This Privacy Statement describes how Esin Attorney Partnership collects, uses, shares, and otherwise processes personal data in accordance with Law No. 6698 on the Protection of Personal Data (“Data Protection Law“) in relation to:
- Visitors to our websites and other online properties
- Contact persons for our clients and/or prospective clients
- Contact persons for suppliers of goods and services to the Esin Attorney Partnership
- Any other individuals about whom the Esin Attorney Partnership obtains personal data
In this Privacy Statement, “personal data” means any information that relates to an identified or an identifiable real person.
To the extent that the Esin Attorney Partnership process your personal data as the data controller, Esin Attorney Partnership is responsible for taking all physical, technical and administrative measures for the protection of personal data, preventing the illegal access to the data and illegal processing of the data.
Summary of Key Points
|Personal Data||We collect certain types of personal data in connection with the day-to-day management of our business and our commercial relationships. Click here to learn more.|
|Purposes||We use personal data to provide our services and respond to inquiries, to manage accounts and maintain business operations, and to fulfill other business and compliance purposes. Click here to learn more. |
|Transfer||We share personal data as necessary to provide our services and respond to requests, and to fulfil other business and compliance purposes. Click here to learn more.|
|Contact Choices||You have control on how we use personal data for contacting you. Click here to learn more.|
|Data Subject Rights||You have certain rights to request access, rectification, deletion, objection, or other actions regarding your personal data where required by applicable law. Click here to learn more.|
|Other Issues||We provide other information in this Privacy Statement about: (i) the possible consequences for not providing personal data, (ii) how we do not engage in automated decision-making that has substantial effects on individuals, (iii) how we handle do-not-track (DNT) signals, (iv) data retention, (v) links to third party websites, (vi) employee and contractor issues; and (vii) changes to this Privacy Statement. Click here to learn more.|
|Contact Us||Please contact us as detailed below with any questions. Click here to learn more.|
Which Personal Data Do We Process?
We process the following categories of personal data about Site visitors, clients, prospective clients, suppliers and other third parties:
Basic data: Name, title, organization, job responsibilities, phone number, mailing address, email address, and contact details.
Special categories of data: in limited circumstances, we process special categories of data defined under the Data Protection Law where you have provided us with such information as it is necessary for a specific service we are providing to you.
Registration data: Newsletter requests, event/seminar registrations, subscriptions, downloads, and username/passwords.
Client service data: Personal data relating to clients or data received from clients third parties, invoicing details and payment history, and client feedback.
Contact data: Data about individual participation in conferences and in-person seminars, credentials, associations, product interests, and preferences.
Compliance data: Government identifiers, passports or other identification documents, dates of birth, and due diligence data.
Job applicant data: Data provided by job applicants or others on our Sites or offline means in connection with employment opportunities.
Device data: Computer Internet Protocol (IP) address, unique device identifier (UDID), and other data linked to a device, and data about usage of our Sites.
We collect personal data from a number of sources, either directly from the data subjects, or from clients, colleagues and publically available sources. Where Esin Attorney Partnership receives data from its clients about employees, customers or other individuals, the client is responsible for ensuring that any such data is transferred to us in compliance with the Data Protection Law and relevant legislation.
Purposes of Processing Personal Data
The purposes for which we use personal data, and the legal bases for such processing, are as follows:
- To provide legal advice and respond to inquiries we use basic data, registration data, and client service data. We need to process your information in this way in order to perform our obligations under our contracts with our clients.
- To manage our business operations and administer our client relationships we use basic data, registration data, contact data and client service data. This processing is necessary in order to perform our obligations under our contracts with our clients (e.g. issuing and processing invoices) and suppliers (e.g. managing the supply of goods and services to Esin Attorney Partnership).
- To make our Sites more intuitive and easy to use we use device data. It is necessary for our legitimate interests to monitor how our Sites are used to help us improve the layout and information available on our Sites and provide a better service to our Site users.
- To protect the security and effective functioning of our Sites and information technology systems we use basic data, registration data, transaction data, and device data. It is necessary for our legitimate interests to monitor how our Sites are used to detect and prevent fraud, other crimes and the misuse of our Sites. This helps us to ensure that you can safely use our Sites.
- To provide information and updates such as providing you with information about events or services that may be of interest to you including legal services, legal updates, client conferences or networking events, and groups of specific interest (e.g. specific types of networking groups) we use contact data, basic data, registration data, and client service data,. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant information, updates and invitations.
