Awsy-AI
Start now
Back to home

Privacy Policy

Last updated: July 8, 2024

This policy describes how awsy-ai handles personal data for tenants and visitors.

1. Introduction

This Privacy Policy explains how ALKAWTHER E-TİCARET BİLGİSAYAR PROGRAMLAMA TİCARET LİMİTED ŞİRKETİ ("awsy-ai", "we", "us", or "our") collects, uses, and protects personal data when you access awsy-ai.com, create an account, subscribe to a plan, or otherwise interact with our services (the "Services"). We are established under the laws of the Republic of Türkiye with our registered office at BAŞAK MAH. ABDÜLHAMİTHAN CAD. BAŞAKŞEHİR/ İSTANBUL.

For the personal data we collect directly, we act as the data controller and can be reached at info@awsy-ai.com or by phone at +90 539 682 31 02. Paddle acts as an independent controller when it processes payments as our merchant of record; please refer to Paddle's privacy notice at https://www.paddle.com/legal/privacy for details about their processing activities.

By using the Services, you acknowledge that you have read and understood this Privacy Policy. If you use the Services on behalf of a company or other legal entity, you represent that you have the authority to bind that entity and that you consent to this Privacy Policy on its behalf.

2. Information You Provide to Us

We collect information that you provide directly when you sign up for, configure, or contact us about the Services. Depending on how you use awsy-ai, this may include:

  • Account registration details such as your name, business name, email address, password, and authentication credentials;
  • Workspace configuration, including assistant names, greetings, languages, and settings you choose for your tenant environment;
  • The single knowledge file you upload to power the assistant. Only the most recent file is retained and prior versions are overwritten or deleted;
  • Support requests, survey responses, or other communications you send to info@awsy-ai.com or through in-product channels.

3. Billing and Payment Information

All paid subscriptions are processed by Paddle, which acts as the merchant of record. Paddle collects and stores payment instrument details and tax identifiers on our behalf. We do not have access to or store full payment card numbers or bank information.

We receive limited billing data from Paddle to manage your subscription, including plan selections, renewal dates, billing country, tax statuses, invoice history, and the outcome of payment attempts.

We process the billing details we receive as necessary to perform our contract with you and to comply with legal and tax obligations. Paddle processes payment instrument data under its own privacy notice, which is available at https://www.paddle.com/legal/privacy.

For buyers in the United Kingdom or European Economic Area, Paddle.com Market Limited (company number 08172165) acts as the merchant of record from its office at 70 Wilson Street, London, EC2A 2DB, United Kingdom. Paddle.com Inc., located at 3811 Valley Centre Drive, Suite 101, San Diego, CA 92130, USA, serves customers in the United States and Canada. Your receipt will identify the Paddle entity that controls your transaction and the applicable tax registrations.

4. Customer Data You Process Through the Services

"Customer Data" means the prompts, files, notes, transcripts, or other content that you or your end users submit to the assistant. You retain ownership of Customer Data, and we process it only to provide and improve the Services and fulfill legal obligations.

The Services are intended for business knowledge that you are comfortable sharing with your audience—such as course outlines, service descriptions, product documentation, and other publicly shareable information. You must not upload personal data, payment information, legal documents, identification cards, or any content that you would not want to make visible to your audience.

We store only the most recent knowledge file associated with your tenant. End-customer prompts and responses are relayed to OpenAI and Google for processing and are not retained on our servers once the response is delivered. We do not maintain long-term chat histories or contact details for your audience.

5. Information Collected Automatically

When you interact with the Services, we automatically collect certain technical information to operate and secure the platform. This information is stored within our hosting and Firebase infrastructure and may include:

  • Log data such as IP addresses, browser type, device identifiers, operating system, and timestamps of access;
  • Usage metrics related to authentication events, quota consumption, and feature interactions;
  • Diagnostic information about errors, performance, and API requests needed to maintain reliability and prevent abuse.

6. How We Use Information

We use the information we collect for the following purposes. For individuals in the European Economic Area or the United Kingdom, we rely on legal bases such as contract necessity (to provide the Services), legitimate interests (to secure and improve the platform), compliance with legal obligations, and consent where we rely on optional features.

  • Providing, maintaining, and improving the Services, including delivering AI responses and managing your workspace settings;
  • Authenticating users, preventing fraud, enforcing our Terms of Service, and protecting the integrity and security of the platform;
  • Handling customer support requests, feedback, and communications;
  • Sending operational notices about billing, feature updates, and policy changes. We do not send marketing emails without your consent;
  • Complying with legal obligations, resolving disputes, and enforcing agreements;
  • Analyzing aggregated and anonymized usage trends to guide product decisions.

7. How We Share Information

We do not sell your personal data. We may share information in the following limited circumstances:

  • With Paddle to process subscription payments, detect fraud, and manage taxes as merchant of record;
  • With OpenAI and Google Cloud to process prompts, generate responses, and perform speech or storage functions requested through the Services;
  • With infrastructure and security providers (such as hosting, database, storage, logging, and email services) that enable us to operate awsy-ai, subject to appropriate contractual protections;
  • With professional advisers, auditors, or insurers who assist us in meeting legal and regulatory requirements;
  • If required by law, legal process, or governmental request, or to protect our rights, customers, or the public;
  • In connection with a corporate transaction such as a merger, acquisition, or asset sale, provided the recipient agrees to respect this Privacy Policy.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. In particular:

  • Account information and subscription records are kept while your account is active and for a reasonable period afterward to resolve disputes and meet regulatory obligations;
  • Knowledge files remain in Firebase Storage only until you upload a replacement or delete them from the workspace;
  • Operational logs and security data are typically retained for a short period, after which they are aggregated or deleted;
  • Customer prompts and responses are discarded after delivery and are not stored in long-term databases.

9. Security

We implement administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These controls include encrypted transport, access controls for our staff, monitoring, and regular review of configurations.

No system can be guaranteed secure. You are responsible for protecting your login credentials, enabling multi-factor authentication where available, and notifying us promptly if you suspect unauthorized use of your account.

10. International Data Transfers

We are based in Türkiye, but our service providers—including Paddle, OpenAI, Google Cloud, Firebase, hosting, and logging vendors—may process data in the European Economic Area, the United States, or other jurisdictions. By using the Services, you authorize us to transfer information to these locations, which may have data protection laws different from those of your jurisdiction.

When required, we implement appropriate safeguards such as contractual data protection clauses to protect personal data transferred internationally.

11. Responsibilities of Tenants and Users

You must ensure that you have a lawful basis for processing the Customer Data you upload to awsy-ai and that you provide any required disclosures or notices to your audience. You are solely responsible for the content you upload and the instructions you provide to the assistant.

  • Inform your audience about the role of awsy-ai and obtain consent where required by law;
  • Avoid uploading personal or sensitive information that conflicts with this Privacy Policy or our Terms of Service;
  • Respect the usage policies of OpenAI and Google, including restrictions on prohibited or sensitive data categories.

12. Your Choices and Rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete personal data we hold about you. You can manage most account information directly in the awsy-ai dashboard or by contacting us at info@awsy-ai.com, by phone at +90 539 682 31 02, or by mail at BAŞAK MAH. ABDÜLHAMİTHAN CAD. BAŞAKŞEHİR/ İSTANBUL. We will respond to valid requests within the timeframes required by applicable law. If your request relates to payment details processed by Paddle, please contact Paddle using the information in your receipt or at help@paddle.com so they can fulfill their obligations as controller.

If you wish to stop receiving operational emails, you may adjust your notification preferences within the product. Mandatory service announcements will continue to ensure you receive critical updates.

13. Children's Privacy

The Services are not directed to or intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If we learn that we have collected personal data from a child, we will take steps to delete it.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. When we do, we will revise the "Last updated" date at the top of this page and, when appropriate, notify account owners via email or in-product messages.

Your continued use of the Services after the effective date of an updated Privacy Policy constitutes your acceptance of the changes.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at info@awsy-ai.com. You may also reach us by phone at +90 539 682 31 02 or by mail at BAŞAK MAH. ABDÜLHAMİTHAN CAD. BAŞAKŞEHİR/ İSTANBUL during standard business hours (09:00–17:00 TRT, Monday through Friday, excluding public holidays).

For privacy questions related to payment processing, you can reach Paddle through the instructions in your receipt or at help@paddle.com.