Privacy and Return Policy
November 7, 2024
Citio ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Citio.
This Privacy Policy applies to our website, https://citioapp.com/, and its associated subdomains (collectively, our "Service"), alongside our application, Citio. By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.
1.KVKK Protecting of Personal Data Law Information
Pursuant to Law No. 6698 on the Protection of Personal Data ("KVKK"), your personal data will be processed by Pera Ltd (Citio Istanbul app) as the Data Controller, by using, recording, and storing it, depending on the business purposes, within the framework described below. In this context, and in accordance with the laws and regulations established by our company to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, our company takes all technical and administrative measures to ensure the appropriate level of security to prevent unlawful processing of your personal data, prevent unlawful access, and ensure its protection.
The personal data processed in the capacity of data controller include, but are not limited to, the following;
Purposes and legal reasons for processing personal data; Your personal data shared by you; In order to benefit you from the products and services offered by our Company,
In order to ensure that your personal data provided and stored by our Company are not subject to unauthorized access, manipulation, loss, and damage in the environments where they are stored, the design of the necessary business processes and technical security infrastructure developments are implemented. Your personal data will be processed by taking all necessary information security measures, provided that they are not used outside the purposes and scope notified to you and will be stored and processed for the legal retention period or, if no such period is stipulated, for the period required by the purpose of processing. When this period expires, your personal data will be removed from our Company's data flows by deletion, destruction methods.
2.Definitions and key terms for this Privacy Policy:
3.Information automatically collected
There is some information like your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our platform. This information may be used to connect your computer to the Internet. Other information collected automatically could be a login, e-mail address, password, computer and connection information such as browser plug-in types and versions and time zone setting, operating systems and platforms, purchase history, (we sometimes aggregate with similar information from other Users), the full Uniform Resource Locator (URL) clickstream to, through andfrom our Website that may include date and time; cookie number; parts of the site you viewed or searched for; and the phone number you used to call our Customer Services. We may also use browser data such as cookies, Flash cookies (also known as Flash Local Shared Objects) or similar data on certain parts of our Website for fraud prevention and other purposes. During your visits, we may use software tools such as JavaScript to measure and collect session information including page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page. We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes.
We automatically collect certain information when you visit, use, or navigate the platform. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about who and when you use our platform, and other technical information. This information is primarily needed to maintain the security and operation of our platform, and for our internal analytics and reporting purposes.
We also collect information from mobile devices for a better user experience, although these features are completely optional:
How Do We Use The Information We Collect?
Any of the information we collect from you may be used in one of the following ways:
When do we use customer information from third parties?
We receive some information from third parties when you contact us. For example, when you submit your email address to show interest in becoming our customer, we receive information from a third party that provides automated fraud detection services to us. We also occasionally collect information that is made publicly available on social media websites. You can control how much of your information social media websites make public by visiting these websites and changing your privacy settings.
Do we share the information we collect with third parties?
We may share the information that we collect, both personal and non-personal, with third parties such as advertisers, contest sponsors, promotional and marketing partners, and others who provide our content or whose products or services we think may interest you. We may also share it with our current and future affiliated companies and business partners, and if we are involved in a merger, asset sale, or other business reorganization, we may also share or transfer your personal and non-personal information to our successors-in-interest.
We may engage trusted third-party service providers to perform functions and provide services to us, such as hosting and maintaining our servers and service, database storage and management, email management, marketing, credit card processing, customer service, and fulfilling orders for products and services you may purchase through our platform. We will likely share your personal information, and possibly some non-personal information, with these third parties to enable them to perform these services for us and for you.
We may share portions of our log file data, including IP addresses, for analytics purposes with third parties such as web analytics partners, application developers, and ad networks. If your IP address is shared, it may be used to estimate general location and other technographics such as connection speed, whether you have visited the service in a shared location, and the type of device used to visit the service. They may aggregate information about our advertising and what you see on the service and then provide auditing, research, and reporting for us and our advertisers.
We may also disclose personal and non-personal information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate in order to respond to claims, legal process (including subpoenas), to protect our rights and interests or those of a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to otherwise comply with applicable court orders, laws, rules, and regulations.
Where and when is information collected from customers and end users?
We will collect personal information that you submit to us. We may also receive personal information about you from third parties as described above.
Could my information be transferred to other countries?
We are incorporated in Türkiye. Information collected via our website, through direct interactions with you, or from the use of our help services may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. To the fullest extent allowed by applicable law, by using any of the above, you voluntarily consent to the trans-border transfer and hosting of such information.
Is the information collected through our service secure?
We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security, and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes, or fail to follow policies. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measure our compliance with that duty.
Can I update or correct my information?
The rights you have to request updates or corrections to the information we collect depend on your relationship with us. Personnel may update or correct their information as detailed in our internal company employment policies. Customers have the right to request the restriction of certain uses and disclosures of personally identifiable information as follows. You can contact us to (1) update or correct your personally identifiable information, (2) change your preferences with respect to communications and other information you receive from us, or (3) delete the personally identifiable information maintained about you on our systems (subject to the following paragraph), by canceling your account. Such updates, corrections, changes, and deletions will have no effect on other information that we maintain or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change, or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times. You should be aware that it is not technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed, or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable. If you are an end user and wish to update, delete, or receive any information we have about you, you may do so by contacting the organization of which you are a customer.
Personnel
If you are one of our workers or applicants, we collect information you voluntarily provide to us. We use the information collected for Human Resources purposes in order to administer benefits to workers and screen applicants. You may contact us to (1) update or correct your information, (2) change your preferences with respect to communications and other information you receive from us, or (3) receive a record of the information we have relating to you. Such updates, corrections, changes, and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change, or deletion.
Sale of Business
We reserve the right to transfer information to a third party in the event of a sale, merger, or other transfer of all or substantially all of the assets of us or any of its Corporate Affiliates (as defined herein), or that portion of us or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization, or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.
Affiliates
We may disclose information (including personal information) about you to our Corporate Affiliates. For purposes of this Privacy Policy, 'Corporate Affiliate' means any person or entity which directly or indirectly controls, is controlled by, or is under common control with us, whether by ownership or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.
How Long Do We Keep Your Information?
We keep your information only so long as we need it to provide service to you and fulfill the purposes described in this policy. This is also the case for anyone that we share your information with and who carries out services on our behalf. When we no longer need to use your information and there is no need for us to keep it to comply with our legal or regulatory obligations, we'll either remove it from our systems or depersonalize it so that we can't identify you.
How Do We Protect Your Information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers' database, only to be accessible by those authorized with special access rights to such systems and required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) is never kept on file. We cannot, however, ensure or warrant the absolute security of any information you transmit to us or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards.
Governing Law
The laws of Türkiye, excluding its conflicts of law rules, shall govern this Agreement and your use of our service. Your use of our service may also be subject to other local, state, national, or international laws.
Your Consent
By using our service, registering an account, or making a purchase, you consent to this Privacy Policy.
Links to Other Websites
This Privacy Policy applies only to the Services. The Services may contain links to other websites not operated or controlled by Citio. We are not responsible for the content, accuracy, or opinions expressed in such websites, and such websites are not investigated, monitored, or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website’s own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.
Cookies
We use "Cookies" to identify the areas of our website that you have visited. A Cookie is a small piece of data stored on your computer or mobile device by your web browser. We use Cookies to personalize the Content that you see on our website. Most web browsers can be set to disable the use of Cookies. However, if you disable Cookies, you may not be able to access functionality on our website correctly or at all. We never place Personally Identifiable Information in Cookies.
Remarketing Services
We use remarketing services to serve ads across the internet to people who have already visited our website, making it seem like we are 'following' them on the websites and platforms they use most.
Payment Details
In respect to any credit card or other payment processing details you have provided us, we commit that this confidential information will be stored in the most secure manner possible.
Kids' Privacy
We collect information from kids under the age of 13 just to better our services. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data without your permission, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from our servers.
Changes To Our Privacy Policy
If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.
Third-Party Services
We may display, include or make available third-party content (including data, information, applications and other products services) or provide links to third-party websites or services ('Third-Party Services').
You acknowledge and agree that we shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect thereof. We do not assume and shall not have any liability or responsibility to you or any other person or entity for any Third-Party Services.
Third-Party Services and links thereto are provided solely as a convenience to you and you access and use them entirely at your own risk and subject to such third parties' terms and conditions.
Facebook Pixel
Facebook pixel is an analytics tool that allows you to measure the effectiveness of your advertising by understanding the actions people take on your website. You can use the pixel to: Make sure your ads are shown to the right people. Facebook pixel may collect information from your device when you use the service. Facebook pixel collects information that is held in accordance with its Privacy Policy.
Tracking Technologies
Google Maps APIs
Google Maps API is a robust tool that can be used to create a custom map, a searchable map, check-in functions, display live data synching with location, plan routes, or create a mashup just to name a few. Google Maps API may collect information from You and from Your Device for security purposes. Google Maps API collects information that is held in accordance with its Privacy Policy.
Cookies
We use Cookies to enhance the performance and functionality of our service but are non-essential to their use. However, without these cookies, certain functionality like videos may become unavailable or you would be required to enter your login details every time you visit our service as we would not be able to remember that you had logged in previously.
Local Storage
Local Storage, sometimes known as DOM storage, provides web apps with methods and protocols for storing client-side data. Web storage supports persistent data storage, similar to cookies but with a greatly enhanced capacity and no information stored in the HTTP request header.
Sessions
CookWe use Sessions to identify the areas of our website that you have visited. A Session is a small piece of data stored on your computer or mobile device by your web browser.ies
Information about General Data Protection Regulation (GDPR)
We may be collecting and using information from you if you are from the European Economic Area (EEA), and in this section of our Privacy Policy, we are going to explain exactly how and why this data is collected, and how we maintain this data under protection from being replicated or used in the wrong way.
What is GDPR?
GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have, over their personal data.
What is personal data?
Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity. The Data Protection Principles include requirements such as:
Why is GDPR important?
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts, it's simply the right thing to do. At Help Scout, we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.
Individual Data Subject's Rights - Data Access, Portability and Deletion
We are committed to helping our customers meet the data subject rights requirements of GDPR. We process or store all personal data in fully vetted, DPA compliant vendors. We do store all conversation and personal data for up to 6 years unless your account is deleted. In which case, we dispose of all data in accordance with our Terms of Service and Privacy Policy, but we will not hold it longer than 60 days.
We are aware that if you are working with EU customers, you need to be able to provide them with the ability to access, update, retrieve and remove personal data. We got you! We've been set up as self service from the start and have always given you access to your data and your customers' data. Our customer support team is here for you to answer any questions you might have about working with the API.
Return Policy
If the purchased item is for a booking event, it can be returned at least 24 hours before the event starts. If it is a tangible product and if you are in Istanbul, it can be returned within 24 hours of receipt.
4.Contact Us
Don't hesitate to contact us if you have any questions.