← Back

Privacy Notice

Last updated: June 25, 2026

1. Who we are

Tierpeek is operated by Bedri Efe Demirbağ, an individual sole proprietor based in Türkiye. For privacy matters, we act as the data controller of your personal data.

Contact: efedemirbag85@gmail.com

2. Data we collect

  • Account data: email address, hashed password, account creation date.
  • Service data: URLs you choose to monitor, snapshots and AI-generated summaries of those URLs, Slack webhook configuration.
  • Usage & telemetry: IP address, browser/device identifiers, page views, action timestamps.
  • Support communications: messages you send us by email.

Payment data (card details, billing address, tax ID) is collected and processed directly by Paddle as Merchant of Record. We do not see or store your card information.

3. How we use it

  • Provide the Service (legal basis: contract): create your account, run scheduled checks, generate summaries, deliver notifications.
  • Security & fraud prevention (legal basis: legitimate interest).
  • Product improvement (legal basis: legitimate interest): anonymized analytics.
  • Customer support (legal basis: contract / legitimate interest).
  • Legal obligations (legal basis: legal obligation): tax, accounting, regulatory.

4. Data sharing

We share data with the following categories of recipients:

  • Subprocessors: cloud hosting and database (Supabase / Lovable Cloud), web scraping (Firecrawl), AI providers (Google Gemini via Lovable AI Gateway), email delivery (Resend), notification delivery (Slack — only if you configure it).
  • Merchant of Record: Paddle handles sale, subscription management, payment processing, tax compliance and invoicing.
  • Professional advisers: legal and accounting, as needed.
  • Authorities: where required by law.

5. Data retention

We retain your account and service data for as long as your account is active. After account deletion, data is removed within 30 days, except where retention is required by law (e.g. tax records retained for the legally mandated period). Snapshots older than 12 months are automatically pruned.

6. International transfers

Some subprocessors process data outside Türkiye / the EEA. Where applicable, transfers rely on Standard Contractual Clauses or equivalent safeguards.

7. Your rights

Subject to applicable law, you have the right to: access, rectify, erase, restrict, port your data; object to processing; withdraw consent; and lodge a complaint with your supervisory authority. For GDPR/KVKK requests, email efedemirbag85@gmail.com — we will respond within 30 days.

8. Security

We use industry-standard technical and organizational measures: encryption in transit (TLS), encryption at rest, access controls, least-privilege role separation, and audit logs. No system is 100% secure, but we work to protect your data.

9. Cookies

We use essential cookies only — to keep you signed in and remember session state. We do not use third-party advertising or tracking cookies.

10. Changes

We may update this notice. Material changes will be communicated by email or in-app notice prior to taking effect.