Pursuant to the Law on the Protection of Personal Data No. 6698 (“KVKK”), Duende Dijital Reklam ve Danışmanlık LTD ŞTİ (“Duende Digital”), acting as data controller, informs you about the purposes of personal data processing, possible recipients, legal grounds and collection methods, and your rights under Article 11 of the KVKK.
Data controller: Duende Dijital Reklam ve Danışmanlık LTD ŞTİ
Email: [email protected]
Website: duendedijital.com
Last updated: June 24, 2026
Scope: This notice applies to data processed through the duendedijital.com website, project brief forms, contact forms, proposals, service workflows, and related digital channels.
Identity of the Data Controller
- Trade name: Duende Dijital Reklam ve Danışmanlık LTD ŞTİ
- Email: [email protected]
- Website: duendedijital.com
Duende Digital processes personal data in the context of social media management, production, performance marketing, web design, SEO, content marketing, health tourism marketing, and consultancy services.
Purposes of Processing
- Handling communication requests and responding to inquiries
- Managing briefs, proposals, contracts, delivery, and invoicing
- Executing customer support and relationship management processes
- Ensuring website security, troubleshooting, and performance monitoring
- Complying with legal obligations and official requests
- Sending marketing communications where explicit consent is obtained
Personal Data Categories
- Identity data: name, surname, title
- Contact data: email, phone, address, company information
- Customer transaction data: brief details, proposal and contract records, invoice records
- Security data: IP address, logs, session, and browser/device data
- Marketing data: communication preferences and consent records
- Audio/visual records: files or recordings you provide in project workflows
Recipients of Data Transfers
- Hosting, cloud, email, analytics, CRM, accounting, and technical support providers
- Legal advisors, auditors, and independent professional service providers
- Public authorities and judicial bodies where required by law
- Business partners strictly to the extent necessary for service performance
Where cross-border data transfers occur, safeguards under applicable law and Article 9 of the KVKK are applied.
Collection Methods and Legal Grounds
Data may be collected by automated and non-automated means through website forms, email, phone, messaging channels, contracts, project meetings, and cookie technologies.
- Explicitly provided by law
- Necessary for contract formation or performance
- Necessary to fulfill legal obligations
- Necessary for the establishment, exercise, or protection of rights
- Necessary for legitimate interests, without prejudicing fundamental rights
- Based on your explicit consent where required
Retention
Data is retained only for the period required for processing purposes, statutory retention obligations, and limitation periods relevant to potential disputes. Expired data is deleted, destroyed, or anonymized in accordance with the KVKK.
Your Rights Under Article 11 of the KVKK
- Learn whether your personal data is processed
- Request information on processed data
- Learn processing purposes and whether use is purpose-compliant
- Learn third parties to whom data is transferred domestically or abroad
- Request correction of incomplete or inaccurate data
- Request deletion/destruction under Article 7 of the KVKK
- Request notification of correction/deletion to transfer recipients
- Object to adverse outcomes based solely on automated processing
- Request compensation for unlawful processing damages
Application Procedure
You may submit requests by emailing [email protected] or through our Contact page with the subject “KVKK Application”. Requests are concluded within the legal period.
