Privacy Policy

Last updated: 1 May 2026 · Applies to export.yurudesign.com.tr

Yurudesign, operated by Yurudizayn İnternet Hizmetleri San. ve Tic. Ltd. Şti., respects the privacy of the businesses and individuals who use our B2B export platform.

This Privacy Policy explains what personal information we collect, why we collect it, how we use it, how long we keep it, and what rights may be available to you depending on your location.

The platform is intended for business users, trade buyers, retailers, importers, distributors and other professional users. It may be accessed from different countries. We process personal data in accordance with applicable data protection laws, including the Turkish Personal Data Protection Law No. 6698, the GDPR where applicable, and other relevant local privacy laws where they apply.

By using the platform, you acknowledge that your personal data will be processed as described in this Privacy Policy. If you do not agree with this policy, please do not use the platform.

1. Data Controller

The data controller is:

Yurudizayn İnternet Hizmetleri San. ve Tic. Ltd. Şti.

Torbalı Mah. 2570 Sk. No:9
Torbalı 35860
İzmir, Türkiye

Contact email:

export@yurudesign.com.tr

2. Information We Collect

Access request information

When you request buyer access, we may collect:

Company name

Contact person name

Business email address

Country

Company website

WhatsApp number

Business type and related access request details

We use this information to review your access request, verify your business identity, assess whether the platform is suitable for your company, and communicate with you about your request.

Account and platform activity

Once your access is approved, we may process:

Catalogue browsing activity

Selected products and offer lists

Proforma Invoice requests

Communication and request history related to your account

We use this information to provide the platform service, manage your buyer account, prepare offers, support Proforma Invoice requests, and maintain our business relationship with you.

Internal buyer analysis and AI-supported scoring

We may analyse access request information and approved buyer account activity for internal business purposes.

This analysis may include company information, country information, company website details, selected products, catalogue views, offer list actions, Proforma Invoice requests, internal team notes and previous business communication history.

This analysis may be supported by internal AI tools or, in the future, trusted AI or analytics service providers.

AI-supported scoring is advisory only. It does not replace human review and is not used as the sole basis for access approval, rejection, pricing, offer terms or other commercial decisions.

Final business decisions are reviewed by authorised Yurudesign team members.

We do not create buyer interest profiles for general public visitors who only browse the public parts of the website.

Technical and log data

When you use the platform, we may process standard technical data such as:

IP address

Browser type

Device and operating system information

Pages visited

Session data

Security logs

We use this data for authentication, security monitoring, fraud prevention, technical support, performance control and platform protection.

For general public visitors, page visit logs are used only for security, diagnostics and performance purposes. They are not used to create buyer interest profiles.

Communications

If you contact us by email, WhatsApp or through the platform, we may keep your correspondence in order to respond to your enquiry and maintain a record of our business relationship.

3. How We Collect Data

We collect personal data in the following ways:

Directly from you

When you submit an access request form, contact us by email, communicate with us through WhatsApp, or use the platform.

Automatically through technical logs

When you access or use the platform. This may include IP address, browser type, device information, login timestamps, session data and security logs.

Through approved buyer account activity

Such as catalogue browsing, selected products, offer lists and Proforma Invoice requests.

Through internal business records

Created by authorised Yurudesign team members, such as internal notes, previous communication history and commercial follow-up records.

If you communicate with us through WhatsApp, your use of WhatsApp may also be subject to WhatsApp's own terms and privacy practices.

4. Purposes and Legal Basis

We process personal data only where we have a valid reason to do so.

Access request review

Data used

Company name, contact person name, business email, country, website, WhatsApp number and business request details

Purpose

Review buyer access requests and take steps before a possible business relationship

Legal basis

Pre-contractual steps, legitimate business interest

Platform service

Data used

Login activity, catalogue activity, selected products, offer lists, Proforma Invoice requests and account communication history

Purpose

Provide platform access, manage buyer account, prepare offers and support Proforma Invoice requests

Legal basis

Performance of a contract, pre-contractual steps, legitimate business interest

Internal analytics and AI-supported scoring

Data used

Access request data, approved buyer activity, selected products, country, company website details, team notes and previous business communication history

Purpose

Understand buyer interest, improve B2B service quality, support product planning and prioritise commercial follow-up

Legal basis

Legitimate business interest

Security and fraud prevention

Data used

IP address, browser type, device information, login timestamps, session data, technical logs and security logs

Purpose

Protect the platform, prevent misuse, detect suspicious activity and maintain system integrity

Legal basis

Legitimate business interest, legal obligation where applicable

Business communication

Data used

Email, WhatsApp and platform correspondence

Purpose

Respond to enquiries and maintain business relationship records

Legal basis

Legitimate business interest, pre-contractual steps, performance of a contract

Legal and commercial record keeping

Data used

Commercial records, Proforma Invoice requests, order-related records, correspondence and legally required data

Purpose

Accounting, tax, audit, legal, regulatory and dispute resolution purposes

Legal basis

Legal obligation, legitimate business interest

Depending on your location, the applicable legal basis may include performance of a contract, steps taken before entering into a contract, legitimate business interest, legal obligation, or your consent where consent is specifically required by law.

