Privacy Policy (KVKK / GDPR)

Vestora Labs (“we”, “us”) acts as the data controller for personal data processed through this website.

If you have questions or requests, contact research@vestoralabs.com.

We collect only the minimum data needed to respond to institutional briefing requests and website communications.

• • Identification and contact data: name, email.
• • Professional context: institution, role, interest area.
• • Message content you submit via forms or email.
• • Basic technical data: IP address, device and browser metadata.

We do not intentionally collect special category data (sensitive data). Please avoid sharing such data in form fields.

We process personal data for the following purposes:

• • Responding to briefing requests and communications.
• • Evaluating suitability of institutional collaboration requests.
• • Website security, abuse prevention, and technical operation.
• • Maintaining internal records of requests and responses.

Where applicable, processing is based on one or more of the following:

• • Your explicit request to be contacted (communication necessity).
• • Legitimate interests (security, service continuity, fraud prevention).
• • Compliance with legal obligations when required.

We may use essential cookies and basic analytics to maintain website functionality and understand aggregate usage.

We do not use analytics to identify individuals. If third-party tools are enabled in the future, we will update this policy.

We do not sell personal data. We may share data only when necessary for:

• • Technical service providers (hosting, email delivery) under confidentiality.
• • Legal compliance requests by competent authorities where required by law.

Access is restricted to authorized personnel with a need-to-know basis.

Website infrastructure or email services may involve processing outside your country. Where applicable, we apply reasonable safeguards consistent with relevant regulations.

We retain personal data only as long as needed for the purposes described above or as required by law.

Communication records are typically retained for a reasonable period to support follow-up and auditability.

We implement technical and organizational measures appropriate to the nature of the data, including access controls and operational security practices.

No internet system is 100% secure. We continuously improve controls as our research operations evolve.

Subject to applicable laws, you may request access, correction, deletion, restriction, or objection to processing.

To submit a request, contact research@vestoralabs.com. We may ask you to verify identity before processing certain requests.

We may update this policy as our website and research operations evolve. The effective date above will be updated accordingly.