Privacy Policy

Last updated: June 3, 2026

This Privacy Policy describes how Labelkrafter® ("we", "us") collects, uses and protects information about you when you use our Service. We comply with KVKK (Türkiye) and GDPR (EU).

1. What we collect

Account data (name, email, optional profile fields), content you upload (labels, data sheets, images), usage telemetry (pageviews, device type, referrer), and limited technical data (IP address, browser version) needed to operate the Service and prevent abuse.

2. How we use it

To provide and improve the Service, communicate operational notices and support responses, bill paid plans, measure feature adoption, and comply with legal obligations. We do not sell your data.

3. Who we share with

Only with sub-processors needed to run the Service (hosting, email delivery, payment, CDN). Our list is published here: Data Processing Agreement.

4. Cookies & consent

We use strictly-necessary cookies (session, security, consent). Analytics and marketing cookies load only after you accept them via the consent banner on your first visit.

5. Security

Data in transit uses TLS 1.2+. Passwords are hashed with bcrypt. Backups are retained for 30 days and may be stored off-site in encrypted form. We run a security audit trail on every admin write.

6. Your rights

Under KVKK and GDPR you have the right to:

Access a copy of your personal data
Rectify inaccurate data
Erase your data (right to be forgotten)
Object to processing for direct marketing

To exercise any of these rights, contact us.

7. Data retention

Account data is kept as long as your account is active. After deletion we retain invoice and audit records for up to 10 years as required by Turkish tax law; other data is deleted within 30 days.

8. Changes

We may update this policy; material changes will be announced at least 14 days before taking effect.