OpsidaSpeak with us
Back to Opsida

GDPR privacy notice.

This notice explains how Opsida processes personal data collected through opsidatech.com and opsida.com.tr in line with the EU General Data Protection Regulation.

Data controller

Opsida Teknoloji Yazılım Bilgisayar ve Danışmanlık Ltd. Şti. is the data controller for personal data collected through this website. The company is registered in İzmir, Türkiye. For privacy questions, contact privacy@opsidatech.com.

Personal data we process

When you submit a contact form, we process your name, email address, company name if provided, inquiry type, and message. When you visit the website, our hosting provider may process standard server logs such as IP address, user agent, requested page, timestamp, and basic security events.

Purposes of processing

  • To respond to your inquiry and communicate with you.
  • To assess, prepare, or manage a potential commercial relationship.
  • To operate, secure, monitor, and protect the website.
  • To comply with legal obligations where applicable.

Legal basis under GDPR

  • Article 6(1)(b) — processing necessary to take steps before entering into a contract or to perform a contract.
  • Article 6(1)(f) — legitimate interests, including responding to business inquiries, website security, abuse prevention, and service improvement.
  • Article 6(1)(c) — compliance with legal obligations, where applicable.
  • Article 6(1)(a) — consent, where we rely on optional cookies or other consent-based processing.

Cookies and analytics

We use minimal first-party analytics cookies only if you accept them. We do not use advertising cookies, third-party tracking scripts, advertising pixels, fingerprinting, or session replay tools. You can decline optional cookies without affecting your ability to use the website.

Data retention

Contact form submissions are retained only as long as necessary to respond to your inquiry, manage a potential or active business relationship, and meet legal obligations. Standard server logs are retained for 30 days for security and abuse prevention unless a longer period is required to investigate a security incident.

International transfers

Form submissions are stored on infrastructure located in the European Union. If personal data is transferred outside the European Economic Area, we use appropriate safeguards such as Standard Contractual Clauses or another valid transfer mechanism under GDPR.

Processors

We may use trusted service providers for hosting (Vercel), database (Supabase), email delivery (Resend), AI inference (Anthropic, OpenRouter), and CDN/security (Cloudflare). These providers process personal data only on our instructions and only for the purposes described in this notice. A separate Data Processing Agreement (DPA) based on our standard template is available on request for corporate customers — write to privacy@opsidatech.com.

Your rights

Under GDPR, you may request access to your personal data, correction, deletion, restriction of processing, portability, or object to processing based on legitimate interests. Where processing is based on consent, you may withdraw consent at any time. To exercise your rights, contact privacy@opsidatech.com.

Supervisory authority

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection supervisory authority. We would appreciate the opportunity to address your concern first if you contact us directly.

Last updated: May 2026.