This policy explains how cookies are used on yavuzfirat.com. The data controller is Yavuz Fırat, Attorney-at-Law, operating at Oran Mahallesi Kudüs Caddesi No: 6/1/15 Çankaya/Ankara, Türkiye. I attach the utmost importance to the security and privacy of your personal data, as well as to your rights under Law No. 6698 on the Protection of Personal Data (“KVKK”) and the EU General Data Protection Regulation (“GDPR”).
This notice has been prepared in my capacity as the data controller, in accordance with Article 10 of the KVKK and the Communiqué on the Procedures and Principles to Be Followed in Fulfilling the Obligation to Inform.
Use of Cookies
On yavuzfirat.com, cookies are used to improve visitor experience, ensure the security of the website, and enable the proper delivery of services.
Personal data processed through cookies is handled by automated means on the legal basis set out in Article 5(2)(f) of the KVKK: “processing is necessary for the legitimate interests pursued by the data controller, provided that this processing does not harm the fundamental rights and freedoms of the data subject.” The equivalent basis under the GDPR is Article 6(1)(f) (legitimate interests).
Only first-party cookies that are technically necessary to deliver the service are used on this site. No third-party marketing or advertising cookies are used, and no personal data is shared with third parties through cookies.
Cookie Duration
Session cookies: Maintain the continuity of your session. They are deleted when you close your browser.
Persistent cookies: Remain on your device for a set period or until you delete them. Examples include language preferences and interface settings.
Cookies Used on This Site
wordpress_test_cookie (Strictly necessary)
Checks whether your browser supports cookies.
Duration: session.
wp_lang (Functional)
Remembers the language in which you view the site (e.g., Turkish, English).
Duration: session.
wp-settings-ID
Personalises interface appearance settings for site administrators and registered users.
Duration: 1 year.
wp-settings-time-ID
Tracks the timing of interface settings.
Duration: 1 year.
wordpress_logged_in_[hash] (Strictly necessary / security)
Authenticates users who log in to the site.
Duration: session / 2 weeks.
wordpress_sec_[hash] (Strictly necessary / security)
Secures the administration panel and provides authentication protection.
Duration: session / 2 weeks.
Your Rights as a Data Subject
Under Article 11 of the KVKK and the corresponding provisions of the GDPR, you have the right to:
· learn whether your personal data is being processed;
· request information if it has been processed;
· learn the purpose of the processing and whether the data is used in accordance with that purpose;
· know any third parties, within Türkiye or abroad, to whom the data has been transferred;
· request correction if the data has been processed incompletely or inaccurately, and request that any such correction be communicated to third parties to whom the data has been transferred;
· request deletion or destruction of the data where the grounds for processing no longer apply, and request that this action be communicated to third parties to whom the data has been transferred, in accordance with the KVKK and related legislation;
· object to any outcome adverse to you that arises from automated analysis of the processed data;
· claim compensation for any damages suffered as a result of unlawful processing.
Understanding how you can exercise these rights is a matter I take seriously. These rights apply to every stage of data processing, storage, transfer, deletion, anonymisation, and destruction.
In the absence of a clear infringement, requests concerning the rights listed under Article 11 of the KVKK should first be directed to me as the data controller. Requests will be concluded free of charge, or, if the procedure entails a cost, against the fee set by the Personal Data Protection Board. Requests will be resolved as soon as possible and in any event within thirty days, and you will be informed of the outcome. Where a fee has been charged but the matter turns out to be an error on my part, the fee will be refunded.
How to Submit a Request
You may submit requests concerning your rights under Article 11 of the KVKK or your rights under the GDPR through one of the following channels:
Written application
Deliver your wet-signed petition, together with documents establishing your identity, in person or by notary to: Oran Mahallesi Kudüs Caddesi No: 6/1/15 Çankaya/Ankara.
Registered Electronic Mail (KEP)
Send your request, signed with a secure electronic signature, to yavuz.firat@hs01.kep.tr.
Note: Requests made through KEP are stored on servers located in Türkiye, so your data will not be subject to international transfer.
Secure e-mail
Send your request by e-mail to av.yavuzfirat@pm.me.
Note: If you choose this channel, please be aware that the e-mail provider’s servers are located abroad, and your data will therefore be transferred internationally.
Application Procedure
Before submitting a request, please refer to the application procedure set out in Article 5 of the Communiqué on the Procedures and Principles of Application to the Data Controller (Official Gazette No. 30356, dated 10 March 2018):
Article 5
(1) The data subject submits requests concerning the rights listed under Article 11 of the Law to the data controller in writing, through a registered electronic mail (KEP) address, using a secure electronic signature or a mobile signature, or through an e-mail address previously provided to and registered with the data controller, or through a software or application developed for this purpose.(2) The application must include:
(a) name, surname, and — if the application is in writing — signature;
(b) Turkish Republic identification number for Turkish citizens; for foreign nationals, nationality, passport number, or identification number if available;
(c) address of residence or place of business for notification purposes;
(d) any e-mail address, telephone, or fax number for notification purposes;
(e) the subject of the request.(3) Supporting information and documents should be attached to the application.
(4) For written applications, the date of application is the date on which the petition is served upon the data controller or their representative.
(5) For other methods, the date of application is the date on which the request reaches the data controller.
Yavuz Fırat 