Privacy Policy
Last updated: December 18, 2024
GDPR Compliant
This policy meets the requirements of the EU General Data Protection Regulation (GDPR).
1. Introduction
Can Davarcı ("we", "our", "company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use and protect your personal data when you visit our website (candavarci.com.tr) or use our services.
2. Data Controller
Turkey Office:
Yurt, Alparslan Türkeş Blv. İsmail Sincar Apartmanı No:296/A Floor:1, 01170 Çukurova/Adana, TURKEY
Tax ID: 2710612531
Phone: +90 554 947 80 18
United Kingdom Office:
71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, UNITED KINGDOM
Company Number: 16749337
Phone: +44 203 910 4969
Email: [email protected]
3. Data We Collect
We collect personal data in the following categories:
3.1 Data You Provide Directly
- Contact information (name, surname, email, phone)
- Business information (company name, position, website)
- Messages you share in form submissions
- Newsletter subscription information
3.2 Automatically Collected Data
- IP address
- Browser type and version
- Operating system
- Page view data
- Cookie data (see our Cookie Policy for details)
4. Purposes of Data Processing
- Providing and improving our services
- Responding to your communication requests
- Processing orders and payments
- Sending marketing communications (with your consent)
- Analyzing and improving our website
- Fulfilling our legal obligations
- Preventing fraud and ensuring security
5. Legal Basis (GDPR Article 6)
We process your personal data based on the following legal grounds:
- Consent: Your explicit consent for marketing communications
- Contract: Necessary processing for service delivery
- Legal Obligation: Tax and accounting obligations
- Legitimate Interest: Service improvement and security
6. Data Sharing
We may share your personal data in the following limited circumstances:
- Service Providers: Hosting, email, analytics services
- Payment Processors: For secure payment transactions
- Legal Requirement: In case of court order or legal request
- Business Partners: Under confidentiality agreement
We never sell or rent your personal data to third parties.
7. International Data Transfer
Some of our service providers may be located outside the EU/EEA. In such cases, Standard Contractual Clauses (SCC) or other appropriate safeguards are used to ensure your data is protected to GDPR standards.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes of collection. When the retention period expires, data is securely deleted or anonymized.
- Contact data: 3 years from last interaction
- Invoice data: 10 years as required by law
- Marketing data: Until subscription cancellation
9. Your Rights (GDPR)
Under GDPR, you have the following rights:
- Right of Access: Request a copy of your data
- Right to Rectification: Request correction of incorrect data
- Right to Erasure (Right to be Forgotten): Request deletion of your data
- Right to Restrict Processing: Stop certain processing
- Data Portability: Receive your data in structured format
- Right to Object: Object to processing based on legitimate interest
- Automated Decision-Making: Not to be subject to profiling
10. Security Measures
We implement the following measures to protect your data:
- SSL/TLS encryption
- Secure data centers
- Regular security audits
- Access control and authorization
- Staff training
11. Contact
For privacy-related questions or to exercise your rights, you can contact us:
Additionally, if you reside in the EU, you have the right to lodge a complaint with your local Data Protection Authority.
12. Policy Changes
We may update this policy from time to time. We will post a notice on our website when significant changes are made.