Privacy Policy
As Byte Teknoloji A.Ş. and its affiliated companies, we place great importance on the security of your personal data. We process and store all types of personal data belonging to individuals who benefit from our company’s services in accordance with Law No. 6698 on the Protection of Personal Data (“KVKK”) and other relevant legislation. This information notice includes explanations regarding the collection, processing, usage, transfer, and retention of your data within the scope of your use of our services, pursuant to Article 10 “Data Controller's Obligation to Inform” and Article 11 “Rights of the Data Subject” of the KVKK.
Processed Data, Details, and Purposes
| Category | Details | Purpose |
|---|---|---|
| User Profile |
- Full Name - Email Address - Username - Account-specific Password - IP Address - Usage History |
- Account creation for service use - Service provision - Contact when necessary - Provide information to authorities in fraud cases |
| Billing Profile |
- Address - National ID Number - Phone Number - IP Address |
- Fulfilling contractual and legal obligations during purchases - Provide information to authorities in fraud cases |
| Game Profile |
- Character Name - IP Address - Device-specific Identifier |
- Game service delivery - Analysis activities - Moderation - Provide information to authorities in fraud cases |
| Cookies |
- Small data files stored in your browser See our Cookie Policy for details. |
- Service improvement - Content personalization - Analytical activities |
Legal Grounds for Data Processing
Your data is processed under Article 5/2 of the KVKK based on:
- (a) Where it is expressly provided for by law,
- (c) Where it is necessary for the execution or performance of a contract,
- (ç) Where it is necessary for the controller to fulfill its legal obligation,
- (e) Where processing is necessary for the establishment, exercise, or protection of a right.
Therefore, processing is not subject to your consent. You may not request deletion or destruction of data until the expiration of retention periods required by law and services used.
Method of Personal Data Collection
We collect your personal data through our website, games, and mobile applications.
Data Transfer and Recipients
Your personal data may be shared without your consent with:
- Authorized public institutions such as law enforcement, judiciary, and ministries,
- Internally, and with technical support teams, banks, auditors, lawyers, financial consultants, and suppliers — to the extent necessary and anonymized as much as possible.
Transfers within Turkey are carried out under Article 8/2(a) and limited by the conditions stated in Article 5/2 (a), (c), (ç), and (e) of KVKK.
International Access to Data
Although data is stored on servers in Turkey, game profile data may be transferred abroad due to technical requirements, based on your explicit consent.
Data may also be shared with Google LLC and Amazon Web Services (USA) for corporate email communication. If you do not consent to storage on these servers, do not transmit personal data via email.
The legal basis for this consent is Article 9/1 of the KVKK.
Data Retention Period
Data is retained in line with applicable laws and legitimate purposes, and deleted, destroyed, or anonymized once those purposes expire. Updated legal durations will apply if amended.
Your Rights Regarding Personal Data
You may apply to us via mail to Adalet Mahallesi, Manas Bulvarı 47/B 2809 Bayraklı İzmir, or via email to [email protected] using your registered email address to exercise the following rights under Article 11 of KVKK:
- a) Learn whether your personal data is processed,
- b) Request information about processing,
- c) Learn the purpose of processing and whether it is used accordingly,
- ç) Know third parties to whom data is transferred domestically or abroad,
- d) Request correction if incomplete or incorrect,
- e) Request deletion/destruction within Article 7,
- f) Request notification of changes to third parties,
- g) Object to adverse outcomes from automated processing,
- ğ) Claim compensation for damages due to unlawful processing.
Your request will be addressed within 30 (thirty) days. If costs arise, a fee may be charged as determined by the Personal Data Protection Board.
Applications must include your name, signature, ID number, address, email, phone, and subject in accordance with the “Communiqué on Application Procedures to the Data Controller.” Incomplete applications will be rejected.
We will accept or reject your request with justification and notify you in writing or electronically.
Last Updated: 25.07.2025