TürkPass Platform
Last Updated: 27 February 2026
This Privacy Policy explains how TürkPass collects, uses, and protects personal data in connection with the TürkPass platform (“Platform”).
TürkPass is currently under formation in the Republic of Türkiye. Upon completion of registration, this policy will be updated to reflect the registered legal entity acting as Data Controller.
1. Data Controller
Until incorporation is finalized, the Platform is operated by its founders (“Operator”), who act as data controller under the Turkish Law on the Protection of Personal Data (KVKK).
For any privacy-related inquiries, please contact: connect@turkpass.info
2. Information We Collect
We distinguish between:
A. Personal Data
Information relating to identified or identifiable natural persons, including:
- Name and business contact details
- Account credentials
- IP address and access logs
- Platform usage data
B. Product Compliance Data
Information relating to products (e.g., material composition, supply-chain details, “Substances of Concern”).
This data is generally not considered personal data under KVKK or GDPR unless it contains identifiable personal information.
3. Purpose of Processing
Personal data is processed for:
- Account creation and service delivery
- Compliance facilitation with EU DPP requirements
- Communication of technical updates
- Platform security and fraud prevention
- System performance improvement
TürkPass does not use personal data for unrelated marketing purposes without consent.
4. Legal Basis (KVKK Article 5)
Processing is based on:
- Contractual necessity
- Legal obligations
- Legitimate interests related to platform security and service improvement
5. Cross-Border Transfers
As the Platform facilitates EU Digital Product Passport compliance:
- Product compliance data may be transmitted to EU-based systems.
- Personal data transfers, if any, will comply with KVKK Article 9.
- Where GDPR applies, appropriate safeguards such as Standard Contractual Clauses (SCCs) may be used when legally required.
6. Data Retention
- Account-related personal data is retained for the duration of service.
- Regulatory product data may be retained as required by applicable EU regulations.
- Security logs are retained for a limited period for audit and fraud prevention purposes.
7. Your Rights (KVKK Article 11)
You may request:
- Confirmation of data processing
- Access to processed data
- Correction of inaccurate data
- Deletion (subject to legal retention)
- Information about data transfers
Requests can be sent to: connect@turkpass.info
8. Data Security
We implement technical and organizational safeguards including:
- Encrypted data transmission (SSL/TLS)
- Access controls
- Authentication mechanisms
- System monitoring
However, no system can guarantee absolute security.
9. Cookies
The Platform may use:
- Strictly necessary cookies
- Analytical cookies (non-marketing)
Users may manage cookies via browser settings.
10. Changes to This Policy
This Privacy Policy may be updated to reflect regulatory or operational changes. Updates will be posted on this page.