Privacy Policy

Last Updated: 28.11.2025

All services offered through www.vycall.com ("Website") are provided by Vayotek Bilgi Teknolojileri San. ve Tic. Ltd. Şti. ("VAYOTEK"). This Privacy Policy ("Policy") explains how the personal data of individuals who visit the Website, submit forms, or use communication channels are processed in accordance with the General Data Protection Regulation (GDPR), the Turkish Personal Data Protection Law (KVKK), and all applicable national and international data protection regulations.

By accessing the Website or submitting information, you acknowledge that you have read and accepted this Policy.

Data Controller: Vayotek Bilgi Teknolojileri San. ve Tic. Ltd. Şti.

• Address: Gülbahçe Mah. İçmeler Cad. No:14/1, Office B05, Bilişim Vadisi, Urla – İzmir – Türkiye
• E-mail: info@vycall.com / info@vayotek.com
• Phone: +90 232 335 1554
• MERSIS No: 0924093922500001

1. Scope of This Policy

This Policy covers the following data processing activities:

• Data collected during website visits
• Data submitted through contact, quotation or support forms
• Information provided via telephone, email and WhatsApp
• Cookies and tracking technologies
• Server logs collected for security purposes
• Data processing required for service provision
• International data transfers (DigitalOcean – USA)

2. Personal Data Processed

2.1. Automatically Collected Data (Website Visit Data)

• IP address
• Browser information (User-Agent)
• Device type
• Date and time of visit
• Pages viewed
• Cookie data

These data are processed for security, performance analytics, and system optimization purposes.

2.2. Data Submitted Through Forms

• Name and surname
• Phone number
• Email address
• Company name (optional)
• Message content / product of interest
• IP address
• Form submission timestamp

Form submission is valid only when the mandatory GDPR/KVKK consent checkbox is selected.

2.3. Data Submitted via Telephone, Email or WhatsApp

• Name and surname
• Phone number
• Email address
• Request details
• Company information (if applicable)

3. Purposes of Processing Personal Data

Your personal data are processed for the following purposes:

• Receiving and responding to quotation requests
• Managing customer communication processes
• Providing technical support
• Delivering service-related updates
• Complying with legal obligations
• Maintaining system security and server logs
• Website optimization and performance monitoring
• Conducting marketing communications (only where explicit consent exists)

4. Legal Basis for Data Processing

Under GDPR

• GDPR 6(1)(b): Contract necessity
• GDPR 6(1)(c): Legal obligation
• GDPR 6(1)(f): Legitimate interest
• GDPR 6(1)(a): Explicit consent (cookies and marketing communications)

Under KVKK

• KVKK Art.5(2)(c) – Contractual necessity
• KVKK Art.5(2)(ç) – Legal obligation
• KVKK Art.5(2)(f) – Legitimate interest
• KVKK Art.5(1) – Explicit consent (cookies, marketing permission)

5. Cookies and Tracking Technologies

The Website uses the following categories of cookies:

• Essential cookies
• Analytical cookies (Google Analytics)
• Advertising cookies (Google Ads – if enabled)

Users may manage cookie preferences through the cookie banner. For detailed information, please refer to the Cookie Policy.

6. Transfer of Personal Data

6.1. Transfers Within the Country

Where necessary, limited and purpose-bound data may be shared with:

• Cargo and delivery companies
• Service providers
• Authorized public authorities
• Independent auditors
• IT and infrastructure providers

6.2. International Data Transfers (GDPR + KVKK Compliant)

VAYOTEK operates on the DigitalOcean SFO3 – USA infrastructure. The following data may be transferred abroad:

• IP address
• Form data
• Server logs
• Traffic information

Legal bases for transfer: GDPR Articles 45–49, KVKK Article 9.

6.3. Use of Google reCAPTCHA (Security Requirement)

Certain form fields on our Website use Google reCAPTCHA to prevent fraudulent or automated submissions. Google may process technical data including IP address, browser information, device type, timestamp and form interaction data solely for the purpose of detecting abuse and ensuring security.

These data may be transferred to Google's servers in the United States and processed in accordance with Google's Privacy Policy and Terms of Service:

• https://policies.google.com/privacy
• https://policies.google.com/terms

reCAPTCHA data are never used for advertising or profiling purposes; they are strictly limited to security verification.

7. Data Retention Periods

• Form data: 5 years
• Email correspondence: 5 years
• Telephone/WhatsApp communications: 1 year
• Server logs: 6–12 months
• Cookie retention periods: As stated in the Cookie Policy
• Marketing permissions: Until withdrawn
• Financial records: 10 years (mandatory)

8. Data Subject Rights

Under GDPR

You may exercise the following rights:

• Right of access
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to data portability
• Right to object
• Right not to be subject to automated decision-making

Under KVKK

All rights under KVKK Article 11 remain applicable.

9. Contact for Requests

Data protection requests may be submitted via:

• info@vycall.com
• info@vayotek.com

Requests are answered within 30 days under GDPR and 30 days under KVKK.

10. Security Measures

• SSL/TLS encrypted communication
• Firewall and infrastructure protection
• Access logs and monitoring
• Role-based access control
• Regular security updates
• Data loss prevention mechanisms

11. Policy Amendments

This Policy may be updated when necessary. The updated version enters into force upon publication.

12. Entry into Force

This Policy enters into force as of its publication date on the Website.