Cart $0.00
Request For Quotation
View Categories

Privacy Policy

5 min read

🔐 YTS-Agents Privacy Policy

Effective Date: January 2018
Last Updated: September 2025

1. Introduction

This Privacy Policy describes how YTS-Agents, a subsidiary of Perle Marketing (France), collects, uses, discloses, transfers, and protects personal data in connection with:

  • visits to our website https://www.yts-agents.com,
  • requests for quotations, and
  • the delivery of AI-Powered Business Workflow Automation and consulting services.

By using our website or engaging our services, you acknowledge that you have read and understood this Policy.

2. Company Identity & Contact

Data Controller (EU):Perle Marketing / YTS-Agents – 2 Allée des Bosquets, 94800 Paris, France
Data Controller (TR):YTS-Agents Turkey Operations Office, Istanbul
Email:privacy@yts-agents.com / contact@yts-agency.com
Website:https://www.yts-agents.com
Representative in EU:Perle Marketing
Representative in Türkiye:YTS-Agents

3. Legal Framework

YTS-Agents processes data in accordance with:

  • GDPR Articles 5–49 (lawfulness, fairness, transparency, purpose limitation, minimization, accuracy, storage limitation, integrity, accountability);
  • French CNIL guidelines; and
  • Türkiye KVKK Law No. 6698 and relevant secondary legislation.

4. Definitions

TermMeaning
Personal DataAny information relating to an identified or identifiable natural person.
ProcessingAny operation performed on personal data – collection, recording, storage, use, transmission, etc.
ControllerThe entity that determines purposes and means of processing (YTS-Agents or the Client).
ProcessorThe entity that processes data on behalf of a Controller.
Data SubjectAny individual whose personal data is processed.

5. Categories of Data We Collect

  1. Contact Data: name, email, phone number, job title, company.
  2. Professional Data: project requirements, department, business area.
  3. Financial Data: billing address, IBAN/VAT number (for invoicing).
  4. Technical Data: IP address, browser type, operating system, cookies, analytics ID.
  5. Usage Data: pages visited, duration, click paths.
  6. Content Data: files and datasets uploaded for automation purposes.
  7. Communication Data: emails, support tickets, chat logs.

We do not knowingly process special categories of data (racial origin, health, religious belief).
If such information is accidentally received, it will be deleted immediately.

6. Purpose of Processing & Legal Basis

PurposeExamplesLegal Basis (GDPR Art. 6)
Service deliveryImplementing automations, analytics, dashboardsContract performance (b)
CommunicationResponding to inquiries, support, proposalsLegitimate interest (f)
MarketingNewsletters, social updates (opt-in only)Consent (a)
BillingPreparing invoices, tax complianceLegal obligation (c)
SecurityMonitoring, backups, threat detectionLegitimate interest (f)
RecruitmentProcessing job applicationsConsent (a) / Pre-contractual steps (b)

7. Methods of Collection

  • Forms on the website (contact, quotation, newsletter).
  • Direct email or phone communication.
  • Project onboarding documents and contracts.
  • Automated data collection via cookies and analytics scripts.
  • Third-party integrations (n8n workflows, API connections, CRM tools).

8. How We Use Your Data

  1. To register you as a client and manage contracts.
  2. To configure AI and automation solutions.
  3. To communicate status updates and technical reports.
  4. To create KPI dashboards and performance analytics.
  5. To comply with financial and legal obligations.
  6. To improve our website and service offerings.

We will never sell or lease personal data to third parties.

9. Cookies and Tracking Technologies

Types used:

  • Essential (session management, security)
  • Analytics (Google Analytics 4, Matomo)
  • Marketing (Meta Pixel, LinkedIn Insight Tag)

Retention: analytics cookies 26 months maximum.
Users may manage preferences through our cookie banner or browser settings.

10. Retention Period

Data CategoryRetentionDeletion Method
Prospects / inquiries12 months after last contactSecure deletion
Client project dataContract duration + 5 yearsEncrypted archive, then erasure
Billing records10 years (legal requirement France)Secure destruction
Backups90-day rolling cycleAutomatic overwrite

11. Data Sharing & Recipients

We share data only when necessary:

Recipient TypePurposeLocation / Safeguard
Internal staff & subcontractorsProject execution under NDAEU / Türkiye
Cloud providers (Google Cloud, AWS)Hosting and backupSCCs / Adequacy Decision
Automation tools (n8n, OpenAI, Jasper.ai, GoHighLevel)Workflow executionGDPR-compliant APIs
Accountants / auditorsLegal complianceFrance / Türkiye
AuthoritiesLegal requests onlyAs required by law

All recipients are bound by written data-processing agreements.

