ZeyPOS
🇬🇧 EN
🇹🇷 Türkçe 🇬🇧 English
ZeyPOS

Privacy Policy

Privacy Policy

ZEYPOS KVKK NOTICE AND PRIVACY POLICY

ZeyPOS is a cloud-based software platform that provides point of sale (POS), order management, inventory tracking, accounts/ledger and accounting records, reporting, QR menu, WhatsApp order management, and AI-powered assistant services for restaurants, cafés, hotels, beach clubs, and similar businesses.

ZeyPOS is developed and provided by Artech Yazılım Otomasyon Bilişim Sanayi ve Ticaret Limited Şirketi.

This text has been prepared to explain, within the scope of Law No. 6698 on the Protection of Personal Data, for which purposes your personal data is processed, with whom it may be shared, how long it may be retained, and your rights over your personal data.

  1. Data Controller and Data Processor Distinction

Artech Yazılım Otomasyon Bilişim Sanayi ve Ticaret Limited Şirketi acts as the data controller in subscription, contract, payment, invoicing, technical support, communication, and customer relations processes relating to businesses that benefit from ZeyPOS services.

With respect to data concerning the employees, customers, orders, tickets, WhatsApp conversations, QR menu requests, and operational records of restaurants, cafés, hotels, and similar businesses using ZeyPOS, the relevant business is, as a rule, the data controller; Artech Yazılım Otomasyon Bilişim Sanayi ve Ticaret Limited Şirketi acts as the data processor within the scope of the software service provided.

In this context, Artech processes data entered into the system by the business or created through ZeyPOS by the business’s customers/employees, within the framework of the relevant business’s instructions, the service agreement, technical requirements, and applicable legislation.

  1. Data Controller Information

Title:
Artech Yazılım Otomasyon Bilişim Sanayi ve Ticaret Limited Şirketi

Address:
Şirintepe Mah. 8132 Sk. No: 20 /1 Çiğli / İzmir

E-mail:
info@artechotomasyon.com

Phone:
0534 658 89 96

  1. Personal Data Processed

The following personal data may be processed during the provision of ZeyPOS services:

Business and account information:
Business name, authorized person information, tax and invoicing information, contact information, branch information, subscription information, payment and collection records, support requests, and contract records.

Employee and user information:
Name-surname, username, phone number, e-mail address, position/role information, user authorizations, login/logout records, transaction history, shift and attendance information, order and ticket transaction records, and, where necessary, location-based login/logout records.

End-customer and order information:
Order contents, order amounts, payment type, ticket information, table/room number, phone number, WhatsApp number, message contents, delivery address or location, customer notes, and order history.

Technical data:
IP address, device information, browser information, operating system information, session records, system logs, error records, performance records, security records, and cookie data.

Financial and operational data:
Sales records, cash register movements, payment types, current account records, inventory movements, product and price records, reporting data, reconciliation records, and records relating to internal business approval/sign-off processes.

  1. Sensitive Personal Data

As a rule, the processing of sensitive personal data is not intended within the scope of ZeyPOS.

Users or businesses are expected not to enter sensitive personal data such as health information, biometric data, religion, sect, political opinion, criminal conviction, trade union membership, or similar sensitive personal data into the system.

Nevertheless, if sensitive personal data are entered into the system by the business, the relevant business is responsible for the processing of such data and for fulfilling the necessary explicit consent/information notice processes.

  1. Purposes of Processing Personal Data

Personal data may be processed for the following purposes:

Provision of ZeyPOS software services,
Conducting POS, order, inventory, current account, cash register, accounting, and reporting processes,
Managing QR menu and digital ordering processes,
Responding to requests received through WhatsApp and similar messaging channels,
Providing menu, price, order, and business information through the AI-powered assistant,
Receiving, preparing, transmitting, and managing delivery processes for orders,
Ensuring user authorization, session management, and access security,
Enabling the business to manage employee, shift, and attendance processes,
Generating inventory, sales, cash register, current account, and financial reports,
Conducting subscription, payment, invoicing, and customer support processes,
Detecting technical errors, performance issues, security incidents, and abuse,
Improving service quality and developing the system,
Fulfilling legal obligations,
Responding to requests from authorized public institutions and organizations.

  1. Methods of Collecting Personal Data

Personal data may be collected electronically through:

ZeyPOS web panel,
mobile applications,
QR menu screens,
POS and cash register screens,
waiter, kitchen, bar, and management panels,
WhatsApp and similar messaging channels,
e-mail, phone, and support channels,
payment, invoicing, and subscription processes,
cookies, log records, and technical systems

.

  1. Legal Grounds for Processing Personal Data

Personal data are processed based on the following legal grounds under Article 5 of the PDPL:

Processing is necessary for the establishment or performance of a contract,
Processing is necessary for the controller to fulfill its legal obligation,
Processing is necessary for the establishment, exercise, or protection of a right,
Processing is necessary for the legitimate interests of the controller, provided that it does not harm the fundamental rights and freedoms of the data subject,
It is expressly provided for by law,
Where necessary, the explicit consent of the data subject is obtained.

