Privacy Policy

As VOYA Digital Design and Software Inc. ("VOYA", "we", "us"), we are committed to protecting the confidentiality and security of all information entrusted to us, in full compliance with the Personal Data Protection Law (KVKK) and the EU General Data Protection Regulation (GDPR). This Privacy Policy explains the purposes for which the collected information is used and how it is protected. Please read this policy carefully to understand your data rights.

1. Who are we?

This website is operated by VOYA Digital Design and Software Inc. ("VOYA"). This Privacy Policy applies to the personal data collected through VOYA's website and services.

Company Name: VOYA Digital Design and Software Inc.

Address: Maslak Mah. AOS 55. Sk. 42 Maslak B Block No: 4 Door No: 573 Sarıyer, 34485, Istanbul / Turkey

Email: info@voya.digital

2. How can you contact us with privacy questions or concerns?

If you have any questions or requests regarding this Privacy Policy or how your personal data is processed, you can reach us at info@voya.digital. VOYA aims to respond to all privacy requests within 30 days.

3. How do we collect personal data?

Direct methods:

• Through contact forms, surveys, or newsletter subscriptions on our website,
• During registration for our events, seminars, or meetings,
• Through resumes and documents submitted during recruitment processes,
• Under contracts made with our customers.

Indirect methods:

• From recruitment platforms, business partners, or referral sources we work with,
• Through our CRM systems in customer relationship processes.

Public sources:

• From publicly available sources such as internet searches, news articles, and official records.

Social and professional networks:

If users log into our website using their LinkedIn, Google, or other social media accounts, data such as names, email addresses, and profile information may be collected to the extent permitted by these platforms.

4. What categories of personal data do we collect?

VOYA may collect personal data in the following categories:

• Contact information: Name, surname, email, phone number, company name, job title, address.
• Professional information: Work history, educational background, portfolio, projects or memberships.
• Financial information: Necessary bank details for offers, contracts, or invoicing processes.
• Technical data: IP address, device information, cookie data, browser information.
• Recruitment data: CV, references, competency information, interview notes.

VOYA does not intentionally collect data from individuals under the age of 13.

5. What legal bases do we use for processing personal data?

VOYA processes personal data based on the following legal grounds:

• Performance of a contract: Necessary data for service contracts or tender processes.
• Consent: Explicit approval in cases such as website forms or newsletter sign-ups.
• Legitimate interests: Management of customer relationships, marketing, and monitoring service quality.
• Legal obligation: Compliance with tax, audit, or legal obligations.

6. Why do we need personal data?

Personal data is collected and processed for the following purposes:

• To provide professional UX and product design services.
• To manage customer communication and project processes.
• To respond to requests, proposals, or collaboration applications.
• To create event and seminar registrations.
• To securely operate VOYA's website, systems, and digital services.
• To conduct recruitment processes and assess candidates.
• To promote our products and services to existing and potential customers.

7. Who do we share personal data with?

VOYA shares data only in the following circumstances and in a secure manner:

• Service providers: Companies providing hosting, email, cloud, analytics, or support services.
• Professional advisors: Our partners in the fields of law, auditing, or finance.
• Legal authorities: Regulatory bodies or official authorities when necessary.
• Mergers/acquisitions: Only the necessary information during processes such as company mergers or transfers.

All third parties are obligated to ensure the security of the shared data.

8. Use of Cookies

Cookies are used on our website to enhance user experience and analyze traffic. You can change your cookie preferences at any time through your browser settings. For more detailed information, you can review our Cookie Policy.

9. Your rights as a data owner

Under the KVKK and GDPR, you have the following rights:

• Right of access: You can learn what data is being processed about you.
• Right to rectification: You can request the correction of inaccurate or incomplete information.
• Right to erasure: You can request the deletion or anonymization of your data.
• Right to restriction of processing: You can request the restricted processing of your data in certain circumstances.
• Right to data portability: You can receive your data in a format that can be transferred to another company.
• Right to object: You can object to the processing of your data for direct marketing or profiling purposes.
• Right to withdraw consent: You can withdraw your explicit consent at any time.

To exercise these rights, you can send an email to info@voya.digital. VOYA may request additional information to verify your identity.

10. Personal Data Security

VOYA implements appropriate technical and organisational security measures to prevent the loss, unauthorised access, misuse or disclosure of personal data. These measures include encryption, access restrictions, pseudonymisation, and anonymisation methods.

Although the risks inherent in the nature of the internet during data transmission cannot be completely eliminated, VOYA is committed to protecting the security of personal data to the highest level.

11. Links to Other Websites

Our website may contain links to third-party sites. The privacy practices of the sites accessed through these links are not the responsibility of VOYA. We recommend that you review the privacy policies of the relevant websites before sharing your personal data.

12. Changes to the Privacy Policy

VOYA regularly reviews and updates this Privacy Policy as necessary. The updated policy will be effective from the date it is published on our website.

Effective date: 4 November 2025.