Privacy

Virtual Number Service (VNS) Privacy Policy and Personal Data Text
    
    “Virtual Number Service (VNS)”
                                                        Update Date: 12 Jan 2023

1. Objective
    Virtual Number Service (VNS) Dijital Hizmetler Anonim Şirketi (Virtual Number Service (VNS) or “Company”), aims to process the
    personal data of users in accordance with general principles of privacy and the provisions of
    the applicable data protection legislation to the relevant person, particularly Law on Personal
    Data Protection No. 6698, (“PDP Law”) and other applicable legislation.

    Your personal data, which you provided/will provide to our Company and/or obtained by our
    Company by any external means, may be processed by our Company as “Data Controller”;

    ● In the context of the objective of processing your personal data and in connection withthis purpose, in a limited and measured manner,
    ● By maintaining the accuracy and up-to-date version of the personal data as reportedor notified to our Company,
    ● May be recorded, stored, preserved, reorganized and be transferred to the institutions
    authorized to request such personal data by law and shall be transferred, classified
    and shared with third parties within the country or abroad under the conditions
    stipulated by legislation and upon your explicit consent if necessary, and they may be
    processed by other means listed under the legislation and be subject to other
    procedures set forth in the legislation.

    This Privacy Policy is adopted for the continuance and improvement of the activities carried
    out by Virtual Number Service (VNS) in line with the principles set forth in the PDP Law.
    This Privacy Policy describes which data we collect, how we intend to use, store, protect and
    share the data we collect, how you can withdraw your consent for the processing of these
    data and how you can correct and revise the data.
    Capitalized terms in this Policy shall have the meanings specified in the Terms and
    Conditions unless defined separately in this Policy.                                                     


2. Collection of Personal Data and Method

    Virtual Number Service (VNS) may process your personal data for the purposes specified in this Privacy Policy.
    The personal data of users collected and used by Virtual Number Service (VNS) in particular, are as follows: your
    order information if you make a purchase through in-app purchase, and identifier for
    advertisers designated in your mobile device used in accessing our services (The Identifier
    for Advertisers-IDFA), identifier for vendors/developers designated your mobile device (The
    Identifier for Vendors-IDVF) and Internet Protocol Address-IP Address.

    Data Categories and Data Types

    Process Security : Internet traffic data (network movements, IP address, visit data, time and date
    information), device name, In-app purchase history, Token ID (when you allow notifications
    through your device), identifierfor advertisers designated in your mobile
    device used in accessing our services (ifyou give a permission, the Identifier for
    Advertisers-IDFA), identifier forvendors/developers designated your mobile
    device (The Identifier for Vendors-IDVF)

    Customer Transaction: Order information

    Marketing Data: IDFA, IDVF

    We may collect your abovementioned data directly from you through electronic or physical
    mediums, your mobile device, third party applications or third party sources which you can
    access our application through these mediums such as Apple App Store, Google Play App
    Store (similar platforms together with “App Stores”), for the purposes of compliance with legal
    obligations, enhancing  our services, administering  your use of our services, as well as
    enabling you to enjoy and easily navigate our services.
    We may collect your log data generated while you are using our services/applications
    (through our products or third party products). This log data may include information such as
    your device’s Internet Protocol (“IP”) address, device name, operating system version, the
    configuration of the app when utilizing our service/application, the time/date of your use of
    the service/application, and other statistics.

    General Principles Regarding Personal Data Processing
    In accordance with this Privacy Policy, personal data are processed by Virtual Number Service (VNS) as a data
    controller in line with the basic principles named here: (i) being in accordance with law and
    good faith, (ii) being accurate and, where necessary, up-to-date, (iii) being processed for
    specific, explicit and legitimate purposes, (iv) being limited for the purpose for which they are
    processed and data minimization; and (v) being stored for the period stipulated in the
    relevant legislation or required for the purpose for which they are processed.

3. Purposes of Processing Personal Data and Legal Reasons

    Your personal data will be processed via automatic or non-automatic means for the purposes
    stated below, in accordance with the applicable legislation and articles 5 and 6 of the PDP
    Law where it is expressly permitted by the laws, the establishment of a contract or direct
    relation to the execution or performance of the contract and for the legitimate interests of
    Virtual Number Service (VNS) provided that your fundamental rights and freedoms are protected.

    a) Purposes of Processing Personal Data
        In accordance with this text, your personal data is processed for the following purposes in
        accordance with the above general conditions:

