Privacy Policy

1. General Terms

We process information about you in order to provide you with the best experience from Charmy App ("Charmy" or the "Service"). This page is intended to inform you of our policy on how we process your personal data ("Policy").

By consenting to our Policy, you agree to processing of your personal data by CHARMY BİLİŞİM TEKNOLOJİLERİ A.Ş. (the "Controller", "We", "Our", "Us") or any other processor assigned by the Controller in accordance with this Policy. Unless otherwise defined in this Policy, terms used in this Policy have the same meanings as in our Terms and Conditions.

2. Legal Basis for Processing

The processing of your personal data is based on the Article 6-1(b) of the General Data Protection Regulation ("GDPR") of the European Union and Article 5-2(c) of the Law on the Protection of Personal Data ("KVKK") of Turkey. We will be processing the necessary information for the performance of our Service.

Part of our processing activity, where the processing is not necessary for the performance of our Service (e.g. providing third parties with your data), is based on your consent under this Policy, as laid down in the Article 6-1(a) of the GDPR and Article 5(1) of the KVKK. You may withdraw your consent anytime with regard to those processing activities. In that case, We will stop processing your personal data. However, if the data relates to any necessary information for the performance of our Service, Charmy holds the rights to terminate the contract.

3. Processing Period

Unless otherwise stated, we process your personal data as long as your membership is active. However, we keep storing your personal data in order to comply with legal obligations (e.g. court orders) or based on other legitimate grounds (e.g. legal claims) for five years after the deletion date of your account.

4. Purposes of Processing and the Types of Data Collected

We collect different types of data depending on how you use Charmy. The collected data are used for operational and commercial purposes. You may learn more about the types of information that we collect and the purposes of processing below.

A. Types of Data Collected

  • Basic Account Information: If you choose to create a Charmy account, you must provide us with some personal data so that we can provide our services to you. That includes your name(s), surname(s), title(s), display name (nick name), sex, age, answers to our security questions, passwords, e-mail address or phone number.
  • Usage Data: Usage data includes any content that you provide. For example, your likes, favourites lists, comments, your location (if you choose to share), people, pages, accounts, hashtags and groups that you are connected to and how you interact with them. We collect information about how you use Charmy, such as the types of content that you view or engage with, the features you use, the actions you take, the people or accounts you interact with and the time, frequency and duration of your activities.
  • Device Information: When you access Charmy by or through a mobile device, we collect certain information automatically on the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
  • Tracking & Cookies Data: We use cookies and similar tracking technologies to track the activity on Charmy and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse Charmy.

B. Use of Data

The Controller uses the collected data for various purposes:

  • To provide and maintain the Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer care and support
  • To provide analysis or valuable information so that we can improve the Service
  • To monitor the usage of the Service
  • To detect, prevent and address technical issues
  • To personalise advertisements, offers and other sponsored content (you can opt-out of personalized advertising)
  • To provide advertisers and other business partners with data which are relevant to their respective services

5. Transfer of Data

Our company base and servers are located in Ankara, Turkey. Your consent to this Policy represents your agreement to any transfer that we may realize as part of our business activity. However, the Controller will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information in accordance with Turkish law.

6. Disclosure of Data

The Controller may disclose your personal data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of the Controller.
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

7. Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

8. Third Party Sharing

We may employ third party companies and individuals in furtherance of our purposes (see section IV-B). You can find a list of possible Third-Party providers below:

  • Parties that support us as we provide our services (e.g., providers of telecommunication systems, mailroom support, IT system support, archiving services, document production services and cloud-based software services).
  • Our professional advisers, including lawyers, auditors and insurers.
  • A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger/acquisition of part or all of our business or assets, or any associated rights or interests.
  • Payment services providers.
  • Marketing services providers.
  • Law enforcement or other government and regulatory agencies (e.g., KVKK) or to other third parties as required by, and in accordance with, applicable law or regulation.
  • Recruitment services providers.

Aside from law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation, all the other third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Your personal data may use in our other apps (Mr. Agent, Cobotion, Similar2) We will collect your public data from the other social media integration. You will permit us to use your personal data in our other apps by approving this agreement.

9. Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

10. Children's Privacy

Our Service does not address anyone under the age of 16.

We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us (see section XIII for contact information). If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

11. Your Rights

Your rights under the GDPR and KVKK matters. Here is a list of them:

  • Access: You can ask us to verify whether we are processing personal data about you, and if so, to provide more specific information.
  • Correction: You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.
  • Erasure: You can ask us to erase (delete) your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected.
  • Processing restrictions: You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
  • Data portability: In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another company if is technically feasible.
  • Automated Individual Decision-making: You can ask us to review any decisions made about you which we made solely based on automated processing, including profiling, that produced legal effects concerning you or similarly significantly affected you.
  • Right to Object to Direct Marketing including Profiling: You can object to our use of your personal data for direct marketing purposes, including profiling. We may need to keep some minimal information to comply with your request to cease marketing to you.
  • Right to Withdraw Consent: You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.
  • Right to Complaint: You have the right to lodge a complaint with a supervisory Authority. In Turkey, "Kişisel Verileri Koruma Kurumu" is responsible for enforcing privacy rules.

We will make sure that you can exercise your rights properly without undue delay. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page (please see the first page for the date of last update).

13. Contact Information

Our identity and contact information is provided below:

Charmy Bilişim Teknolojileri A.Ş.

[email protected]