This Privacy Policy explains what personal data may be collected through yusufaytas.com, why it may be collected, how it may be used, and what rights you may have in relation to that data.

The aim is simple: collect as little as reasonably necessary, use it for clear purposes, and avoid turning a personal website into a surveillance system.

Who controls this website

This website is operated by Yusuf Aytas.

For the purpose of applicable data protection law, including the General Data Protection Regulation where relevant, Yusuf Aytas is the controller of personal data collected through this website.

Website: https://yusufaytas.com
Contact: https://yusufaytas.com/contact

What data may be collected

The exact data collected depends on how you use the site.

1. Information you submit directly

If you contact me through a form, email link, newsletter form, comment form, or similar feature, you may provide information such as:

  • your name
  • your email address
  • the content of your message
  • any other information you choose to include

This data is collected only when you actively submit it.

2. Basic technical and usage data

Like most websites, this site or its hosting and infrastructure providers may automatically process limited technical data when you visit the site, such as:

  • IP address
  • browser type and version
  • device type
  • operating system
  • referring page or website
  • pages viewed
  • timestamps
  • approximate diagnostic or performance information

This type of data is typically used to deliver the site securely, understand traffic patterns, prevent abuse, and troubleshoot failures.

3. Cookies and similar technologies

This website may use cookies or similar technologies for:

  • essential site functionality
  • remembering preferences
  • measuring traffic and usage
  • improving performance and content

Where cookies are not strictly necessary, they should only be used after you have given the required consent through the site’s cookie controls.

Why data may be used

Personal data may be used only where there is a clear reason to do so. Depending on how you interact with the site, that may include:

  • operating and securing the website
  • responding to messages or requests
  • delivering content you asked for
  • understanding how the site is used
  • maintaining, debugging, and improving the site
  • complying with legal obligations
  • protecting the website, its users, or its operator against misuse, fraud, or abuse

Data is not collected for the sake of collection. If a use case does not have a clear purpose, it should not exist.

Where GDPR or similar laws apply, personal data may be processed on one or more of the following bases:

  • Consent, for example where you choose to submit a form or accept non-essential cookies
  • Legitimate interests, for example to secure, maintain, and improve the website, provided those interests are not overridden by your rights and freedoms
  • Legal obligation, where processing is required to comply with applicable law
  • Contract or pre-contract steps, where needed to respond to a request you initiated

The legal basis depends on the context and the type of data involved.

Cookies

Cookies are small text files stored on your device by your browser.

This site may use:

Essential cookies

These are required for the site to function properly. They may support security, page delivery, session integrity, or consent settings.

Preference cookies

These remember choices you make, such as display or interface preferences.

Analytics cookies

These help measure usage and improve the site. These should not be set unless the required consent has been obtained.

You can usually manage or delete cookies through your browser settings. Disabling some cookies may affect how the website functions.

Third parties and service providers

This website may rely on third-party providers for infrastructure and operations, for example hosting, analytics, form handling, email delivery, security, or embedded content.

Where those providers process personal data on behalf of the website, they are expected to do so only for the relevant service purpose and under appropriate contractual or legal safeguards.

If specific third-party tools are in use, they should be named here for clarity.

For example, if relevant, list them explicitly:

  • hosting provider
  • analytics provider
  • newsletter/email provider
  • comment platform
  • CDN or security provider

A privacy policy becomes more trustworthy when it names actual processors instead of hiding behind vague categories.

How long data may be kept

Personal data is kept only for as long as reasonably necessary for the purpose for which it was collected, including security, record-keeping, legal, and operational needs.

For example:

  • contact messages may be kept for as long as needed to respond and maintain a reasonable correspondence record
  • technical logs may be kept for security, diagnostics, and abuse prevention for a limited period
  • consent records may be kept for compliance purposes
  • newsletter data, if applicable, may be kept until you unsubscribe or ask for deletion, subject to any legal retention requirements

Retention should follow necessity, not habit.

International transfers

Some providers used to operate the website may process data outside your country or outside the European Economic Area.

Where that happens, appropriate safeguards should be used where legally required, such as contractual safeguards or reliance on an approved transfer mechanism.

Disclosure of personal data

Personal data may be disclosed only where there is a valid reason to do so, including:

  • to service providers operating the website
  • to comply with law, legal process, or a lawful request
  • to investigate, prevent, or address security or abuse issues
  • to protect rights, property, safety, or the integrity of the website

This is not a data brokerage business. Personal data is not sold.

Security

Reasonable technical and organisational measures are used to protect personal data, but no website, platform, or transmission method can be guaranteed to be fully secure.

That means the goal is risk reduction, not fictional certainty.

Your rights

Where applicable under data protection law, you may have rights including:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restriction of processing
  • the right to data portability
  • the right to object, including to certain direct marketing-related processing

The availability of these rights depends on the legal basis and the circumstances of the processing.

If you want to exercise a privacy right, use the contact page: https://yusufaytas.com/contact

You may also have the right to lodge a complaint with a relevant supervisory authority.

This website may link to external websites. Once you leave this site, their privacy practices are their own.

Read their policies if the risk matters to you, because control ends at the link.

Changes to this policy

This Privacy Policy may be updated from time to time to reflect legal, technical, or operational changes.

When that happens, the updated version will be posted on this page and the date at the top will change.

Contact

If you have questions about this Privacy Policy or about how personal data may be handled on this website, use:

https://yusufaytas.com/contact