Privacy Policy

Last Updated: 27/11/2023

The company (“MONTARİST BİLİŞİM YAZILIM PROJE DANIŞMANLIK İHRACAT İTHALAT VE TİCARET LİMİTED ŞİRKETİ”) is committed to protecting privacy and confidentiality of information that is entrusted to us in compliance with the “Kişisel Verilerin Korunması Kanunu (KVKK)” and “EU General Data Protection Regulation (GDPR)”. What information is collected and the extent to which the collected information is used and protected is given in the Privacy Policy below. Please read the Privacy Policy to learn your rights to data.

1. Who are we?

This website is operated by MONTARİST BİLİŞİM YAZILIM PROJE DANIŞMANLIK İHRACAT İTHALAT VE TİCARET LİMİTED ŞİRKETİ (“Montarist”, “we” or “us”). This Privacy Policy is applicable to Montarist.

2. Who can you contact for privacy questions or concerns?

If you have any question or comment on this Privacy Policy or the way we handle personal information, please e-mail:contact@vignetim.comMontarist aims to respond within 30 days after the receivement of privacy-related concerns.

3. How do we collect personal data?

Direct: We acquire personal data from individuals directly through various sources: business cards that are provided by individuals, completed online forms and surveys, subscribed newsletters and bulletins, registered webinars, events or meetings that we host, and recruitment documents that individuals provide us at our office. Montarist also might collect personal data directly through contracts created for business relationships, professional services, or its software applications.

Indirect: Montarist collects personal data from individuals indirectly through various sources: recruitment services and clients with whom we work. Montarist might attribute personal data to its Customer Relationship Management (CRM) processes to improve its offers for business clients, subscribers, and individuals.

Public Sources: Montarist collects personal data from sources that are open to the general public such as news articles, sanctions lists, Internet searches, and so on.

Social and professional network platforms: When individuals register or log in to our website using social media (Facebook, Twitter, Google, or LinkedIn) in order to authenticate their identity or connect social media login information with this website, Montarist might collect information needed for the registration or login process that is permitted by the relevant social media provider. This particular information might be name, e-mail address, and additional details based on the individual’s privacy settings on the social media platform. Individuals who want to set and control the information shared with this website can change their privacy settings and controls on the relevant social media platform.

Business clients: The professional services we perform for our business clients might engage in sharing personal data controlled by our clients if needed. Examples include audit processes undertaken for compliance assessments that involve employee information. Our professional services might also include processing personal data that is controlled by our clients on behalf of them on our hosted applications. This type of collection and processing of personal data is subject to different privacy terms, policies and notices.

Recruitment services: Montarist may collect personal data from candidates who apply through employment agencies and other parties such as our former employers.

4. What categories of personal data do we collect?

We collect personal data within the categories defined below through direct interactions, and indirect interactions that include sources such as business client engagements, applicants, and others described in this Privacy Policy.

Personal data that is commonly collected by Montarist to conduct our business processes:

  • Contact details (including name, company name, job title, work and mobile telephone numbers, work and personal email address, postal address)
  • Professional details (including job and career history, educational background, published articles, projects, and job-related memberships)
  • Family and beneficiary details for insurance and pension plans (including name and date of birth)
  • Financial information (including taxes, payrolls, pensions, assets, and bank details)

Sensitive personal data: Montarist does not obtain sensitive or special types of personal data from individuals besides its own employees. Montarist may collect and process sensitive personal data from individuals (who are not employed by Montarist) when it is instructed by a third party with the expressed consent of individuals to do so, or when it is required by law. Examples of sensitive data Montarist may collect or hold are given below:

  • Documents that identify personal characteristics such as race, religion, or ethnicity, biometric data of individuals, beneficial owners of corporate entities, or applicants. *
  • Adverse information about our existing or potential business clients or job applicants that might include criminal history and such information.
  • Information is provided by business clients through our professional engagement and service.
  • Children data. Even though Montarist does not purposefully collect information from individuals that are under 13 years of age, Montarist may receive information about children who attend its events or meetings with their parents and guardians (example: training, summits).
5. What lawful reasons do we have for processing personal data?

Montarist may collect and use personal data in order to conduct business and provide its product and services based on lawful reasons:

Contracts: Montarist might process personal data to perform its contractual obligations owed to the relevant individuals or to create a contract with them.

Consent: Montarist might collect and use personal data based on the freely consent given by the individuals when they provide their personal data.

Legitimate interests: Montarist might collect and use personal data relying on legitimate interests based on the evaluation of fair, reasonable and justifiable processing. These legitimate interests include:

  • Delivering service to our clients: Montarist might collect and use personal data to perform its professional services for its engaged clients.
  • Direct marketing: Montarist might collect and use personal data obtained by business clients, subscribers or interacted individuals to assess market insights and market trends.
  • Legal requirements: Montarist might collect and process personal data to meet is legal and regulatory obligations and instructions.
6. Why do we need personal data?

