Disclosure Notice

Vaktim App

Data Controller: Soner Yılmaz
Contact: destek@vaktim.app
Last Updated: March 2026

1. Identity of the Data Controller

Your personal data is processed by Soner Yılmaz, acting as the data controller, within the scope of the Turkish Personal Data Protection Law No. 6698.

2. Processed Personal Data and Purposes of Processing

2.1 Data Processed in All Cases

This data is processed for the purposes of account creation, login operations, profile management, providing premium services, quota management, and fulfilling legal obligations.

The main legal grounds for these categories are the establishment or performance of a contract, compliance with the data controller's legal obligations, and the establishment, exercise, or protection of a right in the event of a dispute.

2.2 Data Processed Only When Sync Is Enabled

If you enable the sync feature and provide the relevant explicit consent, the following data may be processed for cross-device synchronization:

2.3 Data Processed When the Spiritual Guide Feature Is Used

When you use the Spiritual Guide feature, the following data may be processed:

This data is processed to generate AI-assisted responses. Spiritual Guide message content is not included in the cross-device sync dataset; however, when you use the feature, it is transmitted to OpenAI infrastructure through Supabase Edge Functions.

The processing of message content within the Spiritual Guide feature and the related overseas transfer are based on your explicit consent for that feature.

2.4 Data That Remains Only on the Device

3. Transfer of Personal Data

3.1 International Transfers

Your data may be transferred abroad through the following service providers in order to provide the service:

Optional international data transfers made within the scope of Sync and Spiritual Guide are carried out on the basis of your explicit consent under Article 9 of the Law.

For overseas service providers used in account management, authentication, infrastructure, subscriptions, and similar processes, transfer activities are assessed within the framework of the applicable processing and transfer conditions for the relevant data category, together with contractual and technical safeguards.

3.2 Methods of Collection and Legal Grounds

Your personal data may be obtained, fully or partially through automated means, via:

This data is processed on the legal grounds set out in Articles 5 and 6 of the Law, including contract performance, legal obligation, establishment or protection of a right, and explicit consent where applicable.

4. Retention Periods

Turning off the sync feature stops new data transfers. To delete data that has already been transferred to the cloud, you may submit a separate deletion request.

5. Technical and Administrative Safeguards

To protect your data, access control, encrypted communication, user-based authorization, the principle of least privilege, and security monitoring measures are applied.

6. Your Rights

Under Article 11 of the Law, by applying to the data controller, you have the right to:

Application and Complaint Procedure

You may first submit your requests under Turkish data protection law to destek@vaktim.app. If your application is rejected, if the response is found insufficient, or if no response is provided within 30 days, you may file a complaint with the Turkish Personal Data Protection Board under Article 14 of the Law.

© 2026 Vaktim. All rights reserved.