Privacy Policy

1. Data controller

Qaventra operates at Levent Mah. Büyükdere Cd. No:198, Beşiktaş, Istanbul, Turkey. For privacy requests, email contact@qaventra.com with the subject line “Privacy Request”.

2. Categories of data we collect

We may collect identity and contact details (name, phone, email), vehicle identifiers (VIN, plate, mileage), service history notes you provide, communication transcripts, and technical data such as IP address, browser type, and timestamps when you use our website.

3. Purposes and legal bases

• Service delivery: scheduling, performing repairs, warranties, and billing (contract necessity).
• Safety & compliance: regulatory record-keeping, fraud prevention, incident logs (legal obligation / legitimate interests).
• Communication: responding to inquiries, appointment reminders (contract / legitimate interests).
• Website improvement: aggregated analytics to understand navigation patterns (consent where required).

4. Cookies & similar technologies

We use strictly necessary cookies required for security and form operation. Where we deploy optional analytics or preference cookies, we will request your consent in line with the Law on the Protection of Personal Data (KVKK) and EU GDPR expectations for visitors who qualify as data subjects under GDPR.

5. Retention

Service records follow applicable Turkish commercial and tax retention rules. Marketing consents are refreshed periodically. Web server logs with personal identifiers are minimized and rotated unless needed for security investigations.

6. Sharing & processors

We share data only with vetted subprocessors (for example, SMS gateways, accounting platforms, or parts suppliers fulfilling an order). Each relationship is governed by confidentiality and data-processing terms. We do not sell personal data.

7. International transfers

If a tool stores data outside Turkey or the EEA, we rely on adequacy decisions or standard contractual clauses and conduct transfer impact assessments where appropriate.

8. Your rights (GDPR-style)

Depending on your jurisdiction, you may request access, rectification, erasure, restriction, portability, objection to certain processing, and withdrawal of consent without affecting prior lawful processing. You may lodge a complaint with your supervisory authority.

9. Security

We apply administrative, technical, and organizational measures including role-based access, encrypted transport, and staff training. No method of transmission is perfectly secure; please report suspected issues immediately.

10. Children

Our services are directed to adults. We do not knowingly collect data from children without parental authority.

11. Updates

We may revise this policy to reflect legal or operational changes. Material updates will be posted on this page with a new effective date.