Privacy Policy

Last updated: March 21, 2026

1. Data Controller

The data controller within the scope of the Turkish Personal Data Protection Law No. 6698 ("KVKK"):

  • Website: shop.ssilistre.dev
  • Email: hi@ssilistre.dev
  • Country: Republic of Turkey

2. Personal Data Collected

SSilistre Shop collects the following personal data for service delivery:

  • Contact Information: Email address, first name, last name, phone number (optionally provided by the user as profile information)
  • Payment Information: All payment processing is handled entirely through Stripe. No credit/debit card information is stored on SSilistre Shop servers. Only transaction reference numbers and payment statuses are recorded.
  • Transaction Information: Purchase history, license keys, download records

3. Purposes of Data Processing

Personal data collected is processed for the following purposes:

  • Execution of digital product sales and delivery
  • Creation and management of user accounts
  • Processing and verification of payment transactions
  • Provision of license management and activation services
  • Provision of customer support services
  • Fulfillment of legal obligations (tax legislation, Law No. 6502, KVKK, etc.)
  • Improvement of service quality and generation of analytical statistics
  • Prevention of fraud and unauthorized access

4. Data Transfers

Your personal data may be shared with the following third-party service providers for service delivery:

  • Stripe: For processing payment transactions. Stripe is a US-based payment infrastructure provider and is subject to its own privacy policies.
  • Supabase: For user authentication and database services. Supabase is a US-based cloud service provider.

Pursuant to Article 9 of KVKK, the transfer of personal data abroad requires either adequate protection in the relevant country or a written commitment from the data controller to provide adequate protection along with the permission of the Personal Data Protection Board. Our service providers comply with international data protection standards and have implemented the necessary technical and administrative measures to ensure the security of your data. By using our services, users are deemed to have given their explicit consent to these transfers.

5. Data Retention Periods

Your personal data is retained for the duration required by the processing purpose and in accordance with legal retention obligations:

  • Account information: As long as the account remains active
  • Transaction records: 10 years pursuant to tax legislation
  • Consumer transactions: 3 years under Law No. 6502
  • Technical log records: 2 years pursuant to Law No. 5651

Upon expiration of retention periods, personal data is deleted, destroyed, or anonymized.

6. Cookies

SSilistre Shop uses cookies for the proper functioning of the website and to improve user experience:

  • Essential Cookies: Required for session management and security. The site cannot function properly without these cookies.
  • Functional Cookies: Used to remember user preferences such as language and theme settings.
  • Analytics Cookies: Collect anonymous statistical data to understand site usage and improve service quality.

Users may manage or disable cookies through their browser settings. However, disabling essential cookies may negatively affect site functionality.

7. Rights of the Data Subject (KVKK Article 11)

Pursuant to Article 11 of KVKK, data subjects have the following rights:

  • To learn whether their personal data has been processed
  • To request information about the processing if personal data has been processed
  • To learn the purpose of data processing and whether the data is used in accordance with its purpose
  • To know the third parties to whom personal data has been transferred domestically or abroad
  • To request correction of personal data if it has been processed incompletely or inaccurately
  • To request deletion or destruction of personal data within the framework of conditions set forth in Article 7 of KVKK
  • To request that correction and deletion operations be notified to third parties to whom personal data has been transferred
  • To object to the occurrence of a result against the person through the exclusive analysis of processed data via automated systems
  • To claim compensation for damages in case personal data is processed unlawfully

To exercise these rights, you may submit a written application to hi@ssilistre.dev. Applications will be responded to free of charge within a maximum of 30 days. If the process requires an additional cost, the tariff determined by the Personal Data Protection Board may apply.

8. Data Security Measures

SSilistre Shop implements the following technical and administrative measures to ensure the security of your personal data:

  • Encrypted data transmission via SSL/TLS certificates
  • Payment information processed through PCI DSS-compliant Stripe infrastructure
  • Database access control via Supabase Row Level Security (RLS)
  • Regular security updates and software patches
  • Access control: Personal data is accessible only to authorized personnel

9. Contact

For questions, suggestions, or requests regarding our privacy policy, you may reach us through the following channels:

  • Email: hi@ssilistre.dev
  • Website: shop.ssilistre.dev