Privacy Policy

AI Merkez (aimerkez.com) respects user privacy and takes the protection of personal data seriously. This policy explains what information is collected, how it is processed and your rights when using our site. It is prepared in compliance with Türkiye's Personal Data Protection Law (KVKK No. 6698) and the EU General Data Protection Regulation (GDPR).

1. Data Controller

The operator of AI Merkez (aimerkez.com) acts as the "data controller" under KVKK. For contact: contact form.

2. Data We Collect

Automatically collected: IP address, browser type, device info, operating system, pages visited, visit date/time, referring URL — via server logs and analytics tools.
Cookie data: Preference cookies (language, theme), session cookies, analytics cookies, advertising cookies (if AdSense is in use).
Via contact form: Name, email address, message body. Used solely to respond to you.
Comment / review data: Username, email (optional), comment text when you leave a comment.
Member registration (if any): When you create an account, your email and (hashed) password are stored.

3. Purpose and Legal Basis

Service delivery: Operating the site, remembering your preferences, language persistence (legitimate interest).
Analytics and improvement: Understanding which pages are popular and which tools are searched but not found (legitimate interest).
Communication: Replying when you contact us via the form (contract performance).
Advertising: Allowing display ad networks (if any) to show personalized or contextual ads (explicit consent or legitimate interest — your choice).
Legal obligation: Sharing data with authorized authorities on lawful request.

4. Cookies and Third-Party Services

The site may use the following third-party services. Each has its own privacy policy:

Google Analytics / GA4: Anonymous traffic analysis (IP anonymization may be active).
Google AdSense: Ad display — you can opt out of personalized ads via Google Ad Settings.
Bing IndexNow: Notifying search engines of new content (no user data shared, only URLs).
Hosting provider: Server logs are kept for legal retention periods.
Cloudflare (if used): IP/device info for CDN and security purposes.

You can delete or block cookies from your browser settings at any time; however, this may cause some site features to stop working.

5. Retention Periods

Server logs: 6 months (may be longer if required by law).
Contact form records: 2 years, then anonymized or deleted.
Analytics data: 14-26 months (Google Analytics default).
Member account data: as long as the account is active + deleted within 30 days upon deletion request.

6. Your Rights Under KVKK / GDPR

As a data subject, you have the right to:

Learn whether your personal data is being processed,
Learn what data is processed and request a copy (right of access),
Request rectification of data,
Request erasure / right to be forgotten,
Object to processing,
Request data portability (GDPR),
Withdraw consent at any time.

To exercise these rights, please reach out via the contact form; requests are answered within a reasonable period (no later than 30 days under KVKK).

7. Data Security

The site uses HTTPS encryption. Database passwords are stored using cryptographic hashing (bcrypt). When a breach is detected, affected users are notified within a reasonable timeframe and notification is made to the relevant supervisory authority where required.

8. Children's Data

The site is not directed at children under the age of 13 and does not knowingly collect data from this age group. If you believe otherwise, please report it via the contact form so the relevant data can be deleted.

9. Changes to the Policy

This privacy policy may be updated as needed. For significant changes, a notice will be published at the top of the page. Continued use means acceptance of the updated policy.

10. Contact

For any privacy-related questions, requests or complaints: contact page.