Games from Türkiye
TRLogin

Legal · v1.0.0 · 2026-06-01

Privacy Policy

This Privacy Policy explains how Türkiye Oyun Geliştiricileri Derneği ("TOGED"), as the data controller, collects and processes personal data through the Games from Türkiye website (the "Site"). Day-to-day operation of the Site is carried out by Seti Medya İletişim Ltd. Şti. ("Seti Medya") acting solely as a data processor on TOGED's behalf, under a written data-processing agreement.

This Policy applies to every visitor of the Site. If you are located in Türkiye, the Personal Data Protection Law No. 6698 ("KVKK") applies and the dedicated KVKK Aydınlatma Metni (read it here) provides the disclosures required by Article 10 of the KVKK. If you are located in the European Economic Area or the United Kingdom, the General Data Protection Regulation ("GDPR") applies and the dedicated GDPR Notice provides the additional disclosures required by Articles 13 and 14 of the GDPR. Please read this Policy together with the relevant notice for your jurisdiction and with our Cookie Policy.

1. Who we are

Data Controller

  • Türkiye Oyun Geliştiricileri Derneği (TOGED)
  • Teknoloji Geliştirme Bölgesi, Üniversiteler Mahallesi, Bilkent Cyberpark, Çankaya / Ankara, Türkiye
  • Email for all privacy inquiries: privacy@gamesfromturkiye.com

Data Processor (Site Operator)

  • Seti Medya İletişim Ltd. Şti.
  • Göksu Otağtepe Caddesi, Onur Sitesi, Beykoz / İstanbul, Türkiye

Seti Medya processes personal data only on documented instructions from TOGED.

2. What personal data we process

We collect only the personal data we need to run the Site and the services it offers. The categories we process are:

  • Identity and contact data that you submit through forms — for example your name, the studio or organisation you represent, your role, your email address, and any phone number you choose to provide.
  • Studio submission data when you propose a Turkish game studio for inclusion on the Site — including the studio name, founding year, location (city plus latitude and longitude for the studio map), website, social-media handles, and a short description.
  • Newsletter subscription data — your email address and the timestamp of your double-opt-in confirmation.
  • Studio-owner account data when you claim and edit your studio listing — your email address (used for magic-link sign-in), the timestamp of each sign-in, and the limited set of studio fields you are permitted to edit.
  • Form-message content — the free-text body of any inquiry, contact message, or programme-question you send through a form.
  • Chatbot interaction data when you use the incentives chatbot — the prompt text you submit, the chatbot's reply, the locale, a coarse rate-limiting hash of your IP address, and the timestamp.
  • Consent records — the version of the legal text you accepted, the timestamp of your acceptance, your IP address, and your User-Agent string. These are stored in a tamper-evident consent log.
  • Technical data that is automatically collected when you use the Site — your IP address, User-Agent, the page URL you requested, the HTTP referrer, the locale you are browsing in, and basic device information sent by your browser.
  • Cookie and analytics data as described in our Cookie Policy. Non-essential cookies, including Google Analytics, are only set with your prior explicit consent.

We do not knowingly collect any special-category personal data (such as health, religion, political opinion, biometric, or genetic data). Please do not include such information in any free-text field. If you do, we will erase it as soon as we become aware.

3. Why we process your data and the legal basis

We process personal data for the purposes and on the legal bases set out below.

  • To respond to your inquiries and form submissions — performance of pre-contractual / contractual measures and our legitimate interest in operating the Site (GDPR Art. 6(1)(b) and 6(1)(f)); your explicit consent and our legitimate interest under KVKK Art. 5(2)(c), (e) and (f).
  • To review and publish studio submissions — your explicit consent for publication of the listing, our legitimate interest in maintaining a curated industry directory (GDPR Art. 6(1)(a) and 6(1)(f); KVKK Art. 5(1) explicit consent and Art. 5(2)(f)).
  • To send the newsletter — your explicit, double-opt-in consent (GDPR Art. 6(1)(a); KVKK Art. 5(1) and Electronic Commerce Law No. 6563).
  • To operate the studio-owner edit area — performance of the editorial relationship and your consent (GDPR Art. 6(1)(b); KVKK Art. 5(1)).
  • To operate the incentives chatbot — your explicit consent before the prompt is sent to a third-party language-model provider (GDPR Art. 6(1)(a); KVKK Art. 5(1)).
  • To keep the Site secure and prevent abuse — our legitimate interest in network and information security (GDPR Art. 6(1)(f); KVKK Art. 5(2)(f)).
  • To comply with our legal obligations — including audit-trail retention and responses to lawful requests (GDPR Art. 6(1)(c); KVKK Art. 5(2)(a) and (ç)).
  • To measure usage of the Site through Google Analytics — only with your explicit prior consent (GDPR Art. 6(1)(a); KVKK Art. 5(1)).

