Security Policy
Last Updated: 02.02.2026
1. Introduction
This Security Policy has been prepared by TURGUT KALFAOGLU ("Company", "we") to ensure the security of the personal data of our users and visitors and to explain our commitments in this regard within the scope of the domain registration, web hosting, e-mail hosting and related digital services we offer through www.kalfaoglu.net ("Site"). The policy has been prepared in accordance with the provisions of the relevant legislation, primarily the Law No. 6698 on the Protection of Personal Data (KVKK).
2. Information Collected and Purpose of Collection
In order to provide and improve our services, we may collect the following types of information in a limited and proportionate manner:
- Identity and Contact Information: Name, surname, company title, e-mail address, telephone number, physical/address information requested during the establishment of the service contract.
- Financial Information: Credit card information related to payment transactions made through virtual POS is never stored in our systems. These transactions are carried out through PCI-DSS certified payment institutions and entirely within their secure infrastructure.
- Technical Data: Your IP address, browser type and version, operating system, time of visit, page view times, and browsing data are automatically generated during your use of the site. This data is collected for performance analysis, security audits, and to improve the site experience (via cookies).
- Content Data: Website files and email content that you entrust to us within the scope of the hosting service. This data is accessed only for technical support purposes and with your instruction or explicit consent.
3. Data Security Measures
We implement the following measures at the technical and administrative level to protect your personal data against unauthorized access, disclosure, alteration, or destruction:
- Encryption: Communication between the site and your browser is protected by standard SSL/TLS encryption (HTTPS protocol). Data transfers between our servers are also secured with similar encryption methods.
- Access Controls: Access to personal data is restricted to a limited number of personnel who are absolutely necessary for the provision of the service. This personnel is bound by strict commitments to confidentiality and data security.
- Security Software and Updates: Our servers and infrastructure are protected against malware, attacks, and unauthorized access with up-to-date firewalls and intrusion detection/prevention systems. All system software is updated regularly.
- Regular Audits and Penetration Tests: Our system and network infrastructure undergo regular internal audits and periodic penetration tests to identify security vulnerabilities.
- Data Storage and Destruction: When the retention periods permitted or required by legislation expire, personal data is securely deleted, destroyed, or anonymized.
4. Cookies Policy
Cookies are used on the Site to improve user experience, analyze site traffic, and provide basic functionality. Cookies are small text files stored on your computer or mobile device.
- Mandatory Cookies: Necessary for the basic functions of the Site to work (e.g., login information). We cannot provide services without these cookies.
- Analytical/Performance Cookies: Help us understand how you use the site anonymously (e.g., which pages are visited most often). This data is processed in aggregate and anonymously.
By continuing to use the Site, you consent to the use of Mandatory Cookies and Performance Cookies. You can change your preferences by managing cookies in your browser settings or from the "Cookie Preferences" panel on our site (if you have set it up).
5. Third-Party Service Providers and Data Sharing
We may work with domestic or foreign server/data center service providers who comply with the Personal Data Protection Law (KVKK) and with whom we have agreements to provide the technical infrastructure of our services. This sharing is carried out under the status of "Data Processor" and is limited to contractual obligations. In addition, information may be shared with authorized official authorities in case of a legal obligation or in the pursuit of a legal right.
6. User Rights (KVKK Article 11)
In accordance with the KVKK, you have the following rights regarding your personal data:
- To learn, to access,
- To correct,
- To request deletion or destruction,
- To restrict processing,
- To request the transfer of processed data,
- To object to processing activities.
To exercise these rights, you can apply via www.kalfaoglu.net or by submitting a document verifying your identity in accordance with the "Notification on the Procedures and Principles for Applications to the Data Controller" to ITOKENT CAD URLA IZMIR or to info@kalfaoglu.net. Your request will be processed free of charge within a maximum of 30 (thirty) days.
7. Contact
For any questions or comments regarding the Security Policy, you can contact us through the following channel:
-
Data Controller: TURGUT KALFAOGLU
-
Address: ITOKENT CAD URLA IZMIR
-
Email: info@kalfaoglu.net
-
Website:
www.kalfaoglu.net
8. Policy Changes
We may update this Security Policy from time to time in accordance with changes in legal requirements or our services. The most current version of the policy in effect will always be available on this webpage, and significant changes will be announced on the site.
