Privacy Policy

Privacy Policy

A. INTRODUCTION

Each year we, as AVEREST GROUP EGITIM TURIZM ORGANiZASYON SANAYi VE TICARET LIMITED SIRKETI ("Averest Training", "We", "Us" or "Host"), bring together the companies ("companies") and attendees ("attendees") from dozens of countries who operate in the cloud sector, at Averest Training ("Training Provider"), Training and Consultancy Services Provider MENA, EU or TURKEY.

Averest Training is one of the leading training and consultation providers that specialises in destination and in-house professional development and training programs conducted in United Kingdom, Australia, United Arab Emirates and Turkey. At Averest Training we provide a wide range of training programs in collaboration with governmental ministries, universities, municipalities, organisations and a number of organisations. We believe that high-quality training is essential to the enhancement of skills and abilities to achieve the ultimate vision and mission of a business.


Our training programs, whether designed for a global organisation or an individual, help bridge the gaps and foster an environment of continuous talent development. Most of our clients are repeat customers and we believe this is because of our superior service, expert trainers and consultants, customised training courses, convenient training scheduling options, flexible delivery formats and continuous learning support to accelerate their success. Our quality standards for customer service is evaluated constantly to measure and improve the performances of trainers, training outcomes and venues. We measure our success by our client's satisfaction and success, that's the importance we place.


This policy does not apply to third-party websites of companies and sponsors which are presented on our website as links. We cannot guarantee the reliable and secure processing of your personal data by those third party organizations. We highly encourage you to review the privacy statements of these websites before using them.

As Averest Training, we take all necessary administrative and technical measures within our company for the protection and security of personal data.

This Privacy Policy has been prepared to inform you about the processes and principles of collection, use, transfer and protection of personal data by Averest Training. We process the personal data of our attendees, presenters, representatives of attending companies and Training Provider sponsors and other natural persons who are in contact with Averest Training.

Best Regards

Averest Training

B. SCOPE

Averest Training aims to process personal data of natural persons in accordance with KVK and GDPR and relevant legislation provisions in Turkey and the in the EU.

We state that personal data, that you have submitted to our Company and/or obtained by our Company are recorded, stored, protected, reorganized and transferred at home or abroad under the conditions stipulated by KVK, GDPR and related legislation. We may share personal data with public organizations if required by law. It is your obligation to provide accurate and up-to-date data. We keep your submitted personal data as accurate and up-to-date as possible as a "Data Controller".

We encourage you to read this privacy policy in order to understand how and under which conditions we process your personal data as well as our Cookie Policy (www ………) which defines the rules for data processing via the cookies on our sites.

This Policy concerns all your personal data, that are processed either by automated means or non-automated means as a part of our data filing system. The data obtained from you in accordance with your consent or other lawfulness cases listed in the Law will be used for the purpose of providing you the best experience that you should get from our Training Providers, increase the quality of the services we provide.

C. WHICH PRINCIPLES DO WE FOLLOW?

Averest Training processes personal data in accordance with the procedures and principles stipulated in KVK, GDPR and other relevant legislation (Article 4 of the KVK, Article 5 of the GDPR) :

1. Fairness and lawfulness: Averest Training questions the source of the data it collects or comes from other companies and places importance on obtaining them within the framework of lawfulness and good faith.

2. Accuracy and up-to-dateness: Averest Training pays attention to the fact that all the data we process is accurate and does not contain false information under available conditions. Personal data is updated when necessary and when it is possible. We consider your statement of your personal data to be true. We are not obliged to investigate the accuracy of the data declared by our data subjects.

3. Purpose limitation: Averest Training processes data only for purposes that it offers and receives consent from people during service. It does not process, use and make use of data other than for business purposes.

4. Data minimization: We do not collect data that we do not require. Information that is not required for the purpose is either not recorded in the system or it will be deleted or anonymized. These data can be used for statistical purposes. The data collected are sufficient, appropriate and limited to what is required for the purposes for which they are processed.

5. Storage Limitation: We preserve personal data within the scope of retention periods stipulated in KVK and GDPR, and the requirements of commercial and tax law. However, when these aims disappear, we review whether the purpose of processing data remains. As a result of this review, we may continue the processing of the data within regulatory limits, or we may delete, anonymize or destroy it according to KVK and GDPR. Personal data may be stored for longer periods, subject to the application of appropriate technical and regulatory measures required in accordance with the KVK and GDPR, as long as the data is processed for statistical purposes and to guarantee the rights and freedoms of the data subject.

6. Confidentiality: We respect the confidentiality of personal data. No one may use, copy, duplicate, transfer to others, or use for other than business purposes this data without agreement or law compliance and for purposes other than those set by Averest Training. Only authorized people can access personal data within the company. All necessary technical and administrative measures are taken to protect the personal data collected and to prTraining Provider unauthorized access and the data subject to suffer. In this context, we comply with software standards and carefully select the third parties. We require third parties that we share personal data to be in accordance with the laws.

7. Accountability: As a data controller, we are responsible for acting in accordance with the principles and rules set out above, and this policy makes it visible that we act in accordance with these principles and rules.

These principles are effectual for the data we collect with or without your explicit consent.

D. WHOSE DATA WE PROCESS?

We process personal data of our representatives of sponsors, customers and participating organizations, as well as personal data of our employees, attendees, third party service providers and as such.

E. WHY DO WE COLLECT YOUR DATA?

We will collect your personal data for the purposes listed below:

1. For Event Registration

You are required to register in order to attend and participate our Training Providers. We store your data to avoid repeating of logging to our site, to use when you need to contact with us, to allow you take part in our networking Training Providers, for the reasons related to the execution agreements, billing and payment and for general evaluation of our services.

For this purpose, your IP address, name, surname, company name, company position, e-mail address, country and phone number will be processed. Your personal data will be processed upon your consent. For both of our digital and physical activities we require your accurate and true personal information for confirmation and security purposes. In that regard, you will not be able to attend our Training Providers if you do not give your open consent. This requirement is only binding for your registration. You are free to give or not to give your open consent for sharing your information with third parties.

We may share your personal data with other attendees, companies and sponsons that take part in our Training Providers, as well as third party software service providers within or without Turkey and/or European Union. Our digital Training Providers are held on "Hubilo" Online Event Management platform ("Hubilo") which acts a "data processor" in this case.

We carefully select third parties that we share data and establish proper measures to secure the transfer of data in accordance with the law.

2. For Attending Our Events

As a registered user, you will be able to attend various meetings, seminars and webinars, as well as visit stands and get in touch with your peers. As an attendee to our networking Training Providers, you are required to provide accurate and true information such as name, surname country, company name and company position, as well as a real profile picture.

3. For Statistics and Profiling

We also collect statistics on your attendance and use of our Sites and Services as well as collect and process data shared on open and internet sources for business purposes.

For this purpose, we collect information such as your company name, job title, company position, country, meetings and activities that you have attended. For compliance with the law we anonymize such statistical data such that they can no longer be related to any individual and you.

4. For Further Communication

You can contact our team members via email or provide your e-mail so that we can inform you about future Training Providers, activities and services as well as enabling you to provide your thoughts, comments and complaints. For communication purposes we will process your name, surname and email address.

5. For Promotional and Information

We design our Training Providers to allow attendees and organizations to meet their peers and enhance their networks within the Cloud sector, during and after.

We will share your name, surname, email address, company name and company position with Diamond sponsors of our Training Providers. We bound Diamond sponsors with a "data transfer agreement" not to share your data further with other third parties and oblige them to comply with KVK and GDPR in general when processing your data. In that case Diamond sponsors will become separate "data controllers" and we encourage you to control their privacy policy and other relevant documents and exercise your rights accordingly.

We will also process your name, surname, email address, company name and company position to provide you with messages and emails from our Gold sponsors, about their products and activities. In this case no personal data will be shared with the Gold sponsors and we will play an intermediary role to forward you such messages, including promotions and information. You may unsubscribe from the mailing list and SMS messaging at any time you want.

We may also send you SMS messages and emails about upcoming Training Provider, new services and other related topics as a company.

In each of these occasions you are free not to give your consent for promotional and informational messaging and emailing, and also opt out even if you had given your consent in the past. In case you are concerned, you can object at any time against promotional communication using the cancellation link provided within e-mails, block such e-mails or inform us by contacting us. In such case we will also inform relevant parties to cease their promotional and informational activities directed to you.

6. For Advertisement Purposes

We use general advertisements about Sites, Platforms and our Service. We do not collect personal data for advertisement purposes.

7. For Legal Obligations

Personal data may be processed without prior approval, if the processing is clearly stated in the relevant legislation or for the fulfillment of a legal obligation determined by the legislation. The type and scope of data processing must be necessary for the legally permitted data processing activity and comply with the relevant legal provisions.

8. For establishment of Agreements

If a contractual relationship is established with attendees and componies, the personal data collected can be used without the consent of the customer. However, this use takes place for the purpose of better execution of the agreement and the requirements of the service and it is updated by contacting the customers when necessary.

9. For Employees

Averest Training ensures the privacy and protection of its employees' data.

Cases That Do Not Require ExplicÄ°t Consent:

The personal data of our employees can be processed in the following situations and in other situations stipulated by law, without the approval and explicit consent of the employee.

Legal Obligations: Employee's explicit consent is not applied for personal data processed in order to fulfill the obligations specified in the Labor Law, Occupational Health and Safety Law and similar laws that regulate the business relationship between Averest Training and its employees.

Transactions for the Benefit of Employees: Averest Training can process personal data without obtaining approval for transactions for the benefit of company employees such as private health insurance. Averest Training can also process employee data for disputes arising from business relationships.

Data Processed by Automated Systems We may organize lottaries among some of our attendees. In that case your personal data may be processed by automated systems to decide the winners.

Assigned Devices and Services

Company assign computers, phones, e-mail and other devices, services and applications to its employees only to be used for business purposes. The employee cannot use any of the tools that the company has allocated to it for private purposes and communication. The company has the right control and examine all data on these types of equipment. The employee undertakes that he/she will not have any other data or information other than work on the computer, telephones or other tools allocated to him/her from the moment he/she starts work.

11. Processing of Minors' Data

Our Site and Services are not designed for use under the age of 18. For this reason, Averest Training does not process data for people under the age of 18.

E. WHO DO WE SHARE YOUR DATA WITH?

Averest Training shares the personal data under its responsibility in the context of business efficiency, execution and integration of basic services, business continuity, the fulfillment of legal obligations, online Training Provider management and similar business requirements.

1. With Service Providers

Averest Training shares data as a result of its use of SaaS (Software as a Service) applications, email, server, social media and similar service providers. Such service providers provide services in the status of data processor or sub-data processor according to the nature of the service and job. Averest Training carries out the necessary checks and ensures the necessary legal commitments to ensure that such organizations and services from which it receives service as a data controller also fulfill the obligations specified under the KVK and GDPR. In this context,

  • 1. With Twitter, Instagram (Facebook) and Linkedin for social media presence of our Training Providers,

  • 2. With Whatsapp (Facebook), used for instant messaging in business relationships between our attendees and participating organizations,

  • 3. With Dropbox and Google Drive, used for the sharing of large files for business purposes,

  • 4. With Google and Apple, which provide mobile and desktop OS and related services used in daily transactions,

2. With Cookie Providers

Cookies from third party cookie providers are used to increase the effectiveness of our sites and to meet user needs, and data is shared with these cookie providers. You can find details on this in our Cookie Policy (www ……).

