Privacy Policy

How SmartIO Bilişim Sistemleri San. ve Tic. Ltd. Şti. collects, uses, shares and protects personal information in connection with the Browsonic service.

This Privacy Policy explains how SMARTIO BİLİŞİM SİSTEMLERİ SANAYİ VE TİCARET LİMİTED ŞİRKETİ ("SmartIO", "we", "us"), the operator of the Browsonic service, collects, uses, shares and protects personal information in connection with our website at browsonic.com, our dashboard, our software development kits and related services (collectively, the "Service").

We act as a data controller for personal information about our customers, account members and website visitors, and as a data processor for personal information contained in telemetry that you, our customer, send into the Service through our SDKs.

1. Information We Collect

Account information

When you create an account we collect your name, email address, password (hashed), organisation name and, optionally, your role and timezone.

Billing information

When you subscribe to a paid plan we collect billing contact details and tax information. Payment card numbers are collected and held by our third-party payment processor; we receive only a tokenised reference, the card brand, the last four digits and the expiry date.

Telemetry from our SDK

When you install our SDK in your application, the SDK transmits the events your application generates — errors, unhandled rejections, network failures and the context attached to them. The exact contents are determined by how you configure the SDK and by the libraries you use. Telemetry may include user identifiers, IP addresses, browser and device metadata, URLs, breadcrumbs, console messages and stack traces.

Usage data

We collect data about how you interact with the dashboard — pages visited, features used, search queries, approximate location derived from IP address, browser and operating-system version.

Communications

When you contact us by email or chat we keep a copy of the message and our response.

Cookies and similar technologies

We use a small number of strictly necessary cookies (for authentication and CSRF defence) and, with your consent where required, analytics cookies. See Section 9 for details.

2. How We Use Information

We use personal information to:

• provide, operate, maintain and secure the Service;
• authenticate users and protect against fraud and abuse;
• bill you for paid plans, collect taxes and prevent payment fraud (working with our payment processor);
• communicate with you about your account, security advisories, product updates and changes to terms;
• respond to support requests;
• understand how the Service is used so we can improve it;
• comply with legal obligations and enforce our Terms.

We do not sell your personal information.

3. Legal Bases (EU / UK)

If you are in the EU, UK or another jurisdiction that requires a legal basis for processing, we rely on the following bases:

• Contract — to deliver the Service you have subscribed to;
• Legitimate interests — to secure the Service, prevent abuse, improve the product and communicate operationally;
• Consent — for analytics cookies and for marketing email where required by law;
• Legal obligation — to retain records required by tax or other laws.

You may withdraw consent at any time without affecting prior processing.

4. Sharing with Third Parties

We share personal information only with:

• Service providers (sub-processors) that help us run the Service — cloud hosting, payment processing, email delivery, error monitoring (we use our own product), customer support tools. We require them to protect personal information consistent with this Policy and only to use it on our instructions. A current list of sub-processors is available on request from browsonic-privacy@smartiobilisim.com.
• Authorities and other third parties when we are legally required to do so, when necessary to investigate fraud or security incidents, or to protect the rights, property or safety of Browsonic, our customers or the public.
• Acquirers in connection with a merger, acquisition, financing or sale of assets, subject to notice to you where required.

5. International Transfers

SmartIO operates from the Republic of Türkiye and processes data on infrastructure in Türkiye and the European Union. Where personal information is transferred from the EU / UK to a country that does not provide an adequate level of protection, we rely on the Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum as appropriate. For data subjects in Türkiye, processing is carried out in compliance with Law No. 6698 on the Protection of Personal Data (KVKK).

6. Data Retention

We retain personal information only for as long as necessary to provide the Service and fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by law:

• Account information — for the life of your account, plus up to 30 days after deletion for backup recovery.
• Billing records — for at least seven (7) years to comply with tax and accounting obligations.
• Telemetry — according to the retention window of your plan (typically 30 to 90 days). Aggregated, anonymised metrics may be kept longer.
• Support tickets — for up to two (2) years after resolution.
• Server logs — for up to 30 days.

7. Security

We implement administrative, technical and physical safeguards designed to protect personal information against unauthorised access, alteration, disclosure or destruction. These include encryption in transit and at rest, least-privilege access controls, audit logging, regular dependency scanning and security review of changes.

No system can be guaranteed to be 100% secure. If we become aware of a security incident affecting your personal information, we will notify you in line with applicable law.

8. Your Rights

Depending on where you live, you may have rights to:

• access the personal information we hold about you;
• correct inaccurate or incomplete information;
• delete your personal information;
• restrict or object to certain processing;
• receive a copy of your information in a structured, machine-readable format (portability);
• lodge a complaint with your local data protection authority.

Most of these rights can be exercised from your account settings; for everything else, write to browsonic-privacy@smartiobilisim.com and we will respond within the timeframes required by law (typically 30 days).

California residents have additional rights under the CCPA, including the right to know what categories of personal information we collect, the right to delete and the right to non-discrimination. We do not sell personal information as defined by the CCPA.

9. Cookies

We use the following cookies on our website and dashboard:

• Strictly necessary — authentication, CSRF tokens, load balancing. These are set without consent because the Service cannot function without them.
• Functional — to remember preferences such as timezone, theme and language.
• Analytics — to understand aggregate usage. Set only with your consent where required.

You can control non-essential cookies through the consent banner or your browser settings. Blocking strictly necessary cookies will prevent the Service from working correctly.

10. Children

The Service is not directed to children under 16 and we do not knowingly collect personal information from children under 16. If you believe a child has provided personal information to us, contact browsonic-privacy@smartiobilisim.com and we will delete it.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be communicated by email to your account owner or by notice in the dashboard at least fifteen (15) days before they take effect. The "Last updated" date at the top of this Policy reflects the most recent revision.

12. Contact

Questions about this Policy or about how we handle personal information:

If you are in the EU or UK and have a complaint that we are unable to resolve, you can contact your local data protection authority.