Effective Date: July 19, 2025
1. Introduction and Purpose of the Policy
VOYCE YAZILIM VE İLETİŞİM TEKNOLOJİLERİ LİMİTED ŞİRKETİ (“VOYCE” or “the Company”) places great importance on protecting the personal data of customers, potential customers, employees, business partners, and all natural persons who interact with the Company.
This policy aims to ensure that data processing activities are conducted on a lawful basis in compliance with the Law on the Protection of Personal Data No. 6698 (KVKK) and relevant legislation.
This Policy:
Explains the purposes of personal data processing
Details collection methods
States legal grounds
Lists the parties to whom data may be transferred
Describes security measures
Outlines the rights of data subjects
2. Definitions
Personal Data: Any information relating to an identified or identifiable natural person.
Special Categories of Personal Data: Sensitive data such as race, ethnicity, political opinions, religion, health information, etc.
Data Controller: The person or entity determining the purposes and means of processing personal data (VOYCE).
Data Subject: The natural person whose personal data is processed.
Data Processor: A natural or legal person processing data on behalf of the data controller.
Explicit Consent: Freely given, informed, and specific consent.
Destruction: Deletion, destruction, or anonymization of data.
3. Principles for Processing Personal Data
VOYCE processes personal data in accordance with the principles set out in Article 4 of the KVKK:
Compliance with law and the rules of good faith
Accuracy and keeping data up-to-date
Processing for specific, explicit, and legitimate purposes
Being relevant, limited, and proportionate to the purposes of processing
Retention for the period necessary for the purposes for which they are processed
4. Categories of Personal Data and Purposes of Processing
Data Category | Purposes of Processing |
Identity and Contact Data | Contract and customer management, invoicing, support services, marketing, legal notifications |
Customer Transaction Data | Subscription, orders, service quality, fault and request management |
Financial Data | Payment transactions, accounting, financial reporting, risk management |
Service Usage (Traffic) Data | Technical performance monitoring, logging, legal obligations under Law No. 5651 |
Marketing Data | Campaigns, promotions, product launches, customer satisfaction |
Employee/Candidate Data | Human resources, recruitment, employment contracts, legal obligations |
Customer-Uploaded Data | Content uploaded by customers regarding their own clients. VOYCE acts as a “Data Processor” in such cases. |
5. Method and Legal Grounds for Collecting Personal Data
Personal data may be collected:
Through websites, mobile applications, call centers, email, contracts, application forms, etc.
By automated or non-automated means.
Legal Grounds:
Explicit consent
Explicit provision in the law
Situations where consent cannot be obtained due to factual impossibility
Establishment or performance of a contract
Fulfillment of legal obligations
Data made public by the data subject
Establishment, exercise, or protection of rights
Legitimate interests of the data controller
6. Transfer of Personal Data
VOYCE may share personal data domestically or internationally with third parties, subject to necessary security measures, in the following cases:
Business Partners and Service Providers: Infrastructure, cloud, payment, technical support providers
Authorized Public Authorities and Institutions: Pursuant to court orders or legal obligations
Affiliates and Subsidiaries: For corporate reporting and management purposes
7. Data Security
Key measures taken to ensure data security include:
Access authorization matrices
Data encryption
Firewalls
Penetration testing
Regular audits
Employee training and awareness programs
8. Rights of the Data Subject
Under Article 11 of the KVKK, data subjects have the right to:
Learn whether personal data is processed
Request information regarding processed data
Learn the purpose of processing and whether it is used accordingly
Know the third parties to whom the data is transferred
Request correction of incomplete or inaccurate data
Request deletion or destruction of personal data
Object to adverse outcomes arising from automated processing
Claim compensation for damages arising from unlawful processing
Applications may be made in writing or electronically in accordance with the Communiqué on Principles and Procedures for the Application to the Data Controller.
9. Data Controller Identity and Contact Information
Data Controller: VOYCE YAZILIM VE İLETİŞİM TEKNOLOJİLERİ LİMİTED ŞİRKETİ
Address: YakupLu Mah. Hürriyet Blv. Skyport Residence No: 1, Unit No: 113, Beylikdüzü / İstanbul
Email: [email protected]
10. Policy Updates
VOYCE reserves the right to update this policy in line with legal requirements or internal policy changes. The current version will always be published on our official website.