This Privacy Policy explains how Odigos Teknoloji Çözümleri Danışmanlık San. ve Tic. A.Ş. ("Company", "OdiHire", "Odi") collects, uses, shares and protects your personal data through the OdiHire platform and the Odi — Personal Career Assistant service (odihire.com/aday). Your additional rights under Turkey's KVKK, the EU GDPR, and California's CCPA/CPRA are set out in the dedicated sections below.
For the detailed KVKK notice, see our Privacy Notice (KVKK) page.
The Odi profile analysis is performed entirely by automated artificial intelligence. The resulting score and suggestions are advisory and do not constitute a binding decision that produces legal or significant effects concerning you. The fact that the analysis is AI-generated is clearly disclosed; your right to object to solely-automated analysis is reserved.
Your data is shared only for the purposes above, with data processor service providers acting on our instructions:
Because some providers are located abroad, data may be transferred outside your country. Such transfers are made on the bases permitted under Article 9 of the KVKK — primarily your explicit consent and, where applicable, appropriate safeguards such as standard contractual clauses.
The Company is a data controller registered with VERBİS (Turkey's data-controllers' registry) and holds an ISO/IEC 27001 Information Security Management System certification.
We may use strictly-necessary and analytics cookies to operate the service and improve your experience. You can manage cookies in your browser settings; disabling strictly-necessary cookies may affect some functions.
We retain data only as long as necessary for the processing purpose: account data while your account is active; payment/invoice records for the period required by law; the talent pool for the duration of consent (up to 2 years); security logs for a reasonable period.
You have the Article 11 rights including access, rectification, erasure, learning the parties to whom data is transferred, objecting to automated analysis, and claiming compensation. Requests are concluded within 30 days at the latest. For details and channels, see the Privacy Notice (KVKK).
If you are in the European Union/European Economic Area, the EU General Data Protection Regulation (GDPR) applies. Although the Company is established outside the EU (in Türkiye), it falls within GDPR Art. 3(2) to the extent it offers services to users in the EU.
We obtain the profile content from publicly accessible sources (LinkedIn) via a third-party data-retrieval service. The categories of data processed are name, title, work history, education and skills. In the consumer flow, you submit your own profile at your own request.
Our AI analysis involves profiling, but the output is advisory and does not produce a legal or similarly significant decision about you. Meaningful information about the logic: your profile text is the input; the system evaluates completeness, phrasing and keyword/skill signals and uses a large language model.
Transfers outside the EEA (including to Türkiye, which the EU has not deemed adequate) are made under appropriate safeguards such as the Standard Contractual Clauses (SCCs) or the derogations in Art. 49. You may request a copy of the safeguards.
If you are in the EU/EEA, you may contact us regarding any request relating to your personal data and to exercise your rights through the channels in the Contact section below. You also have the right to lodge a complaint with the competent data protection supervisory authority in your country. Our service is not directed to children under 16. In the event of a high-risk personal-data breach, we notify the competent supervisory authority without undue delay and, where feasible, within 72 hours.
If you are a California resident, you may have rights under the CCPA (as amended by the CPRA). Even if the Company is below the statutory thresholds, it provides these disclosures voluntarily for transparency.
We do not sell your personal information and do not share it for cross-context behavioral advertising. Accordingly, we are not required to provide a separate "Do Not Sell or Share" link. If a browser sends a Global Privacy Control (GPC) signal, we will honor it to the extent applicable.
Because we operate exclusively online, the e-mail below is sufficient for requests (no toll-free number is required). After verifying your identity to a reasonable degree, we will respond within 45 days (extendable once if needed). You may also use an authorized agent.
Our service is not directed to persons under 16, and we do not knowingly collect data from anyone under that age.
We may update this policy from time to time. The current version is published on this page; material changes are communicated appropriately.
Last updated: June 2, 2026