Your personal data may be processed by Beceni Sevim Avukatlık Ortaklığı (“BTS”) as the data controller in accordance with the Personal Data Protection Law No. 6698 (“Law”) within the scope specified below.
Based on your relationship with our partnership, your personal data may be collected directly from you or from our clients (e.g. your employer company), suppliers, public authorities and publicly available sources. Personal data types that we may collect through these channels can be summarized as follows:
| Category of Personal Data | Personal Data |
|---|---|
| Identity data | Name, surname |
| Contact data | Phone number, mail address, e-mail address and contact details |
| Registration data | Newsletter requests, webinar and seminar registration details |
| Client service data | Personal data relating to clients or data received from clients, third parties, invoicing details and payment history, and client feedback details |
| Risk management data | Government identifiers, passports, or other identification documents, AML/CTF screening records |
| Device data | IP address, unique device identifier, other data linked to a device, and data about usage of our website |
Your personal data may be processed by BTS for the following purposes and legal grounds, based on the personal data processing conditions specified in Article 5 of the Law.
| Category of Personal Data | Processing Purposes of Personal Data | Legal Grounds |
|---|---|---|
| Identity data, contact data, registration data, client service data and device data | To register you or your organization as a client of ours To provide and administer legal services or other services or solutions, as instructed by you or your organization; To represent our clients and execute litigation processes as instructed | Based on the legal ground that processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract Based on the legal ground that processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject |
| Identity data, contact, registration data, client service data, and device data | To manage our business operations (including analyzing and improving our services and communications with our clients and to monitor compliance with our policies and standards) To operate our business relations with our clients To manage billing and payments operations | Based on the legal ground that processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract Based on the legal ground that processing of personal data is necessary for compliance with a legal obligation to which the data controller is subject to Based on the legal ground that processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject |
| Identity data, contact data, registration data, risk management, and device data | To ensure the security and effectiveness of our website and information technology systems To protect the security of our technical infrastructure and communications to prevent and detect security threats, frauds or other criminal or malicious activities; Based on the legal ground that processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject | Based on the legal ground that processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject |
| Identity data, contact data and registration data | To provide information on legal updates | Based on your explicit consent Based on the legal ground that processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject, |
| Identity data, contact data, registration data, risk management and device data | To ensure compliance (e.g. with anti-money laundering and countering financing of terrorism regulations, trade sanctions and embargo laws) To comply with our legal obligations concerning record retention (including those arising from Law no. 5651 and tax regulations) | Based on the legal ground that the processing is expressly provided for by the laws and is necessary for compliance with a legal obligation to which the data controller is subject to, |
Your personal data may be transferred pursuant to the data processing conditions stipulated in Article 5 of the Law and in accordance with the rules regarding the transfer of personal data specified in Articles 8 and Article 9. During the cross-border transfer of your data, we take all necessary measures to use, share and protect that data as described in the Privacy Notice.
| Recipient Parties | Purposes for Transferring |
|---|---|
| Our business associates (This refers to global law firms and business associates with whom BTS cooperates.) | To provide you with legal services and to manage our relationship with you |
| Our suppliers and service providers (This refers infrastructure and IT services providers, and providers of account systems and HR systems or third-party counsels. It also includes mediators, experts, or other legal specialists such as translators, couriers or other necessary entities) | To manage our business operations |
| Our client (if we have collected your data through providing legal services to any of our clients) | Where permitted by law to others to provide those services |
| Companies providing services for anti-money laundering and countering financing of terrorism regulations, trade sanctions and embargo laws and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such personal data is shared | To ensure compliance |
| Courts, law enforcement authorities, regulators, government officials or attorneys or other parties | To establish, exercise or defence of a legal claim, or for the purposes of a confidential alternative dispute resolution process |
| Legally authorized public institutions and legally authorized private institutions | To fulfil our obligations arising from the legislation |
Data subjects are entitled to the below-listed rights under Article 11 of the Law:
In case requests relating to the aforementioned rights are conveyed to info@bts-legal.com such requests shall be evaluated within thirty days. In principle, the requests shall be concluded free of charge. However, BTS reserves its right to demand a fee from the tariff specifies by the Data Protection Board.