12. International Transfers

Data may be processed in France, Türkiye, the EEA, or other jurisdictions.
Transfers outside the EEA occur only if:

  • The destination has an EU adequacy decision; or
  • Standard Contractual Clauses (SCCs) are signed; or
  • The transfer is necessary for contract execution.

13. Security Measures

YTS-Agents employs:

  • 256-bit SSL/TLS encryption;
  • Encrypted databases (AES-256);
  • Role-based access control and 2FA;
  • Endpoint protection and firewalls;
  • Weekly vulnerability scans;
  • Regular employee security training.

Any security incident is recorded and analyzed per ISO 27001 principles.

14. Your Rights under GDPR and KVKK

You may exercise the following rights at any time by emailing privacy@yts-agents.com:

RightExplanation
AccessObtain confirmation of processing and a copy of your data.
RectificationCorrect inaccurate or incomplete data.
ErasureRequest deletion when data is no longer necessary.
RestrictionTemporarily limit processing.
PortabilityReceive data in machine-readable format.
ObjectionObject to processing for legitimate interest or marketing.
Withdraw consentFor email marketing or cookies at any time.

Response time: within 30 days (GDPR) or 45 days (KVKK).
If unsatisfied, you may lodge a complaint with CNIL (France) or KVKK Authority (Türkiye).

15. Children’s Data

Our services are not intended for individuals under 16 years of age.
We do not knowingly collect such data. If identified, it is deleted immediately.

16. Processing on Behalf of Clients (Data Processor Role)

When providing automation services, YTS-Agents acts as Data Processor, and the Client is Data Controller.

  • We process only on written instructions from the Client.
  • All personnel sign confidentiality agreements.
  • We do not sub-process without authorization.
  • We assist Clients with data-subject requests and breach notifications.
  • We delete or return data upon project termination.

These obligations are formally governed by the Data Processing Agreement (Annex E).

17. Sub-Processing & AI Technology Use

When using AI tools (OpenAI API, Jasper.ai):

  • Only pseudonymized and non-sensitive content is shared.
  • Processing occurs under each provider’s DPA and EU SCCs.
  • No training data retention beyond session is authorized.

18. Data Breach Procedure

If YTS-Agents becomes aware of a breach:

  1. Incident recorded immediately in security log.
  2. Impact analysis within 24 hours.
  3. Notification to Controller and Authority within 48 hours (GDPR Art. 33).
  4. Remediation and prevention report issued within 72 hours.

19. Automated Decision-Making and Profiling

YTS-Agents does not engage in automated decision-making that produces legal effects on individuals.
AI models used for workflow optimization operate only on business data for efficiency purposes.

20. Third-Party Links

Our website may contain links to external sites (Google, LinkedIn, Meta, etc.).
We are not responsible for their content or privacy policies.
Please review them independently.

21. International Marketing & Opt-Out

Email marketing is sent only with explicit consent (opt-in checkbox or double opt-in email).
Unsubscribe links are included in all campaigns.
Marketing preferences can also be updated by contacting privacy@yts-agents.com.

22. Employee and Freelancer Data

We process limited data for human-resources purposes (recruitment, contracts, payments).
Access is restricted to HR personnel only and retained for the duration of employment + 5 years.

23. Record of Processing Activities

YTS-Agents maintains an internal Record of Processing (Article 30 GDPR), updated quarterly and available to supervisory authorities upon request.

24. Data Protection Officer (DPO)

Name: [Appointed DPO or External Advisor]
Email: dpo@yts-agents.com
Postal: 2 Allée des Bosquets, 94800 Villejuif/Paris, France

25. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in law or technology.
Updates take effect immediately upon publication on our website.
Substantial changes will be communicated via email notice to clients.

26. Governing Law and Jurisdiction

This Policy is governed by French law and GDPR principles.
For Türkiye-based processing, KVKK Law No. 6698 applies.
Disputes will first be subject to amicable settlement and failing that, to the exclusive jurisdiction of the Commercial Court of Paris or Istanbul Courts (as mutually agreed).

27. Acknowledgment of Understanding

By using our website or services, you acknowledge that you have read, understood, and accepted this Privacy Policy and consent to the processing of your data in accordance with it.

✅ Summary Table of Key Facts

TopicSummary
ControllerYTS-Agents / Perle Marketing, Paris
Data RetentionUp to 10 years (depending on category)
TransfersEU ↔ Türkiye under SCCs
RightsAccess, Rectify, Erase, Port, Object, Restrict
Breach NoticeWithin 48 hours
AI ToolsUsed only with data minimization and anonymization
Contactprivacy@yts-agents.com
Updated on October 17, 2025

What are your Feelings

  • Happy
  • Normal
  • Sad

Add comment

Your email address will not be published. Required fields are marked

Home
Shop
0 Cart
More
More