Scroll Top
19th Ave New York, NY 95822, USA
+1 916-875-223-5968
Join Now

PRIVACY POLICY

Effective date: 06.09.2025
Data controller / Company: Optiva Endüstriyel Ürünleri İthalat İhracat San. Tic. Ltd. Şti.
Address: Karacaoğlan Mh. 6169 Sk. A No:12/D, 35070, Bornova-İzmir, Türkiye
E-mail: info@optivaendustri.com

Note on language versions: This Privacy Policy is available in both Turkish and English. For users located in Türkiye, the Turkish version shall be considered the authoritative legal text. The English version is provided for convenience for international users. Both versions will be kept consistent; in case of any discrepancy, the Turkish version governs for legal matters within Türkiye.

 

1. Overview / Purpose

This Privacy Policy explains how Optiva collects, uses, stores, shares and protects personal data obtained through the Site and through other interactions (forms, email, phone/WhatsApp, sales and technical requests). It also describes the rights you have over your personal data and how to exercise those rights.

2. What personal data we collect

We may collect and process the following categories of personal data depending on your interaction with us:

  • Contact and identification data: name, surname, company name, position, corporate email address, telephone / WhatsApp number, country.

  • Request data: requested product/service, technical document request details, uploaded corporate documents (optional), project description, estimated requirements.

  • Transaction and contract data: offers, contracts, invoices, delivery/shipment details (where a commercial relationship exists).

  • Technical & usage data: IP address (anonymized where applicable), device/browser type, access times, pages viewed, cookies and analytics data.

  • Marketing preferences and consents: records of consents for marketing communications (email, SMS, WhatsApp) where provided.

  • Other data: CRM records, communication logs and other information required to fulfil contractual or legal obligations.

3. Legal bases for processing

We process personal data based on one or more of the following legal grounds, where applicable:

  • Contractual necessity: processing required to take steps prior to entering or to perform a contract (e.g., providing quotes, delivering services).

  • Legal obligation: processing required to comply with legal obligations.

  • Legitimate interests: processing necessary for our legitimate business interests (e.g., website security, fraud prevention, order fulfilment, improving services) provided such interests are not overridden by your rights and freedoms.

  • Consent: where we ask for your explicit consent (for example, to receive marketing communications, or to use certain cookies). Consent may be withdrawn at any time.

4. Purposes of processing (what we use data for)

We use personal data for the following purposes:

  • Responding to inquiries, quotations and technical requests; processing orders and delivering services.

  • Verifying corporate requests for technical documents (TDS/SDS) and securely providing those documents to verified corporate representatives.

  • Managing customer and supplier relationships via CRM systems.

  • Sending service-related communications and (with consent) marketing messages.

  • Ensuring site security, analytics, performance monitoring and fraud prevention.

  • Meeting legal and regulatory obligations.

5. Cookies and tracking technologies

We use cookies and similar technologies to operate the Site and to enhance your experience. Cookies categories include:

  • Strictly necessary cookies — required for the basic functioning of the Site.

  • Analytics cookies — used to measure and improve Site performance (e.g., Google Analytics).

  • Marketing / advertising cookies — used for personalized advertising or remarketing.

Analytics and marketing cookies are processed on the basis of consent where required. You can manage your cookie preferences via the cookie banner or through your browser settings.

6. Sharing and recipients of personal data

We may share personal data with:

  • Service providers (data processors) that assist us with CRM, email delivery, hosting, analytics, payment, shipping and other operational services; such processors will only process personal data under our instructions and subject to a Data Processing Agreement.

  • Third parties where necessary for legal obligations or to protect our rights (e.g., authorities, courts).

  • Affiliates or business partners only where required for the provision of services or by contractual agreement and subject to appropriate guarantees.

Where personal data is transferred outside Türkiye or the EEA, we will ensure adequate safeguards are in place (e.g., EU model clauses, other legal transfer mechanisms) in accordance with applicable law.

7. Technical documents (TDS/SDS) — access and sharing procedure

Technical documents (TDS, SDS, and similar) are treated as controlled assets. Our standard access procedure:

  1. Request: Corporate representative submits a Technical Document Request via the Site form.

  2. Verification: We verify corporate email domain, company website and, if required, request supporting documents (company registration, letter of intent).

  3. Approval: Regional representative reviews and approves the request.

  4. Delivery: Approved documents are delivered as watermarked PDF or via time-limited secure link (typically 24–72 hours).

  5. Logging: Document delivery is logged (recipient, date, document ID).

We retain records of requests and deliveries for audit and compliance purposes. Recipients must not share or distribute watermarked technical documents to third parties without Optiva’s prior written consent.

8. Data retention periods

We retain personal data only as long as necessary for the purposes set out in this Policy and to meet legal or contractual obligations. Indicative retention periods (subject to legal requirements and specific contractual terms):

  • Contact / quotation records: 5 years.

  • Technical document request logs: 5 years.

  • Marketing consent records: until withdrawal of consent or up to 3 years (campaign-dependent).

  • Analytics / cookie data: depends on cookie type (analytics typically up to 12 months).

Retention periods will be reviewed and updated as required by law and business needs.

9. Your rights (Data subject rights)

Depending on applicable law (KVKK, GDPR), you may have the right to:

  • Request confirmation whether we process your personal data.

  • Access the personal data we hold about you and obtain a copy.

  • Request correction of inaccurate or incomplete personal data.

  • Request deletion or anonymization of personal data (subject to legal requirements).

  • Request restriction of processing.

  • Object to processing (including where processing is based on legitimate interests or for direct marketing).

  • Request data portability where applicable.

  • Withdraw consent at any time where processing is based on consent.

  • Lodge a complaint with a supervisory authority (e.g., KVKK in Türkiye or the relevant EU data protection authority).

How to exercise your rights: Send your request to info@optivaendustri.com or by postal mail to our address above. We will verify your identity before processing requests and will respond within the timeframes required by applicable law (generally within 30 days).

10. Security measures

We implement technical and organizational measures proportionate to the risks: access controls, encryption where appropriate, secure hosting, backups, staff training, and contractual safeguards with processors (DPA). For TDS/SDS delivery, additional safeguards such as watermarking, time-limited links and access logging are used.

11. International transfers

If we transfer personal data to countries that do not provide an adequate level of protection, we will apply appropriate safeguards (e.g., standard contractual clauses, binding corporate rules, specific legal mechanisms) to protect personal data in accordance with applicable law.

12. Children’s data

The Site is not intended for children under 18. We do not knowingly collect personal data of minors. If we become aware that we have collected personal data of a child without verification of parental consent, we will take steps to delete such data.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will publish the updated policy on the Site with the updated effective date. For material changes, we will notify affected users where feasible.

14. Contact and complaints

If you have questions about this Privacy Policy, or wish to exercise your data subject rights, please contact: