HeyGeo Privacy Policy
This Privacy Policy sets out the core explanations regarding personal data processed in connection with the heygeo.ai website and the HeyGeo products and applications offered under the HeyGeo brand by Kodex Bilgi Teknolojileri A.Ş.
This notice applies to website visitors, prospective customers, customer representatives, users, newsletter subscribers, and individuals who submit support or demo requests.
Identity and contact details
Your personal data is processed by Kodex Bilgi Teknolojileri A.Ş. in its capacity as the data controller.
- Company name: Kodex Bilgi Teknolojileri A.Ş.
- Brand address: www.heygeo.ai
- Address: ALTINŞEHİR MAH. 228.(280) SK. NO: 44 İÇ KAPI NO: 1 Nilüfer/BURSA
- Country: Türkiye
- Tax office / Tax no: Nilüfer / 5740948405
- Email: privacy@heygeo.ai
- Scope: Website, product, application, demo, and communication workflows
- Model: Enterprise / B2B service delivery
Which data categories may we process?
For the delivery and improvement of the service, HeyGeo may process the following categories of data in a limited, proportionate, and purpose-linked manner:
- Name and surname
- Business email address
- Phone number
- Company and title details
- Contact form content
- Demo request information
- Proposal, contract, and meeting notes
- Support records and correspondence
- IP address and log records
- Session information
- Device, browser, and operating system details
- Error, access, and security logs
- On-site navigation and interaction data
- Cookie IDs and similar technical identifiers
- Campaign, source, and conversion details
- Email subscription preferences
- Billing title and billing address
- Limited records related to the payment transaction
- Subscription and plan information
- Collection and financial transaction references
- Account information
- Authorization and role details
- In-product preferences and configurations
- Representative information acting on behalf of the customer
For which purposes may we process your personal data?
- Operating, managing, and improving the website and application
- Carrying out account creation, authentication, and user authorization workflows
- Managing demo requests, offers, communication, and sales workflows
- Running customer relationship, support, and operational processes
- Ensuring product security, preventing misuse, and retaining audit trails
- Analytics measurement, performance monitoring, and service quality improvement
- Running newsletter, informational, and marketing communication workflows
- Complying with legal obligations and managing legal processes
How do we collect data and which legal bases do we rely on?
Personal data may be collected electronically through website forms, demo request screens, in-product user actions, cookies and similar technologies, email correspondence, support channels, contract workflows, and authorized third-party service providers.
Processing activities may be carried out, to the extent permitted by applicable law, particularly on the legal bases of establishing or performing a contract, fulfilling the controller's legal obligations, establishing, exercising, or protecting a right, protecting legitimate interests, and, where required, explicit consent.
With whom may personal data be shared?
Depending on the nature of the service and in compliance with applicable law, your personal data may be shared on a limited basis with the following parties:
Some of these providers may be located domestically or abroad. Where cross-border transfers are required, the procedures and safeguards prescribed by applicable data protection laws are followed.
- Hosting and CDN providers
- Authentication / auth infrastructure providers
- Email and communication infrastructure providers
- Payment infrastructure and subscription management providers
- Analytics and performance measurement tools
- Legally authorized public institutions and authorities
- Professionals providing legal, audit, and advisory services
- Potential parties involved in merger, transfer, or restructuring processes
- Authorized business partners upon your request or under contractual necessity
How long do we retain data?
Personal data is retained for the period necessary for the relevant processing purpose and additionally in consideration of limitation periods, retention obligations, and evidentiary requirements imposed by applicable law.
When the retention period expires or the processing purpose ceases to exist, personal data is deleted, destroyed, or anonymized in accordance with applicable law.
Measures we take to protect data
- Restricted access permissions and role-based authorization
- Logging, monitoring, and security incident management
- Infrastructure security, backups, and system updates
- Security and contractual control mechanisms in provider selection
- Data minimization and need-to-access principles
- Internal policy, process, and authorization governance measures
- Implementation of reasonable technical and administrative safeguards
- Incident response and notification workflows where necessary
Technologies used on the website
The HeyGeo website may use cookies and similar technologies to improve user experience, maintain security, measure traffic, analyze performance, and remember preferences.
Cookies may include session cookies, persistent cookies, essential cookies, functionality cookies, analytics cookies, and third-party cookies depending on the relevant usage scenario.
For non-essential cookies, preference management and consent mechanisms may also be provided where required by applicable law. You can always change your cookie preferences through your browser settings; however, disabling certain cookies may affect specific site functions.
Your rights regarding personal data
Subject to the conditions set out in applicable law, you may have the following rights in relation to your personal data:
- Learn whether personal data is being processed
- Request information if your personal data has been processed
- Learn the processing purpose and whether data is used accordingly
- Know the third parties to whom data is transferred domestically or abroad
- Request correction of incomplete or inaccurate data
- Request deletion or destruction of data when conditions are met
- Request notification of correction, deletion, or destruction to third parties receiving the data
- Object to an adverse outcome arising exclusively from automated analysis of processed data
- Request compensation for damage suffered due to unlawful processing
How can you exercise your rights?
You may submit requests relating to your personal data to privacy@heygeo.ai in accordance with the procedures prescribed by applicable data protection law. Requests may need to include sufficient information for identity verification and evaluation of the request.
HeyGeo aims to resolve applications as quickly as possible, depending on their nature, and within the periods prescribed by applicable law. If processing the request requires an additional cost, a fee may be charged to the extent permitted by law.
Policy changes
This Privacy Policy may be updated in line with changes in legislation, product scope, operational processes, or technical infrastructure. The current version becomes effective as of the date it is published on heygeo.ai.
Where material changes occur, additional notice may also be provided through appropriate communication channels.
Contact us for data protection requests
You can send applications related to privacy and personal data processing to privacy@heygeo.ai. Completing the full corporate identity details before the final version is recommended.