Privacy Policy

Last Updated: May 11, 2026

Tarık Ertuğrul Ulusoy (sole proprietorship operating as "Bildirsene", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our mobile application ("App").

By using this App, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Personal Information

When you use the App, we collect the following personal information:

• Account Information: Email address, username, profile photo
• Authentication Information: When you sign in via Google or Apple, we receive basic profile information provided by these services (name, email, profile photo)
• Contact Information: Contact details you provide in support requests

1.2 Location Information

• Precise Location Data: When creating reports or viewing reports on the map, your device's GPS coordinates are collected
• Purpose: Location data is used solely to geographically tag reports and display them on the map
• Background Tracking: Our app does not track your location in the background

1.3 Photos and Media

• Uploaded Photos: Photos you add to your reports are stored on our servers
• Camera and Gallery Access: We only access your camera or gallery when you grant permission

1.4 Device Information

• Push Notification Token: Device token to send you notifications
• Device Model and Operating System: For app compatibility and debugging
• App Version: For technical support

1.5 Usage and Analytics Data

• App Usage Statistics: Features you use, screen views via Firebase Analytics
• Error Reports: App crashes and errors via Sentry
• Interaction Data: Comments, likes, and shares you make on reports
• Advertising Identifier (IDFA / AAID): Collected only with your explicit consent through App Tracking Transparency (ATT). If you decline, Firebase Analytics continues with anonymous measurement; no cross-device linkage or personalized targeting is performed.

1.6 User-Generated Content

• Reports: Descriptions, categories, and institutions you tag in your reports
• Comments: Comments you write on other reports
• Profile Information: Your profile description and other information you choose to share

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Provision

• Account creation and management
• Creating, viewing, and sharing reports
• Displaying reports on the map
• User interactions (comments, likes)

2.2 Communication

• Sending push notifications (new comments, report updates)
• Responding to support requests
• Important update announcements

2.3 Improvement and Analysis

• Monitoring and improving app performance
• Detecting and fixing bugs
• Enhancing user experience
• Developing new features

2.4 Security

• Detecting and preventing fraud
• Enforcing our terms of service
• Detecting and removing inappropriate content

2.5 Legal Obligations

• Responding to legal requests
• Protecting our rights
• Ensuring public safety

3. Information Sharing

3.1 Publicly Shared Information

The following information is shared publicly:

• Your username and profile photo
• Reports you create (photo, description, location, date)
• Your comments
• Your profile description (if added)

3.2 Third-Party Services

We share your information with the following third-party services:

Supabase (Database and Infrastructure)

• Purpose: Data storage and authentication
• Data Center: Mumbai / India (AWS ap-south-1 region)
• Data Protection: SOC 2 Type II certified
• More Info: supabase.com/privacy

Firebase Analytics (Google)

• Purpose: Usage analysis
• Data Collected: Anonymous usage statistics
• More Info: firebase.google.com/support/privacy

Sentry

• Purpose: Error tracking and performance monitoring
• Data Collected: Error reports, device information
• More Info: sentry.io/privacy

Apple Sign In

• Purpose: Authentication
• Data Collected: Information you choose to share with your Apple ID
• More Info: apple.com/legal/privacy

Google Sign In

• Purpose: Authentication
• Data Collected: Information you choose to share with your Google account
• More Info: policies.google.com/privacy

3.3 Legal Requirements

We may share your information in the following situations:

• Legal obligation (court order, subpoena)
• Protecting public safety
• Preventing fraud
• Protecting our rights and property

3.4 Business Transfers

In the event of a merger, acquisition, or asset sale, your information may be among the transferred assets. We will notify you beforehand.

4. Data Security

We implement the following measures to protect your information:

4.1 Technical Measures

• SSL/TLS Encryption: All data transmissions are encrypted
• Database Encryption: Sensitive data is encrypted in the database
• Secure Authentication: Modern OAuth 2.0 protocols
• Row Level Security (RLS): Database-level access control

4.2 Organizational Measures

• Regular security updates
• Limited personnel access
• Security vulnerability scans
• Incident response plans

4.3 Limitations

No method of transmission over the Internet or electronic storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.

5. Data Retention

5.1 Retention Periods

• Account Data: Until you delete your account
• Reports and Comments: May be retained permanently for community value even after account deletion (but anonymized)
• Analytics Data: 26 months
• Error Reports: 90 days
• Log Records: 30 days

5.2 Account Deletion

You can delete your account from within the app via Settings > Delete Account. Account deletion:

• Permanently deletes your personal information (email, name, profile photo)
• Your reports continue to appear as an anonymous user (for community value)
• The process is irreversible

6. Your Rights (Under GDPR and Turkish KVKK)

6.1 Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Request restriction of processing
• Objection: Object to data processing
• Portability: Request transfer of your data to another service
• Withdraw Consent: Withdraw your consent at any time

6.2 Exercising Your Rights

To exercise your rights:

• Email: support@bildirsene.com
• In-App: Settings > Support > Privacy Request

We will respond to your request within 30 days.

6.3 EU Residents

If you are in the European Union, you have additional rights under GDPR:

• Right to lodge a complaint with your local supervisory authority
• Right to data portability in a structured, machine-readable format
• Right to object to automated decision-making

7. Children's Privacy

Our App is not directed to users under 17 years of age. Because the App contains user-generated content (reports, comments) and location sharing, we do not knowingly collect personal information from anyone under 17. If you are a parent or guardian and become aware that your child has provided us with personal information, please contact us; we will delete the data promptly.

8. International Data Transfers

Your data may be stored on servers outside of Turkey (Mumbai / India for Supabase; other regions used by Google for Firebase and by Sentry for crash reporting). In these cases:

• We implement appropriate safeguards pursuant to applicable law
• Standard Contractual Clauses (SCCs) are used
• We obtain your explicit consent for data transfers

For EU Residents: Data transfers outside the EU are conducted in accordance with GDPR Article 46 using Standard Contractual Clauses approved by the European Commission.

9. Tracking Technologies and Advertising Identifiers

Our mobile App does not use browser cookies. Instead, similar functionality is provided on-device through:

9.1 Technologies Used

• Local Storage (AsyncStorage / SecureStore): Session information, language preference, theme preference, onboarding state
• Push Notification Token: A unique device-generated identifier used to deliver notifications
• IDFA (iOS) / AAID (Android): Apple/Google's advertising identifier. Read by Firebase Analytics only if you grant permission via App Tracking Transparency (ATT). If declined, it is not collected.
• Firebase Analytics: Performs either identified or fully anonymous measurement depending on the ATT decision.

9.2 Control

You can manage your tracking and analytics preferences as follows:

• ATT permission (iOS): Settings > Privacy & Security > Tracking → turn off for Bildirsene
• Limit Ad Tracking (iOS): Settings > Privacy & Security > Apple Advertising → turn off "Personalized Ads"
• Reset advertising ID (Android): Settings > Google > Ads → "Delete advertising ID"
• Notifications: You can disable push notifications from the in-app Settings screen; the push token is invalidated server-side.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When significant changes occur, we will:

• Show a notification in the app
• Notify you via email
• Update the "Last Updated" date

We recommend reviewing the current version regularly.

11. Contact Us

For privacy-related questions:

Data Controller: Tarık Ertuğrul Ulusoy (sole proprietorship operating as "Bildirsene")
Tax ID: 8900275469
Address: İlyasköy Mah. Aziziye Cad. No:4 İlkadım/Samsun, Turkey
Email: support@bildirsene.com
Web: https://bildirsene.com/en/support

12. Supervisory Authority

If you believe your rights have been violated:

For EU Residents:
You have the right to lodge a complaint with your local data protection authority.

For Turkish Residents:
Personal Data Protection Authority (KVKK)

• Web: https://www.kvkk.gov.tr
• Address: Nasuh Akar Mah. 1407. Sok. No: 4, Balgat / Çankaya / Ankara, Turkey

This Privacy Policy has been prepared in accordance with the General Data Protection Regulation (GDPR), Turkish Personal Data Protection Law (KVKK No. 6698), and applicable data protection legislation.