Privacy Policy

Scope and Data Controller

This Privacy Policy covers yazicisoft.com, the customer portal, online sales channels, support processes, and software development, SaaS, hosting, domain, server, and reseller services provided by YAZICISOFT. Data Controller: YAZICI ETİCARET YAZILIM LİMİTED ŞİRKETİ, Turkey.

Personal Data We Collect

• Identity and contact data: name, surname, title, email, phone, address
• Corporate data: company name, tax office, tax number, trade register number
• Account and transaction data: username, order history, invoice and payment records
• Technical data: IP address, browser type, device information, session and access logs
• Support and communication records: request content, correspondence, call records (if any)
• Usage data obtained through cookies and similar technologies

Purposes of Processing

• Service delivery, order and contract management
• Customer account creation, authentication, and portal access
• Billing, collection, accounting, and legal compliance
• Technical support, security, fraud prevention, and system monitoring
• Service quality improvement, analytics, and performance measurement
• Marketing communications based on consent or legitimate interest (subject to your preferences)
• Contractual and commercial obligations for international service export

Legal Bases

Your personal data may be processed under KVKK Art. 5–6 and GDPR Art. 6 for contract performance, legal obligation, legitimate interest, consent, or establishment, exercise, or defence of legal claims. Special categories of data are processed only where permitted by law and with appropriate safeguards.

Data Sharing and International Transfers

Your data may be shared with payment institutions, hosting and infrastructure providers, domain registry operators, e-invoice providers, and legal/tax advisors only to the extent required by the service. Cross-border transfers follow KVKK Art. 9 and GDPR Arts. 44–49 using adequacy decisions, Standard Contractual Clauses (SCCs), or other appropriate safeguards.

Retention Periods

Personal data is retained for as long as necessary for the processing purpose and applicable statute of limitations, tax, commercial, and e-commerce record-keeping obligations. Data is then deleted, destroyed, or anonymized.

Security Measures

YAZICISOFT implements appropriate technical and organizational measures under KVKK Art. 12 and GDPR Art. 32, including encryption, access control, network security, backups, logging, staff authorization, and vendor security assessments.

Your Rights

Under KVKK Art. 11 and GDPR, you may request access, rectification, erasure, restriction, objection, and data portability. Submit requests to info@yazicisoft.com. Requests are answered within 30 days at the latest.

Policy Updates

This policy may be updated due to legal or service changes. The current version is always published on yazicisoft.com.