        Process Security: 
            ● execution of activities in compliance with legislation
            ● execution of company/product/service commitmentoperations
            ● execution of communication activities● execution/auditing of business activities
            ● conducting after-sales support services for goods/services
            ● execution of goods/services sales processes
            ● conducting storage and archive activities
            ● execution of agreement processes
            ● execution of information security processes
            ● conducting audit/ethical activities
            ● execution/audit of business activities
            ● conducting activities to ensure business continuity
            ● providing information to authorized persons, institutionsand organizations
        Customer Transaction:
            ● execution/auditing of business activities
            ● conducting after-sales support services for goods/services
            ● execution of goods/services sales processes
            ● conducting activities for customer satisfaction
            ● execution of agreement processes
        Marketing Data:
            ● conducting marketing analysis studies
            ● execution of advertising/campaign/promotion processes

        Besides, the purposes of processing personal data may be updated in line with our
        obligations arising from our company policies and legislation; in particular,
            ● Creating user accounts for the service recipients/application users,
            ● Customizing our Services, understanding our users and their preferences to enhance
            user experience and enjoyment using our Services and improve our users’experience,
            ● Informing about new products, services and applications and delivering you
            information regarding advertisements and promotions,
            ● Carrying out a digital subscription and in-app purchase processes of service
            recipients,
            ● Carrying out the auto-renewable subscriptions for giving users access to content,
            services, or premium features in our service,
            ● Carrying out the processes of information security,
            ● Conducting activities in accordance with legislation,
            ● Fulfilling the demands of competent authorities,
            ● Conducting the processes of finance and accounting transactions,
            ● Conducting communication activities,
            ● Conducting the processes of contracts,
            ● Carrying out strategic planning activities,
            ● Following up requests and complaints.

    b) Legal Reasons:
        Customer Transaction:
            ● It is necessary to process your personal data, provided that
            we establish a contractual relationship with you, or that it
            is directly related to our performance obligation arising
            from this contract
            ● We have to process data in order to establish a right for
            you, to exercise and protect this right
        Process Security:
            ● The law explicitly stipulates the process by which we
            process your personal data
            ● Conditions that are necessary in order to fulfill our legal
            obligation
            ● It is necessary to process your personal data, provided that
            we establish a contractual relationship with you, or that it
            is directly related to our performance obligation arising
            from this contract
        Marketing Data:
            ● Your explicit consent (acquired via Apple and/or Google)

    Third Party Websites and Applications
        Virtual Number Service (VNS) App (Virtual Number Service (VNS)); may contain links to other websites 
        that are unknown to Virtual Number Service (VNS) and
        whose content is not controlled. These linked websites may contain terms and conditions
        other than Virtual Number Service (VNS) texts. Virtual Number Service (VNS) cannot be held responsible for the use or disclosure of
        information that these websites may process. Likewise, Virtual Number Service (VNS) shall not have any
        responsibility for any links from other sites provided to Virtual Number Service (VNS) owned by Virtual Number Service (VNS).
        We collect information by fair and lawful means, with your knowledge and consent. 
        We alsolet you know why we’re collecting it and how it will be used. You are free to refuse our
        request for this information, with the understanding that we may be unable to provide you
        with some of your desired services without it.

    Cookies
        Cookies are little text files that are stored on the browser or hard drive of your computer or
        mobile device when you visit a webpage or application.  Cookies allow a website to run more
        efficiently in addition to ensuring the presentation of personalized web pages in order to
        make you live a faster visit experience which is more fit for your specific personal needs and
        demands. Containing only data on your website visit history via the internet, cookies do not
        collect any information, including your personal data/files stored on your computer or mobile
        device. We may use cookies when it is necessary for operating our services, to enhance our
        service performance and functionality, and to deliver content, including ads relevant to your
        interests, on our sites, or third-party sites. You can delete cookies which are already present
        on your computer and prevent the recording/location of cookies on your internet explorer.

        Internet browsers are predefined to automatically accept the cookies as default. As the
        management of cookies varies from browser to browser, you may look at the help menu of
        the browser or application to get detailed information.

    Push Notifications
        Virtual Number Service (VNS) may occasionally send you push notifications via its mobile applications regarding
        application upgrades or notifications about our services. You can always edit such
        communication and notifications through the settings on your device and stop receiving such
        communications and notifications.

        Your data will be stored for the duration specified in the applicable legislation or for a
        reasonable time until the purpose of processing cease to exist, or during legal periods of
        limitation.

        Virtual Number Service (VNS) may continue to store your personal data, even after the expiry of the purpose of its
        use provided that it is required by other laws or a separate granted by you in this regard.  
        In cases that you allow Virtual Number Service (VNS) to store your personal data for additional time by giving
        your consent, such data shall be immediately deleted, destructed or anonymized upon the
        expiry of such additional time or once the purpose of processing no longer exists.
    
