Privacy Policy

1. Introduction

Virlan Technology ("we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains our practices regarding the collection, use, disclosure, and protection of personal information when you use our website (virlan.tech) and services.

This policy complies with the EU General Data Protection Regulation (GDPR) and Turkish Personal Data Protection Law (KVKK No. 6698).

2. Data Controller

Virlan Technology
Address: Çanakkale, Turkey
Email: info@virlan.tech

3. Information We Collect

3.1 Information You Provide

When you contact us or use our services, you may provide:

• Contact Information: Name, email address, phone number
• Business Information: Company name, job title, business address
• Project Information: Requirements, specifications, objectives
• Communications: Messages, feedback, support requests
• Payment Information: Billing details (processed by third-party payment providers)

3.2 Information Collected Automatically

When you visit our website, we automatically collect:

• Technical Data: IP address, browser type and version, device information, operating system
• Usage Data: Pages visited, time spent, click patterns, referral source
• Location Data: Approximate geographic location derived from IP address
• Cookies: See Section 8 for details

3.3 Information from Third Parties

We may receive information from:

• Analytics providers (Google Analytics)
• Social media platforms (if you interact with our profiles)
• Public databases and registers

4. Legal Basis for Processing (GDPR & KVKK)

We process personal data based on:

• Consent: You explicitly agree (e.g., cookie consent, marketing communications)
• Contract Performance: Necessary to provide requested services
• Legal Obligation: Required by law (tax, accounting, regulatory)
• Legitimate Interest: Website analytics, security, fraud prevention

You may withdraw consent at any time by contacting info@virlan.tech.

5. How We Use Your Information

5.1 Service Delivery

• Respond to inquiries and provide quotes
• Execute and manage projects
• Communicate about project status
• Deliver agreed services

5.2 Business Operations

• Maintain and improve our website
• Analyze user behavior and preferences
• Develop new features and services
• Internal record keeping

5.3 Security and Compliance

• Prevent fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Respond to legal requests

5.4 Marketing (with consent)

• Send newsletters and updates
• Inform about new services
• Share relevant content

You can opt-out of marketing communications anytime.

6. Data Sharing and Disclosure

6.1 Service Providers

We share data with trusted third parties who assist our operations:

• Cloudflare: Website hosting, CDN, security (USA/EU) - GDPR compliant
• Resend: Transactional email delivery (USA) - GDPR compliant
• Google: Analytics and advertising services (USA) - Privacy Shield/SCCs
• Cloudflare R2: File storage (EU regions)

All processors are contractually obligated to protect your data and use it only for specified purposes.

6.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to:

• Protect our legal rights
• Prevent fraud or security threats
• Comply with regulatory obligations

6.3 Business Transfers

If Virlan is acquired or merged, your information may be transferred to the successor entity. You will be notified of any such change.

6.4 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7. International Data Transfers

Your information may be transferred to and processed in countries outside your residence, including Turkey, EU member states, and the USA.

We ensure adequate protection through:

• GDPR-compliant data processors
• Standard Contractual Clauses (SCCs)
• Adequacy decisions where applicable

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device. We use them to remember preferences, analyze usage, and improve functionality.

8.2 Cookie Categories

Strictly Necessary Cookies (always active)

• Essential for site operation
• Enable security features
• Remember form inputs

Analytics Cookies (requires consent)

• Google Analytics
• Track page views, session duration, user flow
• Help us improve the website

Marketing Cookies (requires consent)

• Google Ads, remarketing
• Measure ad performance
• Target relevant advertisements

Preference Cookies (requires consent)

• Language selection
• UI customization
• Theme preferences

8.3 Managing Cookies

Control cookies through:

• Our Cookie Consent Banner (first visit)
• Footer "Cookie Settings" link
• Browser settings

Disabling cookies may limit website functionality.

8.4 Third-Party Cookies

We use Google Tag Manager which may set cookies. Review Google's privacy policy at policies.google.com/privacy.

9. Data Security

9.1 Security Measures

We implement appropriate technical and organizational measures:

• HTTPS encryption for data transmission
• Hashed and salted IP addresses
• Access controls and authentication
• Regular security audits and updates
• Secure infrastructure (Cloudflare)
• Employee confidentiality agreements

9.2 Data Breach Notification

In the event of a data breach affecting your rights, we will notify you and relevant authorities within 72 hours as required by GDPR.

9.3 Limitations

While we strive to protect your information, no transmission method or storage is completely secure. You provide information at your own risk.

10. Data Retention

We retain personal data only as long as necessary for the purposes outlined:

• Contact Inquiries: 2 years from last contact
• Project Data: Duration of engagement + 3 years (for legal/tax purposes)
• Analytics Data: Anonymized, retained indefinitely
• Marketing Data: Until consent withdrawal
• Cookies: According to your consent (max 1 year)

After retention periods, data is securely deleted or anonymized.

11. Your Rights (GDPR & KVKK)

11.1 Right to Access

Request a copy of personal data we hold about you.

11.2 Right to Rectification

Correct inaccurate or incomplete information.

11.3 Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to legal retention requirements.

11.4 Right to Restrict Processing

Limit how we process your data.

11.5 Right to Data Portability

Receive your data in a structured, machine-readable format.

11.6 Right to Object

Object to processing based on legitimate interest or for direct marketing.

11.7 Right to Withdraw Consent

Withdraw consent at any time without affecting prior lawful processing.

11.8 Right to Lodge a Complaint

File a complaint with supervisory authorities:

• Turkey: Personal Data Protection Authority (KVKK)
• EU: Your local Data Protection Authority

11.9 Exercising Rights

To exercise any right, contact: info@virlan.tech

We will respond within 30 days. We may request identity verification before processing requests.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we discover such data, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal/regulatory reasons.

Material changes will be posted on this page with an updated "Last Modified" date. We encourage periodic review.

Continued use after changes constitutes acceptance of the updated policy.

14. Contact and Data Protection Inquiries

For privacy-related questions or to exercise your rights:

Email: info@virlan.tech
Address: Çanakkale, Turkey

Response Time: We aim to respond within 30 days of receiving your request, as required by GDPR.

---

This Privacy Policy was last updated on January 16, 2026 and is effective immediately.