ENEnglishTRTürkçeDEDeutschFRFrançaisESEspañolITItalianoPTPortuguêsNLNederlandsPLPolskiRUРусскийUKУкраїнськаCSČeštinaRORomânăELΕλληνικάBGБългарскиARالعربيةFAفارسیURاردوHIहिन्दीBNবাংলাIDBahasa IndonesiaVITiếng ViệtZH中文JA日本語KO한국어
Advertise on Databook — contact us

Privacy Policy

Effective date: 21 May 2026 Last updated: 21 May 2026 Version: 1.0

This Privacy Policy explains how personal data is collected and processed when you visit databook.dataint.net (the "Site"). It is written to satisfy the Turkish Personal Data Protection Law No. 6698 ("KVKK") as the primary governing framework, and to address the EU/UK General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act as amended ("CCPA/CPRA") for visitors in those regions.

In plain terms: Databook is a free, ad-supported reference site. We do not ask you to create an account, and we do not knowingly collect your name, email, or address. The personal data involved is what advertising and analytics cookies collect (such as your IP address and device/usage signals) — and those run only after you consent where consent is required.

1. Data controller

The data controller (KVKK: veri sorumlusu) responsible for the Site is:

  • Operator: Sets Turan (trading as "Episteme")
  • Address: 10870 Narlı Mah., Edremit / Balıkesir, Türkiye
  • Tax number (VKN): 8680618868
  • Contact for privacy matters: privacy@episteme.fyi

For some advertising processing described below, Google acts as an independent controller in its own right (see §6).

2. Scope

This policy covers the public Site only. It does not cover third-party websites we link to, or the separate DataInt product, each of which has its own terms and privacy notice.

3. What we collect, why, and on what legal basis

We do not operate user accounts or newsletters on the Site. The Site does provide a contact form; if you choose to use it, we process the data you submit so we can reply. We do not otherwise directly collect names or postal addresses. The personal data processed in connection with the Site is the following:

DataSource / purposeLegal basis (KVKK / GDPR)
Contact-form data — your name, email address, chosen subject, and messageSubmitted by you via the contact form; transmitted and delivered to us by Resend (email-delivery provider) so we can respond to your enquiryConsent / your request (KVKK açık rıza / Art. 5(2); GDPR Art. 6(1)(a) consent and Art. 6(1)(b) steps taken at your request).
Anti-abuse data — IP address, device and browser signals, interaction dataGoogle reCAPTCHA loads on the contact form to distinguish humans from automated abuseLegitimate interest in protecting the Site from spam and abuse (GDPR Art. 6(1)(f); KVKK Art. 5(2)(f)).
Advertising data — IP address, device and browser data, cookie/online identifiers, ad-interaction signalsGoogle AdSense serves the ads that fund the Site (personalized where consented, otherwise non-personalized/limited)Consent for personalized advertising and non-essential cookies (KVKK açık rıza; GDPR Art. 6(1)(a)). Where only non-personalized ads are served, Google relies on its own lawful basis.
Analytics data — pageviews, approximate location, device/browser, truncated IP, interaction eventsGoogle Analytics 4 measures traffic and improves the SiteConsent where required for analytics cookies (KVKK; GDPR Art. 6(1)(a)).
Server / CDN logs — IP address, user agent, request time, requested URLGenerated automatically by hosting/CDN for delivery, security, and abuse preventionLegitimate interest in operating and securing the Site (GDPR Art. 6(1)(f)); KVKK Art. 5(2)(f) legitimate interest. These are strictly-necessary operational logs.

We do not sell personal data for money. Note, however, that under the CCPA/CPRA, serving personalized advertising via cookies may qualify as a "sale" or "sharing" of personal information — see §9.3.

4. Cookies and consent

The Site uses cookies and similar technologies. Strictly-necessary cookies run without consent; advertising and analytics cookies run only after consent where the law requires it. The categories, named cookies, durations, and how to change your choices are described in our Cookie Policy.

For visitors in the EEA, the UK, and Switzerland, ad serving uses a Google-certified Consent Management Platform (CMP) integrated with the IAB Transparency & Consent Framework (TCF v2.3), and Google Consent Mode v2 signals are sent for advertising and analytics. You can withdraw or change consent at any time via the "Cookie settings" control on the Site.

