1.2. When we refer to “Etrexio” or use the word “we”, “our” or “us”, we mean the ETREXIO DIGITAL SOLUTIONS BİLİŞİM VE İLETİŞİM TEKNOLOJİLERİ TİCARET LİMİTED ŞİRKETİ that acts as the “controller” of the data we hold about you or the “processor” of the data that a customer has entrusted to us, as explained in more detail under the “identifying the data controller” part of this Policy. The contact details of each of these entities are set out at the end of this Policy.
1.6. You may also choose not to provide us with “optional” personal data (i.e. “not required” fields on forms), but please keep in mind that without it we may not be able to provide you with the full range of our Services or with the best user experience when using our Services.
1.7. By “you” we mean the individual reading this text, i.e., you as a natural person (and not any company or other organization that you may be associated with).
2. Identifying the Data Controller
2.1. Etrexio is a software & technology company and a lot of what we do involves data processing in one way or another. Various data need to be processed in several ways for us to carry on our business, including provide, maintain, and develop the Service, App and Website, and to communicate with you. Data is processed both for us as well as our customers, and customers themselves process data through the Service. Not all this data constitutes Personal Data and much of the processing is controlled by parties other than Etrexio.
2.2. For instance, the user environment delivered via the Service has certain logically defined parts (each, a “Project”) where a Service user (“User”) can enter, record, store, use, disclose and otherwise manipulate various data. The data thus processed are referred to as “Project Data” which are integrated with a Client of the User and it is the User who created the Project that determines the purposes of, and otherwise controls, the processing of these data. User has legal control over, and is responsible for, Project Data. That User (the Project Owner) is also the “controller” of all Personal Data maintained in the Project. Etrexio processes these data on the Project Owner’s behalf and is thus considered to be the “processor” of the said Personal Data. This means that any enquiry, request, objection, or complaint that you as a “data subject” may have in connection with the processing of Personal Data that form part of Project Data (i.e., where the data concerned relates to you) should be addressed to, and resolved by, the relevant Project Owner.
2.3. Etrexio is the “controller” of the Personal Data that are collected by us or on our behalf through the activities within the Service, or which are otherwise processed for the purposes of our business. The following sections explain the collection and process of these data in more detail.
3. Information We Collect
3.2. We collect Information about you while negotiating, preparing, concluding, and amending agreements between you and Etrexio within the Service, Website and App of FREELANCER CRM. The Information collected may include the data provided in such agreements and any data that you furnish for the purposes of negotiating, concluding, or amending those agreements.
3.3. For instance, when you are signing up for a Service user account (“User Account”), we ask you to give us your full name, email address. During the sign-up procedure, we may automatically record your internet protocol address (IP address). For validating human access to the User Account, you will validate your e-mail address with a link goes to your inbox while signing up. You will also be assigned a user identifier (user ID), which is a certain numerical value that we generate, store and can identify you by.
3.4. We collect your financial information related to the projects that you create through the App. It includes your total revenue of your last 30 days and budget that you determine for your Project which you can create, edit, and integrate with your Clients.
3.5. As with most websites and mobile applications, certain data are automatically collected when you visit a Website or use a service application and this Information is recorded in log files. For example, when you log into the Service, the date and time of your login will be recorded along with your IP address (giving us your approximate location) and a limited user agent string (telling us what type of Service application, e.g., web, desktop or mobile, was used for the login). When you create a data entry via the Service, your Service application type and version may be recorded.
3.6. When you enter the Website, we collect your browser type and your IP address (a unique address that identifies your computer on the Internet). When you use our App, we collect your device type, your device ID, and your IP address.
3.7. Cookies vary by nature and purpose. For instance, a “session cookie” only exists in the temporary memory of your device, i.e., while your Service session or visit to a Website lasts, and is usually deleted when your web browser is closed. A “persistent cookie”, on the other hand, has a longer lifespan: it remains on your device until you delete it (i.e., instruct your browser to do so) or until it expires. A “secure cookie” can only be sent over a “secure” (encrypted) connection, making it harder for others to intercept information. A “first-party cookie” belongs to us, and a “third-party cookie” belongs to someone other than Etrexio, e.g., a company providing us with Service or Website analysis services or delivering our messages (such as advertisements) across the internet.
