img not found

Privacy Policy

1) Identity and Contact

Data Controller: Mitrotech Digital Transformation Consulting Limited Company

Address: Eğitim Mah. İlk Öğretim Sok. No:1/9 Güzelyalı Mudanya BURSA - TURKEY

Email (for KVKK/GDPR applications): info@mitrotech.net

2) Scope

This policy applies to personal data processing activities carried out through Mitrotech’s websites, products, services, events, and customer support channels. Visitors, customer/supplier representatives, job applicants, and business partners are included in this scope.

3) Categories of Data Collected

Basic Identity Information

  • Name, surname
  • Company/title and position
  • Contact details (email, phone)

Transaction and Contract Data

  • Offer, order, and invoice information
  • Contract and support records
  • Payment status information (card data is not stored; processed through payment providers)

Technical and Usage Data

  • Device, browser, IP, access date/time
  • Usage statistics derived from cookies and similar technologies

HR / Candidate Data

  • Resume and application information
  • Interview notes and references

Sensitive personal data is processed only with your explicit consent or within the exceptions provided by applicable law, and with necessary technical/administrative measures.

4) Data Sources

  • Information provided directly by you (forms, contracts, support requests)
  • Automated means (cookies, log records, product/service telemetry)
  • Third parties (business partners, suppliers, publicly available records)

5) Purposes of Processing

  • Provision of services, establishment and performance of contract
  • Execution of customer relations and support processes
  • Security, fraud detection, and abuse prevention
  • Fulfillment of legal obligations and responding to official authority requests
  • Improvement of products and services, performance and usage analysis
  • Marketing communications (only with your explicit consent or under legitimate interest, with an opt-out option)
  • Execution of recruitment processes

6) Legal Bases

Our data processing activities are based on the following legal grounds under the Law No. 6698 (KVKK), related legislation, and the EU General Data Protection Regulation (GDPR):

  • Performance or conclusion of a contract
  • Compliance with a legal obligation
  • Legitimate interest (provided that it does not override your fundamental rights and freedoms)
  • Explicit consent (may be freely withdrawn at any time)
  • Explicitly provided for by law or special cases such as factual impossibility/vital interest

7) Cookies and Similar Technologies

Cookies are used to improve site experience, ensure security, produce usage statistics, and remember your preferences.

  • Strictly necessary cookies: Required for session and security.
  • Functional cookies: Remember your preferences.
  • Performance/analytics cookies: Measure site usage.
  • Advertising/targeting cookies: Provide personalized content if you allow.

You can manage, delete, or block cookies from your browser settings. You can update your consent preferences for analytics and marketing cookies at any time.

8) Recipients and Transfers

Personal data may be shared with the following parties only for the specified purposes:

  • Service providers and processors (hosting, email, call center, logistics, payment, security)
  • Business partners and group companies
  • Official institutions and organizations within the scope of legal obligations
  • Advisors (legal, accounting, audit) and authorized intermediaries

If transfers outside Turkey or the European Economic Area occur, appropriate safeguards under GDPR (e.g., Standard Contractual Clauses) or mechanisms under KVKK (adequacy decisions/undertakings) will be applied.

9) Retention Periods

Data is retained as long as required by relevant legislation and contractual obligations. In general:

  • Contract/support records: contract duration + statute of limitations
  • Invoice and accounting records: minimum period required by law
  • Marketing consents: until consent is withdrawn
  • HR applications: reasonable period after position closure
  • Security records: shortest reasonable period

When the period expires, data is securely deleted, anonymized, or destroyed.

10) Security

Your data is protected with technical and administrative measures such as access control, encryption, logging and monitoring, network security, employee awareness programs, and supplier contracts.

11) Children’s Privacy

Our services are not directed to children without parental or legal guardian consent. If you believe data has been provided mistakenly, you can inform us.

12) Your Rights

Under KVKK and GDPR, you have the following rights:

  • Access and information request
  • Rectification and update
  • Erasure/right to be forgotten and destruction
  • Restriction of processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time
  • Complain to the Authority/Supervisory Body if your request is rejected

13) Exercising Rights and Application

You may submit your requests regarding your rights together with information sufficient to verify your identity via the following channels:

  • Post: Eğitim Mah. İlk Öğretim Sok. No:1/9 Güzelyalı Mudanya BURSA - TURKEY
  • Email: info@mitrotech.com

Applications are concluded within the periods stipulated in the legislation. Additional information/documents may be requested if necessary.

14) Policy Changes

This policy may be updated from time to time. Reasonable notification methods will be used in case of significant changes. The date at the top shows the most recent update.