PRIVACY POLICY

    Last Updated: 19.06.2026

    1. Introduction and Scope

    This Privacy Policy explains how personal data collected through the appiaglobal.com domain name and the APPIA software platform managed by Appia Yazılım Ltd. Şti. ("APPIA", "we", "our company") is processed.

    This policy applies under the Law No. 6698 (KVKK) for users in Turkey, GDPR (EU 2016/679) for users in the European Union, CCPA for users in the United States, and other applicable local legislation.

    2. Data Controller

    Company Name: Appia Yazılım Ltd. Şti.
    Address: Demirtaş Dumlupınar Mahallesi 38. Sokak No:62, Bursa, Turkey
    Phone: 0224 502 00 18
    E-mail: info@appiaglobal.com
    Website: www.appiaglobal.com

    3. Personal Data Collected

    3.1 Data Provided Directly:

    • Name, surname, e-mail address, phone number
    • Company name, tax number, trade registry number
    • Billing and delivery address information
    • Payment information (card details are processed by the secure payment infrastructure, not stored by APPIA)
    • Platform account information (username, password hash)

    3.2 Data Collected Automatically:

    • IP address, browser type and version
    • Cookie data and session information
    • Platform usage statistics and log records
    • Device information and operating system

    4. Purposes of Processing Personal Data

    • Provision of services and user account management
    • Execution of order, cargo, and logistics processes
    • Provision of e-invoice and accounting services
    • Customer support and technical assistance
    • Fulfillment of legal obligations
    • Security, prevention of fraud, and protection of platform integrity
    • Product development and service improvement
    • Marketing and promotional activities (subject to explicit consent)

    5. Legal Grounds for Processing

    • Performance of contract: Fulfillment of subscription and service contracts
    • Legal obligation: Tax, accounting, and legal reporting obligations
    • Legitimate interest: Platform security, fraud detection
    • Explicit consent: Marketing communication and analytics (optional)

    6. Transfer of Data

    Your personal data may be shared with third parties in the following cases:

    • Payment processors (Paddle, iyzico) — for payment verification purposes only
    • Cargo and logistics partners (FedEx, DHL) — for delivery purposes
    • Legal authorities — in case of court orders or legal obligation
    • Cloud infrastructure providers — for secure data storage (GDPR/KVKK compliant)

    Your personal data is not sold to third parties for commercial purposes.

    7. International Data Transfers

    Your data may be transferred outside Turkey and the European Economic Area. These transfers are carried out under EU Standard Contractual Clauses (SCCs), adequacy decisions, or other appropriate safeguards.

    8. Data Retention Periods

    • Account data: Active duration of account + 3 years
    • Accounting and invoice records: 10 years (legal obligation)
    • Log records: 2 years
    • Marketing data: Until consent is withdrawn

    9. User Rights

    Users in Turkey (KVKK Article 11):

    • Right to learn whether personal data is processed
    • Right to access and request personal data
    • Right to request correction of incorrect data
    • Right to request erasure or destruction of personal data
    • Right to object to data processing

    Users in the EU/Europe (GDPR):

    • Rights of access, correction, erasure, portability, restriction of processing
    • Right to withdraw consent (for marketing)
    • Right to lodge a complaint with a data protection authority

    Users in the US (CCPA/CPRA):

    • Right to know the categories of personal data collected
    • Right to request erasure of your personal data
    • Right to opt-out of the sale of your personal data

    10. Cookies

    The APPIA platform uses necessary, functional, and analytical cookies. You can manage your preferences through the cookie settings panel. For detailed information, please refer to our Cookie Preferences panel.

    11. Security

    Technical and administrative measures such as SSL encryption, access controls, and regular security audits are taken to protect your personal data against unauthorized access, disclosure, or destruction.

    12. Children's Privacy

    APPIA services are not intended for individuals under the age of 18. We do not knowingly collect personal data from individuals under 18.

    13. Changes

    Significant changes to this policy will be notified on the platform and to your registered e-mail address. You can always access the current version at appiaglobal.com/privacy-policy.

    14. Contact

    To exercise your rights or for questions:
    E-mail: info@appiaglobal.com
    Address: Demirtaş Dumlupınar Mahallesi 38. Sokak No:62, Bursa, Turkey
    Phone: 0224 502 00 18