Brandaxo .pro

Privacy & Data Policy

Your data isn't a business model. It's a responsibility.

We build games for Turkish studios. We interact with players. But we don't treat user data as a monetization lever. This policy outlines what we collect, why we need it, and—critically—what we don't touch. It's written for developers and studio founders who need clarity, not legalese.

Last Updated: October 2026

Data We Actually Process

A breakdown of data categories, purpose, and storage, aligned with Turkish Data Protection Law (KVKK).

Account & Contact Data

Admins & Studio Contacts

  • Name, email, studio name (for invoicing and project correspondence).
  • IP address, browser metadata (for security logging and fraud prevention on client portal).
  • Encrypted credentials (stored via industry-standard hashing).
KVKK Basis: Explicit consent for services; legal obligation for financial records.

Technical Performance Data

For Our Game Dev Projects

  • Gameplay metrics (frame rate, crash logs, load times) when testing client builds.
  • Device specifications (OS, GPU model) for optimization targets.
  • Anonymized session data (play duration, level completion) stored for max 90 days for QA analysis.
KVKK Basis: Legitimate interest in service quality improvement.

Methodology & Evaluation Limits

Our approach to data handling is evaluated against three concrete criteria. This isn't just policy—it's a design constraint for every system we build.

1. Data Minimization

We collect only what is strictly necessary for project delivery or legal compliance. No "future use" hoarding.

2. Third-Party Audit

All contractors with access to client data must sign a compliance agreement. We do not use external analytics on this main portal.

3. Technical Limits

We cannot guarantee absolute security. We use standard encryption and access controls, but client data transmitted via unencrypted channels is at risk.

A Clearer Boundary: What We Do Not Do

To build trust, we specify our limits. If a service falls outside this scope, we will tell you before engagement.

01

We Do Not Sell Data

We are not an ad tech company. User or client data is never a product line.

02

We Do Not Track Globally

No cross-site behavioral tracking. No fingerprinting. Analytics are local to your session.

03

We Do Not Own Your IP

Game assets, code, and designs remain your property. We are contractors, not publishers.

04

No Hidden Sub-processors

We disclose all infrastructure partners (e.g., AWS, GitHub) in project agreements.

05

No Marketing Outreach

We will not use your contact information for newsletters or sales pitches unless explicitly agreed.

06

No Bio-Metric Data

We do not collect or process biometric data for client or user identification.

Your Data Rights & Requests

Under KVKK and GDPR principles, you have the right to access, correct, or delete your personal data. For formal requests, we require a signed PDF. Processing time: 30 days.