Version: 2.0
Effective Date: 01/01/2026
Last Updated: 01/01/2026
This Privacy Policy explains how Coast Guide TR ("we," "us," "our") collects, uses, stores, and protects your personal data when you use our website and services at https://www.coastguidetr.com.
We are committed to protecting your privacy and personal data in accordance with:
Coast Guide TR
Website: https://www.coastguidetr.com
Email: contact [at] coastguidetr [dot] com
Privacy Contact: privacy [at] coastguidetr [dot] com
For KVKK purposes, Coast Guide TR acts as the Data Controller (Veri Sorumlusu) for all personal data collected through this platform.
This Privacy Policy applies to all visitors to https://www.coastguidetr.com, users of our platform features and services, subscribers to newsletters or communications, registered account holders (if applicable), and anyone whose personal data we process.
We collect various types of personal data to provide and improve our services.
Contact Information: Name and surname, email address, phone number (if provided), mailing address (if provided), account credentials (username, password if registration enabled).
Maritime Information (Voluntary): Vessel name and type, sailing experience level, preferred sailing areas, marina preferences, saved locations and routes, comments and contributions.
Communication Data: Messages sent through contact forms, customer support inquiries, feedback and survey responses, newsletter preferences.
Technical Data: IP addresses (full IPv4 and IPv6 addresses), device identifiers and fingerprints, browser type, version, and language settings, operating system and device information, screen resolution and display settings, referrer URLs.
Usage Data: Pages visited and content viewed, date and time of access, session duration and frequency, search queries on our platform, click patterns and navigation paths, features used and interactions, download and upload activities.
Location Data: Country and region (derived from IP address), city-level location (approximate), time zone, language preferences.
Security & Log Data: Access timestamps, HTTP methods and status codes, user agent strings, request and response headers, failed login attempts, suspicious activity patterns, security event logs.
Under GDPR Article 6 and KVKK Article 5, we process your personal data based on legitimate interest, legal obligation, consent, and contract performance.
Platform Security: Protecting against fraud, abuse, hacking, and cyber attacks. IP Address Storage: Essential for threat detection, rate limiting, and security monitoring. Service Improvement: Analytics to enhance user experience and platform performance.
Turkish Commercial Code: Retention of business records (up to 10 years). Cybersecurity Laws: Maintenance of security logs and access records. Tax and Accounting Laws: Financial transaction records. Law Enforcement Cooperation: Compliance with valid legal requests.
Non-essential cookies (analytics, advertising, functionality). Marketing communications and newsletters. International data transfers (acknowledged upon first use). Optional features requiring additional data processing.
We use your personal data for service delivery, security and fraud prevention, platform improvement, content enhancement, communication, legal compliance, and advertising.
Display navigational information and maritime resources. Deliver weather data via Google Weather API. Provide interactive maps through Garmin Navionics. Enable saved locations and user preferences. Facilitate search functionality. Stream video content via YouTube.
Real-time threat detection: Identifying malicious traffic patterns. Intrusion prevention: Blocking unauthorized access attempts. DDoS protection: Mitigating distributed denial-of-service attacks. Fraud detection: Identifying suspicious behavior and fraudulent activities. Rate limiting: Preventing abuse and ensuring fair resource allocation.
Information about how and where we store your data.
Amazon Web Services (AWS): Coast Guide TR is hosted on AWS cloud infrastructure, utilizing secure and reliable services designed for high availability and performance, enterprise-grade security, scalability and redundancy, disaster recovery capabilities.
AWS Compliance: GDPR-compliant Data Processing Agreement (DPA), ISO 27001, ISO 27017, ISO 27018 certifications, SOC 1, SOC 2, SOC 3 reports, regular security audits and compliance assessments.
Primary Storage: European Economic Area (EEA) - Your data is primarily stored in AWS data centers located within the EEA (typically EU regions). This ensures compliance with GDPR data localization preferences.
