Privacy Policy and Data Discipline

# 1. Veri Disiplini Felsefesi For Mesteg Technology, data security is not an option; it is a fundamental discipline. The data we collect is used minimally and transparently to improve our services, enhance system performance, and meet our legal obligations. # 2. Topladığımız Bilgiler ## 2.1 Doğrudan Toplanan Bilgiler * **Kimlik ve İletişim Bilgileri:** Collected during Registration (name, email, password), Get Quote (name, email, phone), and Profile Updates. * **Finansal Bilgiler:** (Yatırım danışmanlığı hariç) Payment information is processed via our payment processor and is not stored on our servers. ## 2.2 Otomatik Toplanan Bilgiler * **Kullanım Verisi:** IP address, browser type, language preference, device information, pages visited, and interaction times. This data is collected via the system's analytics cookies. * **Çerezler:** Includes necessary, analytics, and marketing cookies. The user's preference is stored (encrypted) in the `__session` or `cookie-consent` cookies. ## 3. Bilgilerin Kullanım Amaçları (Neden Topluyoruz?) The data we collect is processed **only as necessary** for the following purposes: * Account and session management (Necessary cookies). * Providing requested services (Custom software development, YZ analizi). * Ensuring system security and integrity. * Detecting and fixing system errors (Analytics cookies). * Sending you marketing and promotional communications related to our services (with Marketing cookie consent). ## 4. Veri Saklama ve Güvenlik Protokolü ## 4.1 Retention Period Your personal data is retained as long as your account is active or as required by legal obligations. If you delete your account, all data will be erased, except for legal necessities. ## 4.2 Security Measures Your data is protected by industry-standard security measures of Firebase/Google Cloud Platform (SSL encryption, authorization layers, encrypted database access). **Your passwords are never stored in plain text.** ## 5. Veri Paylaşımı Your data is **strictly not shared** with third parties without your consent, except where required by legal obligations. We only share the minimum necessary data with our service providers (payment processors, hosting services) for functionality, and these providers are subject to strict confidentiality agreements.