Candoğan Law Firm

Privacy Policy (GDPR‑Compliant)

1. Introduction

This Privacy Policy explains how we collect, use, store, and protect personal data in accordance with the General Data Protection Regulation (GDPR). We are committed to ensuring that personal information is processed lawfully, fairly, and transparently.

2. Data We Collect

We only collect personal data that individuals voluntarily provide when filling out our contact form. This may include:

  • Name and contact details
  • Message content and attachments
  • Any additional information voluntarily submitted

In the future, our website may use cookies or similar technologies. If implemented, users will be informed and given the ability to manage preferences.

3. Purpose of Processing

We process personal data exclusively for:

  • Responding to inquiries submitted through the form
  • Administrative communication related to the inquiry
  • Compliance with legal obligations

We do not use personal data for marketing unless explicit consent is obtained.

4. Legal Basis for Processing

Processing is based on:

  • Consent — when users voluntarily submit the contact form
  • Legitimate interest — to respond to inquiries and ensure proper communication
  • Legal obligations — where applicable

5. Data Sharing

We do not sell or disclose personal data except when necessary:

  • Service providers supporting website operation
  • Legal authorities when required by law
  • Professional partners only when essential to respond to the inquiry

All third parties are required to comply with GDPR.

6. Data Storage and Security

We implement appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, or loss. Data is stored securely and only for as long as necessary for the purposes described.

7. Data Retention

Personal data submitted through the contact form is retained only for:

  • Responding to and managing the inquiry
  • Fulfilling legal or regulatory requirements
  • Maintaining necessary administrative records

Data is deleted when no longer required.

8. Your GDPR Rights

Individuals have the right to:

  • Access their personal data
  • Request correction or deletion
  • Restrict or object to processing
  • Withdraw consent at any time

Requests can be submitted through our contact channels.

9. Cookies (Future Use)

Our website may use cookies in the future to improve functionality and user experience. If implemented, users will be informed through a cookie banner and will have the ability to manage or refuse non‑essential cookies.

10. Third‑Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices or content of third‑party sites.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in legal requirements or website functionality. The latest version will always be available on this page.

12. Contact Information

For questions or GDPR‑related requests, please contact us through our designated communication channels.