Legal Document

Privacy Notice

Last updated April 02, 2026  |  Cookie Notice

This Privacy Notice for Melih Aycicek ("we", "us", or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services, including when you visit audfix.com or use AUDFIX — a web-based developer platform providing developer tools and retrospective meeting management.

Questions or concerns? privacy@audfix.com

Summary of Key Points

What personal information do we process? We collect information you voluntarily provide (registration, contact) and data collected automatically (IP, browser, usage logs).

Do we process sensitive personal information? No. We do not process sensitive personal information.

Do we collect information from third parties? No.

How do we process your information? To provide services, communicate with you, for security, and to comply with law.

Do we sell your data? No. We have not sold or shared personal information to third parties for commercial purposes.

1. What Information Do We Collect?

Personal information you disclose to us

We collect personal information you voluntarily provide when you register, express interest in our products, or contact us. This may include:

  • Email addresses
  • Names and usernames
  • Passwords (stored as bcrypt hashes — never in plain text)
  • Contact preferences

We do not process sensitive personal information.

Information automatically collected

We automatically collect certain information when you visit or use our Services, including:

  • Log and Usage Data — IP address, browser type, device information, pages viewed, timestamps, and feature usage.
  • Device Data — device identifiers, operating system, browser and hardware model.
  • Location Data — general location inferred from IP address. We do not collect precise GPS data.
  • Uploaded Content — files, screenshots, images and other content you submit. Stored temporarily and auto-deleted per each tool's retention policy.

2. How Do We Process Your Information?

We process your personal information to:

  • Facilitate account creation, authentication, and account management
  • Respond to inquiries and provide customer support
  • Send administrative information (service changes, policy updates)
  • Enable user-to-user communications (meeting invitations, retrospective sessions)
  • Maintain platform security and prevent fraud, abuse, and spam
  • Protect vital interests where required

3. What Legal Bases Do We Rely On?

EU/UK/Switzerland: We rely on the following legal bases under GDPR / UK GDPR:

  • Consent — where you have given permission for a specific purpose (e.g. analytics cookies). You may withdraw consent at any time without affecting prior lawful processing.
  • Performance of a Contract — to fulfil our obligations when you register and use the Services, including sending transactional emails.
  • Legitimate Interests — maintaining platform security, preventing fraud, enforcing rate limits, and improving the platform through internal analytics, where not overridden by your rights.
  • Legal Obligations — where we must process your information to comply with applicable laws.
  • Vital Interests — in rare cases involving potential safety threats.

Canada: We process your information with express or implied consent, or as otherwise permitted under applicable Canadian privacy law.

4. When and With Whom Do We Share Your Personal Information?

We may share your information in the following situations:

  • Business Transfers — in connection with any merger, sale of company assets, or acquisition.
  • Hosting and Infrastructure Providers — our Services are hosted via cPanel and served through Nginx. These providers may access server-level data (IP, request logs) as technically necessary. They act as data processors under their own privacy obligations.
  • Email Service Provider — your email address and name are shared with our SMTP service solely to send transactional emails (verifications, password resets, invitations).

We do not sell your personal data to any third parties.

5. What Is Our Stance on Third-Party Websites?

Our Services may contain links to third-party websites or applications. We are not responsible for the content, privacy practices, or security of those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

6. Do We Use Cookies?

Yes. We use cookies and similar tracking technologies to maintain session security, remember your preferences, and gather analytics (where consented). For full details on the cookies we use, please see our Cookie Notice.

7. How Long Do We Keep Your Information?

  • Account data — retained until you delete your account
  • Uploaded files — auto-deleted per each tool's configured expiry (2 hours to 730 days depending on the feature)
  • Visitor / server logs — retained for 90 days, then purged
  • Session data — deleted on logout or session expiry

When we have no ongoing legitimate need to process your data, we delete or anonymise it, or isolate it from further processing if deletion is temporarily not possible (e.g. backup archives).

8. How Do We Keep Your Information Safe?

We have implemented appropriate technical and organisational security measures, including:

  • HTTPS / TLS encryption for all data in transit
  • bcrypt password hashing
  • CSRF token protection on all state-changing requests
  • Rate limiting to prevent brute-force attacks
  • Regular dependency audits and security reviews
  • Session regeneration on login to prevent session fixation
Despite our safeguards, no electronic transmission over the Internet can be guaranteed 100% secure. You should only access the Services within a secure environment.

9. What Are Your Privacy Rights?

Depending on your location, you may have the following rights:

  • Right to access and obtain a copy of your personal information
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your data
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right not to be subject to solely automated decision-making

To exercise any of these rights, contact us at privacy@audfix.com or use our contact form. We will respond in accordance with applicable data protection law.

