HITDEV.AI

Legal

Privacy Policy

Last updated: 14 January 2026

1. Purpose

HITDEV AI Teknoloji A.Ş. (“ HITDEV AI” or “Company”) processes users’ personal data in accordance with applicable data protection laws, including but not limited to the Law on the Protection of Personal Data No. 6698 (“Law No. 6698”).

Personal data that you provide to the Company, or which is obtained through other means, may be processed by HITDEV AI as a Data Controller for specific and lawful purposes, in a limited and proportional manner, while ensuring data accuracy and currentness.

The data may be recorded, stored, preserved, reorganized, and transferred to authorized public bodies, or shared with third parties domestically and internationally under legal conditions or your explicit consent when required. It may also be subject to other legal processing methods and procedures.

This Privacy Policy outlines how HITDEV AI ensures compliance with Law No. 6698 and describes the collection, use, protection, sharing, and management of your personal data.

2. Collection of Personal Data and Method

HITDEV AI collects and processes personal data for the purposes outlined in this policy. This may include, but is not limited to, the following information:

  • Name and surname
  • Email address and phone number
  • Purchase and order history (including in-app purchases)
  • Uploaded photos or images
  • Advertising ID (IDFA), Vendor ID (IDFV), and IP address
  • Login credentials (username, email, password)

Data Categories and Types:

  • Identity Information: Name and surname
  • Contact Information: Phone number, email address
  • Process Security: IP address, traffic data, device information, in-app purchase history, IDFA, IDFV, Token ID
  • Visual and Audio Records: Photos uploaded by the user
  • Customer Transaction: Order history
  • Marketing Data: IDFA, IDFV

Personal data may be collected via electronic or physical means, through devices, third-party platforms such as app stores, or tools integrated into our services. Log data such as IP address, device name, operating system version, application settings, and timestamps may also be collected automatically.

General Principles for Processing Personal Data:

  • Lawfulness and good faith
  • Accuracy and up-to-dateness
  • Processing for specific, clear, and legitimate purposes
  • Proportionality and data minimization
  • Retention only for the period required by law or necessity

3. Processing of Facial Data

3.1. Facial Data Collected

When you use features involving photo or face processing, HITDEV AI may process facial data such as facial geometry, facial feature points (eyes, nose, mouth), symmetry characteristics, and full-face images. This data is used solely for AI-based image and video generation.

3.2. Purpose of Processing Facial Data

Facial data is processed exclusively to provide photo-editing services, AI-based image and video generation, improve output accuracy, and enhance application performance. Facial data is not used for identity verification, facial recognition, or authentication purposes.

3.3. Storage and Retention of Facial Data

Facial data is processed in real time and deleted immediately after the inference process. It is not stored, retained, or reused. Only anonymized and non-identifiable statistical data may be retained for quality and performance improvement purposes.

3.4. Storage Location and Security

Facial data is processed securely on Google Cloud servers using encryption, restricted access, and secure communication channels. Data is never stored in a format that allows re-identification.

3.5. Sharing of Facial Data

HITDEV AI does not sell, rent, trade facial data.

3.6. Third Parties Handling Facial Data

No third parties store or process identifiable facial data. Any anonymized or aggregated data used for internal development cannot be traced back to individuals.

4. Purposes and Legal Basis of Processing

4.1. Purposes of Processing

  • Ensuring compliance with legal obligations
  • Communication with users and providing user support
  • Improving and personalizing services
  • Performance of contracts and after-sales support
  • Ensuring information security and operational continuity
  • Marketing analysis and advertising activities (with user consent)
  • Storage, archiving, and complaint resolution
  • AI-based image processing (facial data deleted after inference)

4.2. Legal Grounds for Processing

  • Formation and execution of a contract
  • Compliance with legal obligations
  • Legitimate interests, provided that user rights and freedoms are not violated
  • Explicit user consent where required by law

5. Third-Party Sites and Applications

Our applications may contain links to third-party websites or services that are not controlled by HITDEV AI. We are not responsible for the content, privacy practices, or policies of such third-party services. Use of these services is at your own risk.

6. Cookies

Cookies are small data files stored on your device to improve user experience. Cookies do not access personal files stored on your device. You may manage or delete cookies through your browser settings.

7. Push Notifications

HITDEV AI may send push notifications regarding application updates or important alerts. You may manage or disable push notifications through your device settings at any time.

8. Data Retention

Personal data is retained only for the period required by applicable laws or necessary for the purpose of processing. Facial data is always deleted immediately after inference and is never stored. Personal data processed based on user consent is deleted or anonymized once the consent period expires.

9. Security Measures

HITDEV AI implements appropriate technical and administrative measures to protect personal data, including but not limited to:

  • Antivirus and firewall protection
  • VPN-secured system access
  • Role-based access control
  • Encryption and secure data transmission
  • Logging and two-factor authentication
  • Penetration testing and SIEM monitoring
  • Information Security Management System (ISMS) compliance and staff training
  • Physical security measures for paper-based records
  • Cloud backups and disaster recovery systems
  • Employee non-disclosure agreements

In the event of a personal data breach, affected users and the relevant authority will be notified in accordance with legal requirements, and necessary corrective actions will be taken.

10. Data Transfers

Personal data may be transferred domestically or internationally for the following purposes:

  • Archiving and storage
  • Operational activities and CRM processes
  • Compliance with legal obligations
  • Use of third-party services such as Adjust, Firebase Analytics, Facebook SDK, Fal.AI and Google Cloud

11. Your Rights

Under Article 11 of Law No. 6698 and the GDPR (where applicable), you have the right to:

  • Learn whether your personal data is processed
  • Request information regarding data processing
  • Request correction, deletion, or anonymization of personal data
  • Object to processing based solely on automated decision-making
  • Request data portability
  • Submit complaints to relevant supervisory authorities

You may exercise your rights by submitting a written request with proper identification to: support@hitdevai.co

Requests will be responded to within thirty (30) days. If a request is rejected, a written explanation will be provided.

12. Updates to the Policy

HITDEV AI reserves the right to update this Privacy Policy when necessary. Continued use of our services following any updates constitutes acceptance of the revised policy.

13. Contact Information

Company Name: HITDEV AI Teknoloji A.Ş.

Address: Ataköy 7-8-9-10. Kısım Mahallesi Çobançeşme E-5 Yan Yol Caddesi No: 12/2/59, Bakırköy, İstanbul, Türkiye

Email: support@hitdevai.co

Phone: +90 501 189 60 94