Privacy Policy

[This is a system-placed template. Engineering-authored translation; legal counsel review pending. Before publishing, review with legal counsel and fill in the company-specific [OPERATOR_FILL] fields (address, KEP, MERSİS, VKN).]

Introduction#

This Privacy Policy describes how personal data of visitors and members of the TapuGezgini platform is processed. It should be read together with the KVKK Data Protection Notice.

Types of Data We Collect#

• Account data: name, email, phone, verified Turkish national ID or tax ID (VKN).
• Usage data: session records, listings created, messages, payments.
• Technical data: browser type, IP address (anonymised), cookie preferences.

Data Security#

To protect your information we apply the following technical measures:

• All traffic encrypted via TLS 1.2+.
• Sensitive fields (Turkish national ID, payment tokens) encrypted with AES-256-GCM; key rotation is continuous.
• Multi-factor authentication (MFA) enforced according to risk level.
• All significant operations are written to a tamper-evident audit chain.

Detail: Information Security.

Cookies#

Only essential cookies are used for sign-in and security. Other cookie categories require your explicit consent. See Cookie Policy.

Third Parties#

Subprocessors used for service delivery are listed on the Subprocessors page in accordance with the transparency principle.

Data Retention#

Data is retained for periods required by legal obligations (Turkish Commercial Code, Tax Procedure Law). When you request account deletion, personal information is scrubbed; legal records (contracts, invoices) are retained until the end of their statutory period.

Last updated: [OPERATOR_FILL: date]