What are You Looking For?
Search through articles, projects, and resources to discover ideas, insights, and inspiration tailored just for you.
Follow
What are You Looking For?
Search through articles, projects, and resources to discover ideas, insights, and inspiration tailored just for you.
Follow
Explore
Latest Blogs

Privacy Policy

Effective Date: 18 May 2025

This Privacy Policy (“Policy”) explains how Servet Digital (“Servet Digital,” “we,” “our,” or “us”) collects, uses, discloses, and otherwise processes Personal Data (as defined below) when you visit https://servet.digital/ (the “Site”), interact with our social-media pages, or engage our search-engine-optimization, digital-marketing, and related services (collectively, the “Services”).

This Policy is drafted in English and aligns with (i) Regulation (EU) 2016/679 (“GDPR”) for visitors from the European Economic Area (“EEA”) and the United Kingdom (“UK”) and (ii) Law No. 6698 on the Protection of Personal Data (“KVKK”) for visitors in Türkiye. Where GDPR and KVKK impose different requirements, we apply the higher standard.

1. Who We Are

Controller: Servet Digital Bilişim ve Danışmanlık Ltd. Şti.

Contact Email: [email protected]

2. Scope of This Policy

This Policy covers Personal Data we process as a controller. Where we act solely as a processor /service provider on behalf of our business clients (e.g., managing their analytics accounts) we process data under their instructions and relevant data-processing agreements. In such cases, please refer to your service provider’s privacy policy.

3. Definitions

  • “Personal Data” means any information relating to an identified or identifiable natural person (“data subject”).
  • “Processing” means any operation performed on Personal Data (collection, storage, use, transfer, deletion, etc.).
  • “Legal basis” refers to the justification required under GDPR Art. 6 and KVKK Art. 5 to process Personal Data.
  • “Controller” is the entity that determines the purposes and means of Processing Personal Data.

4. Personal Data We Collect

4.1 Data You Provide to Us

  • Contact Data: name, surname, company, title, email, phone number, address.
  • Account Credentials: username, password (hashed), authentication tokens.
  • Service-Related Information: project briefs, SEO metrics, billing details, contracts, and invoices.
  • Content You Submit: messages, support tickets, survey responses, testimonials, or reviews.

4.2 Data We Collect Automatically

  • Device and Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, clicks, date/time stamps, session length.
  • Cookies & Tracking Technologies: Please see Section 7 and our separate Cookie Policy.
  • Log Files & Error Reports: diagnostics to ensure platform stability and security.

4.3 Data from Third Parties

  • Analytics Providers: aggregated reports from Google Analytics 4, Matomo, or similar.
  • Social Media Platforms: profile information when you interact with our pages (subject to your platform settings).
  • Public Sources: corporate registries, WHOIS, or industry databases to verify business contacts.

5. Legal Bases for Processing

We rely on one or more of the following legal bases:

  1. Contractual Necessity: to perform a contract with you or take steps at your request (GDPR Art. 6(1)(b); KVKK Art. 5/2-c).
  2. Legitimate Interests: to operate and improve our Services, prevent fraud, and defend legal claims (GDPR Art. 6(1)(f); KVKK Art. 5/2-f). We balance these interests against your fundamental rights.
  3. Consent: for email marketing, non-essential cookies, or where required (GDPR Art. 6(1)(a); KVKK Art. 5/1).
  4. Legal Obligations: to comply with tax, accounting, or supervisory requirements (GDPR Art. 6(1)(c); KVKK Art. 5/2-ç).

6. How We Use Personal Data

  • Provide, manage, and optimize SEO and digital-marketing campaigns.
  • Create and maintain your account and project dashboards.
  • Respond to enquiries, support requests, or feedback.
  • Send transactional communications (project updates, invoices).
  • Conduct analytics, A/B testing, and product research.
  • Deliver marketing communications where permitted.
  • Maintain security, detect fraud, and ensure continuity.
  • Comply with applicable laws, court orders, and regulatory requests.

7. Cookies & Similar Technologies

We use first-party and third-party cookies, web beacons, and local-storage objects to:

  • Recognize returning visitors and save preferences.
  • Compile aggregate statistics on Site usage and performance.
  • Enable advertising networks to deliver tailored ads (only with your consent where required).

