Moodel

Legal

Privacy Policy

Last updated: 25 May 2026

Moodel (moodel.co) respects your privacy. This policy explains what data we collect, why, how we protect it and the rights you have over it.

01

Data Controller

[COMPANY LEGAL NAME]([address], Türkiye) acts as data controller under Turkey's Personal Data Protection Law no. 6698 ("KVKK") and the EU General Data Protection Regulation ("GDPR"). Contact: privacy@moodel.co.

02

Data We Collect

  • Account: name, email, username, hashed password, year of birth
  • Profile: photos, video, measurements, location, social links, bio
  • Billing: invoice name/address (card data is stored at PayTR, not by us)
  • Communications: support tickets, messages, emails
  • Technical: IP, browser, device type, session cookies
  • Usage: page views, clicks, profile visit counts (aggregated/anonymous)

03

Purposes & Legal Basis

  • Performance of contract: account, profile publication, payments, booking
  • Legal obligation: invoicing, tax compliance
  • Legitimate interest: security, fraud prevention, product improvement
  • Consent: marketing emails, optional analytics cookies

04

Sharing — Third Party Processors

We work with the following processors to provide the service:

  • PayTR (Türkiye): payment processing — card data is stored only at PayTR
  • SMTP / email provider: transactional and notification emails
  • Hosting / CDN provider: content storage and delivery (contact us about regional preferences)

We do not sell or rent your data to third parties for marketing.

05

Retention

  • Active account data: for the lifetime of the account
  • After account closure: deleted within 30 days
  • Invoices and financial records: 10 years (Turkish Tax Procedure Law)
  • Communication logs: 2 years

06

Cookies

Three types of cookies are used:

  • Strictly necessary: session, CSRF, language preference (no consent required)
  • Functional: UI preferences (optional)
  • Analytics (optional): aggregated visitor statistics (with explicit consent)

You can change cookie preferences at any time in your browser.

07

Security Measures

  • HTTPS/TLS encrypted transport
  • Passwords hashed with bcrypt
  • Regular security updates and backups
  • Role-based access control
  • Suspicious activity monitoring and rate limiting

08

Your Rights

Under KVKK art. 11 and GDPR you have the right to:

  • Learn whether your data is being processed
  • Access processed data
  • Request correction of inaccurate or incomplete data
  • Request erasure where conditions are met
  • Object to or restrict processing
  • Receive your data in a portable format

Requests: privacy@moodel.co. We respond within 30 days at the latest.

09

Children

Users under 18 may only register with the explicit consent of a legal guardian. Accounts found to be opened without consent are closed immediately and data is deleted.

10

Changes

This policy may be updated. Material changes will be notified by email; the current version is always available on this page.