Privacy


Personal Data Protection

Declaration on the protection of personal data

Firstly we need to say that we see the protection of your personal data as an important task. 2Base/Sunsearch Ltd., [Tax number, registered office at Alanya, Turkey, incorporated in the Turkish Companies Register [.com.tr], appreciates your trust which you put into us when using our services. We promise to protect the personal data which you provide.

On this website you will find information on why, when, how and what personal data are processed by 2Base. You will learn how to contact us if have any inquiries regarding the processing of your personal data or how to correct the personal data.

The personal data protection regulation may be changed and updated by the 2Base in certain circumstances. Therefore we ask you to visit this website, in your own interest, and make sure to keep yourself updated about its content.

2Base undertake the task to adopt all measures to prevent the misuse of the personal data provided by you. Your personal data will only be processed when there are legal grounds for their processing. Thank you for using our services!

Basic terms and information

Before we go onto describe why, when, how and what personal data are processed by the 2Base, we have to explain some basic terms regarding the protection of personal data. We believe you will gain a better understanding and insight into the reasons why the 2Base process the personal data in the particular manner.

Personal data

Personal data means any information relating to an identified or identifiable natural person (data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier (name, number, online identifier) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Special categories of personal data

This is just a new term for sensitive personal data. This category covers personal data which may harm the data subject in society, at work, at school or which may result in his or her discrimination. Such personal data usually reveal his or her racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, and involve the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Data subject

A data subject is a natural person to whom the personal data relate and who can be identified or is identifiable by the personal data.

Controller of personal data

The controller is a natural or legal person who determines the purposes and means of the processing of personal data and who is primarily responsible for the processing. Unless otherwise stated in these rules or specific service conditions, 2Base is the controller of personal data.

Processor of personal data

The processor is a natural or legal person which processes personal data on behalf of the controller on the ground of the controller’s instructions.

Processing of personal data

Processing means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Which legal regulation covers personal data processing?

The processing of personal data is governed primarily by Regulation of the European Parliament and of the Council (EU) 2016/679 (“GDPR”). National regulations may in certain cases (where allowed by the GDPR) define different rules. Such rules are laid down in Act no. 101/2000 Coll., on the Protection of Personal Data, as amended by later regulations.

When is it possible to process personal data?

For the processing of your personal data to be lawful, at least one of the requirements specified in Article 6 of GDPR must be satisfied. In the case of special categories of personal data at least one of the requirements specified in Article 9 of the GDPR must be satisfied. In both cases the principles of personal data processing mentioned in Article 5 of the GDPR have to be complied with.

Processing of personal data in 2Base


Why do 2Base process personal data?

We provide applications and website services to tens of countries around the world. To be able to provide you with an more personalized experience, login, track of your highscore and provide you our services we need some of your personal data. You do not have to disclose any other personal data which we do not necessarily need to be able to carry you to your desired service. But when you decide to disclose this information, we can do more customized services for you.

What personal data do we process?


The following table shows what kind of personal data we need for a particular service.

2Base service Personal data processed
ClientName, email, phone, adresse
Newsletter Email, language and other self provided information


These personal data are processed at the time of the entering a service via one of 2Base websites or apps.

Beyond the scope defined above any other personal data may be processed only if you voluntarily provide such data to 2Base. 2Base reserve the right to destroy unwanted personal data. The data subject may be informed on this procedure but not in all cases. Some services may be canceled without any notice and hence personal data therefore destroyed as it is no longer needed.

Conditional processing of personal data

Some of the services offered by 2Base are made conditional upon the fulfillment of additional requirements. A typical requirement is the achievement of a certain age. Unless data subjects have reached the required age, it is not possible to provide certain services to them or process their personal data without the consent of their statutory (court-appointed) agent. For instance, the achievement of a certain age or the consent of a statutory (or court-appointed) agent is the prerequisite for login using third party solutions.

Processing of personal data for other purpose

Certain cases may involve further processing of personal data which goes beyond the purpose for which the personal data were obtained. An example may be buying an product, when the primary purpose is the processing of personal data for getting this product. At the same time, however, 2Base have the obligation to archive invoices (for tax purposes) under applicable legal regulations.

Place of storing personal data

2Base possess a large volume of data. Some of these data have the nature of personal data. To ensure their security and easy availability we use the cloud and hosting services provided by Zoho. The data stored by Google are kept in the data centers primary located in Europe and the USA. The data stored by Zoho are kept in data centers in the USA.

Sharing of personal data


Partner companies

In order to be able to ensure the right service, we may have to share your personal data with our partner companies. Currently 2Base has no partnerships where sharing of personal data is needed. We will update this section if this changes in the future.

Other partners

When certain supplementary services offered by 2Base are used, personal data are processed by third parties. The conditions for the use of such service always inform you whether your personal data are processed by a third party and 2Base require a consent with these conditions. In the opposite case the service may not be provided.

State administration bodies

We are only sharing your personal data with state administration bodies if required by law. Your personal data are disclosed to these authorities on the basis of a statutory obligation.

Security of personal data


Technical, organizational and other measures

2Base endeavor to ensure that the data disclosed by you are as secure as possible. To that end we have implemented a number of technical and organizational measures which protect your personal data from unauthorized or unlawful processing and from unintentional loss, destruction or damage.

