Introducing LeadOcean: AI-Powered Lead Generation, Curated Data, Effortless Scaling

Legal & Compliance Hub

Comprehensive repository of all legal notices, clarification texts, and data protection policies.

01. Security Camera Clarification

Purpose and Scope

Prepared as data controller per Article 10 of Law No 6698. Covers surveillance in workplace monitoring areas to protect privacy and fundamental rights.

Areas and Methods

Indoor/outdoor cameras record 24/7. Digital storage within Company. Positions are limited to security purposes (entrances, elevators, corridors).

02. Data Breach Response Plan

Purpose: Prevent unlawful access and define roles during potential data breaches.

Objectives

  • Identify breach source and affected data categories
  • Minimize commercial and reputational losses
  • Report to Board within 72 hours

Definitions

Data Breach: Unlawful acquisition of personal data. Includes accidental destruction or unauthorized access.

03. Customer Explicit Consent

Account creation and personalized marketing services depend on your explicit consent. Your identity and communication data (name, surname, e-mail, phone, cookies) may be processed for customized advertisements and promotions, and shared with domestic business partners.

04. General Clarification Text

Data Processed

  • Identification (TCKN, VKN)
  • Contact (Phone, Address)
  • Marketing (Cookies, Logs)
  • Audiovisual (Call Center)
  • Financial Data
  • Customer Transactions
  • Transaction Security (IP, Location)

Processing Purposes

  • Execution of contract and sales processes
  • Invoicing and payment management
  • Customer satisfaction and after-sales support
  • Information security management

05. Supplier & Partner Clarification

Covers suppliers, business partners, and their representatives. Identity, Contact, and Financial data are processed for procurement, communication, and contract execution. Data is shared with authorized public institutions only for legal disputes.

06. Data Sharing Undertaking

Obligations for Data Shared Persons:

  • 01. Must comply with Law No 6698 and take all technical/administrative measures.
  • 02. Data processed only for the scope of the Agreement; no sharing abroad without notification.
  • 03. Immediate notification to Company upon discovery of unauthorized access by 3rd parties.

07. Data Breach Notification Note

The 72h Rule (Decision 2019/10)

Board must be notified within 72 hours of learning. Relevant persons must be notified as soon as reasonably possible.

Content of Notification

Must include time of breach, affected data categories, possible consequences, and mitigation measures.

08. Data Subject Rights & Application

Your Application Rights

  • • Learn if personal data is processed
  • • Request information on the processing purpose
  • • Know 3rd parties (domestic or abroad)
  • • Request deletion/destruction (Art. 7)
  • • Object to automated analysis results

How to Apply?

In writing or via REM (Registered E-mail). Requests are finalized free of charge within 30 days. No fee for first 10 pages of written responses.

Data Controller Information

Trade Name

Şef Bilişim Hizmetleri Anonim Şirketi

Registry No

Istanbul - 886402

MERSIS

0085039895341229

Tax ID

Maslak / 0850398953

Address

Maslak Mah. Dereboyu 2 Cad. Nurol Plaza No:21/A Sarıyer/Istanbul

Phone

+90 (850) 321 88 99