Privacy Policy

1. Introduction

Welcome to fatihvarol.com ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website.

2. Data Controller

The data controller responsible for your personal data is:
Fatih Varol
Email: admin@emailname.com

3. Information We Collect

3.1 Personal Information

When you contact us through our contact form, we collect:

• Name
• Email address
• Message content
• Date and time of submission

3.2 Automatically Collected Information

We automatically collect certain information when you visit our website:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent
• Referring website
• Device information

3.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Remember your preferences
• Analyze website usage
• Improve user experience

4. How We Use Your Information

We use your personal data for the following purposes:

• Communication: To respond to your inquiries and messages
• Website Improvement: To analyze usage patterns and improve our services
• Security: To protect against fraud, unauthorized access, and abuse
• Legal Compliance: To comply with legal obligations

5. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Consent: You have given explicit consent (e.g., cookie preferences)
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., website security, analytics)
• Legal Obligation: Processing is required by law

6. Data Retention

We retain your personal data for the following periods:

• Contact Form Submissions: 2 years from submission date
• Login Attempts: 24 hours
• Analytics Data: 26 months (Google Analytics default)
• Cookies: As specified in cookie settings (max 12 months)

7. Data Sharing and Third Parties

We may share your data with:

• Supabase: Database and authentication services (data hosting)
• Vercel: Website hosting and CDN
• Google Analytics: Website analytics (if analytics cookies enabled)

We do not sell or rent your personal data to third parties. All third-party service providers are contractually bound to protect your data and use it only for specified purposes.

8. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Data Portability: Receive your data in a machine-readable format
• Restriction: Request restriction of processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, please contact us at admin@emailname.com. We will respond to your request within 30 days.

9. Cookies

We use the following types of cookies:

9.1 Necessary Cookies

Essential for website functionality. These cannot be disabled as they are required for core features like authentication and security.

9.2 Analytics Cookies

Help us understand how visitors use our website. These are optional and can be disabled in cookie settings.

9.3 Preference Cookies

Remember your preferences like theme (dark/light mode) and language. These are optional.

You can manage your cookie preferences using our cookie consent banner or in your browser settings.

10. Data Security

We implement industry-standard security measures including:

• HTTPS encryption for all data transmission
• Secure database with Row Level Security (RLS)
• Password hashing and salting
• Two-factor authentication (2FA) for admin access
• Rate limiting and CSRF protection
• Regular security audits and updates

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) with service providers
• Adequacy decisions by the European Commission
• Privacy Shield Framework compliance (where applicable)

12. Children's Privacy

Our website is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this policy. We encourage you to review this policy periodically.

14. Contact Information

If you have questions about this privacy policy or wish to exercise your rights, please contact us:

Email: admin@emailname.com
Website: https://fatihvarol.com

15. Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.