top of page

 

Privacy Policy

1. Introduction and Scope

This Privacy Policy explains how Shamanic Architecture ("we", "us", "our"), operator of shamanicarchitecture.co ("the Site"), collects, uses, stores, and protects your personal data. This policy covers our obligations under Turkey's Personal Data Protection Law No. 6698 (KVKK), the EU General Data Protection Regulation (GDPR – Regulation (EU) 2016/679), and applicable US privacy laws including the California Consumer Privacy Act (CCPA).
By continuing to use the Site, you acknowledge that you have read, understood, and agree to this Privacy Policy.
 

2. Data Controller

Shamanic Architecture, operating at shamanicarchitecture.co, is the data controller for your personal data.
Contact: joy@shamanicarchitecture.co


3. Personal Data We Collect

3.1 Data You Provide Directly

We may collect the following personal data directly from you:
• Full name
• Email address
• Date and time of birth (for generating Human Design charts)
• Place of birth / city (for generating Human Design charts)
• Messages submitted through contact forms
• Payment and billing information


3.2 Data Collected Automatically

When you visit our Site, we may automatically collect:
• IP address and approximate geographic location (city/country level)
• Browser type and version
• Operating system
• Date and time of visit
• Pages viewed and time spent
• Data collected via cookies and similar tracking technologies


4. Cookies and Tracking Technologies

4.1 What Are Cookies?

Cookies are small text files placed on your device by your browser when you visit our Site. We use cookies to make the Site more functional, perform analytics, and deliver a better experience.


4.2 Types of Cookies We Use

• Strictly Necessary Cookies: Required for the Site to function properly. These cannot be disabled.
• Analytics / Performance Cookies: Collect statistical data such as visitor numbers and popular pages (e.g., Google Analytics). Data is processed in anonymised or pseudonymised form.
• Functionality Cookies: Remember your preferences, such as language settings.
• Targeting / Marketing Cookies: Only activated with your explicit consent.


4.3 Cookie Management

You can refuse or delete cookies through your browser settings. Disabling strictly necessary cookies may prevent certain Site features from working. You can also update your preferences via the cookie consent manager on our Site.
For users in the EU/EEA: Analytics and marketing cookies are only activated after we have obtained your explicit consent.


5. Purposes and Legal Bases for Processing

5.1 Purposes

• Preparing Human Design charts and personalised analyses
• Providing consultation and communication regarding our services
• Processing payments
• Complying with legal obligations
• Maintaining Site security and functionality
• Statistical analysis and Site improvement


5.2 Legal Bases under GDPR (Article 6)

• Performance of a contract (Art. 6(1)(b)): Processing necessary to deliver the service you requested.
• Consent (Art. 6(1)(a)): Marketing communications and analytics cookies are processed on the basis of your explicit consent.
• Legitimate interests (Art. 6(1)(f)): Site security and fraud prevention.
• Legal obligation (Art. 6(1)(c)): Tax records and other statutory requirements.
For users in Turkey: Your data is processed in accordance with the legal bases specified in Articles 5 and 6 of the KVKK.
 

6. Data Retention and Deletion

Your personal data is retained only for as long as necessary for the purposes for which it was collected:
• Service data: For the duration of the service relationship and as required by law thereafter (e.g., 10 years for commercial records under Turkish law).
• Analytics data: Anonymised data may be retained indefinitely; identifiable analytics records for a maximum of 26 months.
• Cookie data: Deleted at the end of the session or at the defined expiry, depending on cookie type.
• Payment data: Card details are not stored on our systems; payment processing is handled by our PCI-DSS compliant payment provider.


7. Sharing of Data with Third Parties

We may share your personal data in the following circumstances:
• Payment processors (e.g., Stripe, iyzico): To process payments securely.
• Analytics service providers (e.g., Google Analytics): To analyse Site usage.
• Email / communication services: To send notifications and responses.
• Legal authorities: Where required by law or court order.
We do not sell your personal data to third parties, nor do we permit third parties to use your data for their own independent commercial purposes.

 

8. International Data Transfers

Your data may be transferred to countries outside Turkey or the European Economic Area (EEA). Where this occurs, we apply appropriate safeguards as required by GDPR Chapter V, such as Standard Contractual Clauses or an adequacy decision. International data transfers from Turkey are carried out in accordance with Article 9 of the KVKK.
 

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction, including SSL/TLS encryption, secure server infrastructure, and access controls. However, no data transmission over the internet can be guaranteed as completely secure.
 

10. Your Rights

10.1 Rights under KVKK (Turkey)

Under Article 11 of the KVKK, you have the right to:
• Learn whether your personal data has been processed
• Request information if it has
• Learn the purpose of processing and whether it is used accordingly
• Know third parties to whom data has been transferred
• Request correction of incomplete or inaccurate data
• Request deletion or destruction
• Object to processing
• Claim compensation for damages


10.2 Rights under GDPR (EU/EEA)

• Right of access (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure / right to be forgotten (Art. 17)
• Right to restriction of processing (Art. 18)
• Right to data portability (Art. 20)
• Right to object (Art. 21)
• Rights related to automated decision-making (Art. 22)
• Right to lodge a complaint with a supervisory authority


10.3 Rights under CCPA (California, USA)

California consumers have the right to:
• Know what personal information is collected about you
• Request deletion of your personal information
• Opt out of the sale of personal information (we do not sell your data)
• Not be discriminated against for exercising your rights
To exercise any of these rights, please contact us at: joy@shamanicarchitecture.co


11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have done so, we will promptly delete the relevant data.


12. Changes to This Policy

We may update this Privacy Policy from time to time. In the event of significant changes, we will post a notice on the Site and/or send notification by email. The most current version will always be available on the Site.


13. Contact

For questions regarding this policy or your personal data:
Email: joy@shamanicarchitecture.co
Web: shamanicarchitecture.co
 
 

shamanicarchitecture.co — All rights reserved.

Last Updated: May 13, 2026

bottom of page