This policy is provided in English and Turkish. The Turkish text controls where required by Turkish law.
Controller and scope
The data controller for Sitelemetry is EGENİL TELEFERİK MÜHENDİSLİK TEKNİK İŞLETME DANIŞMANLIK LİMİTED ŞİRKETİ, Cumhuriyet Mah. 1227 Sk. No: 11, Altınordu, Ordu, Türkiye.
This policy applies to sitelemetry.com, the Sitelemetry console, audit services, APIs, support and related integrations. It explains our processing under Türkiye's Law No. 6698 on the Protection of Personal Data (KVKK) and, where applicable, the GDPR and other privacy laws.
Information we collect
We collect information directly from you, from your authorized integrations, from normal use of the service and from publicly reachable technical surfaces of targets you submit.
Purposes and legal bases
- Contract: create accounts, run requested audits, generate reports, provide subscriptions, integrations and support.
- Legitimate interests: secure the service, prevent abuse, troubleshoot, measure reliability and improve defensive audit quality without overriding your rights.
- Legal obligation: maintain financial, tax, fraud-prevention and compliance records and respond to lawful requests.
- Consent: operate optional connections or communications where consent is the appropriate legal basis. You may withdraw consent without affecting earlier lawful processing.
We do not use private audit content or Google user data to train general-purpose artificial intelligence models, and we do not sell personal information.
Audit targets and third-party information
Audits may observe public server responses, DNS and certificate data, exposed technologies, page content and similar technical information. You must have authority to submit the target and avoid supplying unnecessary personal data or secrets.
Some modules send the target or limited technical inputs to configured engines or APIs to perform the requested analysis. Reports may contain information about website operators or systems. You are responsible for using and sharing those reports lawfully.
Service providers and disclosures
We share only the information reasonably needed with processors that support hosting and infrastructure, email delivery, payments, authentication, analytics integrations, customer support and authorized audit engines. Examples include AWS for hosting, email infrastructure providers, Paddle for billing and Google for integrations you connect.
Providers process information under their own terms and applicable data-protection obligations. We may also disclose information when required by law, to protect users or the service, in a corporate transaction with appropriate safeguards, or at your direction. We do not disclose audit data to unrelated advertisers.
Google API Services data
If you connect Google Search Console, Google Analytics or another supported Google service, we access only the scopes and properties you authorize. We use that information to display requested metrics, create reports and maintain the connection. You can disconnect the integration from Sitelemetry and revoke access from your Google Account.
Sitelemetry's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.
Payments and Paddle
Paddle acts as Merchant of Record for paid Sitelemetry orders. Paddle collects payment, billing and tax information under its own privacy policy. We receive limited identifiers and subscription status needed to provision and support your plan, not full card details.
Retention and security
We retain account, audit and integration information while needed to provide the service and for a limited period afterward for security, dispute resolution, backup integrity and legal obligations. Billing and compliance records may be kept for the period required by law. When information is no longer needed, we delete, anonymize or securely isolate it from active use.
We use access controls, password hashing, encrypted transport, secret separation, request validation, audit logging and other technical and organizational safeguards appropriate to the service. No system is completely secure, so please report suspected incidents promptly.
International transfers
Some providers may process data outside Türkiye or your country. Where required, we rely on adequacy decisions, contractual safeguards, explicit consent or another lawful transfer mechanism. The location of a submitted audit target may also determine where public technical requests are received.
Your privacy rights
Subject to applicable law, you may ask whether we process your data and request access, correction, deletion, restriction, portability or objection; withdraw consent; and complain to the competent data-protection authority. KVKK data subjects also have the rights described in Article 11, including learning the purpose and recipients of processing and seeking remedy for unlawful processing.
Send requests to support@sitelemetry.com. We may verify identity and authority before acting. You can also request account and connected-token deletion. We will respond within the period required by applicable law.
Children, updates and contact
Sitelemetry is a business service and is not intended for children under 18. We do not knowingly collect their personal information.
We may update this policy to reflect product, provider or legal changes. We will change the effective date and provide additional notice for material changes where required.