İçereği Atla
← Back to login

Privacy Policy

Last updated: 03 June 2026 · Türkçe

1. Who We Are

Cabri BT Information Technologies (hereinafter "Cabri BT", "we", "our") is a software and digital solutions company based in Türkiye. We act as a Data Controller under the Turkish Personal Data Protection Law No. 6698 (KVKK) and apply GDPR-aligned principles for our international operations.

Contact:
Email: destek@cabribt.com
Phone: +90 850 532 12 35
Web: cabribt.com

2. Information We Collect

We collect and process the following categories of personal data:

  • Identity data: Full name, national/tax identification number (when required by law)
  • Contact data: Email address, phone number, postal address
  • Transaction data: Order, invoice, contract and support ticket records
  • Financial data: Bank account details (solely for payment and collection)
  • Technical data: IP address, browser logs, session and cookie data
  • Professional data: Role/position information for business partner records
  • Social media data (where applicable): OAuth tokens, public profile info and post content that you authorize us to publish on your behalf via our own software

3. Purposes of Processing

  • Providing, maintaining and improving our products and services
  • Managing customer relationships and providing support
  • Fulfilling contractual and legal obligations (Turkish Tax Procedure Law, Turkish Commercial Code, etc.)
  • Processing invoices, orders, payments and collections
  • Operating e-Invoice, e-Archive and other electronic document processes
  • Information security operations and log retention
  • Reporting to authorized public bodies (upon lawful request)
  • Marketing and outreach (only with explicit consent)
  • Publishing social media content on your behalf via the cb_social Odoo module, strictly limited to content you explicitly authorize and to networks/accounts you connect via OAuth

4. Legal Basis

We process personal data based on (a) performance of a contract, (b) compliance with legal obligations, (c) our legitimate interests (e.g. information security), and (d) explicit consent where required (e.g. marketing communications, third-party social media posting).

5. Data Sharing

We do not sell personal data. We may share it with: (a) authorized public bodies (e.g. Turkish Revenue Administration, Social Security Institution) when legally required; (b) service providers (hosting, e-Invoice integrator, banks, accounting consultants) under written data processing agreements; (c) third parties you explicitly consent to (e.g. when you connect your LinkedIn account, content is transmitted to LinkedIn under their own terms).

Cabri BT primarily stores data within Türkiye. Where unavoidable (e.g. international cloud providers, AI services), transfers occur only under the safeguards required by KVKK Article 9 and GDPR Chapter V, and you are informed in advance.

6. Social Media Integrations

When you connect a social media account (LinkedIn, X, Instagram, etc.) to our cb_social module via OAuth, we store the following on your behalf:

  • OAuth access and refresh tokens (encrypted)
  • Your public profile identifier and display name
  • Content you explicitly create and authorize to publish
  • Post analytics returned by the platform's API

We never post content without your explicit action (clicking "Publish" or scheduling a post). You may disconnect any account at any time, which immediately revokes our stored tokens. Cabri BT does not retain or analyze your private messages, contacts, or any data outside the public posts you publish through us.

7. Retention

  • Customer/partner records: 10 years after the end of the commercial relationship (Turkish Commercial Code Art. 82)
  • Invoices and financial records: 10 years (Tax Procedure Law Art. 253)
  • Contracts: limitation period + 10 years
  • Server logs (Law No. 5651): 2 years
  • Marketing consents: until withdrawn
  • Social media OAuth tokens: until you disconnect or revoke them

8. Your Rights

Under KVKK Art. 11 (and equivalent GDPR rights for EU residents), you may:

  • Ask whether your personal data is being processed
  • Request information about how it is processed
  • Know the purpose of processing and whether it is used in line with that purpose
  • Know the third parties to whom data is transferred, in Türkiye or abroad
  • Request correction of inaccurate or incomplete data
  • Request deletion or destruction under KVKK Art. 7 / GDPR "right to erasure"
  • Object to outcomes resulting from automated processing
  • Claim compensation for damages caused by unlawful processing

To exercise these rights, email destek@cabribt.com. We respond within 30 days, free of charge.

9. Cookies

Our website and ERP/portal application use technical cookies for session management, security and user-experience improvements. Third-party analytics or marketing cookies are only activated with your explicit consent.

10. Security Measures

Cabri BT applies TLS/SSL encryption, access logs, role-based authorization, encrypted backups and periodic security audits to protect your data.

11. Changes to This Policy

This policy may be revised in line with regulatory changes or service updates. The current version is always published on this page.

← Back to login destek@cabribt.com Türkçe