Privacy & Cookie Policy

Last Updated: January 15, 2026

1. Introduction

r.a.f. studio ("we," "us," or "our") provides architectural and design services. This policy outlines how we collect, use, and protect your personal data in compliance with the Law on the Protection of Personal Data (KVKK) in Turkey and the General Data Protection Regulation (GDPR) for our European and international visitors.

Data Controller:

r.a.f. Studio
Address: Göztepe, Taşmektep Sokağı No:29/K, 34730 Kadıköy/İstanbul
Email: info@rafstudio.co

2. Information We Collect

We collect the following types of personal data:

A. Information You Provide

When you contact us via our "Get in touch" form or email:

Identity Data: Your name and surname
Contact Data: Your email address and phone number
Project Details: Information you provide regarding your design inquiry

Legal Basis: Your consent and our legitimate interest in responding to inquiries.

B. Information Collected Automatically

Technical Data: IP addresses (anonymized), browser types, device information, pages visited, and time spent on pages
Analytics Data: Collected through Google Analytics and Google Search Console

Legal Basis: Our legitimate interest in improving website performance and user experience.

3. Use of Google Analytics and Search Console

We use Google Analytics and Google Search Console to understand how visitors interact with our website and improve our portfolio experience.

Data Collected: Page views, session duration, traffic sources, device types, and geographic location (country/city level)
IP Anonymization: We have enabled IP anonymization to ensure your IP address is shortened before being stored
Purpose: To analyze website traffic, identify popular content, and optimize user experience
Retention: Analytics data is retained for 26 months

You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

4. Cookie Policy

We use cookies to enhance your browsing experience and analyze site performance.

Essential Cookies

Purpose: Necessary for website functionality and security
Duration: Session-based
Examples: Cookie consent preferences, session management

Analytical Cookies (Requires Consent)

Provider: Google Analytics
Purpose: Track visitor behavior, page views, and site performance
Duration: Up to 26 months Cookies: _ga, _ga_*, _gid

Cookie Management:

Cookie Management:

You can accept, reject, or customize your cookie preferences using the cookie banner that appears on your first visit. You can change your preferences at any time by clicking "Cookie Settings" in the footer or through your browser settings.

To disable cookies entirely, adjust your browser settings. Note that this may affect website functionality.

5. Data Storage, Retention, and International Transfers

Data Storage:

Contact form submissions are stored securely via Framer's infrastructure (servers located in the United States)
Email communications are stored in our email system

Data Retention:

Contact inquiries: Retained for 3 years or until you request deletion
Analytics data: Retained for 26 months (Google Analytics default)
Cookie data: Varies by cookie type (see Section 4)

International Data Transfers:

As we work with international clients and use service providers based outside Turkey and the EU, your data may be transferred to the United States (Framer, Google).

We ensure adequate protection through:

Standard Contractual Clauses approved by the European Commission
Service providers' compliance with applicable data protection regulations
Technical and organizational security measures

Third-Party Service Providers:

Framer (website hosting): https://www.framer.com/privacy
Google Analytics: https://policies.google.com/privacy
Google Search Console: https://policies.google.com/privacy

6. Your Rights

Under KVKK (Turkey) and GDPR (EU), you have the following rights:

Right to Access: Request information about what personal data we hold about you
Right to Rectification: Request correction of inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restriction: Request limitation of processing your data
Right to Data Portability: Receive your data in a structured, commonly used format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for data processing at any time (does not affect prior processing)

How to Exercise Your Rights:

Send a written request to info@rafstudio.co with:

Your full name
Contact information
Specific request (access, deletion, correction, etc.)
Proof of identity (for security purposes)

We will respond within 30 days of receiving your request.

Right to Complain:

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

Turkey: Personal Data Protection Authority (KVKK) - https://www.kvkk.gov.tr
EU: Your local Data Protection Authority

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

Secure socket layer (SSL) encryption for data transmission
Access controls and authentication
Regular security assessments
Secure data storage with our service providers

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Changes to This Policy

We may update this Privacy & Cookie Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

9. Contact

For any questions regarding this policy or your personal data, please contact us at: info@rafstudio.co