3.8. We only use Google Analytics and Yandex Metrica which are web analytics tools that helps us understand how users engage with the Website. Like many services, Google Analytics and Yandex Metrica use first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our site. This information is used to compile reports and to help us improve our Website. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics and Yandex Metrica without affecting how you visit our site.
3.9. Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or to block or remove cookies altogether.
3.10. Third-party cookies can usually be managed by the tools provided by those parties. Some of such tools are available here:
3.11. We receive from you such Information as you provide us when filling in forms (e.g., applications or questionnaires) on a Website or via the Service or when you participate in our Service-related campaigns or programmes, sign up to receive notifications, newsletters or other communications from us, request support for the Service, interact with our social media accounts or correspond or otherwise communicate with Etrexio within the scope of FREELANCER CRM Website or App. If you email us or send us a letter or a message, we may retain a record of such communication, including your name, email address or telephone number (as applicable), the content of your communication and our response. We may complement these data with other Information.
4. Information Uses & Legal Bases
5. Data Disclosure
5.1. This part of the Policy describes the circumstances in which we may disclose or transmit your Personal Data to third parties. Please note that the sections below only address the disclosures and transmissions of Personal Data and not, for example, anonymous or de-identified Information (which we may transmit and disclose at any time to anyone anywhere, in any manner and for any purpose).
5.2. Etrexio shares your personal data only when it is necessary to offer the Service, legally required, or permitted by you.
5.3. We will provide personal data to hosting providers such as Amazon Web Services and analytics providers such as Google.
5.4. These data processors help us bring you the Service. For example, we may share your information in order to detect where or how you encountered a bug when using our mobile application. In connection with these operations, our service providers will have access to personal data for a limited time. When we utilize service providers for processing any personal data, we implement contractual protections limiting the use of that personal data to the provision of services to Etrexio.
5.5. We will be required to access and disclose personal data in response to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. Additionally, we will access and share account or other personal data when we believe it is necessary to comply with law, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Service or using the Etrexio name, or to prevent imminent harm. This will include accessing and sharing personal data with other companies, lawyers, agents, or government agencies.
5.6. We may share your Personal Data with our corporate subsidiaries and outside accountants, legal counsels, and auditors.
5.7. If we engage in or are subject to a merger, acquisition, division, transformation, public offering of our securities, obtaining financing, divestiture of all or substantially all of our assets or a significant part of such assets, transfer of the enterprise or a part of the enterprise to which your agreement with us pertains, or a similar transaction or proceeding, or if we take steps in contemplation of such activities (e.g., submit to due diligence), your Personal Data may, subject to standard confidentiality arrangements, be shared with, or transferred to, our counterparties or other relevant participants in the respective transaction or proceeding.
5.8. We shall disclose your Personal Data at your request (unless legally prohibited, impracticable or involving unreasonable effort or expense) or may do so upon your Consent.
6. Data Storage
6.1. We only store your Personal Data for as long as necessary in the light of, or compatible with, the purposes for which the data were collected (e.g., enjoying our rights and performing our obligations under the contract you have with us, if that was the sole purpose) and such additional period as may be required by law.
6.2. Legal retention periods vary depending on the type of Information concerned, and they can be quite long. For instance, Personal Data relevant to our contract with you (which is likely to be the case upon some of the Personal Data categories and may also apply to some other Personal Data) must be retained for at ten years after the primary purpose for their processing ceases to apply (e.g., ten years following our business relationship with you terminated.)
7. Data Security
7.2. Etrexio has implemented administrative and technical safeguards it believes are appropriate to protect the confidentiality, integrity, and availability of your personal data. However, please be aware that no security measure is perfect. Our efforts notwithstanding, we cannot guarantee that your Personal Data, during transmission over the internet or while stored in our systems or those of our service providers or while otherwise in our care, will be absolutely safe from unauthorized or unlawful processing or accidental loss, alteration, or destruction, or that they will indeed be intact and confidential at all times or shortly available after any Service incident. Note also that we cannot control, and are not responsible for, the actions of other parties with whom you share (or instruct us to share) your Personal Data.
