Privacy and Security Policy

idin.com.tr — İDİN STEEL

Privacy & Security Policy

At idin.com.tr, your privacy isn't a legal checkbox — it's a commitment. This page explains exactly how we protect your data, what security standards we follow and what we'll never do with your information.

SSL/TLS Encryption PCI-DSS Compliant 3D Secure KVKK Compliant
Encryption
SSL / TLS
Payment Security
PCI-DSS
3D Secure
Active
Card Data Stored?
Never
Data Sold?
Absolutely not
1. Our Commitments · 2. Data Security · 3. Payment Security · 4. Cookies · 5. Third Parties · 6. Account Security · 7. Data Breach · 8. Updates · Privacy Notice →
PRIVACY & SECURITY POLICY İDİN BİJUTERİ İTHALAT İHRACAT SANAYİ VE TİCARET LİMİTED ŞİRKETİ — idin.com.tr
StandardInternational
1

Our Core Commitments

Privacy, integrity and transparency aren't policies we follow under pressure — they're principles we've built our business on. Our approach to your data rests on three clear commitments:

Your data belongs to you.

We never sell, rent or commercially share your personal data with third parties. Your data is processed only to fulfil our service to you and to meet our legal obligations — nothing more.

🚫Data sales — never
🔒Encryption — always
👁️Transparency — full
✅Legal compliance — complete
2

Data Security

We apply industry-standard technical measures to protect your personal data at every level:

🔐

SSL / TLS Encryption

All data transmitted to and from idin.com.tr is encrypted using SSL/TLS protocols. The padlock in your browser confirms this protection is active.

🛡️

Access Controls

Personal data is accessible only to authorised personnel. All access is logged and reviewed on a regular basis.

🖥️

Secure Servers

Data is stored on access-controlled secure servers. Security patches are applied continuously and without delay.

🔍

Security Testing

We conduct regular security scans and penetration tests to identify and address any vulnerabilities before they can be exploited.

📋

Ongoing Updates

Our infrastructure and software components are kept up to date with the latest security patches at all times.

🌍

International Standards

Our security practices are aligned with PCI-DSS, the ISO/IEC 27001 framework and the technical requirements of KVKK Article 12.

SSL/TLS

End-to-end encryption for all data transmission

PCI-DSS

Payment card industry security standard

3D Secure

Additional authentication for online payments

KVKK

Turkish personal data protection compliance

3

Payment Security

💳

Your card details are never stored on our servers

All payments on idin.com.tr are processed through PCI-DSS compliant payment infrastructure. Your credit or debit card details are not recorded in our systems under any circumstances — payment data is handled directly and exclusively by the authorised payment provider.

PCI-DSS Compliant 3D Secure Active No Card Data Stored All Cards Accepted Instalment Plans

International Buyers: Payments from buyers worldwide are accepted through global card networks. All international transactions are protected by the same security protocols and standards as domestic payments.

4

Cookie Usage

idin.com.tr uses cookies across three categories as a result of its OpenCart v4 infrastructure and integrated services:

  • Essential Cookies: Required for session management, cart functionality and security validation. These cannot be disabled without affecting core site functionality.
  • Analytics Cookies (Google Analytics): Used to collect anonymous site usage statistics and improve the quality of our service. Data is transmitted to Google's servers under Standard Contractual Clauses.
  • Marketing Cookies (Meta/Facebook Pixel): Used for personalised advertising and remarketing. Data is transmitted to Meta's servers under Standard Contractual Clauses.

Analytics and marketing cookies can be managed from your browser settings. For full details on cookie categories, retention periods and how to manage them, please see our Privacy Policy (KVKK Disclosure) page.

5

Third-Party Services

We work with trusted third-party providers to deliver our services. Each provider processes only the minimum data necessary for their specific role:

  • Carrier Companies (Aras, Sürat, DHL, FedEx, UPS) — Name, address and contact details for delivery fulfilment
  • Payment Providers — Processing of payment transactions in a secure and compliant manner
  • Google Analytics — Anonymous site traffic analysis (US servers, Standard Contractual Clauses)
  • Meta / Facebook Pixel — Ad targeting and conversion tracking (US servers, Standard Contractual Clauses)
  • Financial Advisors — Invoice and tax data for accounting and statutory reporting

Important: No third-party provider is permitted to use your personal data for their own commercial purposes or share it with other parties. All data transfer safeguards are governed under Articles 8 and 9 of KVKK.

6

Account Security

We recommend the following steps to keep your account secure:

🔑

Use a Strong Password

Choose a password of at least 8 characters combining uppercase, lowercase, numbers and special characters. Don't reuse the same password across multiple sites.

🚫

Never Share Your Credentials

Do not share your password or account details with anyone under any circumstances. idin.com.tr staff will never ask for your password.

📧

Watch Out for Phishing

Be cautious of suspicious emails claiming to be from idin.com.tr. All official communication comes exclusively from @idin.com.tr addresses.

🔓

Sign Out on Shared Devices

Always log out of your account after shopping on a shared or public computer.

Suspicious Activity: If you notice any unauthorised activity on your account, contact us immediately at info@idin.com.tr. Our team will respond without delay.

7

What Happens in a Data Breach?

Should a situation arise that threatens the security of your personal data, the following steps are taken without exception:

  • Our technical team responds immediately upon detection — the breach is contained and the vulnerability is closed.
  • The Personal Data Protection Authority (KVKK Board) is notified within 72 hours as required under KVKK Article 12.
  • Affected users are informed by email, clearly explaining what happened, what data was involved and what steps have been taken.
  • The scope and impact of the breach are communicated transparently — no information is withheld from affected parties.

This procedure is designed in accordance with KVKK Article 12 and is aligned with international data breach notification standards (consistent with GDPR Articles 33–34 principles).

8

Policy Updates

idin.com.tr may update this policy in response to changes in legislation, technology or the services we provide. Users will be notified by email in the event of significant changes.

The current version of this policy is always published on idin.com.tr. The date of last update is displayed at the top of the page. Continued use of the site following an update constitutes acceptance of the revised policy.

9

Your Legal Rights — Privacy Notice

This page covers idin.com.tr's security practices and privacy commitments. For detailed information about your legal rights in relation to your personal data — including your rights to access, rectify, erase and object — as well as the legal basis for data transfers and how to submit a request, please refer to our Privacy Policy (KVKK Disclosure) page.

Your Rights Under Data Protection Law

Access, correct, delete or object to the processing of your personal data.

Privacy Policy (KVKK) →
İDİN BİJUTERİ İTHALAT İHRACAT SANAYİ VE TİCARET LİMİTED ŞİRKETİ

Rüstem Paşa Mah. Sabuncuhan Cad. Atmaca İş Merkezi Kat:1 No:23/18 Eminönü – Fatih / Istanbul, Turkey — info@idin.com.tr — idin.com.tr

Document StatusIn Force

Your privacy matters to us.

We're always here for any question about security or how we handle your data.

✉️ info@idin.com.tr Back to Homepage