Skip links
Linkedin Youtube Instagram
Contact Us
+90 212 217 47 29-31
CUSCIT

Privacy and Security Policy

1. INTRODUCTION AND SCOPE

Nurhan Gürel Reklamcılık ve Yayıncılık Hizmetleri Ticaret Limited Şirketi (“Our Company”, “We”, “Us”, “Data Controller”) attaches utmost importance to the privacy and security of the personal data of our valued users (“User”, “Participant”, “Data Subject”, “You”) who visit our website with the domain name cuscit.com (“Website”) or register for the CUSCIT’25 Cement Olympics congress (“Congress”) through our Website.

This Privacy and Security Policy (“Policy”), in accordance with the Personal Data Protection Law No. 6698 (“PDPL”), transparently explains which personal data we collect as the Data Controller, by which methods, based on which legal grounds we process it, for what purposes we use it, to whom we may transfer it, how we protect your data, for how long we retain it, and what your rights are regarding your personal data.

This Policy applies to all users of the Website and Participants of the Congress. By using the Website or registering for the Congress, you are deemed to have accepted the principles outlined in this Policy.

2. DATA CONTROLLER

The data controller responsible for the processing of your personal data under the PDPL is:

  • Title: Nurhan Gürel Reklamcılık ve Yayıncılık Hizmetleri Ticaret Limited Şirketi
  • Mersis No: 4100093188302360
  • Address: Seyrantepe Mah. İbrahim Karaoğlanoğlu Cad. No:97/6 Kağıthane / Istanbul / Turkey
  • Tax Office / Tax ID No: MASLAK / 6320388139
  • Contact E-mail (for Privacy Matters): [email protected]

3. PERSONAL DATA PROCESSED

Within the scope of your visit to our Website, your Congress registration, or your communication with us, the following categories of your personal data may be processed:

  • Identity Data: Your name, surname, TR Identity Number or Tax Identification Number (Only when required by legal obligations such as invoicing and requested during registration).
  • Contact Data: Your e-mail address, telephone number, invoice address, country information.
  • Professional Experience Data: Your company/institution name, title/position (To the extent requested in the registration form).
  • Financial Data: Information necessary for invoicing, information confirming successful payment completion or cancellation (e.g., transaction reference number). IMPORTANT NOTE: Sensitive financial information such as your full credit card or debit card number, expiry date, CVV/CVC2 security code is strictly not collected, processed, or stored by Our Company. This information is entered directly into the encrypted interface of our contracted licensed and secure payment service provider (Virtual POS service provider) during payment transactions, and the transactions are carried out by that provider.
  • Transaction Security Data: The IP address you use to access the Website, log records (standard web server records such as access time, pages visited), device and browser information, data collected via cookies.
  • Marketing Data: Your contact information and preferences used for information and marketing communications about future events, subject to your explicit consent; marketing-related data collected via cookies.
  • Request/Complaint Management Data: Information related to your requests, questions, or complaints shared when you contact us.
  • Other Data: Other information voluntarily provided by you through the registration form, contact forms, or surveys.

4. METHODS AND LEGAL BASES FOR COLLECTION OF PERSONAL DATA

Your personal data is collected through automated or partially automated means using the following methods, based on the legal grounds specified in Articles 5 and 6 of the PDPL:

  • Data Directly Provided by You: Data you provide personally through the Congress registration form, contact form on the Website, e-mail, telephone, or other communication channels.
  • Data Collected via the Website and Technologies: Transaction security data automatically recorded by our servers during your visit to the Website, such as IP address and log records; data collected through cookies and similar tracking technologies.
  • Via Payment Service Provider: Confirmation information regarding the successful completion of the payment.