8. Data Subject Rights
8.1. As data subject, you have legal rights which are regulated under the GDPR and other local legislations. This part of the Policy aims to give you a general understanding of these rights and we encourage you to deepen this understanding by studying the GDPR yourself.
Right of access: 8.2. You have the right to enquire and get a confirmation from us as to whether or not we process any of your Personal Data. Where we do, you may request access to those data and have us give you a copy of them. A User can access most of the Personal Data we have about her by logging in to her User Account and going to User profile page. If you wish to be certain or have no User Account, please use the contact details at the end of this Policy to exercise your “right of access”.
Right to rectification: 8.3. If the Personal Data we have about you is incorrect, you have the right to request that we correct those data, and, in some circumstances, you may have the right to require that your incomplete Personal Data be completed (but in each of these cases we may need to verify the accuracy of the information you provide to us). As with the “right of access”, Users can and are encouraged to update the Personal Data under their User Accounts themselves.
Right to erasure (right to be forgotten): 8.4. You have the right to request that we delete or remove the Personal Data we have on you where there is no good reason for us continuing to process them. Please note that we may not always be able to comply with your request as there may be specific legal reasons which warrant the processing. Should this be the case, we shall inform you accordingly at the time of your request.
Right to object: 8.5. You have the right to object to our processing of your Personal Data where the processing is based on Interest and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts your interests or fundamental rights and freedoms. There may, however, be occasions where we demonstrate that we have compelling legitimate grounds to process your Personal Data (i.e., that our legitimate interests or those of a third party override yours and your fundamental rights and freedoms) and thus dismiss your objection. In case we are processing your Personal Data for direct marketing purposes, you may object to that processing at any time, and we shall no longer process your Personal Data for such purposes.
Right to restriction of processing: 8.6. You have the right to request that we suspend the processing of your Personal Data where any of the following applies: (a) you have contested the accuracy of the data and the same needs to be verified; (b) the processing is unlawful but you do not want us to erase the data that we are processing; (c) you need us to maintain the data even though we no longer require them as they are necessary for your establishment, exercise or defense of legal claims; or (d) you have objected to processing as described under GDPR Article 17 but we need to verify whether we have overriding legitimate grounds for processing.
Right to data portability: 8.7. If our processing of your Personal Data which you have provided us is based on a Contractual ground or on Consent and the processing is carried out by automated means, you are entitled to have us make those data available to you in a structured, commonly used, and machine-readable format so that you could transmit them to someone else (another “controller”). You may also ask us to transmit these data to that other “controller” directly, and we shall do so, if technically feasible.
Right to withdraw consent: 8.8. If we are processing your Personal Data based on Consent, you may withdraw that consent at any time (but this will not affect the lawfulness of any processing activities carried out based on your consent before its withdrawal).
8.9. We aim to respond to any legitimate request within a month of its receipt, but it may take us longer if your request is particularly complex or you have made several requests. If that is the case, we shall let you know and keep you updated.
8.10. We shall not charge you any fee for exercising the above rights unless your requests are clearly unfounded or excessive (e.g., because of their repetitive character), in which case we may charge a reasonable fee. Alternatively, we may decline your request in such circumstances.
9. California Privacy Rights
9.1. Residents of California have the right to:
- Know what personal information we collect about you and from where we collect it.
- Access a copy of the personal information we hold about you.
- Understand how we process your personal information and how it may be shared.
- Opt out of having your personal information shared with certain third parties.
- Request we delete your account and personal information.
10. Policy Changes
11.1. Feel free to get in touch with us if you have any questions about this Policy or our data processing practices or if you would like to exercise any of your “data subject” rights with respect to the Personal Data we maintain on you.
Email us: firstname.lastname@example.org Call us: +90 551 946 6560 Write to Etrexio: Doğu Mah. Bengisu Sk. No: 1b İç Kapi No: 28 Pendik/İstanbul, Turkey