    Technical and Administrative Measures

        Virtual Number Service (VNS) stores the personal data it processes in accordance with relevant legislation for
        periods stipulated in relevant legislation or required for the purpose of processing. Virtual Number Service (VNS)
        undertakes to take all necessary technical and administrative measures and to take the due
        care to ensure the confidentiality, integrity and security of personal data. In this context, it
        takes the necessary measures to prevent unlawful processing of personal data, unauthorized
        access to data, unlawful disclosure, modification or destruction of data. Accordingly,
        Virtual Number Service (VNS) takes the following technical and administrative measures regarding the personal
        data it processes:

        Anti-virus application. On all computers and servers in Virtual Number Service (VNS)'s information technology
        infrastructure, a periodically updated anti-virus application is installed.

        Firewall. The data center and disaster recovery centers hosting Virtual Number Service (VNS) servers are
        protected by periodically updated software-loaded firewalls; the relevant next generation
        firewalls control the internet connections of all staff and provide protection against viruses
        and similar threats during this control.

        VPN. Suppliers can access Virtual Number Service (VNS) servers or systems through SSL-VPN defined on
        Firewalls. A separate SSL-VPN identification has been made for each supplier; with the
        identification made, the supplier only provides access to the systems that it should use 
        or is authorized to use.

        User identifications. Virtual Number Service (VNS) employees' authorization to Virtual Number Service (VNS) systems is limited only
        to the extent necessary by job descriptions; in case of any change of authority or duty,
        systemic authorizations are also updated.

        Information security threat and event management. Events that occur on Virtual Number Service (VNS)
        servers and firewalls, are transferred to the “Information Security Threat and Event
        Management” system. This system alerts the responsible staff when a security threat occurs
        and allows them to respond immediately to the threat.

        Encryption. Sensitive data is stored with cryptographic methods and if required, transferred
        through environments encrypted with cryptographic methods and cryptographic keys are
        stored in secure and various environments.

        Logging. All transaction records regarding sensitive data are securely logged.

        Two-factor authentication. Remote access to sensitive data is allowed through at least
        two-factor authentication.

        Penetration test. Periodically, penetration tests are performed on servers in the Virtual Number Service (VNS)
        system. The security gaps created as a result of this test are closed and a verification test is
        performed to show that the relevant security gaps have been closed. Besides, Information
        Security Threat and Event Management System automatically performs penetration tests.
        Test results are recorded.

        Information Security Management System (ISMS). At the ISMS meetings made within
        Virtual Number Service (VNS), the topics contained in the control forum are audited monthly by the director of
        information technology and the director of financial operations.
        
        Training. In order to increase the awareness of Virtual Number Service (VNS) employees against various
        information security violations and to minimize the impact of the human factor in information
        violation incidents, trainings are provided to employees at regular intervals.
        
        Physical data security. It ensures that personal data on papers is necessarily stored in
        lockers and accessed only by authorized persons. Adequate security measures (for
        situations such as electric leakage, fire, deluge, thievery etc.) are taken based on the nature
        of the environment where sensitive data is stored.
        
        Backup. Virtual Number Service (VNS) periodically backs up the data it stores. As a backup mechanism, it uses
        the backup facilities provided by the cloud infrastructure providers, as well as the backup
        solutions it develops when deemed necessary, provided that it is in compliance with relevant
        legislation and provisions of this Policy.
        
        Non-disclosure agreement. Non-disclosure agreements are concluded with employees
        taking part in sensitive personal data processing.
        
        Transfer of sensitive personal data. If transfer of sensitive personal data is required
        through email; such transfer is done through (i) encrypted corporate email or (ii) Registered
        E-mail.

        In the event that the personal data is damaged as a result of attacks on Virtual Number Service (VNS) or on the
        Virtual Number Service (VNS) system, despite Virtual Number Service (VNS) taking the necessary information security measures, or
        the personal data is obtained by unauthorized third parties, Virtual Number Service (VNS) notifies this situation to
        Users immediately and, if necessary, to relevant data protection authority and takes
        necessary measures.


4. Transferring Personal Data to Third Parties

        The procedures and principles to be applied for transferring of personal data are regulated in
        articles 8 and 9 of the PDP Law, and the personal and special categories of data of the
        supplier may be transferred to third parties within the country or abroad since we may use
        servers and cloud systems located abroad.