3. With Public Institutions and Judicial Authorities

Averest Training will share your personal data with public institutions and with regard to business, transactions and lawsuits concerning judicial processes with judicial authorities in order to fulfill its obligations as required by the law.

4. Transfer of Personal Data Abroad

Averest Training has the authority to transfer personal data abroad within the conditions determined by KVK and GDPR, in accordance with the other conditions in the Law and depending on the explicit consent of the person.

And as a Turkish citizen we process your personal data in Turkey, which again are not regarded as countries with adequate protection in line with KVK. Therefore we need your explicit consent for transfer of your data to these two countries.

Averest Training elaborates to take relevant measures stipulated by the law, for data transfers made to countries which are not yet authorized to have adequate level of protection yet. Averest Training transfer personal data to its international suppliers only within the limits the purpose of the services provided to carry out its commercial activities.

F. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

Averest Training acknowledges that the data subject has the right to give his/her explicit consent before and to determine the fate of his data during and after processing of his/her data under the KVK and/or GDPR.

The data subject has the rights listed below according to the Article 11 of the KVK and the Article 15 etc. of the GDPR. In order to facilitate the exercise of these rights, an application form is also prepared by Averest Training and presented to you on your web page.

Data subjects whose personal data are processed,

1. According to KVK

if they are citizens of the Republic of Turkey or they are in Turkey during the data processing have the following rights within the scope of the KVK,

  • 1. To learn whether your personal data is processed or not,

  • 2. To demand information on the processing of personal data,

  • 3. To learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose,

  • 4. To know the third parties to whom your personal data has been transferred at home or abroad,

  • 5. To request the rectification of the incomplete or inaccurate data, if any, and to request notification of the transaction in this context to third parties to whom your personal data has been transferred,

  • 6. Although it has been processed in accordance with the provisions of KVK and other relevant laws, within the framework of the conditions stipulated in article 7 of the KVK, to request the deletion or destruction of your personal data if the reasons requiring its processing are no longer valid and to request notification of the transaction in this context to third parties to whom your personal data has been transferred,

  • 7. To object to the occurrence of a result against you by analyzing the data processed solely through automated systems,

  • 8. To claim compensation for the damage arising from the unlawful processing of your personal data.

2. According to GDPR

Data subjects in the European Union at the time of processing have the following rights under the GDPR.

  • 1. To confirm whether personal data related to him/her has been processed,

  • 2. To request access to the processed personal data,

  • 3. To request information

    • • regarding processing purposes,

    • • personal data categories,

    • • recipient and recipient categories, especially in countries and organizations outside the EU where personal data will be shared,

    • • duration of processing personal data, if possible or if this is not possible, the criteria used to determine the duration about the processed personal data

  • 4. To request correction of the processed personal data,

  • 5. To request the completion of the missing part of the processed personal data,

  • 6. To request restriction or deletion of processing of processed personal data,

  • 7. To object against the processing of personal data and profiling,

  • 8. To complain to a supervisory authority,

  • 9. To learn the data source in cases where personal data are not obtained from him/her,

  • 10. To be informed about the assurances that provide data security in case of transfer to countries and international organizations outside the EU,

  • 11. To request a copy of personal data processed in a structured, widely used and easily readable format with any device, provided not to restrict the rights and freedoms of third parties,

  • 12. To request the transfer of personal data to another data officer,

  • 13. To request correction or deletion of incorrect personal data immediately (Except the right to delete the data given to the data controller under GDPR m.17) and/or to request that data processing be restricted until the accuracy of the data is provided,

  • 14. To demand not to be included in the decision processes given automatically as a result of automated processing activities.

As Averest Training, we respect these rights as the data controller without prejudice to our rights and exceptions arising from KVK Law and GDPR.

