date of application.
Publication and Storage of the Document: