GDPR Compliance
Last updated: March 4, 2026
1. Overview
ElectricalSupplys is committed to protecting the privacy and personal data of all individuals in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Turkish Personal Data Protection Law (KVKK) No. 6698.
This page outlines how we comply with data protection regulations and explains your rights as a data subject.
2. Data Controller
The data controller responsible for your personal data is:
- Company: Patrion Elektrik
- Email: sales@patrion.net
- Phone: +90 232 332 22 78
- Location: Izmir, Turkey
3. Legal Basis for Processing
We process personal data based on the following legal grounds:
- Consent: When you voluntarily submit your information through our contact form or subscribe to communications.
- Legitimate Interest: To improve our website, analyze usage patterns, and provide relevant content.
- Legal Obligation: To comply with applicable laws and regulations.
4. Data We Collect
We collect and process the following categories of personal data:
| Data Category | Purpose | Legal Basis |
|---|---|---|
| Name, Email | Contact form responses | Consent |
| IP Address | Security and analytics | Legitimate Interest |
| Browser/Device Info | Website optimization | Legitimate Interest |
| Page Views | Analytics (Google Analytics) | Consent |
5. Your Rights Under GDPR
Under the GDPR, you have the following rights:
- Right of Access (Article 15): You can request a copy of the personal data we hold about you.
- Right to Rectification (Article 16): You can request correction of inaccurate or incomplete personal data.
- Right to Erasure (Article 17): You can request deletion of your personal data when it is no longer necessary for the purpose it was collected.
- Right to Restrict Processing (Article 18): You can request restriction of processing of your personal data under certain conditions.
- Right to Data Portability (Article 20): You can request your data in a structured, commonly used, and machine-readable format.
- Right to Object (Article 21): You can object to processing of your personal data based on legitimate interests or for direct marketing.
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
6. Data Processing Partners
We use the following third-party services that may process your data:
- Google Analytics: Website usage analytics (USA) — anonymized IP enabled
- Brevo (Sendinblue): Email delivery for contact form submissions (EU)
- Vercel/Dokploy: Website hosting infrastructure
All third-party processors are bound by data processing agreements and are required to comply with GDPR standards.
7. International Data Transfers
Some of our third-party service providers are located outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
8. Data Retention
We retain personal data for the following periods:
- Contact form submissions: Up to 2 years
- Analytics data: 14 months (Google Analytics default)
- Server logs: 90 days
9. Data Breach Notification
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by Article 33 of the GDPR. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.
10. How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us using the details below. We will respond to your request within 30 days. You may also lodge a complaint with your local data protection supervisory authority.
- Email: sales@patrion.net
- Phone: +90 232 332 22 78
- Subject line: "GDPR Data Request"