Privacy Policy

1. Data Controller

Nolto Teknoloji Anonim Şirketi ("Company"), as the data controller within the scope of the Personal Data Protection Law No. 6698 ("KVKK"), processes your personal data within the framework of the purposes and legal reasons explained below.

2. Personal Data Processed

The following personal data may be processed within the scope of our cloud PBX services:

  • Identity information (name, surname, title)
  • Contact information (phone number, email address, address)
  • Company information (company name, tax number)
  • Call records and call detail records (CDR)
  • IP address and connection information
  • Service usage data

3. Purposes of Data Processing

Your personal data is processed for the following purposes:

  • Providing cloud PBX and call center services
  • Providing customer communication and support services
  • Managing contractual processes
  • Performing billing and accounting transactions
  • Fulfilling legal obligations
  • Measuring and improving service quality
  • Managing information security processes

4. Data Transfer

Your personal data may be transferred in accordance with Articles 8 and 9 of KVKK:

  • To public institutions as required by law
  • To business partners essential for service delivery (data center providers)
  • To suppliers providing services under contract

Important: Your data is hosted in data centers within Turkey's borders. No data is transferred abroad.

5. Legal Basis for Data Processing

Your personal data is processed based on the legal grounds specified in Article 5 of KVKK:

  • Explicitly stipulated by law
  • Necessary for the establishment or performance of a contract
  • Necessary for the data controller to fulfill its legal obligations
  • Legitimate interest of the data controller
  • Explicit consent of the data subject

6. Data Retention Period

Your personal data is stored for the duration required by the processing purpose and within the statute of limitations prescribed by relevant legal regulations.

7. Data Security

Our company takes the necessary technical and administrative measures to ensure the security of your personal data:

  • Encrypted communication with SRTP and TLS
  • Two-factor authentication (2FA)
  • Firewalls and intrusion detection systems
  • Regular security audits
  • Access control policies
  • Backup and disaster recovery plans

8. Rights of the Data Subject

You have the following rights pursuant to Article 11 of KVKK:

  • Learning whether your personal data has been processed
  • Requesting information about the processing
  • Learning the purpose of processing and whether it is used accordingly
  • Learning the third parties to whom data is transferred domestically or abroad
  • Requesting correction of incomplete or inaccurate data
  • Requesting deletion or destruction under the conditions set forth in Article 7 of KVKK
  • Claiming compensation for damages caused by unlawful processing of data

9. Application

You can apply using the contact information below to exercise the rights stated above.

Email: [email protected]

Address: Y. Dudullu Mahallesi, Alemdağ Caddesi, No:806 D:14, Dalçık İş Merkezi, 34775 Ümraniye/İstanbul/Türkiye

Last updated: 01.03.2025