← Back to Bober

Privacy Policy

Last updated: 16 April 2026

This Privacy Policy explains how bober ("Bober", "we", "us", "our") collects, uses, and protects personal information when you use our Service at app.bober.tr and bober.tr.

1. Information We Collect

• Account information: name, email, phone number provided at signup.
• Business information: your company name, branches, services, staff, and clients you enter into the Service.
• Usage data: pages visited, actions taken, IP address, browser type, device.
• Payment data: processed by Paddle.com Market Limited (our Merchant of Record). We do not store full credit card numbers.

2. How We Use Your Information

• To provide, operate, and maintain the Service;
• To send transactional emails (booking confirmations, billing receipts);
• To communicate service updates and respond to support requests;
• To detect and prevent fraud or abuse;
• To comply with legal obligations.

3. Sharing Your Information

We share information only with:

• Paddle.com Market Limited — for payment processing;
• Twilio / TurboSMS — for SMS notification delivery;
• Sentry — for error monitoring;
• Cloudflare — for CDN and security;
• Law enforcement — when required by applicable law.

We do not sell your personal data.

4. Cookies

We use cookies strictly necessary for authentication (session cookies) and language preference. We do not use third-party tracking or advertising cookies.

5. Data Retention

We retain your data for as long as your account is active. After account closure, data is deleted within 30 days, except where retention is required by law.

6. Your Rights (GDPR / KVKK)

You have the right to:

• Access your personal data;
• Rectify inaccurate data;
• Request deletion of your data;
• Export your data in a portable format;
• Object to processing or request restriction;
• Lodge a complaint with a supervisory authority.

To exercise these rights, email privacy@bober.tr.

7. Security

We protect your data with industry-standard measures: HTTPS/TLS encryption in transit, encrypted backups, Argon2id password hashing, and role-based access controls.

8. Children's Privacy

The Service is not directed to children under 16. We do not knowingly collect data from children.

9. International Transfers

Your data is processed in the European Union and Turkey. Where data is transferred outside these regions (e.g., to Paddle or Sentry), we rely on standard contractual clauses.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be announced via email at least 14 days before taking effect.

11. Contact

Data controller: bober
Email: privacy@bober.tr