4. Who we share your data with

We do not sell your personal data and we do not disclose it for advertising. We share personal data only in the following limited cases:

  • Sub-processors that provide infrastructure for the Site, including hosting and database providers located in the European Union, and third-party email-delivery providers used to send transactional and newsletter messages. Each sub-processor is bound by a written agreement that meets GDPR Art. 28 and KVKK Art. 8 requirements.
  • Language-model providers for the incentives chatbot. Prompts you submit to the chatbot are sent to one or more large-language-model providers — currently OpenAI and Anthropic — for the sole purpose of generating a reply. Please do not include personal data in chatbot prompts.
  • Editorial reviewers within TOGED who triage your submissions or inquiries.
  • Public publication of the data you explicitly submit for publication (for example, the public profile of an approved studio listing).
  • Competent authorities when we are required to disclose by law, court order, or a binding request from a public authority.

We do not transfer personal data to any third party for that party's own marketing purposes.

5. International transfers

The Site is hosted within the European Union and your personal data is primarily stored in the EU. Some of our sub-processors and the language-model providers named above are based outside Türkiye and the European Economic Area, including the United States. Where personal data is transferred outside Türkiye or the EEA, we rely on:

  • the Standard Contractual Clauses adopted by the European Commission (GDPR Art. 46(2)(c)), together with supplementary technical and organisational measures where necessary; and
  • your explicit consent to the international transfer where required under KVKK Art. 9.

You can request a list of the relevant transfer mechanisms by writing to privacy@gamesfromturkiye.com.

6. How long we keep your data

We retain personal data only as long as we need it for the purposes described in section 3 or as required by law.

  • Form submissions and inquiries — up to 24 months from the date of submission, after which the records are deleted or fully anonymised.
  • Consent log entries — 24 months, in line with the retention period for the underlying submission.
  • Newsletter subscription data — until you unsubscribe, plus a short suppression record proving the unsubscribe.
  • Studio-owner account data — for as long as the studio listing is published, plus 12 months after removal.
  • Chatbot interaction data — short-term operational retention only; aggregate, non-identifying analytics may be kept longer.
  • Cookie and analytics data — as described in the Cookie Policy; Google Analytics data is retained for the period configured in the analytics property.
  • Legal-obligation records (such as commercial-electronic-message consent) — for the period prescribed by the applicable law.

7. Your rights

Under the KVKK and the GDPR you have the right to:

  • access the personal data we hold about you and obtain a copy;
  • rectify inaccurate or incomplete data;
  • erase your data ("right to be forgotten") where the conditions are met;
  • restrict or object to the processing of your data;
  • data portability — receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller, where technically feasible;
  • withdraw consent at any time, without affecting processing carried out before the withdrawal;
  • lodge a complaint with the Personal Data Protection Authority of Türkiye ("KVKK Kurumu") or, if you are in the EEA or the UK, with your local data-protection supervisory authority.

To exercise any of these rights, write to privacy@gamesfromturkiye.com. We will respond within thirty (30) days under the KVKK and within one (1) month under the GDPR. We may need to verify your identity before acting on your request.

8. Security

We apply technical and organisational measures appropriate to the risk, including encryption in transit, encryption at rest for stored personal data, role-based access control, audit logging, least-privilege access for our editorial team, and a documented incident-response process. No system is perfectly secure; if we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the competent authority and affected data subjects in line with KVKK Art. 12 and GDPR Arts. 33–34.

9. Children

The Site is not directed at children. We do not knowingly collect personal data from children under the age of thirteen (13). The Families page provides information for parents and guardians and is not designed for use by children. If you believe a child has submitted personal data through the Site, please contact us and we will erase it promptly.

10. Automated decision-making

We do not use your personal data for automated decision-making that produces legal or similarly significant effects on you. The incentives chatbot generates answers using a language model, but its output is informational only and does not make any decision about you.

11. Changes to this Policy

We may update this Policy to reflect changes to the Site, our processing activities, or applicable law. Each version of this Policy is identified by a version number and an effective date displayed at the top of this page. Material changes will be highlighted on the Site and, where required by law, your fresh consent will be requested.

12. Contact

For any question about this Policy or about the way we handle your personal data, please write to:

  • Email: privacy@gamesfromturkiye.com
  • Postal address (data controller): Türkiye Oyun Geliştiricileri Derneği, Teknoloji Geliştirme Bölgesi, Üniversiteler Mahallesi, Bilkent Cyberpark, Çankaya / Ankara, Türkiye

We use cookies

We use cookies to remember your locale and theme, and (with your permission) to measure how this site is used. You can change or withdraw your choice at any time. Read the full cookie policy

Customise

  • Necessary

    Required for the site to function - locale, theme, your consent choice. Always on.

  • Analytics

    Aggregate usage metrics that help us prioritise what to write next.

  • Marketing

    Reserved for future personalised messaging. Off today; we'll re-prompt if that changes.

  • Functional

    Third-party features like video embeds remembering your position.

Privacy Policy