GDPR Compliance Notice
Last updated: 19 June 2026
1. Data controller
BMOS Bilisim A.S. acts as the Data Controller for account data and as a Data Processor for campaign data you upload.
- EU representative (Art. 27 GDPR): rep@bmos.com.tr
- Data Protection Officer: dpo@bmos.com.tr
2. Lawful basis for processing
- Contract (Art. 6(1)(b)): service delivery, billing.
- Legal obligation (Art. 6(1)(c)): tax records, log retention.
- Legitimate interest (Art. 6(1)(f)): fraud prevention, security.
- Consent (Art. 6(1)(a)): marketing newsletters (opt-in).
3. International transfers
Standard Contractual Clauses (2021) are in place with every sub-processor.
- Stripe (Ireland, USA): payment processing
- AWS SES (Ireland, USA): email dispatch
- Supabase (USA): hosting infrastructure
4. Your rights (Art. 15-22 GDPR)
Send your request to privacy@bmos.com.tr. We respond within 30 days.
5. DPA (Data Processing Agreement)
Self-service DPA request
Enterprise müşteriler imzalı DPA talep edebilir. İsteğinizi e-posta ile iletin; belge 7 gün içinde paylaşılır.
Request DPA via email