Privacy Policy

6698 sayılı KVKK kapsamında veri sorumlusu: Pruva Business uygulamasının geliştiricisi.
İletişim: privacy@pruvabusiness.app

• Kimlik / İletişim: E-posta (Firebase Auth)
• Mağaza bilgileri: İşletme adı, mağaza kimliği
• Personel: Ad, rol, PIN (yerel cihazda şifreli)
• Satış / stok: Ürün adı, barkod, fiyat, tarih, ödeme yöntemi, KDV
• Veresiye: Müşteri adı, telefon, borç (yalnızca yerel cihazda)
• Ürün fotoğrafları: Cihazda şifreli; sunucuya gönderilmez
• Topluluk katkıları: Barkod + ürün adı (anonim)
• Konum (isteğe bağlı): Yalnızca kurye rolü aktifse

• POS hizmeti sunmak — Sözleşme ifası (Madde 5/2-c)
• Bulut yedekleme, personel yönetimi, raporlama — Meşru menfaat (Madde 5/2-f)
• Konum — Açık rıza (Madde 5/1)

Google Firebase (ABD): Bulut depolama, kimlik doğrulama. KVKK kapsamında gerekli tedbirleri almış veri işleyendir.
Apple StoreKit: Abonelik doğrulama.

• Hesap verileri: Hesap aktif olduğu sürece saklanır. Silme talebi iletildiğinde hesap anlık olarak devre dışı bırakılır, tüm veriler 90 gün içinde kalıcı olarak silinir.
• Satış kayıtları: TTK gereği 5 yıl (yasal zorunluluk).
• Konum: Anlık işlenir, hiçbir sunucuda saklanmaz.

• Verilerinizin işlenip işlenmediğini öğrenme
• Düzeltme, silme veya yok etme talep etme — hesabınız 90 gün içinde kalıcı olarak silinir
• Aktarılan üçüncü kişileri bilme
• Otomatik karar alma süreçlerine itiraz
• Zararın giderilmesini talep etme

The data controller for Pruva Business is the app developer.
Contact: privacy@pruvabusiness.app

• Identity / contact: Email address (Firebase Authentication)
• Business data: Store name, store ID
• Staff data: Name, role, PIN (stored encrypted on device only)
• Transaction data: Product name, barcode, price, date, payment method, VAT
• Customer credit records: Name, phone, balance (local device only, never uploaded)
• Product photos: Encrypted on device; not sent to servers
• Community contributions: Barcode + product name (anonymous)
• Location (optional): Only when courier feature is active

• Contract performance (Art. 6(1)(b)) — POS service delivery
• Legitimate interest (Art. 6(1)(f)) — security, analytics, bug fixing
• Consent (Art. 6(1)(a)) — location data, only when explicitly granted

Google Firebase (USA): Cloud storage and authentication. Transfers are protected by Standard Contractual Clauses (SCCs) per GDPR Chapter V.
Apple StoreKit: Subscription verification under Apple's privacy framework.

• Account data: Retained while the account is active. Upon deletion request, the account is immediately deactivated and all data is permanently deleted within 90 days.
• Sales records: 5 years (legal obligation under applicable commercial law).
• Location: Processed in real-time only; never stored on any server.

• Access — obtain a copy of your data
• Rectification — correct inaccurate data
• Erasure — request account deletion; data permanently removed within 90 days
• Restriction — limit processing
• Portability — receive data in machine-readable format
• Objection — object to processing based on legitimate interest
• Lodge a complaint — with your national supervisory authority (DPA)

Pruva Business app developer.
Contact: privacy@pruvabusiness.app

• Email address, store name, staff name and role
• Sales and stock records, payment methods, VAT
• Customer credit records (local device only)
• Product photos (local device only)
• Location (optional, courier feature only)

• Contract performance — POS service
• Legitimate interest — security and analytics
• Consent — location data

Data transferred to Google Firebase (USA) under the UK International Data Transfer Agreement (IDTA). Apple StoreKit used for subscription verification.

Access, rectification, erasure (account deleted within 90 days of request), restriction, portability, objection. You may lodge a complaint with the ICO (ico.org.uk).

This policy applies to US residents. California residents have additional rights under the California Consumer Privacy Act (CCPA).

• Email address for account authentication
• Business name, store ID
• Sales, inventory, and staff data
• Product photos (stored locally on device)
• Location (optional, only for courier feature)

• To provide the POS service
• Cloud backup and sync across devices
• Analytics and service improvement
• Subscription management via Apple

Pruva Business does not sell personal information to third parties. We do not share data for cross-context behavioral advertising.

• Right to know what personal information is collected
• Right to delete personal information — account deactivated immediately, all data permanently deleted within 90 days
• Right to opt-out of sale (we don't sell)
• Right to non-discrimination

Pruva Business é o controlador dos seus dados pessoais nos termos da Lei Geral de Proteção de Dados (LGPD — Lei 13.709/2018).
Contato do Encarregado (DPO): privacy@pruvabusiness.app

• Endereço de e-mail (autenticação)
• Nome da loja e identificador do negócio
• Registros de vendas, estoque e funcionários
• Fotos de produtos (somente no dispositivo, criptografia AES-256)
• Localização (opcional, somente função de entregador)

• Execução de contrato — operar o serviço POS
• Légítimo interesse — backup em nuvem e sincronização
• Cumprimento de obrigação legal — gestão de assinatura
• Consentimento — contribuições anônimas de produtos

Google Firebase (EUA): Armazenamento em nuvem e autenticação. Transferência internacional com garantias adequadas (cláusulas contratuais padrão).
Apple StoreKit: Processamento de assinatura.
Não vendemos nem compartilhamos seus dados para fins publicitários.

• Dados da conta: Retidos enquanto a conta estiver ativa. Após solicitação de exclusão, a conta é desativada imediatamente e todos os dados são excluídos permanentemente em até 90 dias.
• Registros de vendas: 5 anos (obrigação legal).
• Localização: Processada em tempo real, nunca armazenada.

• Confirmação e acesso aos dados
• Correção de dados incompletos ou desatualizados
• Anonimização, bloqueio ou eliminação
• Portabilidade dos dados
• Revogação do consentimento a qualquer momento
• Exclusão da conta — dados removidos permanentemente em até 90 dias após solicitação
• Petição à ANPD (Autoridade Nacional de Proteção de Dados)

Pruva Business is a mobile POS application. Contact: privacy@pruvabusiness.app

• Email address for account sign-in
• Store name and business identifier
• Sales, inventory and staff records
• Product photos (device-only, AES-256 encrypted)
• Location (optional, courier feature only)
• Anonymous product name contributions

• To operate the POS service
• Cloud backup and multi-device sync
• Subscription management
• Service improvement and bug fixing

• Google Firebase (USA) — cloud storage and authentication
• Apple StoreKit — subscription processing
• We do not sell or share your data for advertising

• Account data: Retained while your account is active. Upon deletion request, your account is immediately deactivated and all data is permanently deleted within 90 days.
• Sales records: May be retained for up to 5 years for legal compliance.
• Location: Processed in real-time only, never stored.

• Access — request a copy of your data
• Correction — fix inaccurate information
• Deletion — account deactivated immediately, all data permanently deleted within 90 days
• Export — download your data via the Excel export feature in the app

Pruva Business is not directed at children under 18. We do not knowingly collect data from minors.