Cookie policy

Cookie policy

Last updated: 2026-07-10

The honest summary is short: this site writes a single cookie to your device — not to track you, but to route you to the correct regional site version when you arrive at our homepage. We use no advertising, profiling or social-media tracking cookies. Our visitor statistics are cookieless. The bot verification protecting our forms (Cloudflare Turnstile) runs only at form submission and leaves no cookies on chemotto.com.

1. Data controller

Chemotto Kimya Ltd. Şti. Atatürk Mah. Gülnihal Sk. My Towerland No: 3377-3C Daire: 95, 34758 Ataşehir/İstanbul, Türkiye Email: info@chemotto.com

“ChemOtto” in this policy refers to Chemotto Kimya Ltd. Şti.

| Name | Provider | Purpose | Type | Duration | Security attributes | | --- | --- | --- | --- | --- | --- | | region | ChemOtto | Routing you to the correct regional site version when you arrive at the main domain (a routing record) | Strictly necessary (functional) | 12 months — renewed on each homepage visit | HttpOnly (unreadable by scripts), Secure (HTTPS only), SameSite=Lax |

The region cookie is set automatically during regional routing when you arrive at the main domain (chemotto.com/); its value reflects the routing decision made at the edge (an existing cookie if present → IP country code → browser language) and does not change with your in-site language choice. Its duration is renewed on each homepage visit; the cookie is read only server-side. Visitors who land directly on an inner page (for example a product link) receive no cookie.

The cookie contains nothing but a short region code. Your name, email address, browsing history or any other information identifying you is not stored in it; it is not used for advertising, profiling or cross-site tracking.

Routing cookies of this kind — strictly necessary for delivering the requested service (the correct regional site version) and limited to that purpose — are treated under the Turkish Data Protection Authority’s cookie guidance as cookies that do not require explicit consent, and therefore no prior consent or cookie banner is required.

3. What we deliberately do not use

  • No analytics cookies. Our visitor statistics are collected cookielessly via Cloudflare Web Analytics: nothing is written to your device, no localStorage is used, no fingerprinting is performed; the data is aggregate and does not identify you individually.
  • No advertising, retargeting, behavioural-profiling or social-media tracking cookies — neither ours nor third parties’.
  • No local storage. The site stores nothing on your device other than the region cookie; Turnstile, which protects the forms, likewise leaves no cookies or local-storage records on chemotto.com.

The mere presence of an ordinary link to a social-media platform does not mean that platform sets cookies on our site unless you click the link.

4. Form security — Cloudflare Turnstile

The quote and contact forms are protected by Cloudflare Turnstile (a privacy-focused alternative to CAPTCHA), which loads only on those pages and runs only at form submission. Its purpose is to keep the forms secure by blocking automated bot submissions and abuse. Turnstile leaves no cookies on chemotto.com; during verification, Cloudflare momentarily processes technical signals such as your IP address, browser user agent and TLS connection characteristics to distinguish humans from bots. This processing falls under the information-security exemption in the applicable rules and involves no profiling.

The Cloudflare security layer protecting the site may, in exceptional unusual-traffic situations, set a temporary security cookie named cf_clearance; it falls under the strictly-necessary cookie exemption and is used solely to avoid repeating the security verification.

5. Managing cookies

You can view, delete or block cookies in your browser settings. The only consequence of deleting the region cookie is that the regional version is determined afresh on your next visit. If you block the verification scripts (challenges.cloudflare.com) in your browser, the quote and contact forms may fail to submit.

6. Processing abroad

Cloudflare, Inc. is a service provider established abroad; some technical data may be processed outside Türkiye in the course of Turnstile and Cloudflare’s security services. Cloudflare states that it acts as a data processor on behalf of the site operator in providing Turnstile, and as an independent controller for certain operations in which it improves Turnstile’s bot-detection capability. For details on the processing and cross-border transfer of personal data and your rights under the KVKK, see the personal data processing notice.

Because the current configuration uses no cookie or tracking technology requiring explicit consent, no cookie accept/reject banner is used. If an analytics, advertising or third-party tracking technology requiring explicit consent is introduced in the future, it will not run without user consent, and a cookie preference panel offering balanced accept/reject/preference options will be put in place.

8. Changes and contact

This policy is updated when the technologies used or the legal requirements change; the date of the current version is shown at the top. Questions: info@chemotto.com