1. Home
  2. Protection of Personal Data

Protection of Personal Data

Who are we?

You must specify your site address, as well as the name of the company, organization or person behind it, and some correct contact information in this section.

The amount of information you may need to show will change depending on local or national employment laws. For example, you may need to show a physical address, registration address, or company registration number.

Which personal information do we collect and for what purpose?

You should note the personal data that you collect from users and site visitors in this section. This may include personal data such as name, email address, personal account preferences, transactional data such as purchase information, and technical data such as information about cookies.

In addition, you should specify the the collection and storage of sensitive personal data, such as health-related data.

As well as to listing what personal data you collect, you must specify why you collect. These statements must specify either the legal basis or the active consent of the user for data collection and storage.

Personal data is not created simply by a user’s interaction with your site. Personal data is also created from technical processes such as contact forms, comments, cookies, analytics and third-party embedded content.

Ayata Metal does not collect any personal information about visitors by default and only collects data displayed on the User Profile screen by registered users. However, some of your plugins may collect personal data. You should add the relevant information below.


In this subsection you should note what information was captured through comments. We noted the data that Ayata Metal collects by default.


In this subsection, you should note what information may be disclosed by users who can upload media files. All uploaded files are generally public.

Contact forms

Ayata Metal does not include a contact form by default. If you are using a contact form plugin, use this subsection to note what personal data you receive and for how long when someone submits a form. For example, you may indicate that you retain contact form submissions for a certain period of time for customer service purposes, but do not use the information submitted for marketing purposes.


In this subsection you should list the cookies your website uses, including those saved by your plugins, social media and analytics. We have provided the cookies that Ayata Metal installs by default.


In this subsection, you should note which analytics suite you are using, how users can disable analytics tracking, and a link to your analytics provider’s privacy policy, if applicable.

By default Ayata Metal does not collect any analytics data. But many web hosting accounts collect some anonymous analytics data. You may also have installed a WordPress plugin that provides analytics services. In that case, add information from this plugin here.

Who we share your data with?

In this section, you must name and list all third-party providers with whom you share site data, including partners, cloud-based services, payment agents, and third-party service providers, and specify what data you are sharing and why. If possible, also provide a link to their privacy policy.

Ayata Metal does not share your personal information with anyone by default.

How long do we keep your data?

You should describe how long you keep the personal data collected or processed by the website in this section. While it is your responsibility to show a chart of how long and why you retain each dataset, this information should be listed here. For example, you might want to say that you keep your contact form entries for six months, analytics records for one year, and customer purchase records for ten years.

What are your rights over your data?

You should explain the rights of your users over their data and how they can apply for these rights in this section.

Where do we send your data?

You should list all transfers of your site data outside the European Union and describe the means by which this data is protected according to European data protection standards in this section. This may include web hosting, cloud storage, or other third-party services.

European data protection law requires that data about European residents transferred outside of European countries be protected according to the same standards as in Europe. Therefore, in addition to listing where the data is going, you must describe how these standards are met by yourself or by third-party providers, whether by an agreement such as a privacy shield, model clauses in your contracts, or binding corporate rules.

Contact information

You should provide a method of contact for privacy concerns in this section. If you need to retain a data protection officer, specify their name and full contact details here as well.

Additional information

If you use your site for commercial purposes and provide a more complex collection or processing of personal data, you should include the following information in your privacy policy in addition to the information we have discussed.

How do we protect your data?

You should describe what measures you have taken to protect your user’s data in this section. This may include technical measures such as encryption, security measures such as two-step authentication, and measures such as personnel training on data protection. If you have done a privacy impact assessment, you can also specify it here.

Which data breach procedures do we have?

You should describe what procedures you have in place to deal with potential or actual data breaches, such as internal reporting systems, communication mechanisms, or error notifications in this section.

From which third parties do we receive data?

If your website receives data about users from third parties, including advertisers, this information should be included in the privacy statement for third-party data.

What kind of automated decision making and/or profiling do we do with user data?

If your website includes a service that includes automated decision making, for example allowing customers to apply for credit or collect their data in an advertising profile, you should include information about how this information is used, you should inform what decisions are made with the data collected and what rights users have over those decisions without human intervention .

Public disclosure obligation of the Ministry of Industry

If you are a member of a regulated industry or subject to additional privacy laws, you may be asked to disclose this information here.