For the purposes of the GDPR, the Data Controller is:
Derya Yıldırım
Contact via: Website contact form.
When visitors submit the contact form, the following personal data is collected:
No additional personal data is required to use the contact form.
Visitors are advised not to include sensitive personal data (as defined in Article 9 GDPR) in their message.
When accessing the website, certain technical data may be processed automatically through Webflow’s hosting infrastructure, including:
This processing is necessary for website security, stability, and technical operation.
Legal Basis: Article 6(1)(a) GDPR – Consent
Personal data submitted via the contact form is processed solely to respond to inquiries. By submitting the form, visitors provide consent to this processing.
Consent may be withdrawn at any time by contacting the Data Controller.
Legal Basis: Article 6(1)(f) GDPR – Legitimate Interest
Technical data is processed to ensure website functionality, prevent misuse, and maintain security.
This website is built and hosted via Webflow, which acts as a data processor pursuant to Article 28 GDPR.
Contact form submissions are transmitted through Webflow and forwarded to the Data Controller’s personal email account.
Webflow may process data on servers outside the European Economic Area (EEA), including the United States. Where such transfers occur, appropriate safeguards under Chapter V GDPR, such as Standard Contractual Clauses, are relied upon.Further information can be found in Webflow’s privacy policy: https://webflow.com/legal/privacy.
Personal data submitted via the contact form is retained only as long as necessary to respond to the inquiry and manage related communication.
After communication has concluded, data is deleted unless legal obligations require retention.
Technical log data is retained according to the hosting provider’s standard retention policies.
This website does not intentionally use marketing, tracking, or profiling cookies.
Webflow may use strictly necessary cookies required for technical operation and security.
Where legally required, a cookie consent mechanism will be implemented.
This website embeds videos from YouTube, a service provided by Google Ireland Limited (EU) and Google LLC (USA).
When a page containing an embedded YouTube video is accessed, a connection to YouTube’s servers may be established. This may result in transmission of personal data, including:
If a visitor is logged into a Google or YouTube account, YouTube may associate the visit with that account.
YouTube processes personal data independently under its own Privacy Policy.
Where technically feasible, videos should be embedded using YouTube’s “privacy-enhanced mode” to reduce tracking.
Legal Basis:
Visitors may prevent data transmission by not interacting with embedded videos or by using browser privacy tools.
This website contains a link to Spotify.
Spotify content is not embedded. Personal data is only transferred to Spotify if a visitor actively clicks the link and accesses the Spotify platform.
Spotify processes personal data under its own Privacy Policy.
Visitors have the right to:
Requests may be submitted via the contact details listed above.
Visitors have the right to lodge a complaint with a supervisory authority in their EU Member State of residence, workplace, or place of the alleged infringement.
Appropriate technical and organizational measures are implemented to protect personal data against unauthorized access, loss, or misuse.
However, complete security of data transmission over the internet cannot be guaranteed.
No automated decision-making or profiling within the meaning of Article 22 GDPR takes place.
This Privacy Policy may be updated to reflect legal or operational changes. The updated version will be published on this page with a revised effective date.