Your personal data is processed based on the following legal grounds:

  • Being directly related to the conclusion or performance of a contract (PDPL Art. 5/2-c): Processing your Congress registration, confirming your participation, providing accommodation (if selected) and other congress services, processing payment transactions (via the payment institution).
  • Being necessary for compliance with a legal obligation to which the data controller is subject (PDPL Art. 5/2-ç): Issuing invoices (processing TR ID/Tax ID), making legal notifications, responding to requests from official authorities.
  • Being necessary for the legitimate interests pursued by the data controller, provided that this processing does not violate the fundamental rights and freedoms of the data subject (PDPL Art. 5/2-f): Ensuring the security of the Website, preventing fraud, improving service quality, managing operational processes, statistical analysis (anonymized), managing requests and complaints.  
  • Explicit Consent (PDPL Art. 5/1): Situations where explicit consent is legally required; particularly for direct marketing activities such as sending information and commercial electronic messages about future events, your explicit consent will be requested separately during or after registration. Your explicit consent may also be required for certain uses of cookies (See Cookie Policy for details).

5. PURPOSES OF PROCESSING PERSONAL DATA

Your personal data is processed based on the legal grounds mentioned above and in compliance with the PDPL and related legislation for the following purposes:

  • To receive, manage, and confirm your Congress registration.
  • To enable the collection of Congress participation fees (via the payment institution) and for accounting purposes.
  • To issue and deliver invoices to you as required by legal obligations.
  • To carry out operational and informational communications related to the Congress (program updates, important announcements, participation details, etc.) via e-mail, SMS, or telephone.
  • To prepare and provide your Congress participation documents (badge, certificate of attendance, etc.).
  • To ensure the operation and security of the Website and to improve user experience.
  • To receive, evaluate, and respond to your requests, questions, and complaints.
  • To conduct analysis and reporting (usually with anonymized data) to measure and improve our service quality.
  • To exercise our right of defense against potential legal claims or for the resolution of legal disputes.
  • To fulfill legal requests from authorized public institutions and organizations.
  • Subject to your explicit consent: To inform you about our future events, services, and campaigns and to send commercial electronic messages.

6. TRANSFER OF PERSONAL DATA

Your personal data may be transferred to the following recipient groups within Turkey and/or abroad for the processing purposes mentioned above, within the framework of the personal data processing conditions and purposes specified in Articles 8 and 9 of the PDPL, by taking necessary security measures:  

  • Payment Service Providers: Licensed payment institutions we collaborate with to securely process payment transactions (These institutions are subject to their own privacy policies).
  • Suppliers and Service Providers: Service providers supporting the Congress organization (e.g., the hotel providing accommodation services – Gloria Golf Resort, event management software providers, e-mail delivery service providers, SMS delivery companies, IT infrastructure and hosting service providers, website agency, independent auditors, financial advisors, legal consultants).
  • Business Partners: Institutions or organizations with whom the Congress is jointly organized or supported (if any, and with your knowledge).
  • Authorized Public Institutions and Organizations: To fulfill legally compliant requests from legally authorized public institutions and organizations (courts, ministries, regulatory bodies, etc.).

Transfer Abroad: Due to the international nature of the Congress, certain IT infrastructures used (e.g., cloud-based email services, web analytics tools), or the location of payment system providers abroad, your personal data may be transferred outside of Turkey. Such transfers are carried out in accordance with the conditions specified in Article 9 of the PDPL (transfer to countries declared by the Personal Data Protection Board as having an adequate level of protection, or ensuring safeguards such as obtaining your explicit consent or signing standard contractual clauses for countries without adequate protection).

7. DATA RETENTION PERIOD

Your personal data will be retained for the period necessary for the purpose for which they are processed and, in any case, for the minimum retention periods stipulated in the relevant legal legislation (e.g., 10 years for invoice and payment records as required by the Turkish Commercial Code, Tax Procedure Law, Code of Obligations). Upon the expiry of the purpose of processing and/or the legal retention periods, your personal data will be deleted, destroyed, or anonymized ex officio or upon your request, in accordance with the PDPL. Data processed for marketing purposes will be retained until you withdraw your consent for this purpose.  

