Skip to main content

Menu

Select a tool from the sidebar

Create your free account now!

Sign in to customize and use tools on the sidebar.

Sign InCreate free account

GDPR Information Notice for EEA and UK Users

This GDPR Information Notice (“Notice”) provides additional information for users located in the European Economic Area (EEA) and the United Kingdom (UK) about how Investhub Yazılım ve Teknoloji Hizmetleri A.Ş. (operating the Investvio brand, “Investvio”, “we”, “us”, “our”) processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable UK data protection laws.

This Notice supplements our main Privacy Policy. In case of any conflict, the provision offering stronger protection for data subjects shall prevail, subject to applicable law.

1. Data Controller

For the purposes of the GDPR, the data controller is:

Investhub Yazılım ve Teknoloji Hizmetleri A.Ş.
(Investvio brand)
Esentepe Mah. Büyükdere Cad. Levent 199 No: 199, Inside Door:6 Şişli/ İstanbul
[email protected]

If you are located in the EEA or the UK, you may contact us regarding this Notice or your data protection rights using the contact details above.

2. Categories of Personal Data

In addition to the categories described in our Privacy Policy, we may process the following types of personal data about you:

  • Identification and contact data: name, surname, username, email address, phone number, postal/billing address, country of residence,
  • Account and usage data: login credentials (hashed), subscription details, preferences, language settings, interaction with our services,
  • Technical data: IP address, device identifiers, browser type and version, operating system, time zone setting,
  • Traffic and analytics data: information about pages visited, time spent on pages, links clicked, referrer URLs, error logs,
  • Marketing and communication data: your preferences for receiving marketing communications and information about how you interact with such communications.

We do not intentionally collect special categories of personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health data, etc.) through the Platform. If such data are provided inadvertently, we will handle them in accordance with applicable law and, where required, delete or restrict them.

3. Purposes and Legal Bases for Processing

We process your personal data only where a valid legal basis exists under the GDPR. Depending on the context, we may rely on the following:

  1. Performance of a contract (GDPR Art. 6(1)(b))

    • To create and manage your account,
    • To provide access to our services and features,
    • To process your subscription and payments,
    • To respond to certain support requests directly related to your use of the services.

  2. Compliance with legal obligations (GDPR Art. 6(1)(c))

    • To comply with accounting, tax and other regulatory requirements,
    • To respond to requests from courts, regulators and law enforcement authorities,
    • To maintain necessary records for audit and compliance purposes.

  3. Legitimate interests (GDPR Art. 6(1)(f))
    We may process your data where it is necessary for our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms. These include, for example:

    • Ensuring network and information security, preventing abuse and fraud,
    • Improving, testing and optimising our services and user experience,
    • Measuring and analysing service performance and usage patterns,
    • Protecting and exercising our legal rights and defending against claims,
    • Conducting limited direct marketing to existing customers in line with applicable law.

    Where we rely on legitimate interests, we balance our interests against your rights and implement safeguards to protect your privacy.

  4. Consent (GDPR Art. 6(1)(a))
    In some situations we rely on your consent, for example:

    • Sending non‑essential marketing communications by email or other electronic means,
    • Using certain cookies and similar technologies (e.g. advertising or advanced analytics cookies),
    • Processing specific optional data you choose to provide that are not necessary for the core service.

    You may withdraw your consent at any time (see Section 6 below).

4. International Data Transfers

Investvio is based in Türkiye. As a result, your personal data may be transferred to and processed in countries outside the EEA or UK, which may not provide the same level of data protection as your home country.

Where we transfer personal data out of the EEA or UK, we will:

  • Ensure that the destination country benefits from an adequacy decision by the European Commission or the UK Government, or
  • Put in place appropriate safeguards, such as the EU Standard Contractual Clauses (SCCs) or equivalent UK‑approved mechanisms, together with supplementary measures where required.

You may request further information about the safeguards we use for international transfers by contacting us using the details in Section 1.

5. Recipients of Personal Data

Your personal data may be disclosed to:

  • Service providers acting as processors, including hosting providers, analytics and monitoring tools, customer support platforms, payment processors and email delivery services,
  • Professional advisers such as lawyers, auditors and consultants, where necessary to obtain advice or protect our rights,
  • Public authorities and regulators where we are legally required to do so,
  • Business partners and affiliates, where necessary to provide joint services or integrations and only where appropriate safeguards are in place,
  • Potential buyers or investors in the context of a merger, acquisition or similar corporate transaction, subject to confidentiality and data protection obligations.

We do not sell your personal data. We also do not allow third parties to use your data for their own independent direct marketing without your explicit consent.

6. Your Rights Under the GDPR

If you are located in the EEA or the UK, you have the following rights in relation to your personal data (subject to certain conditions and limitations under applicable law):

  1. Right of access (Art. 15)
    You have the right to obtain confirmation as to whether we process your personal data, and, if so, to receive a copy along with certain additional information.

  2. Right to rectification (Art. 16)
    You have the right to request the correction of inaccurate personal data and to have incomplete personal data completed.

  3. Right to erasure (Art. 17)
    You may request the deletion of your personal data in certain circumstances (for example, when the data are no longer necessary for the purposes for which they were collected, or where you withdraw consent and there is no other legal basis).

  4. Right to restriction of processing (Art. 18)
    You may request that we restrict the processing of your personal data in specific situations, such as when you contest the accuracy of the data or object to processing.

  5. Right to data portability (Art. 20)
    Where processing is based on consent or contract and carried out by automated means, you may request to receive your personal data in a structured, commonly used and machine‑readable format, and have them transmitted to another controller where technically feasible.

  6. Right to object (Art. 21)

    • You may object at any time to processing based on our legitimate interests, on grounds relating to your particular situation.
    • You may also object at any time to the processing of your personal data for direct marketing purposes; in such cases we will stop processing your data for that purpose.

  7. Right to withdraw consent (Art. 7(3))
    Where processing is based on your consent, you have the right to withdraw that consent at any time. This does not affect the lawfulness of processing carried out before withdrawal.

To exercise your rights, please contact us using the details in Section 1. Before responding, we may need to verify your identity to ensure that we are dealing with the correct individual.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which they were collected, including for:

  • The performance of our contract with you,
  • Our legitimate business interests (for example, maintaining records and ensuring security),
  • Compliance with legal, accounting or reporting obligations.

When we no longer need your personal data for these purposes, we will delete or anonymise them in accordance with our data retention policies and applicable law.

8. Automated Decision‑Making and Profiling

Investvio does not use personal data to make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you, within the meaning of GDPR Article 22.

If this ever changes, we will update this Notice and, where required, obtain your explicit consent or provide you with appropriate opt‑out mechanisms.

9. Right to Lodge a Complaint

If you believe that we have infringed your data protection rights, you have the right to lodge a complaint with:

  • The data protection authority in the EU Member State or EEA country where you live, work or where the alleged infringement took place, or
  • The UK Information Commissioner’s Office (ICO) if you are in the United Kingdom.

We would, however, appreciate the opportunity to address your concerns before you approach a supervisory authority, so please consider contacting us first using the contact details provided in Section 1.

10. Contact

If you have any questions about this Notice or how we process your personal data under the GDPR, please contact us at:

Investhub Yazılım ve Teknoloji Hizmetleri A.Ş.
(Investvio brand)
Esentepe Mah. Büyükdere Cad. Levent 199 No: 199, Inside Door:6 Şişli/ İstanbul
[email protected]

For general information about our data processing activities, please also review our main Privacy Policy.