What does the Privacy Policy | eCoC Infrastructure page explain?

Read the privacy and data processing approach for the eCoC Infrastructure marketing site and contact flows.

How does this page relate to eCoC operations?

This page explains one operating layer of the wider vehicle compliance and eCoC architecture and clarifies its role in the topic cluster.

Who should use this page?

Manufacturers, homologation teams, compliance specialists and stakeholders working on regulatory operations can use this page as a focused entry point.

Which guides should be read together with this page?

The main eCoC guide, the vehicle compliance authority page, the knowledge hub and the relevant blog category pages should be read together.

What should a reader do next?

Move into the connected pillar articles, the knowledge hub and, when needed, the contact flow for rollout or implementation planning.

Privacy

Privacy Policy

Privacy and personal data processing framework for public eCoC Infrastructure pages and contact flows.

Effective date: February 26, 2026

1. Data controller

For this public marketing layer, data controller identity is operated under eCoC Infrastructure.

For all privacy requests and questions: info@ecoc.tr

2. Categories of processed data

We process limited personal and business information submitted through public contact forms and technical browsing metadata required for service operation.

Identity and contact details (name, corporate email, company)
Inquiry context (message content, business scope)
Operational metadata (request timestamps, technical logs, security events)
Basic cookie-based preferences required for language/session continuity

3. Legal basis (GDPR Art. 6 and KVKK Art. 5/6)

Processing is based on legitimate interest for secure operation and communication continuity, and on pre-contractual steps when you request service information.

Where required, processing may rely on explicit consent and legal obligations under applicable legislation.

4. Retention policy

Personal data is retained only for the period necessary to respond to inquiries, meet legal obligations and maintain auditable security records.

Data retention periods are reviewed periodically and records are deleted or anonymized when no longer required.

5. Data subject rights

Subject to applicable law, data subjects may request access, correction, deletion, restriction, objection and data portability rights.

Requests can be submitted to info@ecoc.tr. Verification may be required before fulfillment.

6. Cross-border transfers

Cross-border transfers, if any, are handled with appropriate safeguards such as contractual controls and transfer impact assessment in line with GDPR and KVKK requirements.

7. Cookies

This site uses limited cookies and similar technologies for language preference continuity, performance diagnostics and security controls.

No cookie banner logic is modified by this policy page.

8. Security safeguards

We apply risk-based technical and organizational safeguards including access control, security logging, transport-level protections and incident response procedures.

No statement on this page should be interpreted as a certification claim unless explicitly stated in a signed legal document.

9. Policy updates

This policy may be updated to reflect operational, legal or regulatory changes. Updated versions are published on this page with a revised effective date.

Related policy pages

Review legal and operational commitments around public data handling.

Terms

Service scope, platform limitations and liability framework for public pages.

Data Processing Commitment

GDPR Art. 28 aligned summary of controller-processor responsibilities.

Security Policy

Enterprise security posture summary for access control and traceability.