Privacy Policy
Effective Date: 2026-04-02 · Version 1.0
Eventiqs Teknoloji A.S. ("we", "us", "our") operates Eventiqs Finance. This Privacy Policy explains how we collect, use, share, and protect your personal data.
1. Data We Collect
1.1 Identity Data
- Name, email address, password (hashed)
- Organization name, country, currency preference
1.2 Financial Data
- Uploaded documents (bank statements, invoices, credit card statements)
- Transaction records (dates, amounts, descriptions, vendors, categories)
- Budget plans and financial reports
1.3 Technical Data
- IP address, browser type, user agent
- Session data, cookies
- Audit logs (actions performed within the platform)
2. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation & authentication | Identity data | Contract performance |
| Financial tracking & reporting | Financial data | Contract performance |
| AI-powered document analysis | Uploaded documents | Explicit consent |
| Security & fraud prevention | Technical data | Legitimate interest |
| Service improvement | Usage patterns (aggregated) | Legitimate interest |
3. Third-Party Data Sharing
We share your data with the following third parties solely for service delivery:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Anthropic (Claude API) | AI document analysis & categorization | Content of uploaded financial documents | USA |
| Neon | Database hosting | All platform data | USA/EU |
| Resend | Email delivery | Email addresses, names | USA |
| Cloudflare | Hosting & CDN | Request data, IP addresses | Global |
4. International Data Transfers
Your data may be transferred to and processed in the United States and other countries where our service providers operate. By using the Service, you consent to these transfers. We ensure that appropriate safeguards are in place in accordance with applicable data protection laws.
5. Data Retention
- Account data: Retained while your account is active, and for 6 months after account deletion.
- Financial data: Retained while your account is active. Deleted upon account deletion request.
- Audit logs: Retained for 12 months.
- Session data: Automatically expired after 7 days of inactivity.
6. Your Rights
Under KVKK (Turkish Personal Data Protection Law) and GDPR, you have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request deletion of your data
- Object to or restrict data processing
- Data portability (receive your data in a structured format)
- Withdraw your consent at any time
To exercise these rights, contact us at privacy@eventiqs.com.
7. Cookies
We use essential cookies for authentication and session management. See our Cookie Policy for details.
8. Data Security
We implement industry-standard security measures including:
- Password hashing (bcrypt)
- HTTPS encryption in transit
- Secure, httpOnly session cookies
- Rate limiting on authentication endpoints
- Role-based access control within organizations
9. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification.
11. Contact
Data Controller: Eventiqs Teknoloji A.S.
Email: privacy@eventiqs.com