5. Cookies

The platform currently uses only necessary cookies.

These cookies are required for login, authentication, session security and saving your cookie preference. We do not use analytics cookies, marketing cookies, advertising cookies or third-party tracking cookies.

The cookies we use are:

yk_sessionBuyer authentication token7 days

yk_admin_sessionAdmin panel session tokenSession only

yk_cookie_consentSaves your cookie preference12 months

Our internal buyer interest analysis is based on access request data and approved buyer account activity. It is not based on public visitor tracking cookies.

You can control or delete cookies through your browser settings. If you block necessary cookies, core platform features such as login, catalogue access and offer generation may not work properly.

6. Service Providers

We use a limited number of trusted service providers to operate the platform. These providers may process personal data only on our behalf and only for the purpose of delivering the service.

Our current service providers may include:

Vercel for hosting and deployment

Supabase for database and backend infrastructure

Resend for transactional email delivery

In the future, we may also use trusted AI or analytics service providers to support internal buyer analysis, service improvement and commercial prioritisation.

Where external AI or analytics providers are used, they will process data only on our behalf and only for platform analytics, service improvement and internal business evaluation purposes. We do not allow such providers to sell, reuse or independently exploit personal data.

Where reasonably possible, we aim to minimise, limit or anonymise the data shared with external AI or analytics providers.

If we start using an external AI or analytics provider in a way that materially changes how we process personal data, we will update this Privacy Policy before such use where required by applicable law.

We do not sell, rent or trade personal information to third parties.

7. International Data Transfers

Because the platform may be accessed globally and because some of our service providers operate internationally, your personal data may be processed in countries other than your country of residence.

Where required by applicable law, we rely on appropriate safeguards for international data transfers. These may include contractual safeguards, service provider commitments, technical security measures and other lawful transfer mechanisms available under applicable privacy laws.

8. Payments

The platform does not collect or store payment card information.

All payments are handled offline through bank transfer or other direct commercial payment methods agreed between the parties. No credit card, debit card or online payment processor data is collected through this platform.

9. Information Sharing

We may share personal data only in limited cases.

Service providers

We may share data with trusted providers who help us operate the platform.

Legal compliance

We may disclose data if required by law, regulation, court order, governmental request or legal process.

Fraud and security

We may share or use data where necessary to investigate, prevent or respond to fraud, abuse, security risks or technical threats.

Business transfers

If Yurudesign is involved in a merger, acquisition, restructuring or sale of assets, personal data may be transferred as part of that transaction where permitted by law.

We do not sell personal data.

10. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy or as required by law.

Access request data for rejected or inactive requests may normally be kept for up to 24 months, unless a longer period is required for legal, security or dispute resolution reasons.

Approved buyer account data may be kept while the account remains active and for up to 5 years after the end of the business relationship, unless a longer period is required by law.

Commercial records, Proforma Invoice requests, order-related records, accounting records, tax records and related correspondence may be kept for the period required under applicable legal, tax, accounting and audit obligations.

Technical logs may normally be kept for up to 12 months, unless a longer period is required for security investigation, fraud prevention, technical troubleshooting or legal reasons.

Cookie consent records are normally kept for 12 months.

When data is no longer needed, we delete it, anonymise it or securely retain it only where legally required.

11. Data Security

We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, disclosure, alteration or destruction.

These measures may include restricted access, authentication controls, secure infrastructure providers, internal access limits and periodic reviews of our data handling practices.

No internet-based service can guarantee complete security. However, we work to maintain appropriate safeguards and respond to identified risks promptly.

12. Your Rights

Depending on your country or region, you may have rights regarding your personal data. These may include the right to:

Request access to your personal data

Request correction of inaccurate or incomplete data

Request deletion of your data where legally possible

Object to certain processing activities

Request restriction of processing

Request data portability where applicable

Withdraw consent where processing is based on consent

File a complaint with a competent data protection authority

If you are located in Türkiye, you may have rights under Article 11 of the Turkish Personal Data Protection Law No. 6698.

If you are located in the European Economic Area, the United Kingdom, or another region with applicable privacy laws, you may also have additional rights under those laws.

To exercise your rights, please contact us at:

export@yurudesign.com.tr

We may need to verify your identity before responding to your request.

13. Accuracy of Information

We aim to keep personal data accurate and up to date. If you believe that the information we hold about you is incorrect, incomplete or outdated, please contact us and we will review and correct it where appropriate.

14. Children

The platform is intended only for business and professional users. It is not intended for children or minors. We do not knowingly collect personal data from children.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our platform, business practices, service providers or applicable laws.

When we update the policy, we will change the "Last updated" date at the top of this page. Continued use of the platform after the updated policy is published means that you acknowledge the revised policy.

16. Contact

For any questions about this Privacy Policy or to exercise your data rights, please contact us:

Data Controller

Yurudizayn İnternet Hizmetleri San. ve Tic. Ltd. Şti.

Torbalı Mah. 2570 Sk. No:9
Torbalı 35860
İzmir, Türkiye

Email:

export@yurudesign.com.tr

Back to catalogue