Privacy Policy

Last updated June 06, 2024

Kuadron and Reportql (“we,” “our,” or “us”) are committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Kuadron and Reportql.

This Privacy Policy applies to our website and its associated subdomains (collectively, our “Service”), along with our application, Reportql. By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

The purpose of this Policy is to determine the procedures and principles regarding the processing and protection of personal data carried out by Kuadron in accordance with the legal legislation upon which this Policy is based, and the deletion, destruction, and anonymization of the processed personal data.

This Policy has been prepared based on Personal Data legislation.

The legal regulations in force regarding the processing, protection, and destruction of personal data will primarily apply. In the case of incompatibility between the legislation and the Policy, Kuadron accepts that the legislation in force will be applied.

Information Automatically Collected

There is some information, like your Internet Protocol (IP) address and/or browser and device characteristics, that is collected automatically when you visit, use or navigate our platform. Other information collected automatically could include a login, e-mail address, password, computer and connection information such as browser plug-in types and versions, time zone setting, operating systems and platforms, purchase history, the full Uniform Resource Locator (URL) clickstream to, through, and from our Website, including date and time; cookie number; parts of the site you viewed or searched for; and the phone number you used to call our Customer Services. We may also use browser data such as cookies, Flash cookies, or similar data on certain parts of our Website for fraud prevention and other purposes. During your visits, we may use software tools such as JavaScript to measure and collect session information, including page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page. We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes. This information is primarily required to maintain the security and operation of our platform and for our internal analysis and reporting purposes.

Affiliates

We may disclose information (including personal information) about you to our Corporate Affiliates. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

Links to Other Websites

This Privacy Policy applies only to Reportql. Reportql may contain links to other websites not operated or controlled by Kuadron or Reportql. We are not responsible for the content, accuracy, or opinions expressed in such websites, and such websites are not investigated, monitored, or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website’s own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.

Cookies

Reportql uses “Cookies” to identify the areas that you have visited. A Cookie is a small piece of data stored on your computer or mobile device by your web browser. We use Cookies to enhance the performance and functionality but they are non-essential to its use. Most web browsers can be set to disable the use of Cookies. However, if you disable Cookies, you may not be able to access our services correctly or at all. You can review our cookie policy for detailed information.

Changes to Our Privacy Policy

We may change our Service and policies, and we may need to make changes to this Privacy Policy so that they accurately reflect our Service and policies. Unless otherwise required by law, we will notify you through our Service before we make changes to this Privacy Policy and give you an opportunity to review them before they go into effect. Then, if you continue to use the Service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you may suspend your account or request deletion 

Third-Party Services

We may display, include, or make available third-party content (including data, information, applications, and other products services) or provide links to third-party websites or services (“Third-Party Services”).

You acknowledge and agree that Reportql or Kuadron shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality, or any other aspect thereof. Reportql or Kuadron does not assume and shall not have any liability or responsibility to you or any other person or entity for any Third-Party Services.

Third-Party Services and links thereto are provided solely as a convenience to you, and you access and use them entirely at your own risk and subject to such third parties’ terms and conditions.

Disclosures to and Information of the Personal Data Owner

Kuadron/Reportql enlightens personal data subjects during the collection of personal data. In this context, Kuadron will explain to the personal data owners for what purpose the personal data will be processed, to whom and for what purpose the processed personal data may be transferred, the method and legal reason for collecting personal data, and the rights of the personal data owner.

“Requesting information” is also among the rights of the personal data owner. Kuadron will provide the necessary information in case the personal data owner requests information. Kuadron/Reportql announces that it carries out personal data processing activities in accordance with the law and the rule of honesty to the personal data owners and the relevant persons through various documents open to the public, especially this Policy ensures informing the relevant persons in personal data processing activities, accountability and transparency within this framework.

Protection of the Rights of Personal Data Owners

Kuadron/Reportql establishes necessary channels, internal functioning, administrative, and technical arrangements to evaluate the rights of personal data subjects and to provide the necessary information to them.

If personal data owners submit their requests regarding their rights listed below to Kuadron in writing, Kuadron will finalize the request free of charge as soon as possible and within 30 days at the latest, depending on the nature of the request. A fee may be charged if the transaction requires additional cost.

Owners of personal data have the right to:

• Learn whether their personal data is processed;
• Request information if their personal data has been processed;
• Learn the purpose of processing personal data and whether they are used in accordance with their purpose;
• Know the third parties to whom personal data are transferred, domestically or abroad;
• Request correction of personal data in case of incomplete or incorrect processing, and to request notification of the transaction made within this scope to third parties to whom personal data is transferred;
• Request the deletion or destruction of personal data if the reasons requiring processing disappear, despite it having been processed in accordance with legislation, and to request notification of the transaction carried out within this scope to third parties to whom personal data is transferred;
• Object to any result to their detriment by analyzing the processed data exclusively through automated systems;
• Demand compensation for damage in the event that personal data is damaged due to unlawful processing.

If data owners submit their applications in writing with their identity information via the website while exercising these rights, they will receive answers to the application in a fast and effective manner. 

Ensuring the Security of Personal Data

Kuadron/Reportql takes the necessary legal, technical, and administrative measures regarding data security and shows the highest level of care and diligence in this regard.

The lawful processing, protection and storage of personal data by Kuadron personnel or third parties has been contractually arranged with the relevant personnel and third parties, and the activity carried out with the personnel and third parties has been harmonized due to the processing of the relevant personal data.