However, data subjects do not have any sort right of rights related to anonymized data within the Company. Averest Training may share personal data in accordance with the business and contractual relationship with the relevant institutions and organizations for the purpose of a judicial duty or state authority to exercise its Legal powers.

G. YOUR REQUESTS AND APPLICATIONS

Data subjects will be able to submit their requests to the company, regarding their rights mentioned above by completing the application form, which they can obtain from our Site, signing it with a wet signature and sending it with registered letter with return receipt mail and with identity card photocopy (for the identity card, with a front copy only). Your applications will be answered as soon as possible according to the content of your application or within 30 days at the latest after reaching us. You must make your applications by registered letter with return receipt mail. Only the information that belongs to you will be provided. Any application about your spouse, relative, friends or any third person will not be accepted.

You can be sure that we will try to meet your requests, applications such as access, deletion, update, phasing out and correction, to the extent permitted by law and business requirements. If we are unable to fulfill your request, we will notify you about the reason. We would like to state that the copies of your data that you request to delete, correct and update may remain on the publication for a while after the request, as required by technical conditions.

Those who want to apply within the scope of KVK and in Turkish may make their applications by using the application forms at (http://Averest Training.io/kvk/basvuru.html). Those who want to apply within the scope of GDPR and in English may make their applications by using the application forms on the Sites (http://Averest Training.io/gdpr/request.html).

Averest Training may request further information and documents from the applicants when necessary.

1. Request Information

As a data controller who processes your personal data, we take care to answer all your questions and requests regarding the processing of your personal data in a timely and duly manner.

2. Access and Correction

Averest Training will take care to meet your acceptable and possible requests to allow you to access and correct your personal data that you have transferred to us, where permitted by law. However, we reserve the right to use your other personal data for the purposes of verifying your identity or for other security and support measures when we consider it necessary. Regarding the personal data we collect about you, you can request access, correction, suspension or phasing out of data.

3. Transfer to Third Parties

You may request the transfer of your Personal Data to third parties. However, this transfer can be carried out within existing technical capabilities of Averest Training and within the time required by the working conditions. The data of the concerned parties are not given to third parties by our company in the cases mentioned above or without their approval and consent.

4. Deletion of Personal Data

Averest Training protects the personal data it processes in accordance with the KVK, GDPR and related legal legislation for the periods stipulated in the relevant legislation or required by the processing purpose.

When the legally required periods expire, the judicial processes are completed or other requirements disappear, these data can be deleted spontaneously or upon the request of the person concerned, can be destroyed or anonymized, or after reviewing the GDPR requirement, the processing can be continued provided that the necessary conditions are met again or data can be archived.

H. SECURITY OF YOUR DATA

All necessary technical and administrative measures are taken to protect the personal data collected by the Averest Training and to training Provider unauthorized access and to training Provider our customers and potential customers from being suffered in accordance with KVK and GDPR.

1. Administrative Measures

In this context, compliance with the standards of software, careful selection of third parties and compliance with our Privacy Policy within the company are provided. All documents that create obligations signed with the data transmitted parties are examined and revised, and the interlocutors are observed in terms of whether they meet the obligations in the context of KVK and GDPR during the agreement and business stages.

2. Technical Measures

Averest Training takes all possible technical measures relevant and possible. Security measures are constantly being renewed and developed. In order to reduce misuse and unauthorized access to personal data, we store the data in a separate system after receiving it, we use secure connections (Secure Sockets Layer of SSL) to encrypt all information between you and our website when entering your personal data.

3. Notification of Infringements

Averest Training acknowledges that when it is notified that there is any infringement related to personal data, it should notify relevant Boards in Turkey and the EU from the date this situation was learned, without delay and within 72 hours at the latest. It minimizes the damage of the concerned and compensates the damage. When it is understood that the personal data have been intercepted by unauthorized persons, it immediately informs relevant Boards.

You can apply for the notification of infringements according to the procedures stated on our corporate website. Click for Application and Information Request Form