2Base aim at minimizing the processing of personal data. We only process information which is indispensable or information which you provide us with your consent beyond the scope of the necessary processing. All the interfaces of our website or applications through which our services are provided are designed to offer the highest possible standard of privacy, which you can set at your desired level.

As mentioned above in these personal data protection principles, we disclose your personal data to third persons in certain cases in which we have an obligation to do so. In such cases we choose trustworthy partners of whom we can be sure they are going to apply personal data protection standards that offer at least the same level of security as those adopted by the 2Base.

When personal data are transferred to state administration bodies, we always use the most suitable and the most secure options offered by the given body.

Personal data processing period


Maximum period of processing of personal data

The maximum period for which 2Base process the personal data of their clients is 10 years from the day when the legal relationship between the data subject and 2Base was terminated or 10 years from the end of the tax period in which the relevant performance was provided. The said processing period ensues from Act no. 89/2012 Coll., Civil Code, as amended by later regulations, or Act no. 235/2004 Coll., on Value Added Tax, as amended by later regulations. The reason for such processing is the statutory obligation and a legitimate interest of 2Base. After the expiry of this period your personal data will always be erased.

Other period of processing of personal data

If you submit an enquiry to our contact centre or in the case of usual interaction with the 2Base your personal data are erased at a much earlier stage. Your personal data are stored for the period for which we need them to fulfill the purposes specified in these personal data protection principles or to comply with statutory obligations.

Cookies and other tracking technologies


What are cookies?

Cookies are small text files stored by web pages on your computer or your mobile device at the time when you start using the web pages. Thanks to that the pages remember for a certain time your preferences and operations (e.g. logging information, language, font size and other display preferences) so that you do not have to enter this information again and switch from one page to another. Our cookie files can not identify an individual user, they can only identify, through a randomly generated identification code, the computer or mobile device which you use.

Why do 2Base use cookies and other tracking technologies?

Cookies and other tracking technologies may be used on our website and in our application in various ways, such as for the operation of the website, clickstream analysis or advertisement purposes. We primarily use cookies and other tracking technologies to be able to increase the quality and effectiveness of our services.

Cookies and other tracking technologies used by the 2Base

The list of the cookies and other tracking technologies used by 2Base on its websites and their exact purpose can be found here.

More information on cookies, banning cookies

For more information on cookies, how cookies work, how to manage or delete them visit the web page at http://www.allaboutcookies.org/.

In the settings of some internet browsers (Internet Explorer, Safari, Chrome) cookies and other tracking technologies may be banned. Another way to manage cookies is via http://www.youronlinechoices.com/uk/your-ad-choices.

If you decide to ban certain cookies, the functionality of 2Base websites may be limited.

Exercise of right by data subjects


Right to information

2Base respect the principle of transparency of personal data processing. In accordance with this principle we always provide information to data subjects on the manner in which their personal data are processed.

If you wish to know in general which of your personal data we process, you may submit your request here.

If you wish to find out concrete personal data which are processed directly for you, you can submit your request here and specify which concrete piece of information you require. The information to which you are entitled is described in Articles 13 and 14 of the GDPR. If you do not submit specific requirements, your request will be viewed as a general request under the previous paragraph. We need to point out that if we are not able to verify your identity electronically or if there is reasonable doubt as to your identity, we may ask you to submit proof of identity at the office of the 2Base. Only in this way we can rule out the possibility that your personal data are disclosed to a person who only pretends to be you.

Your request will be handled in as short time as possible. But keep in mind that often this is a very complicated process which may take several weeks.

Right to rectification

If you find out that some of your personal data that we process are incorrect or outdated, please, let us know here. Also in this case 2Base may require the submission of a proof of identity in its office. This is the only way to prevent unauthorized alteration of your personal data.

If the rectification of your personal data concerns our apps, you may perform the rectification yourself after logging into your personal profile in the given app.

In certain cases we cannot rectify your personal data. This includes cases when your incorrect or outdated personal data are contained in an invoice which we have to archive by law.

Withdrawal of consent to personal data processing and right to be forgotten

If 2Base process your personal data on the basis of your consent with the processing of your personal data, you can stop their further processing at any time. You only have to withdraw your consent to such processing.

You can also exercise your right to be forgotten. In such case 2Base will destroy all your personal data that we process. Exception is cases when the processing is performed on the basis of a statutory obligation or for a legitimate interest of 2Base. Also in this case 2Base may demand identification of the data subject before destroying the personal data.

Updating personal data protection principles

2Base keep the personal data protection principles up-to-date and in compliance with applicable legal regulations. For this reason they may be changed from time to time. We ask all our clients to pay due attention to these principles.

Liability for processing of personal data

Liable for lawful processing of your personal data is 2Base. The administrative body performing supervision over the processing of personal data in Denmark is the Office for Personal Data Protection.

DPO

To comply with all its obligations arising under the GDPR 2Base appoint as of 1st May 2018 the data protection officer (DPO). His task is to monitor compliance with the GDPR on the part of 2Base and in cooperation with 2Base employees he is your contact in the 2Base for your enquiries, comments, complaints and claims regarding personal data protection.

DPO contact data:

Candemir Özdemir
Akmanlar Sok: 12
07400 Alanya
Turkey


Enquiries, comments, complaints and claims relating to the protection of personal data may also be submitted via this page.

This section of our website is currently being prepared for you.