Privacy Policy

1. Objective

Claros ("Company") aims to process the personal data of users in accordance with general principles of privacy and the provisions of applicable data protection legislation, particularly the Law on Personal Data Protection No. 6698 ("PDP Law") and other relevant laws. In addition to the PDP Law, this policy also outlines the extra rights of individuals where the General Data Protection Regulation (European Union) 2016/679 is applicable.

Your personal data, which you provide to our Company and/or that is obtained by our Company through any external means, may be processed by our Company as the "Data Controller":

• In the context of the purpose of processing your personal data and in connection with this purpose, in a limited and measured manner.
• By maintaining the accuracy and up-to-date version of the personal data as reported or notified to our Company.
• May be recorded, stored, preserved, reorganized, and transferred to institutions authorized by law to request such personal data. This includes transfer, classification, and sharing with third parties within the country or abroad under conditions stipulated by legislation and upon your explicit consent if necessary. Data may also be processed by other means listed under the legislation and subject to other procedures set forth in the legislation.

This Privacy Policy is adopted for the continuation and improvement of the activities carried out by Claros in line with the principles set forth in the PDP Law.

This Privacy Policy describes which data we collect, how we intend to use, store, protect, and share the data we collect, how you can withdraw your consent for the processing of these data, and how you can correct and revise the data.

Capitalized terms in this Policy shall have the meanings specified in the Terms and Conditions unless defined separately in this Policy.

2. Collection of Personal Data and Method

Claros may process your personal data for the purposes specified in this Privacy Policy.

The personal data of users collected and used by Claros include:

• Identity and Contact Information: Your name, surname, email address, and phone number provided when you contact us.
• Order Information: If you make a purchase through in-app purchases.
• User-Generated Content: Messages, phrases, text, information, photos, images, visual records, screenshots, and other data uploaded or transmitted to our application.
• Device Identifiers: Identifier for Advertisers (IDFA), Identifier for Vendors/Developers (IDVF), Internet Protocol (IP) Address, and (with your permission) geolocation information.

Data Categories and Data Types

• Identity and Contact Information: Name, surname, phone number, and email address (if you contact us).
• Process Security: Internet traffic data (network movements, IP address, visit data, time and date information, information about your access and use of our application, time spent on the application), device name, purchase history, Token ID (when you allow notifications through your device), IDFA, IDVF.
• Contact and Profile Information: User ID, nickname, username, profile picture, user token, Open ID, phone number, email address, password.
• Social Media Information: (if you choose to register with your social media account) Through Google, Apple, or Facebook: User ID, nickname, username, profile picture, user token, Open ID, phone number, email address.
• Usage and Viewing Information: Contents and videos viewed, added to watchlist, searched, including names, genres, duration of view, interaction with content, and similar information.
• Other Information Provided: Onboarding questions about gender and preferred genres of media content for customizing services. Providing this information is optional, and certain features may not be accessible without it.
• Customer Transaction: Order information.
• Marketing Data: IDFA, IDVF.

We may collect your data directly from you through electronic or physical mediums, your mobile device, third-party applications, or third-party sources accessible through platforms such as App Stores, for purposes including compliance with legal obligations, enhancing our services, administering your use of our services, and enabling you to navigate our services easily.

We may also collect log data generated while you use our services/applications, which may include information such as your device’s IP address, device name, operating system version, app configuration, time/date of use, and other statistics.

General Principles Regarding Personal Data Processing

In accordance with this Privacy Policy, personal data are processed by Claros as a data controller following these basic principles:

• Compliance with law and good faith.
• Accuracy and, where necessary, up-to-date information.
• Processing for specific, explicit, and legitimate purposes.
• Limitation of processing to the purpose for which data is processed and data minimization.
• Storage for the period stipulated in relevant legislation or required for the purpose of processing.

