Leylek TAG is operated by Karekod Teknoloji ve Yazılım A.Ş. This Privacy Policy explains how personal data is collected, processed, stored, and protected while using the Leylek TAG platform and related mobility services.
Information We Process
As data controller for Leylek TAG, we process personal data that is necessary, proportionate, and relevant to providing a secure mobility matching platform. The categories of data depend on whether you use Leylek TAG as a passenger or driver and which features you enable.
- Account and identity data (e.g. name, phone number, email) for registration, authentication, and account security
- Trip, offer, route, and matching-related information you provide or generate through the service
- Device, session, diagnostic, and security event logs required to operate and protect the platform
- Driver verification materials where applicable, processed under restricted access controls
Location Data & Route Visibility
Location data is processed to support route visibility, proximity-aware matching, and active trip operations while you use Leylek TAG.
Location is used for operational purposes connected to an active route or matching context. We do not use location data for continuous background advertising profiling or for selling location histories to third parties.
Processing is limited to what is reasonably necessary for the feature in use, including trips and flows you actively participate in.
Ride Matching & Trip Operations
Offer, acceptance, trip status, and related operational metadata are processed to facilitate matching between drivers and passengers, present relevant trip context, and maintain the integrity of the platform.
Trip-related information is disclosed only to parties involved in the relevant interaction and, where necessary, to authorised personnel or subprocessors for security, fraud prevention, customer support, or legal compliance.
Communication & Safety
In-app messaging, notifications, and related communication features (including voice where enabled) are processed to deliver the service you request.
Chat and customer support content may be stored and reviewed for a limited period for safety, abuse prevention, dispute handling, and support quality, in accordance with applicable law and our internal policies.
- Content may be processed to investigate reports of misuse or policy violations
- Retention periods for communications are limited to legitimate operational needs
Analytics, Diagnostics & Service Reliability
We may process aggregated analytics, diagnostic, performance, and crash data to maintain service reliability, investigate errors, and improve product quality.
This information is used for security and product operations. Personal data is not sold to third parties for their independent advertising or profiling products.
Data Security
We implement technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration.
- Encryption in transit using industry-standard protocols (HTTPS/TLS)
- Access controls, authentication, and role-based restrictions on internal systems
- Monitoring, logging, and procedures for fraud prevention and abuse prevention
- Incident response practices aligned with operational security requirements
Data Sharing & Legal Compliance
We do not sell personal data.
Personal data may be shared with infrastructure providers, communications providers, analytics or support vendors acting on our instructions, under contractual safeguards and only for specified purposes.
We may disclose information where required by applicable law, regulation, competent authority request, or court order, or where necessary to protect the rights, safety, and integrity of users and the platform.
Retention & Account Deletion
Personal data is retained only for as long as necessary for the purposes described in this policy, unless a longer retention period is required or permitted by law (for example, security, accounting, or regulatory obligations).
You may submit an account deletion request through the in-app account deletion flow or via the account deletion pages on this website (/hesap-silme and /delete-account). Following a valid request, data is deleted or anonymised except where retention is legally required.
Your Privacy Rights
Depending on your location and applicable law—including the Turkish Personal Data Protection Law (KVKK) where it applies—you may have rights to request information, access, rectification, erasure, restriction of processing, or to object to certain processing of your personal data.
To exercise your rights or submit a privacy-related request, contact us using the details in the Contact Information section below. We will respond within timeframes required by applicable law.
You may also use the Turkish-language version of this policy at /gizlilik-politikasi.
Contact Information
For privacy, data protection, and account-related requests, please contact Karekod Teknoloji ve Yazılım A.Ş. using the channels below.
