Privacy Policy

Talyxa Teknoloji Yazılım ve Dış Ticaret Limited Şirketi ("Talyxa", "we", "us") is committed to safeguarding the personal data we process in the course of our software development, mobile, and SaaS engineering services. This Privacy Policy describes what we collect, why we collect it, how we use it, and the rights you have under Turkish Personal Data Protection Law No. 6698 ("KVKK") and, where applicable, the EU General Data Protection Regulation ("GDPR").

1. 01Scope

   This Policy applies to personal data processed through our corporate website (talyxa.com), our business communications (email, phone, video meetings), client onboarding documents, and any project collaboration tools we operate or co-administer with our clients.

   It does not cover third-party websites or services linked from our channels. Where we integrate with third-party platforms (for example, Formsubmit for our contact form), those providers are described in Section 5.

2. 02Information We Collect

   Identification and contact data: full name, business title, employer, business email address, business phone number, country of residence.

   Engagement data: project briefs, technical requirements, meeting notes, sample data sets you share with us for scoping or development purposes.

   Contractual and billing data: legal entity details, tax identification number, registered address, invoicing contact, payment-method metadata (we do not store full card details — see Section 5).

   Technical data: IP address, browser type, operating system, referring URL, page interaction events, and similar information captured automatically when you visit our website.

   Recruitment data: where you apply to join Talyxa, your CV, work history, references, and any information you voluntarily share during interviews.

3. 03How We Use Personal Data

   To respond to inquiries received through our website contact form, email, or other business channels.

   To scope, deliver, and support the software development, mobile application, and SaaS platform services we have agreed to provide.

   To negotiate, conclude, and administer contracts, including invoicing, tax reporting, and audit obligations.

   To maintain and improve the security of our infrastructure, detect fraud or abuse, and investigate incidents.

   To communicate with you about service-related matters, project updates, and — where legally permitted and only on a B2B basis — relevant information about Talyxa's services.

4. 04Lawful Bases for Processing

   Performance of a contract or steps prior to entering into a contract (KVKK art. 5/2/c; GDPR art. 6(1)(b)).

   Compliance with a legal obligation, including Turkish Tax Procedure Law, Commercial Code, and KVKK record-keeping requirements (KVKK art. 5/2/ç; GDPR art. 6(1)(c)).

   Our legitimate interests in operating, securing, and growing our business, where those interests are not overridden by your rights and freedoms (KVKK art. 5/2/f; GDPR art. 6(1)(f)).

   Your explicit consent, where required — for example, for non-essential cookies or for any direct marketing communications.

5. 05Data Sharing and Subprocessors

   Cloud and hosting providers (such as Vercel, Amazon Web Services, Microsoft Azure, or Google Cloud) for website hosting, project infrastructure, and backups.

   Software-as-a-Service vendors we use to run our operations, including communication tools, project management platforms, version control (e.g., GitHub), and CI/CD systems.

   Form-handling and email-delivery providers (e.g., Formsubmit) that route messages from our contact form to our corporate inbox.

   Professional advisors — accountants, auditors, lawyers — bound by professional confidentiality obligations.

   Public authorities and courts, where disclosure is required by Turkish or applicable foreign law, or in response to a valid legal request.

   We do not sell personal data, and we do not share it with advertising networks for behavioural advertising.

6. 06International Data Transfers

   Some of our subprocessors operate outside Türkiye, including in the European Union and the United States. Where personal data is transferred outside Türkiye, we rely on the safeguards permitted by KVKK and, for EU data subjects, on Standard Contractual Clauses or other recognised transfer mechanisms.

   Where you instruct us to deploy software or store client data in a specific region, we will document and honour that data-residency requirement in our service agreement.

7. 07Data Security

   We apply organisational and technical measures appropriate to the risk, including role-based access controls, encryption of data in transit, encrypted backups, separation of production and non-production environments, and confidentiality obligations on all personnel and subcontractors.

   We require any subprocessor that handles personal data on our behalf to enter into a written data-processing agreement meeting our security standards.

8. 08Data Retention

   We retain personal data only for as long as it is needed for the purpose it was collected, or for as long as required by applicable law (for example, ten years for accounting records under Turkish Commercial Code).

   When the retention period ends, we delete, destroy, or anonymise the data in line with our internal Data Destruction Policy.

9. 09Your Rights

   Under KVKK Article 11 (and equivalent GDPR provisions), you have the right to: learn whether your personal data is processed; request information about how it is processed; know the purpose of processing and whether it is used for that purpose; learn the third parties to whom it has been transferred; request rectification of incomplete or inaccurate data; request deletion or destruction under the conditions of the law; object to outcomes produced solely by automated processing; and claim compensation for damages arising from unlawful processing.

   To exercise these rights, please send a written request to info@talyxa.com or to our registered address (see Section 13). We respond within thirty (30) days. We may charge the official fee set by the Personal Data Protection Authority where the law allows.

10. 10Cookies and Analytics

    Our website uses a small number of cookies that are strictly necessary for it to function (for example, to remember your language and theme preferences).

    We use Google Analytics 4 to understand how visitors interact with our website in aggregate. Google Analytics sets cookies on your device that allow Google to provide us with anonymised usage statistics, including the pages you visit, the time spent on each page, the country you are connecting from, and the type of device and browser you use. The data is processed by Google in accordance with its own privacy policy (policies.google.com/privacy).

    We have not enabled advertising features, demographic reporting, or user-ID tracking. We do not use third-party advertising cookies. You can opt out of Google Analytics by installing Google's browser add-on at tools.google.com/dlpage/gaoptout or by using your browser's tracking-protection settings.

11. 11Commercial Electronic Communications

    Under Law No. 6563 on the Regulation of Electronic Commerce, we may send commercial electronic messages to business contacts within the scope of an existing engagement, or where the law permits without prior consent.

    Every commercial message we send includes a clear way to opt out. You can also write to info@talyxa.com at any time to be removed from our mailing list.

12. 12Changes to this Policy

    We may update this Policy from time to time to reflect changes in our services, the law, or industry standards. We will post the updated version on this page and indicate the date of the last revision at the top.

    Material changes will be communicated to active clients through their primary point of contact.

13. 13Contact

    Data Controller: Talyxa Teknoloji Yazılım ve Dış Ticaret Limited Şirketi.

    Registered address: Yahyakaptan Mh. Akasyalar Cd. B Blok Sitesi No. 24/1, İzmit / Kocaeli, Türkiye.

    Email: info@talyxa.com.

For any questions about this document, please contact us at info@talyxa.com. The Turkish version of this document prevails in case of any discrepancy with translations into other languages.