OtoPulsOtoPuls

Privacy Policy

Last Updated: January 19, 2025

Data Controller: Melike Altın
Contact: otopuls@gmail.com
Website: https://otopuls.eznunc.com

1. General Information

This Privacy Policy explains how OtoPuls collects, uses, and protects user data in compliance with Turkish KVKK Law No. 6698 and international privacy standards.

2. Collected Data

OtoPuls allows users to access basic features without registration (guest mode). Users can browse mechanics and view details without creating an account. Registration is only required for account-based features such as adding reviews, likes, or making appointments.

  • Identity Information: Name, surname, email (required for registration), phone number (optional), address, city, district
  • Vehicle Information: Vehicle brand, model, year, fuel type
  • Professional Information: Specialty areas, service brands served, mechanic name, workshop name, working hours, website addresses
  • Media and Social: Profile photo, mechanic/workshop logo photo, social media accounts
  • Technical Data: Session tokens, authentication data, device information, IP address (for security and session management purposes)

3. Purpose of Data Collection

  • Creating and managing user profiles
  • Connecting car owners and service professionals
  • Improving communication and user experience

4. Data Storage and Security

All data is securely stored on Hetzner servers in Germany. The data transfer and storage comply with GDPR (General Data Protection Regulation) standards.

Security Measures:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure session-based authentication
  • Access controls and authentication mechanisms
  • Regular security updates and monitoring
  • Backup and recovery procedures
  • Server-level security measures by Hetzner

5. Data Sharing

Currently, personal data is not shared with third parties. If data sharing becomes necessary in the future (e.g., for service improvements, partnerships, or analytics), users will be notified through this Privacy Policy or within the application. Any future data sharing will only occur with explicit user consent as per KVKK Article 5/2 and GDPR requirements, or where legally required by law.

Users have the right to withdraw their consent for data sharing at any time by contacting us at otopuls@gmail.com.

6. User Rights

Users have the right to access, correct, delete, and request information regarding their personal data as per Article 11 of KVKK. Requests can be made to otopuls@gmail.com.

7. Data Retention

Personal data is retained as long as the user account is active. Upon account deletion, personal data is permanently removed from the system, except where legal retention obligations require data to be kept for a specific period (e.g., tax, accounting, or legal dispute requirements).

8. Children's Privacy

OtoPuls is intended only for users aged 18 and above.

9. Cookies and Technical Data

OtoPuls uses session-based authentication for secure user access. Technical data such as session tokens, authentication cookies, device information, and IP addresses are collected and processed solely for authentication, security, and service provision purposes. These technical data are essential for maintaining user sessions and ensuring platform security.

10. Technical Infrastructure

OtoPuls is developed using modern technologies including React Native, Expo framework, and TypeScript. The application is designed for both iOS and Android platforms through Expo's cross-platform development capabilities. All data processing and storage operations comply with GDPR standards.

11. User Consent

During user registration, users are required to explicitly consent to the following by checking the respective checkboxes:

  • Terms of Use Agreement
  • Privacy Policy
  • KVKK Disclosure Text

Users cannot complete registration without providing these consents. Consent can be withdrawn at any time by contacting us or deleting the account.

12. User Blocking and Content Filtering

OtoPuls allows users to control their own experience:

12.1. User Blocking

  • Users can block other users, and blocked users' content (comments, profiles) is automatically filtered
  • Blocking can be reversed (from profile settings)
  • Blocking actions are reported to our developer team for necessary review

12.2. Data Processing

  • Blocking information (blocking user, blocked user, date) is stored
  • This information is used solely for content filtering and security purposes
  • Blocking information is deleted during account deletion

13. Content Moderation and Reporting

13.1. Automated Content Filtering

  • All user-generated content (comments, profiles) goes through an automated moderation system
  • Inappropriate content detected is automatically rejected or flagged for review
  • Moderation decisions are communicated to users

13.2. User Reporting System

  • Users can report inappropriate content
  • Reports are reviewed within 24 hours and necessary actions are taken
  • Reported content may be temporarily hidden
  • Report results are communicated to users

13.3. Data Processing

  • Report information (reporting user, reported content, category, reason) is stored
  • This information is used solely for moderation and security purposes
  • Report information is deleted after 1 year, unless legal obligations require longer retention

14. Terms of Use Acceptance and Data Processing

14.1. Terms of Use Acceptance

  • Before sending user-generated content, users must accept the Terms of Use and Privacy Policy
  • Terms of Use acceptance is recorded and stored for legal requirements
  • Terms of Use acceptance is deleted during account deletion

14.2. Data Processing

  • Terms of Use acceptance information (user ID, acceptance date, version) is stored
  • This information is used solely for legal compliance and content moderation purposes

15. Updates

This policy may be updated periodically. Updates will be announced on the website or within the application.

← Back to Home