Secondary/Backup Storage: Other AWS Regions - For operational purposes including disaster recovery, redundancy, and service optimization, select data may be stored in other AWS regions, including the United States. All such transfers are protected by appropriate safeguards.
We retain personal data only as long as necessary for stated purposes and legal obligations.
Data retention periods vary by type and legal requirements.
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| IP Addresses (active security logs) | 12 months | Legitimate interest (security monitoring) |
| IP Addresses (compliance records) | Up to 10 years | Legal obligation (Turkish Commercial Code) |
| Account data (active users) | Duration of use + 3 years | Contract performance + statute of limitations |
| Account data (inactive) | 3 years after last activity, then deleted | Legitimate interest |
| Strictly necessary cookies | Session to 12 months | Legitimate interest |
| Analytics cookies | Up to 26 months | Consent |
| Advertising cookies | Up to 24 months | Consent |
| Google Analytics data | 26 months (default setting) | Consent |
| Customer support records | 5 years | Legal obligation + legitimate interest |
| Financial records | 10 years | Legal obligation (tax, accounting laws) |
| Legal dispute records | Duration of dispute + statute of limitations | Legal claims |
| Marketing consent records | Until consent withdrawn + 3 years | Compliance documentation |
| Anonymized/aggregated data | Indefinite | Not personal data (GDPR does not apply) |
| Backup data | 30-90 days (rolling backups) | Legitimate interest (disaster recovery) |
We share your data only with trusted service providers necessary for platform operation.
Role: Data Processor (hosting and infrastructure)
Services: Cloud hosting, data storage, backup and disaster recovery, CDN, security services.
Data shared: All platform data including personal information, IP addresses, logs.
Location: Primary EEA, backup in other AWS regions including US.
Protection: GDPR-compliant DPA, EU SCCs, ISO certifications.
Role: Data Processor (analytics, advertising, weather, video)
Services: Google AdSense, Analytics, Weather API, YouTube embedding.
Data shared: IP addresses (anonymized where possible), browsing behavior, device info.
Location: United States with global infrastructure.
Protection: GDPR-compliant terms, EU-U.S. Data Privacy Framework.
Coast Guide TR employs artificial intelligence and machine learning for security, fraud detection, platform optimization, content enhancement, and personalization.
Security & Fraud Detection: Threat analysis, anomaly detection, automated blocking, fraud prevention, spam filtering, bot detection.
Platform Optimization: Usage analytics, performance tuning, feature recommendations, search improvement, A/B testing.
Content Enhancement: Translation, optimization, summarization, tagging, quality assurance.
Critical content is human-verified: Maritime and navigational information authored by experienced sailors, editorial team reviews AI-enhanced content, safety-critical data verified by maritime professionals.
Human review available: You can request human review of automated decisions, contest AI-driven outcomes, appeal security-related blocks.
You have comprehensive rights regarding your personal data under GDPR and KVKK.
You can request confirmation of data processing, obtain copies of your data, and receive information about our processing activities. Email privacy [at] coastguidetr [dot] com with 'Data Access Request'.
You can correct inaccurate data, complete incomplete data, and update outdated information. Email privacy [at] coastguidetr [dot] com with 'Data Correction Request'.
You can request deletion when data is no longer necessary, you withdraw consent, or object to processing. Email privacy [at] coastguidetr [dot] com with 'Data Deletion Request'. Some data may be retained for legal obligations.
You can restrict processing when you contest accuracy of data, processing is unlawful but you oppose erasure, we no longer need data but you need it for legal claims, or you object to processing.
You can receive your data in machine-readable format and transmit it to another service. Email privacy [at] coastguidetr [dot] com with 'Data Portability Request'.
You can object to processing based on legitimate interests or direct marketing. Email privacy [at] coastguidetr [dot] com with 'Objection to Processing'. Note: Objecting to essential security processing may prevent platform use.