Montarist aims to be transparent when it collects and uses personal data and why personal data is needed in the first place. The reasons why Montarist collects and uses personal data include:

  • To provide and perform professional consultancy related to our service areas: cloud, DevOps, compliance, and software development. Our services might include reviewing business files for assessment, implementation, and audit purposes, which may involve processing personal data for the corresponding business clients.
  • To promote our professional services, capabilities, and products to existing and potential clients.
  • To send invitations and to provide access to registrants attending our webinars, in-person events, or sponsored events.
  • To personalize our website landing pages and online communications provided to our existing and potential business clients.
  • To administer, maintain, and ensure the protection and security of our information systems, our website, and hosted applications.
  • To authenticate registered users to certain areas of our websites.
  • To seek qualified job candidates and to carry candidate career information to our human resources activities, which might be subject to different privacy terms and policies.
  • To process online requests, which might include responding to communication requests from individuals or requests for proposals and quotations for our offered services.
7. Do we share personal data with third parties?

Montarist might occasionally share personal data with the third parties it trusts in order to improve and increase efficiency of its service offerings. These third parties are contractually obligated to protect and secure the data that is shared with them. Montarist might engage with one or more of the following categories of data recipients described below:

  • Parties that help Montarist to deliver its professional services such as telecommunication providers, technical support, cloud-based software services and so on.
  • The professional advisers that Montarist works with, including lawyers, insurers, and auditors.
  • A potential buyer, transferee, merger partner or seller and their professional advisers for an actual or potential transfer or merger of our several business assets and associated rights or interests, or to acquiring or merging with the business.
  • Montarist’s marketing service providers.
  • Legal enforcements, regulatory agencies (including government) and other required parties based on the applicable laws and regulations.
  • Montarist’s recruitment service providers.
8. Do we use cookies?

This website uses cookies. When and where cookies are used, a statement about the use of cookies is sent to the relevant browser. Please read our Cookie Policy to learn about use of cookies further.

9. What are your data protection rights?

Access: Individuals can ask Montarist anytime to verify whether it processes personal data of them and if so, they can ask for specific details of which type of information is processed. Correction: Individuals can ask Montarist to edit and correct its records if they see any incorrect or incomplete information about them is held.

Erasing: Individuals can ask Montarist to delete or erase any of their personal data after they withdraw their information processing consent or when Montarist does not need the specific information for the initial collection purpose.

Processing restrictions: Individuals can ask Montarist to restrict the processing of their personal data temporarily if they object to the accuracy of their data and prefer to restrict its use instead of asking for erasure. Individuals can also ask Montarist to preserve their personal data to establish or defend a legal claim. A temporary restriction is applied while the legitimate grounds of processing personal data is verified. Individuals can ask for to be informed by Montarist when the temporary processing restriction is lifted.

Data portability: Individuals can occasionally ask Montarist to transmit their collected personal data directly to another company in a structured, machine-readable format if it is technically consistent.

Automated Individual Decision Making: Individuals can ask Montarist to review the decisions made about them in accordance with the automated processing services that might bring legal effects concerning or significantly affecting them, such as profiling.

Right to Object to Direct Marketing Including Profiling: Individuals can object to use of their personal data for Montarist’s direct marketing purposes and activities, including profiling. In this case, Montarist might need to keep some minimal amount of information about them to meet their request of ending marketing for these individuals.

Right to Withdraw Consent: Individuals can withdraw their previously given consent for one or more specified purposes for personal data processing. Withdraw of consent does not affect the legitimacy of any data processing that is done before the withdrawal. Withdrawal of consent might mean inability to offer certain services or products to individuals and if so, they will be informed of the situation.

Individuals who would like to exercise their Data Subject Rights can email: contact@vignetim.com Montarist might require some specific information regarding these individuals to confirm their identity and help them access their personal information and exercise any of their data rights. This process helps both Montarist and individuals to ensure the personal data is not disclosed to any other person who has not the right to access this data. These requests can be made with no charges if they are obviously grounded and conscionable. In some cases, Montarist may be unable to meet these requests if they conflict with other lawful grounds.

10. What about personal data security?

Montarist exercises necessary technical and organizational security policies and procedures to ensure the protection of personal and sensitive personal data from loss, misuse, change and demolition. Montarist is dedicated to ensure the access to personal data is limited only to those who have justifiable reasons to access. The individuals who have access to the personal data are required to protect the confidentiality of such information as well. Montarist may practice pseudonymisation, de-identification or anonymisation methods to protect the personal data effectively.

Individuals should also be aware that the security concerns involved in transmitting data via the Internet is at their own risk. While the security of data transmission to the website is not completely guaranteed, Montarist aims to protect the security of personal data.

11. Do we link to other websites?

This website might include links to other websites including our partners’ and customers’ websites that are not subject to this Privacy Policy. Individuals should review the links’ destination website and their Privacy Policies before submitting their personal data on these websites. Although Montarist aims to link only to the websites which are trustworthy and respectful of privacy, Montarist is not responsible for the security or privacy practices exercised by any other website.

12. Do we change this Privacy Policy?

We review our Privacy Policy on a regular basis to keep it updated when needed. This Privacy Policy was written on November 27, 2023.