If you would like to receive a quote for your project or discuss long-term or short-term business opportunities with me, Schedule an Appointment now.

On-time
Tech
Support
TUGRULYILDIRIM

Privacy Policy

Last updated: January 31, 2026

This Privacy Policy is prepared in accordance with the Turkish Personal Data Protection Law (KVKK - Law No. 6698).

1. Data Controller

In accordance with the Turkish Personal Data Protection Law (KVKK - Law No. 6698), the data controller is:

2. Personal Data We Collect

We may collect and process the following categories of personal data:

2.1. Contact Information

  • Name and surname
  • Email address
  • Phone number (if provided)
  • Company name and job title (if provided)

2.2. Communication Data

  • Messages and inquiries sent through contact forms
  • Email correspondence
  • Project requirements and specifications

2.3. Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Website usage data (cookies and similar technologies)

3. Purposes of Processing Personal Data

We process your personal data for the following purposes, in accordance with Article 5 of KVKK:

  • To respond to your inquiries and provide customer support
  • To provide software development services (CRM, ERP, API integration)
  • To manage project agreements and contracts
  • To send newsletters and marketing communications (with your consent)
  • To improve our website and services
  • To comply with legal obligations
  • To prevent fraud and ensure security

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under KVKK Article 5:

  • Explicit consent: For marketing communications and newsletter subscriptions
  • Performance of a contract: To provide services under project agreements
  • Legal obligation: To comply with tax, accounting, and other legal requirements
  • Legitimate interest: To improve services, prevent fraud, and ensure security

5. Data Sharing and Transfer

We do not sell your personal data. We may share your data with:

  • Service providers: Hosting providers, email services, and other technical service providers necessary for our operations
  • Legal authorities: When required by law or court order
  • Business partners: Only with your explicit consent or as necessary for service delivery

For international transfers, we ensure adequate safeguards are in place as required by KVKK Article 9.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law:

  • Contact information: Until you request deletion or withdraw consent
  • Project data: For the duration of the project and as required by legal obligations (typically 10 years for accounting records)
  • Technical data: For up to 2 years for security and analytics purposes

7. Your Rights Under KVKK

In accordance with KVKK Article 11, you have the following rights regarding your personal data:

  • Right to be informed: To learn whether your personal data is being processed
  • Right of access: To request information about your personal data and how it is processed
  • Right to rectification: To request correction of inaccurate or incomplete data
  • Right to erasure: To request deletion of your personal data under certain conditions
  • Right to object: To object to processing based on legitimate interests
  • Right to data portability: To request transfer of your data to another service provider
  • Right to withdraw consent: To withdraw consent for processing based on consent

To exercise these rights, please contact us at contact@tugrulyildirim.com. We will respond to your request within 30 days as required by KVKK.

8. Cookies and Similar Technologies

We use cookies and similar technologies to improve your experience on our website. For detailed information, please see our Cookies Policy.

9. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration, in accordance with KVKK Article 12:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and updates
  • Staff training on data protection

10. Data Breach Notification

In the event of a personal data breach that may pose a risk to your rights and freedoms, we will:

  • Notify the Personal Data Protection Authority (KVKK) within 72 hours, as required by KVKK Article 12
  • Notify affected individuals without undue delay if the breach poses a high risk
  • Take immediate measures to mitigate the breach and prevent further unauthorised access

11. Complaints

If you believe that your personal data has been processed in violation of KVKK, you have the right to file a complaint with the Personal Data Protection Authority (KVKK) at www.kvkk.gov.tr.

12. Contact Information

For questions about this Privacy Policy or to exercise your rights, please contact us:

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be effective immediately upon posting on this page. We encourage you to review this policy periodically. The "Last updated" date at the top indicates when this policy was last revised.