Legal review required
This is a starter template. It must be reviewed by qualified legal counsel before the site goes live. Company registration details, registered address, and any jurisdiction-specific obligations must be completed.
Privacy Policy
This Privacy Policy explains how Airomeda Bilgi Teknolojileri ("Airomeda", "we", "our", or "us") collects, uses, and protects your personal data when you visit airomeda.com or submit a form on our website.
For users in Turkey this policy is supplemented by our KVKK Aydınlatma Metni. For users in the European Economic Area or United Kingdom, GDPR (EU 2016/679) applies.
1. Data Controller
Airomeda Bilgi Teknolojileri (Company registration number, registered address, and tax identification to be added here.)
Contact: hello@airomeda.com
2. Personal Data We Collect
We collect only the personal data you actively provide or that is generated automatically by your use of the site:
- Contact and demo request forms: Full name, email address, company name (optional), and the message you write.
- Career application forms: Full name, email address, phone number (optional), LinkedIn profile URL (optional), cover letter, and CV file (PDF or DOCX).
- Server and access logs: IP address, browser user-agent string, request timestamps, and pages visited. These are generated automatically by our hosting infrastructure.
- Functional cookies: Language preference cookie (
NEXT_LOCALE) and Cloudflare Turnstile security cookies. See our Cookie Policy for details.
We do not use analytics cookies, advertising pixels, or any third-party tracking technology.
3. How We Use Your Data
| Purpose | Lawful Basis (GDPR Art. 6) |
|---|---|
| Responding to your contact or demo request | Legitimate interests (Art. 6(1)(f)) / Pre-contractual steps (Art. 6(1)(b)) |
| Evaluating career applications | Pre-contractual steps (Art. 6(1)(b)) |
| Website security — preventing spam, bot attacks | Legitimate interests (Art. 6(1)(f)) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
4. Third-Party Recipients
We share your data only with the following processors, to the minimum extent necessary:
| Recipient | Country | Purpose | Safeguard |
|---|---|---|---|
| Resend Inc. | United States | Transactional email delivery of form submissions to our internal team | Standard Contractual Clauses (SCCs) / DPA |
| Cloudflare, Inc. | United States (global CDN) | Bot and spam protection via Turnstile widget on forms | SCCs / Cloudflare DPA |
| Hostinger International Ltd. | Lithuania, European Union | Web hosting and infrastructure | EU adequacy / GDPR Art. 28 DPA |
We do not sell, rent, or otherwise disclose personal data to third parties for marketing purposes.
Transfers to Third Countries
Transfers of personal data to the United States (Resend, Cloudflare) are carried out under the Standard Contractual Clauses approved by the European Commission pursuant to GDPR Art. 46(2)(c). Copies of the relevant clauses are available on request.
5. Retention
We retain personal data only as long as necessary for the stated purpose or as required by law:
- Contact and demo messages: 2 years from the date of last correspondence.
- Career applications (unsuccessful candidates): 6 months from the date of application.
- Career applications (successful candidates): Duration of the employment relationship, subject to applicable statutory obligations.
- Server access logs: 90 days.
6. Your Rights
Under GDPR Articles 15–22 you have the right to:
- Access (Art. 15): obtain a copy of your personal data we hold.
- Rectification (Art. 16): correct inaccurate or incomplete data.
- Erasure (Art. 17): request deletion of your data where there is no longer a legal basis to retain it.
- Restriction (Art. 18): ask us to restrict processing in certain circumstances.
- Portability (Art. 20): receive your data in a structured, machine-readable format.
- Object (Art. 21): object to processing based on legitimate interests.
- Withdraw consent (Art. 7(3)): where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at hello@airomeda.com. We will respond within one month (extendable by two further months for complex requests, with notice).
You also have the right to lodge a complaint with the supervisory authority in your country of residence. In Turkey this is the Kişisel Verileri Koruma Kurumu (KVKK); in the EU it is your national data protection authority.
7. Security
We apply technical and organisational measures proportionate to the risk, including encrypted connections (HTTPS/TLS), access controls, and limited data retention periods.
8. Changes to This Policy
We will publish material changes on this page and update the "Last updated" date. We encourage you to review this policy periodically.
9. Last Updated
Last updated: 10 May 2026