This is an unofficial English courtesy translation. The Turkish version of this Privacy Policy prevails in case of any conflict.
1.Data Controller
EASYCENTRAL LLC (8 The Green, Ste B, Dover, DE 19901, USA) is the data controller of the personal data processed within the software and services it provides. Obligations fulfilled by our Turkish representative for users residing in Turkey are described in this policy.
2.Personal Data Processed
When providing our services we process personal data in the categories below. Data collected for each category is processed solely for the purpose of that category.
2.1.Identity and Contact Data:First name, last name, email address, phone number and the password you choose for your user account. This data is provided directly by you during account creation.
2.2.Billing and Payment Data:Billing name, tax / national ID, billing address and only the last 4 digits of the credit card used for your subscription. Full card details are not stored by us; they are processed and encrypted by our authorized PCI-DSS-compliant payment provider.
2.3.Marketplace Integration Data:The API key or OAuth permission you provide to access your Amazon Services LLC and other marketplace accounts. This information is stored encrypted and used solely to perform the function of the software.
2.4.Software Usage and Telemetry:Which modules you use, which reports you open, used or unused functions, session duration and your configuration settings. This data is processed to improve service quality, track licensing and produce statistics.
2.5.Technical and Device Data:IP address, browser type and version, operating system, sign-in times, session cookie identifier. Processed for security and fraud-prevention purposes.
2.6.Support and Communication Content:Conversation content and attached screenshots you share with us during live chat, email or support tickets.
3.Processing Purposes and Legal Bases
Your personal data is processed for the following purposes, based on the legal grounds indicated:
3.1.Formation and Performance of the Contract:Creating your user account, managing your subscription and providing the software to you — required for performance of the contract under KVKK art. 5/2-c.
3.2.Legal Obligations:Issuing invoices, fulfilling financial obligations and responding to requests from authorized bodies — KVKK art. 5/2-a.
3.3.Legitimate Interests:Improving service quality, product development, security and fraud prevention, license verification and producing statistics — within the legitimate interests of the data controller under KVKK art. 5/2-f.
3.4.Explicit Consent:Marketing newsletters, product announcements and promotional campaigns — only with your explicit consent, which you may withdraw at any time.
4.Data Transfer
We share your data only with the limited parties below and only to the extent required to provide the service.
4.1.Marketplace Providers:Data necessary for the software to operate (e.g. ASIN, price, stock) is transferred to the marketplaces you integrate, such as Amazon Services LLC. This transfer is performed with the API permission you provide, under the marketplace's own terms of use.
4.2.Service Providers:Partners we work with in areas such as payment processing (PCI-DSS-compliant provider), cloud infrastructure (hosting, database, backup), email delivery and analytics tools. These providers process data only under the data-processing agreements signed with us.
4.3.Legal Authorities:Pursuant to a court order or lawful request from competent administrative authorities, data may be transferred to judicial authorities or relevant law-enforcement bodies.
4.4.International Transfer:Some of our servers are located outside Turkey. Your personal data may therefore be transferred abroad under the safeguards set out in KVKK art. 9.
5.Retention Periods
5.1.User account data is retained while your account is active and for 3 months after deletion.
5.2.Billing data is retained for at least 10 years as required by tax legislation.
5.3.Telemetry and technical data is retained indefinitely in anonymised form for statistical purposes, and for at most 12 months in identifiable form.
5.4.Support correspondence is retained for 24 months after the relevant support ticket is closed.
6.Security Measures
6.1.Encryption:All sensitive data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Card information is never stored by us.
6.2.Access Control:Only authorized personnel with a job need can access your data. All access is logged and periodically audited.
6.3.Isolation:Your store data is kept in databases logically isolated from other users' data.
6.4.Backups:Automated daily backups are taken encrypted and stored in a geographically separate region.
7.Cookies
Our website uses cookies for the core function of our service and for statistical purposes. For details please see our Cookie Policy.
8.Your Rights Under KVKK
Pursuant to article 11 of KVKK Law No. 6698, you have the following rights over your personal data:
- a)to learn whether your personal data is being processed,
- b)to request information if it has been processed,
- c)to learn the purpose of processing and whether it is used in line with that purpose,
- ç)to know the third parties — domestic or foreign — to whom the data has been transferred,
- d)to request correction of incomplete or inaccurately processed data,
- e)to request deletion or destruction under the conditions of KVKK art. 7,
- f)to request notification of (d) and (e) actions to third parties the data was transferred to,
- g)to object to an adverse outcome arising from automated analysis,
- ğ)to demand compensation for damages incurred as a result of unlawful processing.
For more details please also see our KVKK Disclosure Notice.
9.Policy Updates
This policy may be updated from time to time due to legislative changes or to the evolution of our services. We will notify your registered email of any material change and show the effective date at the top of this page.
10.Contact
For all questions and requests about this policy or your personal data, please contact us at support@easycentral.com. For formal applications under KVKK, we recommend using the application form prescribed by the Communiqué on the Procedures and Principles for Application to the Data Controller.