1. Data Controller
This Privacy Policy explains how Etiketta collects and processes your personal data in compliance with the EU General Data Protection Regulation (GDPR) and Turkish KVKK Law No. 6698.
2. Data We Collect
Scan History: Products you scan — stored under an anonymous session ID. No name or account required.
Session Cookie: A UUID cookie named "etiketta_session" to scope your scan history to your device (1 year).
Label Photos (OCR): If you upload a label photo, it is processed instantly for analysis and not stored.
Waitlist Email: If provided, used solely for launch notifications — never shared with third parties.
3. Legal Basis (GDPR)
Legitimate Interest: Providing product analysis and improving service quality.
Consent: Waitlist emails — you may withdraw consent at any time.
Contract: Delivering the service you requested (scanning and analysis).
4. Third-Party Services
SupabaseDatabase infrastructure — EU (Frankfurt) servers. GDPR-compliant. DPA available.
Google Gemini AIProduct content analysis. Data is not used for model training.
Open Food FactsOpen-source product database — ODbL licensed, anonymous.
5. Your Rights (GDPR)
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time
To exercise your rights, contact: etiketta@egemen.tr
6. Cookies
We use only one technically necessary cookie: etiketta_session. No advertising, tracking, or analytics cookies are used.
7. Data Retention
Scan history is retained for 12 months and then automatically deleted. Email addresses are retained until the service launches or until you request deletion.
8. Contact & Complaints
Contact us at etiketta@egemen.tr. EU residents may lodge a complaint with their local Data Protection Authority (DPA).