PRIVACY POLICY & COOKIES POLICY

Yurtsever Studio
(Last updated: 31.01.2026)

1. General Information

This Privacy Policy sets out the rules for processing personal data and using cookies on the website available at: www.yurtseverstudio.com (hereinafter: the “Website”).

We respect users’ privacy and ensure that personal data is processed in accordance with applicable laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR).

2. Data Controller

The Data Controller of personal data is:
Yurtsever Studio – unregistered business activity
Email: hello@yurtseverstudio.com
Phone: +48 736 221 132

The Controller’s correspondence address is provided upon request.

3. Scope of Processed Data

Depending on how you use the Website, we may process the following personal data:

  • first and last name,
  • email address,
  • phone number,
  • subject of the message,
  • message content,
  • technical data (e.g. IP address, device and browser information),
  • analytical/statistical data regarding Website traffic (Google Analytics).

4. Purposes and Legal Basis of Data Processing

Personal data is processed only for specific purposes:

4.1. Contact Form Communication

Personal data submitted via the contact form is processed in order to:

  • respond to your inquiry,
  • communicate and maintain correspondence.

Legal basis:

  • Article 6(1)(b) GDPR (steps taken prior to entering into a contract), or
  • Article 6(1)(f) GDPR (legitimate interest of the Controller consisting in communication with Website users).

4.2. Website Analytics (Google Analytics)

The Website uses Google Analytics, a tool that collects statistical and analytical data, including information about the number of visitors and how they use the Website.

Legal basis:

  • Article 6(1)(a) GDPR – consent (if you use a cookie consent banner), or
  • Article 6(1)(f) GDPR – legitimate interest (Website traffic analysis and improvement).

If you use a cookie consent banner (recommended), the proper legal basis is consent.

5. Voluntary Data Provision

Providing personal data is voluntary, however:

  • for the contact form it is necessary in order to receive a response.

6. Data Recipients

Personal data may be shared with entities supporting the Controller in operating the Website and providing technical services, in particular:

  • mydevil.net (website hosting and email services),
  • Google LLC (Google Analytics).

These entities process data on the basis of data processing agreements or act as independent controllers (e.g. Google).

7. Transfer of Data Outside the European Economic Area (EEA)

Due to the use of Google services, personal data may be transferred outside the EEA (e.g. to the United States). Such transfers take place in accordance with GDPR requirements, in particular using appropriate safeguards such as Standard Contractual Clauses.

8. Data Retention Period

Personal data will be retained:

  • contact form data – for as long as necessary to handle the correspondence and then until the limitation period for potential claims expires,
  • analytical data – in accordance with Google Analytics settings and until consent is withdrawn or an objection is raised (where applicable).

9. Your Rights

You have the right to:

  • access your personal data,
  • rectify your data,
  • erase your data (“right to be forgotten”),
  • restrict processing,
  • data portability (where applicable),
  • object to processing (where processing is based on Article 6(1)(f) GDPR),
  • withdraw consent at any time (where processing is based on consent).

To exercise your rights, please contact the Controller at: hello@yurtseverstudio.com

10. Right to Lodge a Complaint

If you believe your personal data is processed unlawfully, you have the right to lodge a complaint with a supervisory authority. In Poland, this is the President of the Personal Data Protection Office (UODO).

11. Security Measures

The Controller applies appropriate technical and organisational measures to protect personal data, including:

  • SSL encryption,
  • restricted access to email and administration systems,
  • regular updates of software (including WordPress and plugins).

12. Cookies Policy

12.1. What are cookies?

Cookies are small text files stored on the user’s device when browsing the Website.

Cookies may be:

  • session cookies (deleted after closing the browser),
  • persistent cookies (stored for a specified period).

12.2. Why do we use cookies?

Cookies are used to:

  • ensure the Website functions properly,
  • create statistics and analytics (Google Analytics),
  • improve the Website’s usability and quality.

12.3. Google Analytics cookies

The Website uses Google Analytics, which relies on cookies to analyse how users use the Website.

The Controller may use anonymised statistical data to improve the Website and services.

12.4. How to manage cookies?

You can manage cookies through your browser settings, including:

  • blocking cookies,
  • deleting stored cookies,
  • setting cookie notifications.

Disabling cookies may affect some features of the Website.

13. Changes to this Policy

The Controller reserves the right to amend this Privacy Policy, e.g. due to legal or technological changes. The current version of the Policy will always be available on the Website.