Legal
Privacy Policy
Last updated: May 5, 2026
Legal · Privacy Policy
Compliant with KVKK + GDPR (for EU visitors) + suitable for global visitors. The detailed counterpart of the Disclosure Notice.
Version
- Effective date: May 5, 2026
- Last updated: May 5, 2026
- Version: 1.0
1. About Us
Gökhan Man Style ("We", "the Company")
DENİZ KIZ APART, Üniversite Cd. 53 D,
Çiftlikköy, 33110 Yenişehir/Mersin, Turkey
Web: gokhanmanstyle.com
Contact: gokhanmanstyle@gmail.com
This policy covers data collected via gokhanmanstyle.com, our mobile apps (future), our WhatsApp account, and our physical store.
2. What Data Do We Collect?
Visit/Interaction Data (Automatic)
When you visit our site we automatically collect:
- Your IP address (hashed — not the actual IP)
- Browser info (User Agent, screen size)
- Page views (anonymous)
- Referrer page (which site you came from)
- Time/clicks (anonymous aggregate)
Only essential cookies are used (session, language preference).
Account Data (When You Register)
When you create an account:
- Name
- Phone (required — for appointments)
- Email (optional)
- Preferences (language, theme, communication channel)
Appointment Data
When you book an appointment:
- Date, time, service, barber
- Notes (allergies, special requests)
- Cancellation/rescheduling history
Customer Story
Accumulated over time:
- Total visit count
- Preferred barber, service
- Last visit date
- Loyalty program status
Health Information
Only with your explicit consent:
- Skin type (for skincare)
- Hair type (quality estimation)
- Allergies (chemical)
3. Why Do We Use This Data?
To Provide the Service (Contract Performance)
- Make appointment reservations
- Send confirmations / reminders (WhatsApp / SMS / email)
- Tailor our approach during the service
Legal Obligation
- Tax / accounting records
- Invoice retention
- KVKK audit / court requests
Legitimate Interest
- System security
- Site debugging
- Anonymous usage analytics
With Explicit Consent
- Marketing messages (new services, discounts)
- Birthday message
- Smart reminders
4. Who Do We Share Your Data With?
We Share With:
- International cloud hosting and content delivery (CDN) providers — to keep the site running (covered by DPA + SCC under KVKK Article 9)
- WhatsApp — only for communicating with you (phone + message content)
- Tax accountant — for tax (legally required)
- Lawyer — only in case of legal disputes
When additional services (email delivery, SMS, online payment, etc.) become active and require additional sharing, this policy will be updated at that time.
We Never Share:
- ❌ We do not sell data
- ❌ We do not rent it to anyone
- ❌ We do not send it to ad networks
- ❌ No 3rd-party trackers from social media
5. How Long Do We Retain Data?
| Data Type | Retention | Reason |
|---|---|---|
| Account (active) | While account is active | Contract |
| Appointment record | 5 years | Turkish Code of Obligations |
| Tax record | 5–10 years | Tax Procedure Law |
| Marketing (consent) | While consent is valid | Explicit consent |
| IP log (security) | 12 months | Legitimate interest |
| Cookie (essential) | Session duration | Operational |
| Account deleted | 7-day grace period + anonymization | Article 11 |
6. Cookies
We use minimum cookies. Details: /cerez-politikasi.
Essential Cookies Only
session-id → Your session (for login)
locale-pref → Language preference
theme-pref → Light/dark theme
csrf-token → Security
None of:
- ❌ Advertising cookies
- ❌ Third-party trackers
- ❌ Social media pixels (Facebook, Google Ads)
- ❌ Retargeting
7. Security Measures
Your data is processed over an encrypted connection (HTTPS). Our servers are protected with security measures aligned with KVKK and international standards. Access controls, regular backups and KVKK staff training are in place to prevent unauthorized access.
In Case of a Security Event
In the event of a security incident, we make the necessary notifications in a timely manner within the framework of our legal obligations under KVKK.
8. Your Rights (KVKK Article 11 + GDPR Article 15-22)
Right of Access
- What is your data? → request via gokhanmanstyle@gmail.com
Right of Rectification
Right of Erasure ("Right to Be Forgotten")
- Request via gokhanmanstyle@gmail.com
- 7-day grace period (you can revert your request)
- Information legally required is retained for 5–10 years (anonymized)
Right of Restriction
- Stop processing for a specific purpose
- gokhanmanstyle@gmail.com → "Do not process for purpose X"
Right of Portability
- Move your data to another service
- Via JSON export
Right to Lodge a Complaint
- KVKK Authority (Turkey): www.kvkk.gov.tr
- EU visitors: your country's DPA
9. Children
The site + service are not designed for users under 18. Child accounts are not created.
However, child customers can come to the venue under parental supervision (e.g., father–son appointment). In that case:
- Communication via the parent
- No separate data is kept for the child
10. International Visitors (GDPR)
If you visit from the EU your GDPR rights also apply:
- GDPR Article 15-22 — overlaps with the KVKK Article 11 rights above
- DPA: signed with our international service providers
- SCC: Standard Contractual Clauses for cross-border transfer
11. Updates to This Policy
For material changes:
- Site banner notification
- Email notification (to registered users)
- Clearly displayed new version date
Version History:
- v1.0 (May 5, 2026) — first publication
12. Contact
Email: gokhanmanstyle@gmail.com
Phone: +90 531 029 57 71
Mail: DENİZ KIZ APART, Üniversite Cd. 53 D,
Çiftlikköy, 33110 Yenişehir/Mersin, Turkey
Response time: 30 days (KVKK / GDPR)
Fee: Free (up to 1 request per year)
Legal review: [Pending] · Signature: Owner — Gökhan