You can withdraw consent for non-essential cookies, marketing communications, and optional features. Use Cookie Settings in footer or email privacy [at] coastguidetr [dot] com with 'Withdraw Consent'.
You can complain to data protection authorities. Turkey - KVKK: https://www.kvkk.gov.tr EU - Your National DPA: https://edpb.europa.eu/about-edpb/board/members_en
Coast Guide TR is not intended for children under 16 years (GDPR) or 18 years (KVKK). We do not knowingly collect personal data from minors. If we discover data from minors, we will promptly delete such information.
In the event of a data breach affecting personal data, we will notify relevant supervisory authorities within 72 hours (GDPR) and affected individuals without undue delay if the breach is likely to result in high risk to rights and freedoms.
We may update this Privacy Policy to reflect changes in laws, new features, enhanced security measures, or business changes. Material changes will be notified 30 days in advance via email and prominent website notification.
Coast Guide TR currently operates primarily serving Turkish coastal sailors, hosted in European Economic Area, subject to Turkish and EU law. We plan to establish business entities in additional jurisdictions, including the United Kingdom, to better serve the international sailing community.
How to contact us regarding privacy matters.
Email: privacy [at] coastguidetr [dot] com
Website: https://www.coastguidetr.com
Response time: Within 5 business days (acknowledgment), 30 days (full response)
Email privacy [at] coastguidetr [dot] com with appropriate subject line:
- 'Data Access Request' (Right of Access)
- 'Data Correction Request' (Rectification)
- 'Data Deletion Request' (Erasure)
- 'Restriction Request' (Restriction of Processing)
- 'Data Portability Request' (Portability)
- 'Objection to Processing' (Object)
- 'Withdraw Consent' (Consent Withdrawal)
Include: Full name, contact information, Turkish ID/passport number, clear description of request, proof of identity.
For security vulnerabilities or incidents:
Email: security [at] coastguidetr [dot] com
Subject: 'Security Vulnerability Report' or 'Security Incident'
We appreciate responsible disclosure and will work with security researchers to address issues promptly.
BY USING COAST GUIDE TR, YOU ACKNOWLEDGE AND CONSENT TO the collection, use, storage, and processing of your personal data as described in this Privacy Policy, use of cookies and similar technologies, IP address collection and storage for security and legal compliance, international data transfers with appropriate safeguards, data storage primarily in Europe with backup in other regions, sharing data with third-party processors, automated processing including AI/ML for security and improvement.
We collect and store IP addresses as a fundamental requirement for security, legal compliance, and platform integrity.
Security & Protection: Detecting and preventing cyber attacks, identifying fraudulent activity, protecting against unauthorized access, investigating security incidents, rate limiting and abuse prevention.
Legal Compliance: Turkish Commercial Code record-keeping requirements, cybersecurity law obligations, law enforcement cooperation when legally required, regulatory compliance.
Legal Basis: Legitimate Interest (platform and user security), Legal Obligation (statutory retention requirements).
Retention: 12 months (active security monitoring), up to 10 years (compliance records - Turkish Commercial Code).
Your Rights: You can request access to your IP address logs, deletion requests subject to security and legal exceptions, objection to IP logging may prevent platform use (security essential).
This processing cannot be disabled as it is: Essential for platform security, legally required for record-keeping, necessary to protect all users, foundation of our cybersecurity measures.
For more details, see Section 3.2 (Data Collection) and Section 5.2 (Security Use).
Email addresses in this document are displayed in [at] and [dot] format for bot and spam protection. Use @ and . characters when using the actual email addresses.
BY USING COAST GUIDE TR, YOU ACKNOWLEDGE AND CONSENT TO the collection, use, storage, and processing of your personal data as described in this Privacy Policy.
Coast Guide TR Privacy Policy
Version 2.0 | Effective Date: 01/01/2026
© 2026 Coast Guide TR. All rights reserved.
This Privacy Policy is provided in English and Turkish. Both versions are equally authoritative.