Privacy Policy

1. General Information

This Privacy Policy applies to the berasoft.com website and services operated by Berasoft. We are committed to protecting your personal data in accordance with the Turkish Personal Data Protection Law (KVKK Law No. 6698) and the European Union General Data Protection Regulation (GDPR).

2. Personal Data We Collect

When you use our website, we may collect the following personal data:

3. How We Use Your Data

We use your personal data only for the following purposes:

• Service Delivery: Providing requested software, web design, and SEO services
• Communication: Responding to inquiries, technical support, project updates
• Contract Management: Executing commercial agreements, invoicing
• Legal Obligations: Fulfilling tax, accounting, and legal requirements
• Security: Preventing cyberattacks, fraud detection
• Improvement: Website performance, user experience optimization
• Marketing: Product/service promotions (opt-in email only, with your consent)

4. Cookie Policy

Our website uses the following types of cookies:

You can manage or disable cookies through your browser settings. However, some features may not work properly.

5. Data Sharing and Transfer

We never sell your personal data to third parties. However, we may share data in the following cases:

• Service Providers: Server hosting (AWS, Google Cloud), email services, payment systems
• Legal Requirements: Court orders, investigation requests
• Business Partners: With your explicit consent, based on project requirements (e.g., SEO analysis tools)

6. Data Security

We implement the following technical and organizational measures to protect your data:

• SSL/TLS Encryption: 256-bit encryption for all data transmission
• Secure Servers: ISO 27001 certified data centers
• Access Control: Multi-factor authentication (MFA), role-based authorization
• Data Minimization: Collecting only necessary data
• Regular Audits: Penetration testing, vulnerability scans
• Backup: Daily automatic backups, disaster recovery plan

7. Data Retention Periods

8. Your Rights (KVKK & GDPR)

You have the following rights regarding your personal data:

• Right to Information: Learn what data we process
• Right of Access: Request a copy of your data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data
• Right to Restriction: Request limitation of processing in certain cases
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to automated decision-making processes
• Right to Withdraw Consent: Cancel marketing permissions anytime

9. Children's Privacy

Our services are not intended for individuals under 18 years old. We do not knowingly collect data from children. If a parent/guardian discovers their child has provided data, please contact us; the data will be deleted immediately.

10. Third-Party Services and Links

Our website may use the following third-party services:

• Google Analytics: Visitor analytics (anonymized IP)
• Google Fonts: Web fonts
• Lucide Icons: SVG icons (self-hosted)
• Email Services: Automated notifications

We are not responsible for the privacy policies of third-party websites we link to. Please review their policies before visiting.

11. Policy Updates

We may update this Privacy Policy for legal compliance or service changes. For significant updates:

• We will publish a notice on the website
• Registered users will receive email notification
• The new policy will take effect after 7 days

We recommend checking this policy regularly for updates.

12. Complaint and Supervisory Authorities

If you believe your data protection rights have been violated:

• Personal Data Protection Authority (KVKK): www.kvkk.gov.tr
• Data Protection Authority (DPA): Contact your local DPA in EU countries
• Berasoft Internal Request: [email protected] (please contact us first for resolution)