Privacy policy

Last updated: January 2026

Brand Dunyasi (“we”, “us”, or “our”) respects your privacy and is committed to protecting the personal data of our clients, visitors, and users.
This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website https://www.branddunyasi.com or use our services.

By using our website or services, you agree to this Privacy Policy.

1. Data Controller

Data Controller: Brand Dunyasi Ltd
Company Number (CRN): 16983557
Brand Name: Brand Dunyasi
Registered Office:
71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Registered in: England and Wales

Email: support@branddunyasi.com

2. Scope of Policy

This Privacy Policy applies to all customers and users of Brand Dunyasi in:

• The United Kingdom
• The European Union
• The United States
• Türkiye

We aim to comply with applicable data protection laws, including GDPR, UK GDPR, CCPA, and later KVKK, where such laws apply to our users and activities.

3. Personal Data We Collect

We collect personal data only when necessary to deliver our services.

a. Information You Provide Directly

• Full name
• Email address
• Billing address
• Business name (optional)
• Payment confirmation details (transaction reference and payment status only)
• Messages or inquiries submitted through forms

b. Automatically Collected Data

• IP address and device data (for analytics and security)
• Browser type and operating system
• Referring URL and usage behavior
• Cookie consent preferences (see Cookie Policy)

c. Data from Third Parties

• Payment processors (Stripe, PayPal, Wise, WorldFirst)
• Analytics and advertising tools (Google Analytics, Meta Pixel, LinkedIn Insight, etc.)

We never store or directly access your payment card details.
Payment confirmation details are limited to transaction reference and payment status only.

4. Purpose and Legal Basis of Processing

5. Data Sharing and Third Parties

We share limited personal data only with secure and compliant providers for operational purposes.

Payment Processors

• Stripe (Global): PCI DSS Level 1 certified
• PayPal / Wise / WorldFirst: Regulated international processors (used if applicable)

Hosting & Infrastructure

We work with reputable third-party providers that implement appropriate security and data-protection measures.

Analytics & Marketing

• Google Analytics 4 (IP anonymization enabled)
• Meta Pixel (consent-based)
• Microsoft Clarity / Hotjar (optional, consent-based)
• Mailchimp (email newsletters and updates)

We do not sell, rent, or exchange personal data for marketing purposes.

6. International Data Transfers

Where data is transferred outside the EU, UK, US, or Türkiye (for example, via Mailchimp), we ensure appropriate protection through Standard Contractual Clauses (SCCs) or equivalent safeguards where required.

7. Data Retention

We retain personal data only for as long as necessary:

• Customer records: 5 years (unless a longer period is required by law)
• Marketing lists: Until you unsubscribe
• Analytics data: 14 months (Google Analytics default)

After expiry, data is securely deleted or anonymized.

8. Data Security

We apply technical and organizational security measures, including:

• SSL encryption (HTTPS)
• Access controls and authentication
• Regular monitoring for security incidents
• No storage of raw card data

We work with reputable providers that maintain appropriate technical and organizational security measures.
Payment processing is handled by PCI-DSS compliant providers.

9. Your Rights

You have the following rights under GDPR / KVKK:

• Access to your personal data
• Rectification of inaccurate information
• Erasure (“right to be forgotten”)
• Restriction of processing
• Data portability
• Objection to processing (especially marketing)
• Withdrawal of consent at any time

We respond to privacy requests within 30 days.

To exercise your rights, contact:
📧 support@branddunyasi.com

10. Marketing Communications

You will receive marketing emails only if:

• You purchased a service; or
• You subscribed voluntarily with consent

You can unsubscribe at any time via the link in our emails or by contacting us directly.

11. Cookies and Tracking Technologies

Last updated: January 2026

Brand Dunyasi uses cookies and similar tracking technologies to improve browsing experience, analyze traffic, and personalize content.

11.1 What Are Cookies?

Cookies are small text files stored on your device when visiting a website.

Types include:

• Session cookies
• Persistent cookies
• First-party cookies
• Third-party cookies

11.2 How We Use Cookies

11.3 Third-Party Cookies We Use

• Google Analytics 4 (GA4)
• Google Tag Manager
• Meta Pixel (Facebook / Instagram)
• Microsoft Clarity / Hotjar
• LinkedIn Insight Tag
• Stripe Checkout Cookies
• Google reCAPTCHA v3
• Cloudflare

All third-party services comply with GDPR and KVKK standards.

11.4 Consent and Cookie Banner

• Essential cookies are enabled by default
• Analytics and marketing cookies require consent
• Preferences can be modified anytime via “Cookie Preferences”

11.5 Managing Cookies

You may manage cookies through browser settings:

• Google Chrome
• Mozilla Firefox
• Safari
• Microsoft Edge

Blocking cookies may affect certain features.

11.6 Changes to Cookie Policy

Updates will be posted on this page with a revised date.

11.7 Cookie Contact

📧 support@branddunyasi.com
📍 Registered Office: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

12. Children’s Privacy

Our services are not directed to individuals under 16 years of age, and we do not knowingly collect their data.

13. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted with a revised “Last updated” date.

14. Contact

If you have any privacy-related questions or concerns, contact us at:

📧 support@branddunyasi.com
📍 Registered Office:
71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom