July 8, 2026

Privacy Policy

Bumerank, Istanbul, Türkiye — contact: hi@bumerank.co. We process personal data in accordance with Turkish data-protection law (KVKK) and applicable regulations. This policy explains what we collect, why, and how we protect it.

1. Data we collect

Account data: name, email, phone, billing details.

Usage data: session logs, IP address, browser info, in-Platform activity.

Connection data: operational data pulled, within the scopes you authorize, from third-party accounts you connect (store, ads, social).

2. Purposes

Delivering and improving the service, securing accounts, meeting legal obligations, and — with your consent — marketing communication.

3. Isolation and security

Each brand's data is isolated with database-level row-level security (RLS). Infrastructure runs on servers we manage; transport is TLS-encrypted.

Sector-insight sharing only uses data that passed an anonymization gate (PII stripping + generalization + k-anonymity); no insight can be traced back to its source.

4. Third parties

Data is shared only with sub-processors the service requires (hosting, payments, AI model providers) under contractual safeguards. Requests to AI providers never carry your brand identity.

We may disclose data to authorities where legally required.

5. Retention

Data is kept for the duration of your membership and statutory retention periods, then deleted or anonymized.

6. Your rights

You may access, correct, delete, object to processing, and port your data. Write to hi@bumerank.co; requests are answered within 30 days.