Privacy Policy

Last updated: March 29, 2026 · Version 1.0

KVKK (Turkish)

1. Data Controller

OryGent Labs, Barcelona, Spain is the data controller for personal data processed through the OryGent platform.

Contact: privacy@orygent.com

2. Data We Collect

Account data: Name, email address, company name, role, industry sector, company size. Collected during registration and onboarding.

Usage data: Pages visited, features used, AI operations count, twin interactions, session duration. Collected automatically via PostHog analytics (with consent).

Payment data: Processed exclusively by Stripe. We do not store credit card numbers. We receive only transaction confirmations and subscription status.

Company content: Documents uploaded to knowledge base, twin configurations, conversation logs, policy rules. This is your business data — see Section 5.

Technical data: IP address, browser type, device information, cookies. See our Cookie Policy.

3. Legal Basis for Processing

Contract performance: Processing necessary to provide the OryGent service you subscribed to (GDPR Art. 6(1)(b)).

Legitimate interest: Platform security, fraud prevention, service improvement (GDPR Art. 6(1)(f)).

Consent: Analytics cookies, marketing communications (GDPR Art. 6(1)(a)). You may withdraw consent at any time.

Legal obligation: Tax records, regulatory compliance (GDPR Art. 6(1)(c)).

4. How We Use Your Data

We use personal data to provide, maintain, and improve the OryGent platform; process payments; communicate with you; ensure security; and comply with legal obligations.

5. Your Business Data

Company content you upload remains your property. OryGent processes it as a data processor under our Data Processing Agreement. We do not use your business data to train AI models.

6. Data Retention

Account data is retained for the duration of your subscription plus 90 days. Audit logs are retained per your plan configuration. You may request deletion at any time.

7. Your Rights

Under GDPR and applicable law, you have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. See our GDPR Rights page.

8. Contact

For privacy inquiries: privacy@orygent.com

Turkish residents: see our KVKK (Turkish).