- To address compliance and legal obligations, such as checking the identity of new clients and to prevent money laundering and/or fraud we use compliance data, basic data, registration data, transaction data, special categories of data, and device data. This processing is necessary for the purposes of complying with legal requirements to which we are subject.
Transfer of Personal Data
We may share personal data with the following categories of recipients:
- Business Partners: Esin Attorney Partnership operates in cooperation with other law firms and business partners around the world. We may share personal data with our global business partners and other global law firms in order to provide you with legal services and in order to administer our relationship with you or otherwise as necessary for the purposes described above.
- Suppliers and service providers: We share personal data with suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above. These include: infrastructure and IT services providers, for example, the providers of our client intake system, our finance systems and our customer relationship management databases; third party consultants who provide us with support in respect of business analytics; and the providers of external venues where we host conferences and events. We require such parties by contract to provide reasonable security for personal data and to use and process such personal data on our behalf only.
- Financial institutions: We share personal data with financial institutions in connection with invoicing and payments.
- Mandatory disclosures and legal claims: We share personal data in order to comply with any subpoena, court order or other legal process, to comply with a request from our regulators, governmental request or any other legally enforceable demand. We also share personal data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.
You have control regarding our use of personal data for contacting you through information messages. If you no longer wish to receive any such communications, please follow the instructions in the relevant communication or contact us as per below.
Data Subject Rights
You have the following rights in relation to the processing of your personal data:
- Access. Subject to certain exceptions, you have the right to request a copy of the personal data we are processing about you, which we will provide to you in electronic form. At our discretion we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal data, we may charge a reasonable administration fee.
- Rectification. You have the right to require that any incomplete or inaccurate personal data that we process about you is amended.
- Deletion. You have the right to request that we delete personal data that we process about you, unless we are required to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims or as per our retention obligations under the applicable laws.
- Restriction. You have the right to request that we restrict our processing of your personal data where:
- you believe such data to be inaccurate;
- our processing is unlawful; or
- we no longer need to process such data for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
- Portability. You have the right to request that we transmit the personal data we hold in respect of you to another data controller, where this is:
- personal information which you have provided to us; and
- we are processing that data on the basis of your consent or in order to perform our obligations under contract to you (such as to provide legal services).
- Objection. Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim or as per our legal obligations.
- Withdrawing Consent. If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge
In addition to the above, you have the following rights under the Data Protection Law:
- to learn whether the personal data relating to you are being processed,
- if it is processed, to request information with regard to processing,
- to learn purposes of the processing and whether they are used for such purpose or not;
- to know the third persons within or outside the country to whom the personal data are transferred,
- to request notifying third persons to whom the personal data are transferred, about the processes of deletion or correction of your personal data,
- to object to negative consequences about you that are concluded as a result of analysis of the processed personal data exclusively by automatic means,
- to claim indemnification if the you suffered damage due to illegal processing of your personal data.
- What are the consequences of not providing personal data?
You are not required to provide all personal data identified in this Privacy Statement to use our Sites or to interact with us offline, but certain functionality will not be available if you do not provide personal data. If you do not provide personal data, we may not be able to respond to your request, or provide legal services to you.
- How long do we retain Personal Data?
We typically retain personal data related to communication activities for as long as you accept to receive information communications from us, and we will securely delete such data in accordance with applicable law upon request. For personal data that we collect and process for other purposes, we will typically retain such personal data for as long as it is necessary to fulfill the purposes outlined in this Privacy Statement and as otherwise specified in applicable.
- Are third party websites governed by this Privacy Statement?
The Sites may contain links and references to other websites administered by unaffiliated third parties. This Privacy Statement does not apply to such third party sites. When you click a link to visit a third party website, you will be subject to that website’s privacy practices. We encourage you to familiarize yourself with the privacy and security practices of any linked third party websites before providing any personal data on that website.
- How will we handle any changes to this Privacy Statement?
We may update this Privacy Statement from time to time as our services and privacy practices change, or as required by law. The effective date of our Privacy Statement is posted below, and we encourage you to visit our Sites periodically to stay informed about our privacy practices. We will post the updated version of the Privacy Statement on our Sites, and ask for your consent to the changes if legally required.
If you have questions or comments regarding this Privacy Statement or our privacy practices, please contact us here:
Esin Attorney Partnership
Ebulula Mardin Cad. Gül Sok. No. 2
Maya Park Tower 2, Akatlar — Beşiktaş
Phone: +90 (212) 376 64 00
Last update: November 2019