voistep - Privacy Policy

Plain Language Summary of Our Policy

At voistep, we are deeply committed to your privacy. While the full legal text below explains your rights in detail, we want to summarize our core principles simply:

• Core Functionality: We use your location, account, and device information to provide you with personalized stories.
• Personalization: We suggest content based on your interests to enrich your experience.
• Trust: We will never sell or rent your data to third parties.
• Improvement: We analyze anonymized usage data to make the application better.
• Control: You have full control over your personal data and can exercise your legal rights at any time.

This Privacy Policy explains what personal data we collect through the voistep mobile application ("Application") developed by Bahadır Sevim ("Owner," "We," "Us"), for what purposes we use this data, with whom we share it, and your legal rights over your data in a transparent manner.

By downloading, installing, or using the Application, you acknowledge that you have understood and agreed to the data processing activities described in this Privacy Policy. This policy is an integral part of our Terms of Use Agreement.

Article 1: Data Controller

In accordance with the European Union's General Data Protection Regulation (GDPR), the data controller for your personal data is Bahadır Sevim. You can contact the data controller for any privacy-related inquiries via email at bahadirsevim@outlook.com.

Article 2: What Personal Data Do We Collect?

To ensure you can make the most of our Application, we may collect the following types of personal data:

2.1. Data You Provide Directly:

• Account Information: Identity information such as your name, surname, and email address, which you share when registering for our Application via Google, Apple, or your email address.
• Preference Information: The interests and preferences ("tags") you select to customize your Application experience.

2.2. Data Collected Automatically During Your Use of the Application:

• Geolocation Data: To provide the core feature of location-based storytelling, we process your device's real-time GPS-based location data with your consent. You can withdraw this consent at any time through your device settings.
• Interaction and Usage Data: Anonymous data regarding your usage habits, such as which content you interact with and for how long (e.g., whether you listen to a story to the end or add a tour to your favorites).
• Technical Device Data: Technical data such as your device model, operating system, unique identifiers, and IP address (e.g., to understand if the app is working correctly on different phone models and to fix bugs).

2.3. Payment Data:

Should we offer paid subscriptions or services, payment transactions will be processed through secure third-party platforms such as the Apple App Store or Google Play Store. We never see or store your sensitive payment information, such as credit card details.

Article 3: User's Responsibilities

The User accepts and declares that all information provided during registration (name, surname, email address, etc.) is accurate, current, and belongs to them. The Owner cannot be held responsible for any issues arising from incomplete, misleading, or third-party information provided by the User.

Article 4: Cookies and Similar Technologies

To analyze the performance of our Application and improve our services, we may use third-party SDKs (Software Development Kits) like Google Analytics for Firebase and your device's advertising identifiers (IDFA/GAID). These technologies collect anonymized data about your application usage. You can restrict this type of data collection at any time through your device's settings.

Article 5: Why and How We Use Your Personal Data

We process the personal data we collect to provide you with a better service and to fulfill our legal obligations, for the purposes stated below.

Lawful Bases for Processing: We process your personal data based on the lawful bases set out in Article 6 of the GDPR. These include the performance of a contract with you (e.g., creating your account to provide our services), your consent (e.g., for marketing communications), compliance with our legal obligations, and our legitimate interests (e.g., improving our services through analysis).

• To Provide Application Services: To manage your account and deliver the core functionalities of the Application by offering personalized stories and tours based on your location and interests.
• To Communicate with You: To inform you about service updates, provide technical support, and send legal notices.
• For Marketing and Promotional Activities: With your explicit consent, to send you marketing communications via channels such as your registered email address, to inform you about new tours, features, campaigns, and similar promotional activities that may interest you. You can opt-out at any time.
• For Service Development and Analysis: To improve the performance, usability, and features of the Application by analyzing user behavior anonymously.
• For Security and Legal Compliance: To ensure the security of the platform, prevent fraud, and respond to legal requests.

Article 6: With Whom Do We Share Your Personal Data?

User privacy is fundamental to us. We share your data only when necessary to provide our services and under strict confidentiality agreements:

• Technology Partners: With trusted service providers who supply technical services necessary for the Application's operation, such as cloud hosting and data analysis. These providers are responsible for their own privacy policies and security practices, and data is transferred in compliance with the law.
• Legal Authorities: With competent public institutions and organizations in cases of legal obligation or a court order.
• Business Transfers: In the context of a merger, acquisition, or asset sale, based on our legitimate interests.

Article 7: User-Generated Content

Please remember that any content you add to public areas within the Application, such as comments or ratings, can be seen by other users. We recommend that you exercise caution when posting personal information in these areas.

Article 8: Data Retention Period

We retain your personal data for as long as your account is active and for a reasonable period thereafter as necessary to fulfill our legal obligations. When you delete your account, your personal data, except for data we are legally required to retain, will be irreversibly deleted or anonymized from our systems.

Article 9: International Data Transfers

As we use global technology infrastructures to provide our services, your data may be stored on servers located outside of your country, including outside the European Economic Area (EEA). In such cases, we ensure that all necessary measures are taken to protect your data in accordance with GDPR, primarily by relying on legal safeguards such as the European Commission's Standard Contractual Clauses.

Article 10: Push Notifications

With your permission, we may send push notifications to your device about content that may interest you. You can easily disable these notifications at any time through your mobile device's settings.

Article 11: How We Ensure Data Security

11.1. Measures Taken:

The security of your personal data is a priority for us. We implement industry-standard technical and administrative security measures, including encryption and secure server infrastructures, to protect your data against unauthorized access, loss, alteration, or disclosure. However, we must remind you that no data transmission over the internet can be guaranteed to be 100% secure, and thus we cannot guarantee absolute security.

11.2. Notification in Case of a Data Breach:

Despite all our measures, should a data breach occur that affects your personal data, we undertake to promptly execute the legal procedures mandated by GDPR and to inform both the competent authorities and you.

Article 12: Your Control and Legal Rights Over Your Data

Your personal data belongs to you, and under GDPR, you have full control over it. We are here to assist you when you wish to exercise your rights. Your principal rights are as follows:

• Right of Access: To learn whether your data is being processed, for what purposes, and with whom it is shared.
• Right to Rectification: To request the correction of your personal data that you believe is incomplete or inaccurate.
• Right to Erasure ("Right to be Forgotten"): To request the permanent deletion of your personal data from our systems when legal conditions are met.
• Right to Restriction of Processing: To request the limitation of the processing of your personal data under certain conditions.
• Right to Data Portability: To receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transfer it to another controller.
• Right to Object: To object to the processing of your data, including for direct marketing purposes.
• Right to Claim Compensation: To request compensation for damages if you suffer harm due to the unlawful processing of your data.

Requests to exercise these and other legal rights will be carefully processed within 30 (thirty) days after we verify your identity. We reserve the right, to the extent permitted by law, to charge a reasonable fee for or refuse excessive or repetitive requests.

Article 13: Right to Lodge a Complaint

If you are a resident of the European Economic Area (EEA) and you believe our processing of your personal data infringes the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

Article 14: Children's Privacy

Our Application is not directed at individuals under the age of 18, and we do not knowingly collect personal data from them.

Article 15: Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make a significant change, we will publish the updated policy through the Application or notify you via your registered email address. We undertake to request your consent again for material changes that legally require it, such as changes to the purposes or scope of our data collection.

Article 16: Language and Validity of the Policy

In the event of a conflict between translated versions of this Privacy Policy and the original English text, the English text shall prevail.

Article 17: Contact Us

If you have any questions, comments, or requests regarding this Privacy Policy, please do not hesitate to contact us at:

Email: info@voistep.com