AIM ENGINEERING

Data Protection & Privacy Statement

Effective date: 05 October 2025
Controller: AIM MÜHENDİSLİK SAN. VE TİC. LTD. ŞTİ.
Registered address: Cumhuriyet Mah. Fatih Sultan Mehmet Bul. Cadde 224 Sitesi A Blok No: 41A/A, 16140 Nilüfer, Bursa, Türkiye
Contact: [email protected]
Data Protection Officer: Not appointed

1) Scope

This Statement describes how AIM MÜHENDİSLİK SAN. VE TİC. LTD. ŞTİ. (“AIM”) collects, uses, shares, and protects personal data in connection with its websites, products, and services (the “Services”). It applies to website visitors, customers, suppliers, and other business contacts.

2) Categories of Data Collected

  • Identification & contact: name, title, company, email, phone, postal location.
  • Business & transaction: organization details, correspondence, proposals, orders, invoices.
  • Technical & usage: IP address, device/browser data, pages viewed, timestamps, referral URLs, cookie IDs.
  • Preferences: consent choices and communication settings.

Sources include the individual (forms, emails, calls), automated collection (cookies/analytics), and third parties (service providers or publicly available sources).

3) Purposes & Legal Bases

AIM processes personal data for the following purposes under GDPR Art. 6(1)(a–f):

  • Website operation & security (legitimate interests).
  • Handling enquiries & proposals (legitimate interests or steps prior to a contract).
  • Contract performance & customer administration (performance of a contract).
  • Supplier & partner management (legitimate interests / contract).

    Invoicing, accounting & compliance (legal obligation).

  • Service improvement & analytics (legitimate interests; optional cookies only with consent).

  • B2B marketing (legitimate interests where locally permitted, with opt-out) or consent.

    Where consent is used, it is freely given, specific, informed, and can be withdrawn at any time via the site’s preference tools.

4) Cookies & Similar Technologies

AIM uses:

  • Strictly necessary cookies (essential for site operation; no consent required).

  • Optional cookies (e.g., analytics/performance), set only with prior consent.

    Manage preferences anytime via Cookie Settings: /cookie-settings. For details (types, providers, durations), see the Cookie Policy: /cookies.

5) Recipients & Disclosures

Personal data may be shared, on a need-to-know basis, with:

  • Service providers / processors (hosting, analytics, CRM, email delivery, security, payment).

  • Professional advisers (legal, audit, finance).

  • Public authorities where required by law.

    All processors are bound by contractual data-protection obligations.

6) International Transfers

Where data is transferred outside the EU/EEA or Türkiye (e.g., to infrastructure or SaaS providers), AIM implements appropriate safeguards such as EU Standard Contractual Clauses (SCCs) or relies on adequacy decisions. Copies of relevant safeguards are available upon request at [email protected] 

7) Retention

Data is kept only as long as necessary for the above purposes, then for the period required by law or to establish, exercise, or defend legal claims. Typical periods:

  • Contract and invoicing records: 10 years after the end of the relationship (subject to local law).

  • Enquiry correspondence: 24 months after last interaction.

  • Marketing data: until consent is withdrawn or an opt-out request is received.

  • Technical logs: 6 months, unless needed for security/legal purposes.

8) Data Subjects’ Rights

Under GDPR (and Türkiye KVKK, where applicable), individuals have the right to access, rectification, erasure, restriction, objection, and data portability, and the right to withdraw consent at any time (without affecting prior processing).
Requests can be submitted to [email protected] 

Individuals may also lodge a complaint with their local EU supervisory authority or with the Kişisel Verileri Koruma Kurumu (KVKK) in Türkiye.

9) Automated Decision-Making / Profiling

AIM does not perform automated decisions producing legal or similarly significant effects without human involvement. If such activities are introduced, AIM will provide prior information on the logic involved, significance, and consequences, and applicable rights will apply.

10) Security

AIM applies technical and organizational measures appropriate to risk, including access controls, role-based permissions, encryption in transit (and at rest where applicable), network monitoring, staff confidentiality undertakings, and supplier due diligence. Residual risk is managed through layered controls and periodic review.

11) Children’s Data

The Services are not directed to children under 16. If AIM becomes aware that it has collected such data without appropriate consent, it will delete it promptly.

12) Changes to this Statement

This Statement may be updated to reflect changes in practices or legal requirements. The Effective date above shows when the latest version took effect. Material changes will be communicated on the website and, where appropriate, by direct notice.

13) Contact

Questions or requests regarding this Statement or data protection can be directed to:
Email: [email protected]
Postal: AIM MÜHENDİSLİK SAN. VE TİC. LTD. ŞTİ., Cumhuriyet Mah. Fatih Sultan Mehmet Bul. Cadde 224 Sitesi A Blok No: 41A/A, 16140 Nilüfer, Bursa, Türkiye
Tel: +90 545 592 1544