At Neyersin, we value your privacy. This policy explains what data we collect when you use Neyersin, why we process it, how we protect it, and how you can exercise your rights.
1. Who We Are
Neyersin is a Türkiye-based QR menu and restaurant discovery platform. In this policy, "we" refers to natural person Bilgekaan Yılmaz, and "you" refers to the account owner (restaurant operator) or the guest user scanning a QR code. For detailed data-controller information, see the Privacy Notice (KVKK).
2. What Data Do We Collect?
2.1 Account Owners (Restaurant Operators)
- First name, last name, email, phone
- Business name, address, branch details
- Login credentials (username + password hash)
- Menu content, product images, prices, opening hours
- Billing information (via our payment provider)
2.2 Guest Users (QR Scanners)
- Anonymous session ID (cookie + local storage)
- Device type (mobile / tablet / desktop), browser language
- IP address (only briefly, for abuse prevention)
- Referral source (Discover / QR / direct)
We do not collect identifying information such as name, email, or phone from guests.
3. Why Do We Process Data?
- Providing the service (menu hosting, statistics, account management)
- Fulfillment of legal obligations (invoices, tax records)
- Service quality improvement, defect detection
- Security (rate limiting, account lockout, fraud prevention)
- With your explicit consent: marketing communication, optional statistics cookies
4. Who Do We Share Data With?
Your data is not shared with or sold to advertising networks. We only share with the following limited parties:
- Hosting and backup provider: DT Cloud (Türk Telekom) — application servers in Istanbul, backups in Ankara
- Payment provider: not yet active; once activated, the provider will be explicitly identified
- Authorized public authorities: upon legally compelled request
Data transfers do not go abroad. All data is hosted within data centers in Türkiye.
5. Cookies
Neyersin only loads strictly necessary cookies automatically. Statistics cookies are activated with your explicit consent. For details and controls, see the Cookie Policy.
6. Security
- TLS 1.3 encrypted connection is mandatory
- Passwords are hashed with argon2id; plaintext is never stored
- Role-based access control: owner / manager / staff levels
- Account temporarily locked on failed login attempts
- Critical operations (payment, settings changes) are tracked with audit logs
7. Retention Period
- Account data: as long as the account is active + 2 years afterwards
- Invoice records: 10 years (Tax Procedure Law)
- Statistics data: 24 months
- Server logs: 90 days
8. Your Rights
Under KVKK Art. 11 you have a full set of 11 rights — see Privacy Notice (KVKK) Section 8 for the details. In short: you have the right to learn whether your data is being processed, correct it, delete it, object to processing, withdraw consent, and request data portability.
9. Changes
For significant changes to this policy, notification is sent to your registered email. For minor edits, only the "Last updated" date changes. The current version is always published on this page.
10. Contact
Privacy requests: info@neyersin.trGeneral inquiries: info@neyersin.tr
Address: Bursa Osmangazi, Hamitler Mahallesi, Topçu Sokak No: 5, Premium 16 Sitesi, A-Blok Kat: 4, Daire: 8, Türkiye