3. Purposes of Processing Personal Data and Legal Reasons

Your personal data will be processed via automatic or non-automatic means for the purposes stated below, in accordance with applicable legislation and articles 5 and 6 of the PDP Law, where it is expressly permitted by laws, the establishment of a contract or direct relation to the execution or performance of the contract, and for the legitimate interests of Claros provided that your fundamental rights and freedoms are protected.

a) Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

• Compliance and Legal Obligations:
  • Execution of activities in compliance with legislation.
  • Protection of individuals’ rights, privacy, and safety.
  • Execution of company/product/service commitments.
  • Communication activities.
  • Auditing and business activities.
  • After-sales support services and communication regarding services (if you consent).
  • Sales processes of goods/services.
  • Storage and archive activities.
  • Agreement processes.
  • Operation and improvement of our product.
  • Information security processes.
  • Audit and ethical activities.
  • Ensuring business continuity.
  • Customer satisfaction activities.
  • Marketing analysis and advertising processes.
• Customization and User Experience:
  • Creating user accounts.
  • Customizing services based on user preferences.
  • Informing about new products, services, and promotions.
  • Managing subscriptions and in-app purchases.
  • Strategic planning and handling requests and complaints.
• Improvement of Services:
  • Enhancing services, including training AI models (opt-out available through a Data Subject Application Form).

b) Legal Reasons

Personal data processing is necessary for:

• Establishing a contractual relationship or fulfilling performance obligations.
• Establishing and protecting your rights.
• Your consent (e.g., for marketing materials).
• Legitimate interests, provided your fundamental rights and freedoms are not harmed.
• Compliance with legal obligations.

4. Age Limitation

We do not permit the use of our application by children under the age of 13. We do not knowingly collect or process personal data from anyone under the age of 13. If you learn that someone under the age of 13 has provided us with personal information, please contact us at [email protected]. Users under 18 must have permission from their parents or legal guardians to use our Services.

5. Transferring Personal Data to Third Parties

Personal data may be transferred to third parties within the country or abroad for reasons including:

• Conducting storage and archive activities.
• Conducting business activities.
• Providing after-sales support services.
• Managing customer relationship management processes.

Claros may also transfer your personal data to service providers, third parties such as analytics tools, for purposes including:

• Sharing information with authorized public institutions and organizations for compliance with legislation.
• Managing after-sales support services and customer relationship processes.

6. Your Rights as the Data Subject

Pursuant to Article 11 of the PDP Law, you may request the following regarding your personal data by applying to Claros:

• Learn whether your personal data has been processed.
• Demand information about the processing of your personal data.
• Learn the purpose of processing and whether data is used accordingly.
• Know the third parties to whom your personal data has been transferred.
• Request notification of transactions made with your data to third parties if processed incompletely or inaccurately.
• Request deletion, destruction, or anonymization of personal data if processing reasons have disappeared.
• Object to results detrimental to you through automated data analysis.
• Request compensation for damages due to unlawful processing.

Where the General Data Protection Regulation (GDPR) is applicable, data subjects have additional rights, including:

• Right of Access: Access your personal data and information regarding its processing.
• Right to Correction: Request correction of inaccurate or incomplete information.
• Right to Delete: Request deletion of personal data under GDPR conditions.
• Right to Restrict Processing: Request restriction of data processing under GDPR conditions.
• Right to Object to Processing: Object to data processing under GDPR conditions.
• Right to Data Portability: Request transfer of collected data to another organization.
• Objection to Automated Decision-Making: Object to decisions made exclusively through automated systems, including profiling.

To exercise your rights, your request must be explicit and understandable. If acting on behalf of someone else, you must be authorized and provide documentation. Requests must include identity and address information with documents proving your identity. Claros will facilitate such requests through a “Data Subject Application Form” available at [email protected]. Requests will be processed free of charge within 30 days. If a request is rejected, reasons will be provided.

If you believe your rights are being violated, you can file a complaint with the data protection authority in your country and other competent supervisory authorities.

This Privacy Policy may be revised when deemed necessary. Continued access and use of the application after notification of changes constitutes acceptance of the updated Privacy Policy.

Additional Information

Third-Party Websites and Applications

Our application may contain links to other websites or apps not controlled by us. We are not responsible for the use or disclosure of information by these third parties.

Cookies

Cookies are used to enhance service performance and deliver personalized content. You can manage or delete cookies through your browser settings.

Push Notifications

We may send push notifications regarding upgrades or service information, which can be managed through your device settings.

Data Storage

Your data is stored for periods specified by applicable legislation or until the purpose of processing ceases. Data may continue to be stored as required by law or with your consent.

Technical and Administrative Measures

We implement necessary technical and administrative measures to ensure the confidentiality, integrity, and security of personal data, including antivirus applications, firewalls, VPNs, user identifications, encryption, logging, two-factor authentication, penetration testing, information security management systems, employee training, physical data security, backups, non-disclosure agreements, and secure data transfer methods.

In the event of data breaches or unauthorized access, we will notify affected users and relevant authorities as required by law and take necessary measures to mitigate the impact.