CO2mission is the name of the Semtrio Eğitim ve Danışmanlık Anonim Şirketi (Semtrio Education and Consulting Inc.) application ( possible will be mentioned as “us“ or “our“ in this document).
Within the scope of the “Personal Data Protection Law“ (KVKK No. 6698), the data controller for the Websites is Semtrio Eğitim ve Danışmanlık A. Ş. , whose registered office is Büdotek Teknopark, Dudullu OSB Des 2. Cadde No:8 D:27 Ümraniye/İSTANBUL.
Any future changes we’ll apply to this policy regarding how we use your data will be posted on this page and, where appropriate, notified to you via email.
Please check back frequently to see any updates or changes to this policy.
Questions, comments, and requests regarding this policy are welcomed and should be emailed to us at [email protected].
Data that we may acquire from you
Personal Data is information that identifies you specifically (such as your name, address, phone number, email address, your internet protocol address (“IP address”)). The types of Personal Data we collect and share differ according to the service you use. We only collect such data when you choose to supply it to us. You confirm and are responsible for the validity of the data you enter.
Data you provide us with
If you create a User account, some of the Services require you to submit information in order for you to benefit from specific features or by corresponding with us by phone, email, or otherwise. This includes information you provide during registration to our site, subscription to our Services, participation in discussion boards or other social media functions on our site, enter a competition, promotion, or survey, and when you report an issue regarding our site. The information you give us in such cases may include Personal Data.
- To carry out our obligations arising from any contracts between you and us and to provide you with the information and services that you request;
- To provide you with information about our other products and services that are similar to those that you have already purchased or enquired about;
- To notify you about changes to our Services;
- To ensure that content from our site is presented most effectively for you and your device.
Data we collect concerning you
Automated anonymous information may be collected when you interact with us via the Websites and our emails, which may include but is not limited to:
- Technical information such as your computer’s or mobile device’s operating system and browser type, the address of a referring website, if any, and the path you take through our web pages;
- The abovementioned providers help us execute many of the above activities. The data we share with them is limited to the required Personal Data, which are kept safe and used only for specific services.
- Clickstream information such as the website’s address (or URL) that you came from before visiting our site, which pages you visit on the site, which browser you used, any search terms you may have entered on the site, etc.
- When you use our site on your mobile device, we may collect data about the type of device and operating system you use. We may ask for permission to send push notifications regarding activities in your account.
If you opt-in to these notifications and later no longer want to receive them, you may turn them off on your operating system.
Data we receive from other sources
We may combine data with data you give to us and data we gather about you. Depending on the types of data we receive, we may use this data and the combined data for the purposes mentioned above.
We will use this data:
- To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve our site to ensure that content is presented most effectively for you and your device;
- To allow you to participate in interactive features of our service;
- As part of our efforts to keep our site safe and secure;
- To evaluate or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- To make suggestions and recommendations to you and other users of our site about products or services that may interest you or them;
- To resolve any issues that you report (troubleshooting).
Storage of personal data
Data security is of our top priorities. Thus, we employ physical, electronic, and administrative security measures to protect acquired information from access by unauthorized persons and against unlawful processing, accidental loss, destruction, and damage. You acknowledge and agree that we shall not be responsible for any unauthorized use, distribution, damage, or destruction of personal data, except to the extent we are obliged to accept such responsibility by the Data Protection Laws.
Whenever we transfer your personal data out of the AWS data center located in Frankfurt, we ensure a similar degree of protection by ensuring the implementation of at least one of the following safeguards:
- We will only transfer personal data to countries that have been deemed to provide an adequate level of protection.
- All information you provide to us is stored on secure servers hosted within the AWS data center located in Frankfurt. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site, you are responsible for the confidentiality of the password—we advise you not to share the password with anyone.
- Any payment transactions will be encrypted and processed by our payment service providers, Paypal and Stripe. Your use of the payment service provider is governed by their terms linked to prior to making any payment. We do not store the full PAN or any of the following: cardholder name, expiration date, and/or service code (“Cardholder Data”) ourselves, as our payment service provider, will securely process it.
- Unfortunately, the transmission of data via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security measures to prevent unauthorized access.
You have rights under data protection laws in relation to your personal data under certain circumstances.
You have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and check that it is lawfully processed.
- Request correction of your personal data that we attain. This enables you to have any of your incomplete or inaccurate data corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask for the deletion or removal of personal data where there is no good reason for us to continue to process it. You also have the right to ask for the deletion or removal of personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. However, please note that we may not always be able to comply with your request of erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.
- Object to processing your personal data where we rely on a legitimate interest (or those of a third party), and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms. You also have the right to object to processing your personal data for direct marketing purposes. However, in some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following cases:
- i- If you want us to establish the data’s accuracy.
- ii- Where our use of the data is unlawful, but you do not want us to erase it.
- iii- You need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims.
- iv- You have objected to our use of your data, but we need to verify whether or not we have overriding legitimate grounds to use it.
- If your personal data is shared with Co2nsensus LTD, which is located in England, for carbon offset transactions and invoice issuance, this company does not have any responsibility and Semtrio is the sole liable party.
- Request the transfer of your personal data to you or a third party. We will provide you, or a third party you have indicated, your personal data in a machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to execute a contract with you.
- Withdraw consent at any time where we require your consent to process your personal data. However, this will not affect the lawfulness of any processing executed before the withdrawal of your consent. Please note that we may not provide certain products or services to you if you withdraw your consent. If you wish to exercise any of the rights set out above, please contact us at [email protected].
What We May Need from You
We may request specific information from you to help us confirm your identity and ensure your right to access your personal data (or exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to anyone who has no right to access it. We may also contact you to ask you for further information concerning your request to accelerate our response speed.
Time Limit to Respond
We try to respond to all legitimate requests within a month. Our response duration may take longer than a month if your request is particularly complex or you have made several requests. You will be notified and kept updated in such cases.
Deactivating your account
To deactivate your account, you can confirm the deactivation on the application. Your account will be deactivated, and your Personal Data will be rendered unusable as soon as possible, per applicable law.
We retain personal information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce our terms and conditions, and take other actions otherwise permitted by law.