Privacy Policy

Last Updated: December 4, 2025

Data Controller: Melike Altın
Contact: otopuls@gmail.com
Website: https://otopuls.eznunc.com

1. General Information

This Privacy Policy explains how OtoPuls collects, uses, and protects user data in compliance with Turkish KVKK Law No. 6698 and international privacy standards.

2. Collected Data

OtoPuls allows users to access basic features without registration (guest mode). Users can browse mechanics and view details without creating an account. Registration is only required for account-based features such as adding reviews, likes, or making appointments.

• Identity Information: Name, surname, email (required for registration), phone number (optional), address, city, district
• Vehicle Information: Vehicle brand, model, year, fuel type
• Professional Information: Specialty areas, service brands served, mechanic name, workshop name, working hours, website addresses
• Media and Social: Profile photo, mechanic/workshop logo photo, social media accounts
• Technical Data: Session tokens, authentication data, device information, IP address (for security and session management purposes)

3. Purpose of Data Collection

• Creating and managing user profiles
• Connecting car owners and service professionals
• Improving communication and user experience

4. Data Storage and Security

All data is securely stored on Hetzner servers in Germany. The data transfer and storage comply with GDPR (General Data Protection Regulation) standards.

Security Measures:

• Encrypted data transmission (HTTPS/TLS)
• Secure session-based authentication
• Access controls and authentication mechanisms
• Regular security updates and monitoring
• Backup and recovery procedures
• Server-level security measures by Hetzner

5. Data Sharing

Currently, personal data is not shared with third parties. If data sharing becomes necessary in the future (e.g., for service improvements, partnerships, or analytics), users will be notified through this Privacy Policy or within the application. Any future data sharing will only occur with explicit user consent as per KVKK Article 5/2 and GDPR requirements, or where legally required by law.

Users have the right to withdraw their consent for data sharing at any time by contacting us at otopuls@gmail.com.

6. User Rights

Users have the right to access, correct, delete, and request information regarding their personal data as per Article 11 of KVKK. Requests can be made to otopuls@gmail.com.

7. Data Retention

Personal data is retained as long as the user account is active. Upon account deletion, personal data is permanently removed from the system, except where legal retention obligations require data to be kept for a specific period (e.g., tax, accounting, or legal dispute requirements).

8. Children's Privacy

OtoPuls is intended only for users aged 18 and above.

9. Cookies and Technical Data

OtoPuls uses session-based authentication for secure user access. Technical data such as session tokens, authentication cookies, device information, and IP addresses are collected and processed solely for authentication, security, and service provision purposes. These technical data are essential for maintaining user sessions and ensuring platform security.

10. Technical Infrastructure

OtoPuls is developed using modern technologies including React Native, Expo framework, and TypeScript. The application is designed for both iOS and Android platforms through Expo's cross-platform development capabilities. All data processing and storage operations comply with GDPR standards.

11. User Consent

During user registration, users are required to explicitly consent to the following by checking the respective checkboxes:

• Terms of Use Agreement
• Privacy Policy
• KVKK Disclosure Text

Users cannot complete registration without providing these consents. Consent can be withdrawn at any time by contacting us or deleting the account.

12. Updates

This policy may be updated periodically. Updates will be announced on the website or within the application.