For processing activities requiring explicit consent, consent is obtained separately and clearly. This information notice does not replace the explicit consent text.

  1. WhatsApp and Messaging Assistant

ZeyPOS may help businesses respond to customer requests, take orders, and communicate with customers through WhatsApp and similar messaging channels, if the business prefers.

Messages sent to the business’s WhatsApp line may be processed for the purposes of handling menu, price, reservation, order, delivery, room/table information, and customer service processes.

Message contents may be forwarded to business representatives, relevant personnel, or the AI-powered assistant depending on the nature of the request.

The WhatsApp messaging infrastructure is provided by Meta Platforms, Inc. Therefore, Meta/WhatsApp’s own terms of use and privacy policies may also apply to communications made via WhatsApp.

Address, location, room number, or similar information shared for delivery or service provision purposes is used solely to fulfill the relevant request.

  1. Use of Artificial Intelligence

ZeyPOS may provide AI-powered assistant services if the business prefers.

The AI assistant may be used for purposes such as providing menu and price information, taking orders, answering customer questions, providing operational support to business personnel, interpreting reports, and similar functions.

In this context, message contents, order information, menu/price information determined by the business, and technical transaction records may be transferred to AI service providers for the purpose of generating responses.

Unnecessary personal data, sensitive personal data, identity document information, payment card information, health information, or similar sensitive information should not be entered into AI systems.

  1. Transfer Abroad

Some technology providers used in the provision of ZeyPOS services may have servers located abroad.

In this context, personal data may be transferred abroad, limited to AI service providers, messaging infrastructure providers, cloud server and hosting service providers, e-mail/SMS/communication infrastructure providers, and technical service providers.

Transfers abroad are carried out within the framework of Article 9 of the PDPL, relevant legislation, Board decisions, and, where necessary, explicit consent, appropriate safeguards, standard contracts, or other transfer mechanisms предусмотрены by legislation.

  1. Parties to Whom Personal Data Are Transferred

Personal data may be shared, to the extent required by the service and limited to the relevant purpose, with the following persons and organizations:

The relevant business using ZeyPOS and its authorized users,
personnel authorized by the business,
cloud server and hosting service providers,
messaging infrastructure providers such as WhatsApp/Meta,
AI service providers,
e-mail, SMS, and notification infrastructure providers,
payment and invoicing service providers,
accounting, e-invoicing, or integration service providers,
technical support and maintenance service providers,
legal advisors, certified public accountants, and auditors,
authorized public institutions and organizations.

Personal data are not sold to third parties for purposes other than those stated above.

  1. Retention Periods

Personal data are retained for the period required by the processing purpose and for the legal retention periods stipulated in the relevant legislation.

Data whose retention period has expired are deleted, destroyed, or anonymized.

If the business account is terminated, the business’s data may be retained or deleted, taking into account the contract, technical requirements, backup processes, and the periods stipulated in legislation.

Log, security, and transaction records may be retained for reasonable periods for security, audit, troubleshooting, and resolution of legal disputes.

  1. Data Security

Appropriate technical and administrative measures are taken to ensure the security of personal data.

In this context, the following may be applied:

user authorization and role-based access control,
company-based data isolation,
secure session management,
encrypted communication infrastructure,
HTTPS use,
logging and transaction records,
backup processes,
server and application security measures,
controls to prevent unauthorized access,
error and performance monitoring systems

.

  1. Cookies

The ZeyPOS web panel and website may use cookies for session management, security, user preferences, system performance, and, where necessary, analytics purposes.

Strictly necessary cookies are required for the service to function.

Analytics and performance cookies may be used to improve user experience and measure system performance.

Cookie preferences can be managed through browser settings. If strictly necessary cookies are disabled, some services may not function properly.

  1. Rights of the Data Subject

Under Article 11 of the PDPL, data subjects have the following rights:

To learn whether their personal data are processed,
to request information if their personal data have been processed,
to learn the purpose of the processing of personal data and whether they are used in accordance with that purpose,
to know the third parties to whom personal data are transferred domestically or abroad,
to request correction if personal data are incomplete or inaccurate,
to request the deletion or destruction of personal data within the scope of the relevant legislation,
to request that correction, deletion, or destruction operations be notified to third parties to whom the data have been transferred,
to object to an adverse result arising from the analysis of processed data exclusively through automated systems,
to claim compensation for damages arising from the unlawful processing of personal data.

  1. Application and Contact

You may submit your applications under the PDPL through the following communication channels:

Artech Yazılım Otomasyon Bilişim Sanayi ve Ticaret Limited Şirketi

Address:
Şirintepe Mah. 8132 Sk. No: 20 /1 Çiğli / İzmir

E-mail:
info@artechotomasyon.com

Phone:
0534 658 89 96

Your applications will be concluded as soon as possible and no later than 30 days, depending on the nature of the request.

  1. Policy Changes

This text may be updated from time to time due to legislative changes, updates made to ZeyPOS services, or changes in business processes.

The current text becomes effective as of the date it is published on the ZeyPOS website or relevant platforms.

Last Updated Date: 20-06-2026