1. Data Controller and Disclosure Obligation
In accordance with the General Data Protection Regulation (GDPR) and applicable national data protection legislation, MOSERRA, acting as "Data Controller", is committed to the security and confidentiality of your personal data to the highest standard. This Disclosure has been prepared to inform you about the purposes for which your personal data is processed, the parties to whom it may be transferred, and your legal rights — all within the scope of our global software solutions, project management processes, and digital platforms.
2. Categories of Personal Data Processed
The following categories of data may be processed within the scope of your commercial or technical relationship with our agency:
- Identity Information: Full name and, where required, passport or national identification number.
- Contact Information: Email address (including correspondence via [email protected]), telephone number, and address information at Zafer, Adile Naşit Blv. No: 1/F Kat: 6 Daire:59, 34512.
- Customer Transaction Information: Project details, order and invoice records, payment history, and contractual documents.
- Technical and Operational Security: IP address, system log records, cookie data, and access authorisation information.
- Support Data: Contact forms, support tickets, and records relating to resolution processes.
3. Purposes of Processing Personal Data
Your data is processed by MOSERRA for the following purposes:
- Delivery of software development, digital transformation, and consulting services.
- Management of contractual processes and continuation of commercial activities.
- Conducting customer support operations and improving service quality.
- Planning and auditing information security processes.
- Financial, accounting, and legal affairs management.
- Fulfilment of notification and retention obligations arising from applicable legislation.
4. Legal Bases and Methods of Collection
Your personal data is collected through our website, email, telephone, or physical forms, relying on the following legal bases under GDPR Article 6:
- Processing is necessary for the performance of a contract to which the data subject is party;
- Processing is necessary for compliance with a legal obligation to which the controller is subject;
- Processing is necessary for the purposes of the legitimate interests pursued by the controller, provided these do not override the fundamental rights and freedoms of the data subject.
Data is collected through both automated and non-automated means.
5. Data Transfers and Retention Period
Your personal data may be transferred to our business partners, cloud infrastructure providers, and legally authorised public authorities in compliance with GDPR Articles 44–49, to the extent necessary for service continuity. Your data will be retained in our secure systems until the applicable legal retention periods expire or the purpose of processing ceases to apply.
6. Data Subject Rights and How to Apply
To exercise your rights under GDPR Articles 15–22 (access, rectification, erasure, restriction, portability, and objection), please submit your request to or send a written application to our registered address at Zafer, Adile Naşit Blv. No: 1/F Kat: 6 Daire:59, 34512.
In case of disputes, the competent authority is: İstanbul Merkez (Çağlayan) Mahkemeleri ve İcra Daireleri.