UtilitiesResidentialMobilityTelecommunicationOther
SustainabilityManagement MessageNewsContact
NETZR

PRIVACY POLICY

Last Updated: March 25, 2025

This Privacy Policy has been prepared by Netzr Teknoloji A.Ş. (the "Company", "we", "us") to explain how your personal data is collected, processed, stored, and protected through our website (netzr.tech), products, and services. This policy is applied within the framework of the Turkish Personal Data Protection Law No. 6698 (KVKK), the European Union General Data Protection Regulation (GDPR), and other applicable data protection legislation.

1. Scope and Purpose

This Privacy Policy applies to all natural persons who visit the website of Netzr Teknoloji A.Ş. (netzr.tech), use our products and services, submit job applications, establish commercial relationships, or share their personal data with us in any manner. The policy comprehensively regulates the processes of collection, processing, storage, transfer, and destruction of personal data.

2. Data Controller

The data controller for the processing of your personal data is Netzr Teknoloji A.Ş. Headquarters: Muallim Mah. Deniz Cad. No:143/6, Bilişim Vadisi, Gebze/Kocaeli, Turkey. Manufacturing facility: Acısu Mah., Vatan Cad., No:26/1, 41080 Kartepe/Kocaeli, Turkey. Email: kvkk@netzrglobal.com. Phone: +90 262 503 43 95. Our Company operates in the field of EV energy systems (battery packs, BMS electronic boards, power distribution units).

3. Personal Data We Collect

Depending on the nature of our relationship with you, we may collect personal data in the following categories:

  • Identity Information: Name, surname, national ID number, date of birth, nationality, specimen signature, and copies of identity documents.
  • Contact Information: Email address, telephone number (landline/mobile), postal address, fax number.
  • Professional and Personal Information: Company name, position, department, work experience, curriculum vitae (CV), educational background, diplomas and certificates, reference information.
  • Technical Data: IP address, browser type and version, operating system, device identifiers, screen resolution, language preference, connection type.
  • Usage Data: Pages visited, click data, navigation sequence, session duration, entry/exit pages, downloaded files, form interactions.
  • Financial Information: Bank account number (IBAN), invoice information, tax identification number, payment and collection records.
  • Visual and Audio Data: Photographs, security camera (CCTV) recordings, video conference and meeting recordings.
  • Communication Content: Email correspondence, contact form messages, phone call recordings (subject to notification), support requests.

4. Data Collection Methods

Your personal data is collected through the following methods:

  • Directly From You: Through forms on our website (contact, career application, newsletter subscription), email correspondence, telephone calls, face-to-face meetings, employment contracts, and commercial agreements.
  • Through Automated Means: Data automatically collected during your visit to our website through cookies, pixel tags, server logs, and similar tracking technologies.
  • From Third Parties: Data obtained from our business partners, suppliers, job recruitment platforms, social media platforms, public institutions, and official registries.

5. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

  • Provision, development, and quality management of our products and services; measurement and enhancement of customer satisfaction.
  • Responding to requests, complaints, suggestions, and information inquiries; customer relationship management; provision of technical support services.
  • Fulfillment of legal and regulatory obligations; responding to requests from official institutions and organizations; follow-up of legal proceedings.
  • Ensuring physical premises security; management of information systems security; prevention and detection of fraud.
  • Conducting human resources processes; recruitment, performance evaluation, training, and personnel procedures.
  • Conducting marketing and communication activities; product and service promotion; campaign and event notifications (with your explicit consent).
  • Analysis and improvement of business processes; compilation of website usage statistics; market research and reporting.
  • Establishment and performance of contracts; management of commercial relationships; operation of supply chain and logistics processes.

6. Legal Basis

Your personal data is processed based on the following legal grounds:

  • Explicit Consent (KVKK Art. 5/1, GDPR Art. 6/1-a): Your explicit consent is obtained particularly for marketing communications, newsletter distribution, cookie usage (except essential cookies), and profiling activities.
  • Performance of a Contract (KVKK Art. 5/2-c, GDPR Art. 6/1-b): Data processing activities necessary for the establishment or performance of a contract concluded or to be concluded with you.
  • Legal Obligation (KVKK Art. 5/2-ç, GDPR Art. 6/1-c): Obligations arising from tax legislation, labor law, commercial law, consumer law, and other legal regulations.
  • Legitimate Interest (KVKK Art. 5/2-f, GDPR Art. 6/1-f): Processing activities carried out in line with our Company's legitimate commercial interests, provided they do not harm your fundamental rights and freedoms.
  • Vital Interest (KVKK Art. 5/2-e, GDPR Art. 6/1-d): Data processing activities necessary for the protection of life or physical integrity.
  • Public Interest (KVKK Art. 5/2-d, GDPR Art. 6/1-e): Processing activities carried out within the scope of tasks performed in the public interest or exercise of official authority.

7. Sharing of Personal Data

Your personal data may be shared with the following parties for the purposes stated above and with necessary security measures in place:

  • Service Providers: Our business partners providing information technology, cloud computing, hosting, email services, accounting, legal consultancy, logistics, and cargo services. Data processing agreements are concluded with these parties.
  • Legal Requirements: With competent public institutions and organizations (courts, prosecutors, tax offices, Social Security Institution, Personal Data Protection Authority, etc.) as required by legal regulations.
  • Business Partners: Our business partners and suppliers within the scope of conducting joint projects, supply chain management, and maintaining commercial relationships.
  • Group Companies: With our Company's subsidiaries and group companies for business process management, consolidation, and reporting purposes.

8. International Data Transfers

Your personal data may be transferred abroad depending on the locations of our service providers and business partners. International data transfers are carried out under KVKK Article 9 with your explicit consent or to countries with adequate protection; in cases where adequate protection is not available, transfers are made based on the data controller's written undertaking and the Board's permission. Under GDPR, transfers are made by ensuring appropriate safeguards such as European Commission adequacy decisions, Standard Contractual Clauses (SCC), or Binding Corporate Rules (BCR). Our cloud service providers hold ISO 27001 and SOC 2 certifications, and your data is stored in encrypted environments.

9. Data Retention Periods

Your personal data is retained for the duration required by the processing purpose and taking into account the statute of limitations periods prescribed in the relevant legislation. When the processing purpose ceases to exist or when the legal retention period expires, your data is deleted, destroyed, or anonymized pursuant to KVKK Article 7. General retention periods: commercial relationship data — 10 years from termination of the relationship (Turkish Commercial Code, Tax Procedure Law); employee data — 10 years from termination of employment (Labor Law, Social Security); candidate applications — 2 years; website usage data — 2 years (Law No. 5651); cookie data — from end of session up to 2 years depending on cookie type; marketing communication data — until withdrawal of consent.

10. Data Security

Technical and administrative measures in accordance with international standards are implemented to ensure the security of your personal data:

  • Encryption: SSL/TLS encryption protocols during data transmission; AES-256 encryption standard for storage of sensitive data; database-level encryption applications.
  • Access Control: Role-based access authorization; multi-factor authentication (MFA); principle of least privilege; regular review of access rights.
  • Monitoring and Auditing: Firewalls and intrusion detection systems (IDS/IPS); regular monitoring of log records; periodic vulnerability scans and penetration tests.
  • Training and Awareness: Regular data security and privacy training for employees; confidentiality agreements; data protection awareness programs.
  • Incident Response: Data breach response plan; breach notification procedures (to the competent authority within 72 hours, to affected individuals in high-risk situations); regular drills.

11. Cookies and Tracking Technologies

Various cookies and similar tracking technologies are used on our website (netzr.tech). Cookies are small text files placed on your device for the proper functioning of our site and to improve your experience. You can manage your cookie preferences through your browser settings or the cookie consent tool on our site. Types of cookies we use:

  • Essential Cookies: Cookies necessary for the basic functionality of the site (session management, security, load balancing). These cookies cannot be disabled. Legal basis: Legitimate interest.
  • Performance/Analytics Cookies: Cookies that collect visitor statistics, measure page performance, and analyze site usage patterns. Tools such as Google Analytics fall into this category. Legal basis: Explicit consent.
  • Functional Cookies: Cookies that remember user preferences such as language selection, region preference, and text size. Legal basis: Explicit consent.
  • Targeting/Marketing Cookies: Used by advertising networks to serve personalized advertisements based on your interests. Legal basis: Explicit consent.

12. Your Rights

You have the following rights pursuant to KVKK Article 11 and GDPR Articles 15-22:

  • Right of Access: The right to learn whether your personal data is being processed and to request information regarding processed data.
  • Right to Rectification: The right to request the correction of personal data that has been processed incompletely or incorrectly.
  • Right to Erasure (Right to be Forgotten): The right to request the deletion or destruction of your personal data when the processing conditions no longer exist.
  • Right to Restriction of Processing: The right to request the temporary suspension of processing of your personal data under certain conditions.
  • Right to Data Portability: The right to receive your personal data processed by automated means in a structured, commonly used, and machine-readable format and to transmit it to another data controller (GDPR).
  • Right to Object: The right to object to the processing of your data based on legitimate interest or public interest; the right to object at any time to the processing of your data for direct marketing purposes.
  • Right to Withdraw Consent: The right to withdraw your consent at any time for data processed based on your explicit consent. The withdrawal of consent does not affect the lawfulness of processing activities prior to the withdrawal.
  • Right to Lodge a Complaint: The right to file a complaint with the Personal Data Protection Authority (Turkey) or the Data Protection Authority of the relevant EU member state.

13. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from individuals under 18. If you are a parent or legal guardian and become aware that your child has provided us with personal data without your consent, please contact us at kvkk@netzrglobal.com. In such cases, we will take the necessary steps to promptly delete the relevant data.

14. Third-Party Links

Our website may contain links to third-party websites, social media platforms, and external services. When you click on these links, the privacy policy of the relevant third party will apply. We have no control over or responsibility for the privacy practices of third-party sites. We recommend that you review the privacy policies of these sites separately.

15. Policy Changes

Our Company reserves the right to update this Privacy Policy in line with legal regulations, technological developments, and changes in our business processes. The updated policy will enter into force upon publication on our website (netzr.tech). In the event of significant changes, notification will be provided via your registered email address or through our website. We recommend that you visit this page regularly to stay informed of the current version of our policy.

16. Contact

For questions regarding the Privacy Policy, your requests, or to exercise your rights, you may contact us through the following channels: Email: kvkk@netzrglobal.com. Postal address: Netzr Teknoloji A.Ş., Muallim Mah. Deniz Cad. No:143/6, Bilişim Vadisi, Gebze/Kocaeli, Turkey. Phone: +90 262 503 43 95. Your applications will be concluded free of charge within 30 days at the latest.

This Privacy Policy has been prepared by Netzr Teknoloji A.Ş. and is applied within the framework of KVKK, GDPR, and other applicable data protection legislation. For questions regarding this policy, please contact us at kvkk@netzrglobal.com.

Privacy Policy — Netzr | Netzr