Kuadron conducts and has all necessary audits carried out within its own organization. When it is determined that the measures taken as a result of the audit need to be improved, Kuadron takes necessary actions immediately.

Despite taking all general, technical, and administrative measures, if personal data is learned and/or acquired by others through illegal means, Kuadron will notify the data owner and official authorities as soon as possible.

General, Technical, and Administrative Measures to be Taken for Secure Storage of Personal Data and Prevention of Unlawful Processing and Access

Personal data are processed by Kuadron/Reportql only in accordance with the procedures and principles stipulated in the legislation. Kuadron/Reportql adheres to the following principles when processing personal data:

• Compliance with the law and good faith: Kuadron acts in accordance with the principles introduced by the relevant legislation and the rule of honesty in the processing of personal data. Kuadron does not use personal data beyond the extent required for the realization of the relevant purpose, taking into account the proportionality requirements in the processing of personal data.
• Being accurate and current: Kuadron takes into account the fundamental rights and interests of personal data owners and ensures that the personal data it processes are accurate and current. For this purpose, Kuadron also takes necessary measures.
• Processing for specific, explicit, and legitimate purposes: Kuadron determines the legitimate and lawful purpose of personal data processing in a precise and clear manner and processes personal data in connection with the service it provides and to the extent required by the service in question.
• Being relevant, limited, and proportionate to the purpose for which they are processed: Kuadron processes personal data in a manner suitable for the realization of the specified purposes. In this context, it avoids processing personal data that are not related to the realization of the purpose or that are not needed.
• Retention for the period stipulated in the legislation or required for the purpose for which they are processed: Kuadron retains personal data for the period specified in the relevant legislation or for the period required for the purpose for which they are processed. In the event that the period expires or the reason requiring processing disappears, personal data are deleted, destroyed, or anonymized by Kuadron.

Kuadron takes all necessary technical and administrative measures to prevent unlawful processing of personal data, to prevent unlawful access to personal data, to ensure the preservation of personal data, and to ensure the appropriate level of security in order to preserve personal data, showing utmost care and diligence within this framework. 

Conditions for Processing Personal Data

The explicit consent of the data subject is required for the processing of personal data. Apart from explicit consent, personal data may be processed without the explicit consent of the data subject in the event that one or more of the following situations occur at the same time. 

• Explicit consent: The explicit consent of the personal data owner must be related to a specific subject, based on information, and given with his/her free will. Within this framework, Kuadron will obtain the explicit consent of the personal data owner for processing personal data.
• Explicit contemplation by applicable laws: Personal data of the data owner may be processed lawfully by Kuadron if such processing is explicitly contemplated by applicable laws.
• Failure to obtain explicit consent due to actual impossibility: The personal data of the data subject may be processed if it is mandatory for the protection of the life or physical integrity of a person who is unable to disclose his/her consent due to actual impossibility or whose consent is not legally valid.
• Directly related to the conclusion or performance of a contract: If it is necessary to process the personal data of the parties to a contract, provided that it is directly related to the conclusion or performance of that contract.
• Fulfillment of Kuadron’s legal obligation: If data processing is mandatory for Kuadron to fulfill its legal obligation.
• Publicization of personal data by the data subject: Personal data may be processed if the data subject has made his/her personal data public.
• Data processing is mandatory for the establishment or protection of a right: If data processing is mandatory for the establishment, exercise, or protection of a right.
• Data processing is mandatory for Kuadron’s legitimate interests: Provided that it does not harm the fundamental rights and freedoms of the personal data owner, Kuadron may process personal data if it is necessary for its legitimate interests.

Transfer of Personal Data

Considering the nature of the commercial activities it carries out, Kuadron may transfer the personal data of personal data owners to third parties and abroad or to foreign countries with or without adequate protection, by taking the necessary security measures in line with the personal data processing purposes, in accordance with the Law and relevant legislation.

Deletion, Destruction, or Anonymization of Personal Data

Kuadron fulfills its obligations to delete, destroy, or anonymize personal data ex officio or upon the request of the concerned person in cases where all the conditions for processing personal data disappear.

Kuadron acts in accordance with the general principles and technical and administrative measures regulated in this Policy and the provisions of the relevant legislation in the deletion, destruction, or anonymization of personal data.

Kuadron shall erase, destroy, or anonymize personal data at the first periodic destruction following the date on which the obligation to erase, destroy, or anonymize personal data arises.

The periodic destruction will be carried out by Kuadron within 30 days following the date on which the obligation to delete, destroy, or anonymize personal data arises. In mandatory cases, this period can be extended by a maximum of 30 days.

Periods for Deletion and Destruction of Personal Data upon Data Owner’s Request

When the Data Owner requests the deletion or destruction of his/her personal data by applying to Kuadron:

a) If all the conditions for processing personal data have disappeared, Kuadron deletes, destroys, or anonymizes the personal data subject to the request. Kuadron finalizes the request of the concerned person within 30 days at the latest and informs the person concerned.

b) If all of the conditions for processing personal data have disappeared and the personal data subject to the request have been transferred to third parties, Kuadron notifies the third party of this situation and ensures that necessary actions are taken by the third party.

c) If all the conditions for processing personal data have not been eliminated, this request may be rejected by Kuadron, explaining the reason in accordance with this Policy, and the rejection response shall be notified to the Data Subject in writing or electronically within 30 days at the latest.