DISCLOSURE TEXT ON THE PROTECTION AND PROCESSING OF PERSONAL DATA

1. Data Controller

According to the KVKK, your personal data specified below may be processed by Eprom Software and Automation Ltd. Co. as the data controller, within the scope explained below.

Address: Alibey District, Nadir Ergün Street, Barış Apartment, No:2 Apartment:6 Silivri / ISTANBUL
Website: www.epromyazilim.com | www.epromguard.com
Email: [email protected]

2. Your Personal Data Processed and Categories

Due to the nature of the E-Guard Agent software and services provided by our company, the following data categories are processed:

Identity Information

Name, Surname, Institution/Company authorization information.

Contact Information

Corporate email address, phone number, company address.

Customer Transaction Information

Member Code, Group Code, license start-end dates, license status and purchase history.

Transaction Security Information

• IP addresses,
• System login-logout records (Login logs),
• Password information (encrypted with secure hashing algorithms),
• Two-Factor Authentication (2FA) records and TOTP keys.

Endpoint and Device Information

• Computer Name (Hostname),
• Operating System information,
• Hardware information and system status.

Service Usage Data (Collected by Agent)

Note: This data is processed on behalf of the Customer (Employer) and in accordance with the Customer's instructions.

• Application usage logs (Window titles, usage durations),
• Web/URL access logs,
• USB device connection logs (Device ID),
• Printing operation logs (Document name, printer information),
• Screenshots (Full screen or application-based),
• Software installation attempt records.

3. Purposes of Processing Personal Data

Your personal data is processed for the following purposes in accordance with the conditions specified in Articles 5 and 6 of the KVKK:

Service Provision

Licensing, installation, activation of E-Guard Agent software and fulfillment of promised functions (monitoring, blocking, reporting).

Implementation of Information Security Processes

Authorization of accesses, operation of Two-Factor Authentication (2FA) infrastructure and provision of data security.

Management Activities

Enabling institutional administrators to perform computer, group and policy management through the web panel.

Technical Support and Improvement

Provision of software updates (Auto-update), examination of debug logs and monitoring of system performance.

Legal Obligations

Maintenance of access records and provision of information to authorized public institutions in accordance with Law No. 5651 and related legislation.

Contract Processes

Establishment of membership agreement, license period tracking, billing and renewal operations.

4. Method and Legal Basis of Collection of Personal Data

Your personal data is collected electronically, wholly or partly automatically (through API integrations, synchronization services, etc.) via the www.epromguard.com website, management panel and E-Guard Desktop Application installed on computers.

The legal basis for the collection of this data (KVKK Article 5):

• Performance of a contract or establishment of a contract: Data processing being mandatory for the performance of the software license agreement.
• Legitimate interest of the data controller: Detection of unauthorized software or accesses that may harm the system, product development and provision of security.
• Legal obligation: Maintenance of log records as required by legal regulations.
• Explicit provision in laws.

5. Transfer of Personal Data

Your collected personal data may be transferred;

• To authorized public institutions and organizations (e.g. Prosecutor's Office, Courts) for fulfillment of legal obligations,
• To server and cloud service providers (Database servers), within the framework of the rules specified in Articles 8 and 9 of the KVKK, for provision of technical infrastructure.

Our company never shares user data (especially screenshots and activity logs) with third-party advertising or marketing firms.

6. Data Security Measures

Eprom Software takes the most up-to-date technical measures to protect your personal data:

Encryption

Database-level encryption, secure hashing algorithms for passwords and HTTPS/TLS encryption in data transmission are used.

Access Control

System accesses are protected with JSON Web Token (JWT) and 2FA.

Segregation

Each customer's data is logically segregated, and unauthorized users are prevented from accessing other institution data.

7. Rights of the Data Subject (KVKK Article 11)

As the personal data subject, you have the following rights in accordance with Article 11 of the Law:

• To learn whether your personal data is being processed,
• To request information about it if it is processed,
• To learn the purpose of processing and whether it is used in accordance with its purpose,
• To know third parties to whom data is transferred within or outside the country,
• To request correction of incomplete or incorrectly processed data,
• To request deletion or destruction of data within the framework of the conditions stipulated in Article 7 of the KVKK,
• To object to a result emerging against you as a result of the exclusive analysis of your data through automatic systems,
• To request compensation for damages if you are harmed by processing in violation of the Law.

To exercise these rights, you can submit your requests in writing to the company address specified above or to the [email protected] email address. Your application will be concluded free of charge as soon as possible and no later than 30 days depending on the nature of the request.

Last Update Date: 25.11.2025