Privacy Policy

This Privacy Policy explains how personal data collected within the scope of websites, mobile applications, SaaS platforms, and all products and services provided by Breachion Technology (“Breachion”) is processed, protected, and what rights you have.

Breachion is committed to protecting the confidentiality and security of your personal data and acts in accordance with applicable data protection legislation, including the Turkish Data Protection Law No. 6698 (“KVKK”) and relevant regulations.

1. Data Controller

• Data Controller: Breachion Technology
• Business Type: Sole Proprietorship
• E-mail: info@breachion.com
• Address: Van, Türkiye / Ankara, Türkiye

2. Personal Data We Collect

Breachion may collect the following categories of personal data:

3. Purposes of Processing

Your personal data may be processed for the following purposes:

• Providing products and services
• Managing order and delivery processes
• Processing payments and invoicing
• Providing customer support and communications
• Operating SaaS platforms
• Managing information security processes
• Complying with legal obligations
• Providing information to authorized public bodies
• Conducting marketing activities (where explicit consent is obtained)
• R&D and product improvement
• Statistical analysis and reporting

4. Collection Methods & Legal Grounds

Your personal data may be collected via:

• Our website
• Our mobile applications
• Our SaaS platforms
• Order forms
• Contracts
• Contact forms
• E-mail correspondence
• Third-party service providers

through automated or non-automated means.

Processing activities rely on legal grounds such as:

• Explicitly provided by law
• Necessary for the establishment or performance of a contract
• Compliance with a legal obligation
• Establishment, exercise, or protection of a right
• Legitimate interests
• Explicit consent (where required)

5. Transfers of Personal Data

Your personal data may be shared, limited to processing purposes, with:

• Logistics / cargo companies
• Payment providers (PayTR, İyzico, banks, etc.)
• Financial advisor / accountant
• Legal counsel
• Authorized public institutions and organizations
• Hosting and cloud service providers
• Cybersecurity service providers

Cross-border transfers are performed only with explicit consent or in compliance with the applicable requirements under KVKK.

6. Retention Period

Your personal data is retained:

• For the periods required by applicable legislation
• As long as necessary for the purposes of processing

Once the period ends, data is deleted, destroyed, or anonymized.

7. Data Security

Breachion implements technical and organizational measures such as:

• SSL / TLS encryption
• Access control
• Firewalls
• Logging and monitoring
• Authorization mechanisms
• Periodic penetration testing
• Backup and disaster recovery plans

8. Cookies

We use cookies to improve user experience on our website. Details regarding cookies are explained in our Cookie Policy.

9. Data Subject Rights

Within the scope of KVKK (Article 11), you have rights such as:

• Learning whether your personal data is processed
• Requesting information if it has been processed
• Learning whether it is used in accordance with its purpose
• Knowing third parties to whom it is transferred
• Requesting correction if it is incomplete or inaccurate
• Requesting deletion or destruction
• Objecting to results arising from automated systems to your detriment
• Requesting compensation if you suffer damage

10. How to Contact Us

You may submit your requests regarding your rights:

• In writing
• Via registered e-mail (KEP)
• With secure electronic signature
• Or via your registered e-mail address to info@breachion.com