8. DATA SECURITY MEASURES

Our Company takes all necessary technical and administrative measures in accordance with Article 12 of the PDPL to prevent unlawful processing of, and access to, your personal data, to ensure the preservation of data, and to ensure the appropriate level of security. Key measures include:

  • Data transmitted between the Website and our servers is encrypted using SSL (Secure Sockets Layer) protocol.
  • Firewalls and up-to-date security software are used to ensure network and application security.
  • Access rights to personal data are restricted based on job descriptions and accessible only by authorized personnel.
  • Databases and servers are protected against unauthorized access.
  • Payment transactions are carried out through licensed payment service providers compliant with international security standards such as PCI DSS, and sensitive card information is not stored in Our Company’s systems.
  • Our personnel receive regular training on personal data protection and awareness activities are conducted.
  • Confidentiality agreements and data security policies are implemented.

9. RIGHTS OF THE DATA SUBJECT (PDPL ARTICLE 11)

Pursuant to Article 11 of the PDPL, you have the following rights regarding your personal data: a) To learn whether your personal data is processed or not, b) To request information if your personal data has been processed, c) To learn the purpose of the processing of your personal data and whether they are used in compliance with the purpose, d) To know the third parties to whom your personal data is transferred in Turkey or abroad, e) To request the rectification of incomplete or inaccurate data, if any, f) To request the erasure or destruction of your personal data under the conditions stipulated in Article 7 of the PDPL, g) To request notification of the operations carried out pursuant to subparagraphs (e) and (f) to third parties to whom your personal data has been transferred, h) To object to the occurrence of a result against you by analyzing the data processed solely through automated systems, i) To claim compensation for the damage arising from the unlawful processing of your personal data.  

10. APPLICATION METHODS

You may submit your requests regarding the rights listed above to Our Company using one of the following methods, along with documents verifying your identity:

  • In Writing: You can send your petition with a wet signature in person or via notary to the address “Nurhan Gürel Reklamcılık ve Yayıncılık Hizmetleri Ticaret Limited Şirketi, Seyrantepe Mah. İbrahim Karaoğlanoğlu Cad. No:97/6 Kağıthane / Istanbul / Turkey”.
  • Via Registered Electronic Mail (REM): (If available) You can send it with a secure electronic signature to our Company’s REM address [email protected]. (Please verify if this is indeed a REM address.)
  • Via Secure Electronic Signature or Mobile Signature: You can send an e-mail using a secure electronic signature or mobile signature to [email protected].
  • Via E-mail Address Registered in Our System: You can send an e-mail using the e-mail address you previously notified to Our Company and which is registered in our system to [email protected].

Your application must clearly state your name, surname, TR ID/Passport number (according to nationality), address for notification, e-mail address for notification (if any), telephone number, and the subject of your request.

Your requests will be concluded free of charge as soon as possible and within 30 (thirty) days at the latest from the date your request reaches us, depending on the nature of the request. However, if the transaction requires an additional cost, the fees in the tariff determined by the Personal Data Protection Board may be charged. Our Company reserves the right to verify your identity before responding to your application.  

11. COOKIES

Our Website uses cookies and similar technologies for purposes such as improving user experience, ensuring the efficient operation of the site, personalizing content, providing social media features, and analyzing site traffic. For detailed information about the types of cookies used on our Website, their purposes, and how you can manage your cookie preferences, please visit our [Cookie Policy Link – Should be added here if available or will be prepared] page. If a separate Cookie Policy is not available, the basic cookies used and their purposes can be briefly summarized here.

12. POLICY UPDATES

This Privacy and Security Policy may be updated from time to time in line with changes in legal regulations or our business processes. Significant changes to the Policy will be notified to you via the Website or appropriate communication channels. We recommend that you regularly review the current version of the Policy. The “Effective Date” at the beginning of this page indicates the date of the last update.

13. CONTACT

For any questions, comments, or requests regarding this Policy or the processing of your personal data, you can contact us via the e-mail address [email protected].