As oNabu Bilişim A.Ş. and oNabu USA LLC. (“together as the “Company”), the protection and security of your personal data are at paramount important to us.
Therefore, we are constantly reviewing our data processing activities and revising our policies in accordance with the applicable legislation in our present markets.
This Privacy Policy and Data Processing Principles (“Privacy Policy”) at our company website and application (“Websites”) are also reviewed in accordance with General Data Protection Regulation (“GDPR”) and Californian Consumer Privacy Act (“CCPA”) applies to all Websites, apps, events and to any other services owned and operated by the Company.
Where you do not provide the personal data, we may not be able to provide you the related services; as it may depend on this information.
Personal Information We Collect: We only collect and process the following categories of data about companies and business professionals;
How and Where We Collect:
How and Why We Use:
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing prior notice.
The main reason we use your information is to deliver what we offer and constantly improve our services. Additionally, we use your information to help keep you safe and to provide you with advertising that may be of interest to you.
Besides, in line with the aforementioned, we may also use your personal data in the following circumstances:
When the public area of the website is used, the user’s automatically anonymised IP address is saved. As a result of the anonymization, it is impossible to identify the anonymised user and tracking their movement on the website does not allow for any conclusions to be drawn about a specific user.
For GDPR; You may withdraw your consent fully or partially at any time by contacting us from; contact@onabu.io or any form on our Website.
For CCPA; You can request the deletion of your personal information by sending an email to; contact@onabu.io
From time to time we may contact you with relevant information about our services and products. Most messages we send will be by email. For some messages, we may use personal data we collect about you to help us determine the most relevant information to share with you.
Newsletters
We only contact you once you will provide us your name-surname and e-mail address, which will be deemed as explicit consent to subscribe to our Newsletter.
We use the double opt-in process for our newsletter registration. This means that after your registration we send an email to the email address specified by you; in this email we request your confirmation that you desire to be sent the newsletter. If you do not confirm your registration within 24 hours your data is automatically deleted. Furthermore, we also save your used IP addresses and the times of your registration and confirmation. The purpose of this process is to verify your registration and to possibly explain any mis-usage of your personal data.
If you do not want to receive Newsletters and other messages from us, you will be able to tell us by selecting certain boxes on forms we use when we first collect your contact details. You can change your marketing preferences by clicking on the unsubscribe link at the bottom of our emails or sending an e-mail to us.
We may have to share your personal data with the parties in the needed situations as set out below;
The personal data we collect may be transferred to, and processed and stored in, countries outside of your local jurisdiction. If you are located in the European Union (“EU”), your personal data may be processed outside of the EU, including, for example, in US or in Turkey; these international transfers of your personal data are made:
If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this Privacy Policy.
We have extensive security measures in place to protect the loss, misuse and alteration of the information stored in our database. These measures include the use of Secure Socket Layer (SSL) and administrative access to site data as well as other proprietary security measures which are applied to all repositories and transfers of user information. We will exercise reasonable care in providing secure transmission of information between your computer and our servers, but given that no information transmitted over the Internet can be guaranteed 100% secure, we cannot ensure or warrant the security of any information transmitted to us over the Internet and hence accept no liability for any unintentional disclosure.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for (as set out above), including for the purpose of satisfying and legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
You may have certain rights under GDPR in relation to your personal data. You have the rights to:
If you wish to exercise any of these rights, you can contact us from our Websites.
Your Rights Under CCPA;
The CCPA provides California residents the following specific rights regarding processing their personal information;
Access to Specific Information and Data Portability Rights
As a Californian resident; you have the right to request the following;
Deletion Request Rights:
You have the right to request us to delete any of your personal data that we process have with some exceptions.
Once we receive your valid request, we will delete (and ask from our service providers and customers to delete as well) your personal information from our systems, unless an exception applies.
We may resist to delete your personal data in the following cases though;
1.Complete the transaction for which we collected the personal information, provide a good or service that a consumer requested, take actions reasonably anticipated within the context of our ongoing business relationship with that consumer, or otherwise perform our contract with that consumer.
2.Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
3.Debug products to identify and repair errors that impair existing intended functionality.
4.Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
5.Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
6.Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if a consumer previously provided informed consent.
7.Enable solely internal uses that are reasonably aligned with consumer expectations based on a consumer’s relationship with us.
8.Comply with a legal obligation.
9.Make other internal and lawful uses of that information that are compatible with the context in which a consumer provided it.
Right to Opt-Out of Sale or Sharing of Personal Information:
According to CCPA, you have the following rights to exercise anytime you wish and therefore we pledge to comply with the following accordingly;
(a) to direct a business that sells or shares personal information about the consumer to third parties not to sell or share the consumer’s personal information. This right may be referred to as the right to opt-out of sale or sharing.
(b) A business that sells consumers’ personal information to, or shares it with, third parties shall provide notice to consumers, pursuant to subdivision (a) of Section 1798.135, that this information may be sold or shared and that consumers have the “right to opt-out” of the sale or sharing of their personal information.
(c) Notwithstanding subdivision (a), a business shall not sell or share the personal information of consumers if the business has actual knowledge that the consumer is less than 16 years of age, unless the consumer, in the case of consumers at least 13 years of age and less than 16 years of age, or the consumer’s parent or guardian, in the case of consumers who are less than 13 years of age, has affirmatively authorized the sale or sharing of the consumer’s personal information. A business that willfully disregards the consumer’s age shall be deemed to have had actual knowledge of the consumer’s age.
(d) A business that has received direction from a consumer not to sell or share the consumer’s personal information or, in the case of a minor consumer’s personal information has not received consent to sell or share the minor consumer’s personal information, shall be prohibited, pursuant to paragraph (4) of subdivision (c) of Section 1798.135, from selling or sharing the consumer’s personal information after its receipt of the consumer’s direction, unless the consumer subsequently provides consent, for the sale or sharing of the consumer’s personal information.
The Website may, from time to time, contain links to and from third party services. If you follow a link to any of these services, please note that these services have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those services.
The Website is not directed at persons under 18 and we do not knowingly collect personal data from persons under 18 or from any change that can be deemed as child in your jurisdiction.
We evaluate our privacy policies and procedures to implement improvements and refinements from time to time. Accordingly, we may update this Privacy Policy and so you should review this page periodically. If we make material changes to this Privacy Policy, we will update the “last updated” data at the start of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.
If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on the communication. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this Privacy Policy.
Questions, comments and requests regarding this Privacy Policy are welcome and should be sent to: contact@onabu.io