5. We do not collect special-category or sensitive data

The Site is a reference resource and does not ask you for special-category data (KVKK Art. 6 / GDPR Art. 9). Please do not send us such data through any contact channel.

6. Recipients and processors

  • Google (AdSense / Google Analytics): receives and processes advertising and analytics data. Depending on the processing, Google acts as a processor or as an independent controller. See Google's "How Google uses information from sites or apps that use our services" and Google's advertising/Analytics terms.
  • Google (reCAPTCHA): processes IP address and device/usage signals to distinguish human visitors from automated abuse on the contact form, per Google's terms.
  • Resend (Plus Five, Inc.): email-delivery provider; processes the name, email address, subject, and message you submit through the contact form, as our processor, to deliver the message to us.
  • Hosting / CDN provider: Vercel Inc. processes server logs as our processor to deliver the static Site, and runs the serverless function that forwards contact-form submissions to Resend.

We do not otherwise disclose personal data, except where required by law or to protect our legal rights.

7. International transfers

The Site is operated from Türkiye, but Google, Resend, and our hosting/CDN provider process data on infrastructure that may be located outside Türkiye and outside the EEA, including the United States. In particular, contact-form data is delivered via Resend (US), and Google reCAPTCHA/AdSense/Analytics process data on Google infrastructure (US and elsewhere).

  • KVKK: cross-border transfers are made on the bases permitted under KVKK Art. 9 — primarily an adequacy decision, appropriate safeguards (e.g. standard contractual clauses or written undertakings approved by the Authority), or — where neither applies — your explicit consent as an exceptional ground, in line with the Authority's cross-border transfer guidance.
  • GDPR: transfers outside the EEA rely on an adequacy decision (e.g. the EU–US Data Privacy Framework where applicable) and/or Standard Contractual Clauses operated by the relevant provider.

8. Retention

We retain personal data only as long as needed for the purpose it was collected. Advertising and analytics data are retained according to Google's retention settings and policies (Google Analytics data retention is configured to 14 months); operational server logs are retained for 90 days for security, then deleted or anonymized. Contact-form messages are delivered to our email inbox via our email-delivery processor and are not stored in a separate database; they remain in the inbox for as long as needed to respond and for reasonable follow-up, after which they are deleted or archived in line with normal correspondence practice.

9. Your rights

9.1 Under KVKK (Art. 11)

You may, by applying to us: learn whether your data is processed; request information about the processing; learn the purpose and whether data is used accordingly; know third parties to whom data is transferred; request correction of incomplete/inaccurate data; request erasure or destruction; request notification of corrections/erasures to third parties; object to results arising solely from automated analysis; and claim compensation for damage caused by unlawful processing.

9.2 Under GDPR (EEA/UK visitors)

You have the rights of access, rectification, erasure, restriction, data portability, and objection, and the right to withdraw consent at any time without affecting prior processing. You may lodge a complaint with your local supervisory authority.

9.3 Under CCPA/CPRA (California residents)

You have the right to know, to delete, to correct, and to opt out of the sale or sharing of personal information (which can include personalized advertising via cookies), and not to be discriminated against for exercising these rights. We honor opt-out preference signals such as the Global Privacy Control (GPC). To opt out, use the "Do Not Sell or Share My Personal Information" / Cookie settings control on the Site.

10. How to exercise your rights

Send requests to privacy@episteme.fyi (or the postal address in §1). We will respond within the timeframes required by applicable law (KVKK: within 30 days). We may need to verify your identity before acting.

11. Children

The Site is a general-audience reference resource, freely available to students, researchers, and the general public regardless of age. It does not gate access by age and does not host age-restricted content. We do not knowingly collect personal data from children; if you believe a child has submitted personal data through the contact form, please contact us and we will delete it.

12. Security

We use reasonable technical and organizational measures appropriate to a static, account-free site (HTTPS, restricted access to operational logs, reliance on reputable processors). No method of transmission over the Internet is fully secure.

13. Changes to this policy

We may update this policy to reflect changes in law or our practices. The "Last updated" date will change, and material changes will be highlighted on the Site.

14. Complaints

If you have concerns we have not resolved, you may contact:

  • Türkiye: Kişisel Verileri Koruma Kurumu (KVKK) — kvkk.gov.tr
  • EEA/UK: your national data protection supervisory authority.
Advertise on Databook — contact us