        Your personal data may be transferred abroad for the following reasons:
            ● Conducting storage and archive activities
            ● Conducting business activities
            ● Conducting after-sales support services for goods/services
            ● Managing customer relationship management processes

        Virtual Number Service (VNS) may also transfer your personal data to services providers of our Company, third
        parties such as Facebook SDK, Adjust and Firebase Analytics which are embedded into our
        service for the following purposes:
            ● Sharing identity, communication and transaction security information with authorized
            public institutions and organizations for the purpose of execution of activities in
            compliance with legislation, monitor and execution of legal affairs, informing
            authorized persons, institutions and organizations.
            ● Sharing customer transaction information to manage after-sales support services,
            conduct business activities and manage customer relationship management
            processes.

5. Your Rights as the Data Subject

        Pursuant to Article 11 of the PDP Law, you may request the following regarding your
        personal data by applying to Virtual Number Service (VNS):
        ● Learn whether or not your personal data have been processed;
        ● Demand for information as to if your personal data have been processed;
        ● Learn the purpose of the processing of personal data and whether data are used in
        accordance with their purpose;
        ● Know the third parties in the country or abroad to whom your personal data havebeen transferred;
        ● In case the personal data is processed incompletely or inaccurately; request
        ingnotification of the transactions made under this scope to third parties to whom
        personal data have been transferred;
        ● Request deletion, destruction or anonymization of personal data if the reasons for the
        processing have disappeared and request notification of the transactions made under
        this scope to third parties to whom personal data have been transferred;
        ● Object to occurrence of any result that is to your detriment by means of the analysis
        of personal data exclusively through automated systems;
        ● Request compensation for the damages in case you incur damages due to unlawful
        processing of your personal data.

        Where General Data Protection Regulation (GDPR) is applicable, data subjects have the
        following rights:
        ● Right of access - Learning whether personal data is being processed and, if so,
        accessing your personal data and the information regarding the processing of your
        personal data,● Right to correction -To request the correction of information that you believe is
        inaccurate or the completion of information that you believe is incomplete by Virtual Number Service (VNS),
        ● Right to delete – To request deletion of personal data under the conditions stipulatedin GDPR,
        ● The right to restrict processing - To request the restriction of the processing of
        personal data under the conditions stipulated in the GDPR,
        ● Right to object to processing - To object to the processing of personal data under the
        conditions stipulated in the GDPR,
        ● Right to data portability - To request the data collected by Virtual Number Service (VNS) to be transferred
        directly to another organization or under certain conditions,
        ● Objection to the occurrence of a result against the person himself/herself, by
        analyzing the processed data exclusively through automatic systems, including
        profiling.

    In the application that includes your explanations about the right you have as the data subject
    and exercise your rights stated above and that you request to exercise; your request must be
    explicit and understandable, if the subject of your request is related to you or if you are acting
    on behalf of someone else, you must be specially authorized in this regard and your authority
    must be documented, the application must contain identity and address information and
    documents proving your identity must be attached to the application. Our Company will
    enable you to file such requests through the “Data Subject Application Form” by email. 
    In accordance with Article 13 of the PDP Law, our Company willfinalize your requests, free of charge, 
    within 30 (thirty) days at the latest depending on thenature of the request. 
    In case the request is rejected, the reason or reasons for the rejection
    will be notified in writing or electronically along with its justification.

    If you believe that we or someone with whom we have transferred your data is violating your
    rights, you can file a complaint to the data protection authority in your country and to other
    competent supervisory authorities.
    This Privacy Policy may be revised by our Company when deemed necessary. If you
    continue to access ASK AI and use or access ASK AI without benefiting from the Services
    offered by Virtual Number Service (VNS) after the notification period, you shall be deemed to have allowed the
    changes in this Privacy Policy.

6. What permission Virtual Number Service (VNS) asks within the app and why:
     

    ● Notifications
    Application asks for notification permission to inform you about updates and campaigns.



7. INFORMATION ABOUT THE AUTO-RENEWABLE SUBSCRIPTIONS
    - You can upgrade your membership to Premium membership for using premium question packages and/or several benefit while playing. 
    If you want to access those premium features, your premium subscription must be enabled and active.
    - Question packages of "Virtual Number Service (VNS)" application are regularly updated with new questions at least once a week.
    - Pricing may vary for the package you choose.   
    - Subscription periods are  1 week / 1 month / 6-months / Annually . Every  1 week/1 month/6-months/1 year your subscription renews.
    - Payment will be charged to Google or iTunes Account at confirmation of purchase
    - Subscription automatically renews unless auto-renew is turned off at least 24-hours before the end of the current period
    - Account will be charged for renewal within 24-hours prior to the end of the current period.
    - Any unused portion of a free trial period, if offered, will be forfeited when the user purchases a subscription to that publication, where applicable.
    - You can cancel your subscription via this url: https://support.apple.com/en-us/HT202039
    - Privacy policy: http://virtualnumberservice.com/privacy
    - Terms Of Use: http://virtualnumberservice.com/tos