EFFECTIVE DATE: 03.10.2025
1. INTRODUCTION
Sestek Ses ve İletişim Teknolojileri San. ve Tic. A.Ş. (hereinafter referred to as the “SESTEK”) is a technology company specializing in voice and communication technologies, call center applications, and customer service automation. Our AI-based solutions aim to increase operational efficiency, provide cost advantages, and enhance end-user experiences.
SESTEK AI Solutions Privacy Notice (hereinafter referred to as the “Privacy Notice”), informs SESTEK’s customers and end users about the processing of personal data, AI usage, ethical and security principles, transparency, and auditing procedures related to SESTEK AI Solutions.
2. DATA CONTROLLER AND RESPONSIBILITIES
SESTEK acts as the data controller for personal data processed in the context of its AI Solutions. SESTEK ensures that:
• Processes personal data in compliance with data protection principles.
• Ensures the security, confidentiality, and integrity of the data.
• Incorporates privacy and data protection by design throughout the entire lifecycle of Artificial Intelligence solutions.
• Respects the rights of data subjects and acts in full compliance with relevant legal regulations.
3. PURPOSE AND LEGAL BASIS OF PROCESSING
Personal data is processed for the following purposes:
• Training, testing, and development of AI models.
• Providing services, generating AI outputs, and verifying results.
• Improving user experience and customer support processes.
• Compliance with legal obligations and ensuring security.
Personal data is processed by SESTEK based on the legal basis that “processing is necessary for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.”
4. RETENTION PERIOD AND DESTRUCTION OF PERSONAL DATA
Personal data will be retained only for as long as necessary to fulfill the purpose of processing. When the purpose of processing personal data has been fulfilled, or when the retention periods specified by applicable legislation have expired, personal data shall be securely destroyed. This includes, but is not limited to, deletion, anonymization, or permanent erasure of the data.
4. AI USAGE AND HUMAN OVERSIGHT
SESTEK AI Solutions are designed for decision support. Final decisions are always subject to human oversight.
• Human oversight mechanisms operate throughout the system’s lifecycle.
• AI outputs are controlled under human supervision to ensure accuracy and reliability.
• Quality controls prevent misleading, biased, or incorrect content.
• Outputs should not be considered definitive; verification and oversight processes must be applied.
5. PERSONAL DATA SECURITY AND TECHNICAL MEASURES
SESTEK implements the following measures, without limitation, to ensure the security of personal data:
• Technical data security measures, including data masking and anonymization
• Regular cybersecurity testing and risk assessments
• Periodic system reviews and audits in accordance with the ISO/IEC 27001:2022 Information Security Management System
• Adherence to the ISO/IEC 42001:2023 Artificial Intelligence Management System and compliance with national and international security standards
• Legally compliant and secure mechanisms for the transfer of personal data.
6. TRANSPARENCY, EXPLAINABILITY, AND AUDITABILITY
• AI systems’ logic, data processing steps, and outputs are clearly communicated to stakeholders.
• SESTEK ensures auditable records and metadata are maintained for model and process actions.
• Activities involving processors and sub-processors and third-party integrations are monitored and risks minimized.
7. THIRD-PARTY INTEGRATIONS
SESTEK Solutions may use third-party AI tools such as OpenAI, Google Gemini, and Microsoft Azure AI.
• Security or performance risks arising from these integrations are the customer’s responsibility.
• Customers are informed of third-party integrations and continuing use constitutes acceptance.
8. CUSTOMER AND END USER RESPONSIBILITIES
• Use SESTEK AI Solutions in compliance with applicable laws.
• Verify outputs and use them under human supervision.
• Manage and minimize risks from third-party integrations.
• Ensure transparency and provide information to end users:
Example: “This conversation or transaction is supported by AI.”
9. DATA SUBJECT RIGHTS
Data subjects may exercise their rights concerning their personal data as outlined in the relevant legislation. These rights include, but are not limited to:
• The right to request information about their personal data
• The right to request details regarding the purposes of processing their personal data
• The right to request information about the recipients to whom their personal data has been transferred
• The right to access and request the rectification of their personal data
• The right to request the erasure and/or transfer of their personal data
In this regard, data subjects may submit their requests regarding these rights to SESTEK.
12. CONTACT
For detailed information regarding inquiries, support requests, or issues related to personal data protection within the scope of Artificial Intelligence Solution
Email: privacy@sestek.com
Website: www.sestek.com