EU/UK residents may also lodge a complaint with their local data protection authority. Swiss residents may contact the Federal Data Protection and Information Commissioner.

Account Information

You can review or update your account information by logging in and visiting your account settings. To request account deletion, contact us using the details in Section 14. We may retain some information to prevent fraud, enforce our terms, or comply with legal requirements.

10. Controls for Do-Not-Track Features

Most browsers allow you to activate a Do-Not-Track ("DNT") signal. As there is currently no uniform industry standard for recognising DNT signals, we do not currently respond to them. We do not use cookies for advertising or tracking regardless of DNT status.

11. Do United States Residents Have Specific Privacy Rights?

Depending on your US state of residence (including California, Colorado, Connecticut, Virginia, Texas, and others), you may have additional rights under applicable state privacy laws:

  • Right to know whether we are processing your personal data
  • Right to access your personal data
  • Right to correct inaccuracies
  • Right to request deletion
  • Right to obtain a copy of data you previously shared with us
  • Right to non-discrimination for exercising your rights
  • Right to opt out of the sale of personal data (we do not sell personal data)

Categories of Personal Information Collected (Last 12 Months)

CategoryExamplesCollected?
IdentifiersEmail address, IP address, usernameYES
Personal RecordsName, contact informationYES
Network ActivityBrowsing history within our site, feature interactionsYES
Geolocation DataPrecise GPS locationNO
Commercial InformationPayment or purchase historyNO
Biometric InformationFingerprints, voiceprintsNO
Sensitive Personal InformationRace, health, financial account dataNO

We have not sold, disclosed for a business purpose, or shared personal information with third parties for commercial purposes in the preceding 12 months.

To exercise your rights, submit a request to privacy@audfix.com. We will verify your identity before processing requests. You may authorise an agent to submit requests on your behalf with written signed permission.

California "Shine The Light" Law

California residents may request, once per year, information about any personal data disclosed to third parties for direct marketing purposes. We do not disclose personal data to third parties for direct marketing; therefore no report will be applicable.

12. Turkish Residents — KVKK (Kanun No. 6698)

Kişisel Verilerin Korunması Kanunu (KVKK) Kapsamında Aydınlatma

Veri Sorumlusu: Melih Aycicek, Esenler, İstanbul 34899, Türkiye — audfix.com

Kişisel Verilerin İşlenme Amaçları ve Hukuki Dayanakları

  • Hesap oluşturma ve kimlik doğrulama: Sözleşmenin kurulması ve ifası (KVKK Md. 5/2-c)
  • Hizmetlerin sunulması ve iyileştirilmesi: Meşru menfaat (KVKK Md. 5/2-f)
  • Güvenlik ve dolandırıcılık önleme: Meşru menfaat ve hukuki yükümlülük (KVKK Md. 5/2-f ve 5/2-ç)
  • İletişim kurma: Açık rıza veya sözleşmenin ifası (KVKK Md. 5/1 ve 5/2-c)
  • Yasal yükümlülüklere uyum: Hukuki yükümlülük (KVKK Md. 5/2-ç)

KVKK Kapsamındaki Haklarınız (Madde 11)

  • Kişisel verilerinizin işlenip işlenmediğini öğrenme
  • İşlenmişse buna ilişkin bilgi talep etme
  • İşlenme amacını ve amacına uygun kullanılıp kullanılmadığını öğrenme
  • Yurt içinde veya yurt dışında kişisel verilerin aktarıldığı üçüncü kişileri bilme
  • Eksik veya yanlış işlenmiş verilerin düzeltilmesini isteme
  • KVKK'nın 7. maddesi çerçevesinde verilerin silinmesini veya yok edilmesini isteme
  • Münhasıran otomatik sistemlerle aleyhinize sonuç doğuran işlemlere itiraz etme
  • Kanuna aykırı işleme nedeniyle oluşan zararın giderilmesini talep etme

Başvurular en geç 30 gün içinde yanıtlanır. Başvuru: privacy@audfix.com

KVKK Kurumu'na şikâyet: kvkk.gov.tr veya Alo 198

13. Do We Make Updates to This Notice?

We may update this Privacy Notice from time to time. The "Last updated" date at the top reflects the most recent revision. For material changes, we may notify you by prominently posting a notice or sending you a notification. We encourage you to review this notice periodically.

14. How Can You Contact Us?

Email: privacy@audfix.com

Web: audfix.com/contact

Melih Aycicek
Esenler, Istanbul 34899
Turkey

15. How Can You Review, Update, or Delete Your Data?

Based on the applicable laws of your country or state of residence, you may have the right to request access to, correction of, or deletion of your personal information, as well as the right to withdraw consent. To submit a request, contact us using the details in Section 14 above. These rights may be limited in some circumstances by applicable law.