You may withdraw or modify cookie consent at any time via our Cookie Banner or through browser settings. Disabling cookies may impair certain Site functions.

8. Sharing Your Personal Data

We disclose Personal Data only as necessary for the purposes listed above:

  • Service Providers / Processors: cloud hosting, CRM, email delivery, payment gateways, analytics. All are bound by confidentiality and data-processing terms.
  • Business Partners: advertising networks, affiliate partners, or subcontractors engaged on your project (disclosed to you individually).
  • Professional Advisors: lawyers, auditors, insurers under confidentiality obligations.
  • Authorities: regulators, courts, or law-enforcement agencies where legally required.
  • Corporate Transactions: in connection with mergers, acquisitions, or asset sales, subject to customary safeguards.

9. International Data Transfers

Servet Digital is headquartered in Türkiye. We may transfer Personal Data to:

  • EEA or UK service providers under Standard Contractual Clauses (“SCCs”).
  • Non-EEA countries deemed adequate by the European Commission or the Turkish Data Protection Board.
  • Other jurisdictions pursuant to GDPR Art. 46 or KVKK Art. 9 safeguards (e.g., binding corporate rules, explicit consent).

Copies of transfer mechanisms are available on request.

10. Data Retention

We retain Personal Data for as long as:

  • necessary to fulfil the purposes set out in this Policy;
  • you have an active relationship with us;
  • required by applicable law (e.g., 10 years for accounting records under Turkish Commercial Code).

After expiry, data are securely deleted or irreversibly anonymized.

11. Security Measures

  • ISO 27001-aligned information-security management system.
  • Encryption in transit (TLS 1.3) and at rest (AES-256) where feasible.
  • Role-based access controls and multi-factor authentication.
  • Quarterly vulnerability scanning and annual penetration testing.
  • Employee awareness training and NDAs.
  • Incident-response plan with 72-hour breach-notification workflow (GDPR Art. 33).

12. Your Rights

12.1 Rights Under GDPR

  1. Access to your Personal Data.
  2. Rectification of inaccurate or incomplete data.
  3. Erasure (“right to be forgotten”).
  4. Restriction of processing.
  5. Data portability.
  6. Object to processing based on legitimate interests or direct marketing.
  7. Withdraw consent at any time (without affecting prior lawful processing).
  8. Lodge a complaint with your local supervisory authority.

12.2 Rights Under KVKK

  1. Learn whether Personal Data are processed.
  2. Request information on processing.
  3. Access Personal Data.
  4. Request correction of incomplete/incorrect data.
  5. Request deletion or anonymization under KVKK Art. 7.
  6. Request notification of third parties to whom data were transferred.
  7. Object to unfavorable outcomes via automated systems.
  8. Claim compensation for unlawful processing damages.

13. Exercising Your Rights

You may submit a request by emailing [email protected], completing the Data Subject Request Form, or mailing a signed hardcopy to our registered address. We will verify your identity and respond within:

  • 30 days under KVKK Art. 13,
  • one month under GDPR Art. 12 (extendable by two further months for complex requests).

You will not normally pay a fee, but we may charge a reasonable fee or refuse manifestly unfounded or excessive requests, as permitted by law.

14. Children’s Privacy

Our Site and Services target business users and are not directed to individuals under 18. We do not knowingly collect Personal Data from children. If you believe a minor has provided us data, please contact us.

15. Changes to This Policy

We may update this Policy from time to time. Material changes will be announced on the Site or via email where legally required. Continued use of the Site after the “Effective Date” constitutes acceptance of the revised Policy.

16. Contact Us

If you have questions, concerns, or complaints regarding this Policy or our privacy practices, please contact our Data Protection Officer:
Email: [email protected]

You may also lodge a complaint with (i) the Turkish Personal Data Protection Authority (KVKK Kurumu) or (ii) your local EEA/UK supervisory authority.

Get in Touch
Feel Free to Contact Me
Have a project in mind or just want to say hello? Fill out the form below, and I’ll get back to you as soon as possible. Looking forward to hearing from you!