Sign in Get a demo

Privacy Policy

How Deepinfo collects, uses, and protects personal data. If you have privacy questions, email [email protected].

Effective date: [to be filled] · Last updated: [to be filled]
On this page
1. Introduction2. Information We Collect3. How We Use Information4. Legal Basis for Processing5. Sharing and Disclosure6. International Data Transfers7. Data Retention8. Your Rights9. Security10. Cookies and Similar Technologies11. Children's Privacy12. Changes to This Policy13. Contact Us

1. Introduction

This Privacy Policy describes how Dofo Teknoloji Anonim Şirketi, doing business as Deepinfo, collects, uses, and protects personal data in connection with our website, platform, APIs, and services. We operate under dual Turkish (KVKK) and EU (GDPR) data protection frameworks.

2. Information We Collect

Information you provide: name, email, company, job title, and other details you submit through our forms or account setup. Information collected automatically: IP address, browser details, device identifiers, referrer, and usage patterns across our website and platform. Customer Data: data submitted to the platform during normal use, governed by our Data Processing Agreement.

3. How We Use Information

We use personal data to provide and operate the Services, communicate with you about your account and support inquiries, respond to demo and sales requests, improve our products and security posture, and comply with legal obligations. We do not sell personal data.

Under GDPR, we rely on the following legal bases: performance of a contract (to deliver the Services you subscribed to), legitimate interests (to operate, secure, and improve our Services), consent (where required, for example marketing communications), and legal obligation (where mandated by applicable law).

5. Sharing and Disclosure

We share personal data only with: (a) vetted sub-processors acting on our behalf under contractual safeguards; (b) authorities where legally required; and (c) successors in the event of a merger, acquisition, or restructuring, with appropriate protections.

Sub-processors

We engage sub-processors to support specific operational functions of the platform. Each sub-processor is contractually bound to the same data protection obligations we maintain. The list below is current as of the effective date at the top of this document; we update this list when sub-processors change. Material changes are communicated to customers per the privacy policy.

Service / purpose
Provider
Country / region
Transfer mechanism
Primary cloud infrastructure (compute, storage, networking)
Google Cloud Platform
US, EU, Qatar
SCCs
Secondary cloud infrastructure
Amazon Web Services
US, Türkiye
SCCs
Customer support and lead capture
Intercom
US
SCCs
Transactional email delivery
SendGrid
US
SCCs
Website hosting, CDN, DNS, and edge functions for form processing
Cloudflare
US (global edge)
SCCs

6. International Data Transfers and Data Residency

Customer data is primarily stored in US-based infrastructure. EU-based infrastructure is available for EU customers on request, with additional regional infrastructure in Türkiye and Qatar for region-specific deployments. Cross-region data transfers operate under standard contractual clauses or equivalent mechanisms where the receiving region requires them.

7. Data Retention

We retain personal data for the duration required to provide the Services and to meet our legal obligations. Account data is typically retained for the term of your subscription plus 30 days. Operational logs are retained for 90 days by default. Longer retention may apply for regulated customers or where required by law.

8. Your Rights

Depending on your jurisdiction, you have rights including: access to your personal data, rectification of inaccurate data, erasure, restriction of processing, portability, objection to processing, and withdrawal of consent. To exercise these rights, contact [email protected].

9. Security

We implement appropriate technical and organizational measures designed to protect personal data, including encryption in transit and at rest, access controls, audit logging, and staff training. No system is perfectly secure, but we take our obligations seriously and continuously improve our posture.

10. Cookies and Similar Technologies

We use a small number of cookies and similar technologies on our website for essential functionality, analytics, and performance measurement. You can control cookies through your browser settings. This Privacy Policy covers our cookie practices; a dedicated Cookie Notice may be published separately when our consent banner is live.

11. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated with advance notice. The effective date at the top of this document indicates the current version.

13. Contact Us

Privacy inquiries: [email protected]. Legal inquiries: [email protected]. Data subject rights and DPO matters: [email protected].

This Privacy Policy is published by Dofo Teknoloji Anonim Şirketi, doing business as Deepinfo. Privacy questions: [email protected].