Privacy Policy

Effective Date: 20th June 2025

This Privacy Policy explains how Hudson Consultancy Online, operating under the 169to1® initiative, collects, uses, and protects your personal data. We are committed to safeguarding your privacy and ensuring your data is handled transparently, securely, and in line with applicable laws, including:

• The General Data Protection Regulation (GDPR)

• Türkiye’s Law on the Protection of Personal Data (KVKK, Law No. 6698)

By using our website or services, you agree to this Privacy Policy.

1. Who We Are

Hudson Consultancy Online is the data controller responsible for the personal data processed via:

• https://169to1.com

• https://169to1.org

Contact:
Email: david@hudsonconsultancyonline.com
Address: Istanbul, Türkiye

2. What Data We Collect

We collect only the data that is necessary to provide you with our services and improve your experience.

Data you may provide directly:

• Name and surname

• Email address

• Organisation name

• Billing information (e.g. for purchases)

• Details of your use of our tools or digital badges

• Your message if you contact us via form or email

Data collected automatically:

• IP address and device type

• Browser type and usage patterns

• Cookies and tracking data (see Section 7)

We do not collect sensitive personal data (special categories) unless required for a specific lawful purpose and with your explicit consent.

3. Why We Collect Your Data (Lawful Basis)

Under GDPR and KVKK, we must have a lawful reason to collect and use your data. We rely on the following legal bases:

• Contractual necessity: To fulfil your orders, subscriptions, or partnerships

• Legal obligations: For tax, accounting, and verification compliance

• Legitimate interests: To improve our services, protect against misuse, or contact you with relevant updates

• Consent: Where you have explicitly agreed (e.g. newsletter signup)

You can withdraw your consent at any time.

4. How We Use Your Data

We use your personal data to:

• Process orders and payments for digital products

• Issue digital badges or credentials

• Respond to support or contact requests

• Send product updates or service notifications

• Improve our content and platform performance

• Meet legal and reporting obligations (e.g. financial records)

We do not sell or rent your data to third parties.

5. Who We Share Your Data With

We only share your data with trusted service providers, where necessary for delivering our services. These may include:

• Payment processors (e.g. Iyzico, PayTR, Stripe)

• Badge issuers (e.g. Credly)

• Hosting providers (e.g. Squarespace)

• Analytics tools (e.g. Google Analytics)

All partners are contractually bound to protect your data under GDPR or KVKK-compliant agreements.

6. Your Rights

Under GDPR and KVKK, you have the right to:

• Access a copy of your personal data

• Request correction of inaccurate or incomplete data

• Request erasure of your data (‘right to be forgotten’)

• Restrict or object to certain types of processing

• Withdraw consent at any time (where applicable)

• File a complaint with a data protection authority

To exercise any of these rights, please contact us at [Insert contact email].

7. Cookies and Tracking

Our websites use essential and performance cookies to:

• Enable navigation

• Analyse traffic and usage patterns

• Improve platform functionality

You may adjust your browser settings to disable cookies. Please note that some features may not function properly if cookies are disabled.

For detailed information, see our [Cookie Policy].

8. Data Storage and Transfers

Your data is stored securely on servers located in the European Economic Area (EEA) or Türkiye, depending on your region.

Where data is transferred internationally (e.g. badge issuance or payment processing), we ensure:

• GDPR-compliant transfer safeguards (e.g. Standard Contractual Clauses)

• KVKK-compliant cross-border transfer approvals or lawful basis

We retain your data only for as long as necessary for the purposes outlined in this policy, or as required by law.

9. Security

We use appropriate technical and organisational security measures to protect your personal data, including:

• Secure socket layer (SSL) encryption

• Password-protected systems

• Access limited to authorised personnel

Despite our efforts, no system is 100% secure. You are responsible for keeping your login credentials confidential.

10. Children's Privacy

169to1® is designed for institutions, not individual children. We do not knowingly collect data from children under 13 years old. Where students are involved in educational programmes, it is the institution’s responsibility to obtain appropriate parental or guardian consent as required by law.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in law or our services. When we do, we will post the updated version on this page with the new effective date.

We encourage you to review this page regularly.

12. Contact Us

If you have questions, concerns, or wish to exercise your rights, contact:

Hudson Consultancy Online
On behalf of the 169to1® initiative
Email: david@169to1.com
Istanbul, Türkiye

If you are in the EU/EEA and wish to lodge a complaint, you may also contact your national Data Protection Authority.

In Türkiye, you may apply to KVKK (Kişisel Verileri Koruma Kurumu) for further resolution.