LEGAL

Data Disclosure

Last updated: January 2025

Dear Denovate User,

As Denovate, LTD. ("Company" or "Denovate"), we attach great importance to the security and privacy of your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), UK GDPR, and other relevant legislation. This Data Disclosure Statement has been prepared to inform you about the processing of your personal data collected through the Denovate platform and our services.

1. Identity of the Data Controller

Your personal data is processed by Denovate, LTD. as the data controller in accordance with applicable data protection laws.

  • Company Name: Denovate, LTD.
  • Platform: Denovate
  • Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
  • Email: privacy@denovate.app

You can contact our Company as the data controller through the contact channels specified above.

2. Your Personal Data Processed and Processing Purposes

Denovate operates as a venture building company that develops and operates digital platforms, mobile applications, and web services. Within the scope of benefiting from these services, the following personal data may be processed:

  • Identity Information: Name, surname, username, identification number (for invoicing and legal obligations if required), Tax Identification Number (for business users for invoicing purposes).
  • Contact Information: Email address, phone number, address information, billing address.
  • Financial Information: Credit card information for subscription purchases and payment transactions (not stored directly by our Company, but processed through secure payment service providers), invoice information, payment history.
  • Business Information: For business clients: company name, tax number, trade registry number, business activity, company logo and images, service areas.
  • User Content Data: All types of content you enter or upload to the Denovate platform, comments, evaluations, photos, request forms, and related texts and descriptions.
  • Transaction Security Information: IP address, log records, device and browser information, cookie data, platform usage details (session information, pages visited, click patterns, etc.).
  • Marketing Information: (Where you have given explicit consent) Your preferences, interests, survey responses, campaign participation information.

Purposes of Processing Your Personal Data:

Your personal data is processed for the following purposes:

  • Provision of services offered through the Denovate platform and fulfillment of contractual obligations.
  • Management of subscription purchase and renewal processes, billing and invoicing operations.
  • Creation and management of user accounts.
  • Provision of customer services and technical support, responding to your requests and complaints.
  • Ensuring, improving, and developing the operation, security, and performance of the Platform.
  • Detection and prevention of abuse, fraud, and security breaches.
  • Fulfillment of legal obligations (e.g., tax legislation, requests from authorized authorities).
  • Conducting analysis and reporting to increase service quality, personalize and improve user experience.
  • (Where you have given explicit consent) Informing you about new services, features, campaigns, and announcements, conducting marketing activities.
  • Resolution of legal disputes and protection of rights.

3. To Whom and For What Purposes Personal Data May Be Transferred

Your personal data may be transferred to the following persons and institutions, primarily within the country, in accordance with the conditions and purposes for processing personal data set forth in applicable data protection laws:

  • Authorized Public Institutions: In accordance with legal obligations and official requests (e.g., courts, prosecutors' offices, tax offices).
  • Payment Service Providers: To secure payment infrastructure partners (e.g., Stripe, PayPal) for the collection of subscription fees.
  • Technical Infrastructure and Support Providers: To our business partners who provide technical services such as server hosting, cloud computing, database management, and email delivery necessary for the provision of services.
  • Legal and Financial Advisors, Auditors: For the execution of our company's legal and financial processes, protection of rights, or audit activities.
  • Business Partners and Suppliers: To the extent necessary and within the framework of confidentiality commitments, for purposes such as increasing service quality, analytical studies, or (with your explicit consent) marketing activities.

4. Method of Personal Data Collection and Legal Basis

Your personal data is collected in electronic environments (website, mobile application, email, cookies, forms) automatically or partially automatically, or through non-automatic methods as part of a data recording system, in situations such as your registration to the Denovate platform, use of the platform, visiting our website, or contacting us via email or other communication channels.

The legal bases for processing your personal data are as follows:

  • GDPR Art. 6(1)(b) - Performance of a contract: Establishment of usage agreement, provision of services, execution of payment transactions.
  • GDPR Art. 6(1)(c) - Compliance with legal obligations: Invoicing, tax declarations, meeting requests from authorized authorities.
  • GDPR Art. 6(1)(e) - Establishment, exercise, or defense of legal claims: Presentation of evidence in possible legal disputes.
  • GDPR Art. 6(1)(f) - Legitimate interests: Ensuring platform security, service development, analysis, prevention of fraud, where the data subject's fundamental rights and freedoms are not harmed.
  • GDPR Art. 6(1)(a) - Explicit Consent: Based on your explicit consent in cases not covered by the above legal bases (e.g., marketing communications, certain cookie uses).

5. Retention Period of Personal Data

Your personal data will be retained for the period necessary for the purposes for which they are processed and in any case for the retention periods specified in relevant legal legislation. Upon expiration of the purpose and legal retention period, your personal data will be deleted, destroyed, or anonymized in accordance with our Company's data retention and destruction policies.

6. Measures Regarding Data Security

Our Company takes all necessary technical and administrative measures to ensure an appropriate level of security to prevent unlawful processing of and access to your personal data and to ensure their preservation, in accordance with applicable data protection laws. These measures include data encryption, access authorizations, secure network infrastructure, regular security audits, and penetration tests.

7. Rights of the Data Subject (GDPR Article 11)

As a personal data subject, you have the following rights in accordance with applicable data protection laws:

  1. The right to be informed whether your personal data is being processed,
  2. The right to request information if your personal data has been processed,
  3. The right to learn the purpose of processing your personal data and whether it is used in accordance with this purpose,
  4. The right to know the third parties to whom your personal data has been transferred domestically or abroad,
  5. The right to request correction if your personal data has been processed incompletely or inaccurately,
  6. The right to request deletion or destruction of your personal data under the conditions set forth in applicable data protection laws,
  7. The right to request that third parties to whom your personal data has been transferred be notified of the operations carried out,
  8. The right to object to the emergence of a result against you by analyzing your processed data exclusively through automated systems,
  9. The right to claim compensation for damages if you suffer harm due to unlawful processing of your personal data.

8. Exercise of Your Rights

To exercise the rights specified above, you may submit your requests, together with documents confirming your identity:

  • In writing by registered mail with return receipt to our address 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ, by personal application, or through a notary,
  • By using your registered electronic mail (KEP) address, secure electronic signature, mobile signature, or the electronic mail address you have previously notified to our Company and registered in our systems, to our email address privacy@denovate.app.

Your application must clearly state your name, surname, identification number (or nationality, passport number, or identification number if the applicant is a foreigner), address for service or business address, electronic mail address for notification if any, phone number, and the subject of your request.

Your requests will be concluded free of charge as soon as possible and within thirty (30) days at the latest, depending on their nature. However, if the operation requires an additional cost, a fee may be charged according to the tariff determined by the relevant supervisory authority.

9. Cookies

The Denovate website and platform may use cookies to improve user experience, ensure effective operation of services, and conduct some analyses. Cookies help us remember your preferences, understand how you use the platform, and personalize our services. For detailed information about the types of cookies we use (mandatory, performance/analytics, functionality, marketing/targeting, etc.) and how you can manage your cookie preferences, please refer to our Cookie Policy.

10. Minors

Denovate services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we learn that a minor has provided us with personal data, we will take necessary steps to delete such information from our systems.

11. Changes and Updates

This Data Disclosure Statement may be updated in accordance with changes in applicable data protection laws and other relevant legislation, as well as changes in our Company's personal data processing policies and processes. Updates will be announced through the Denovate platform and/or website, and the current text will be effective from the date of publication.

12. Effective Date

This Data Disclosure Statement entered into force on January 2025.