CyprusAI ← Back to site
Legal

Privacy Policy

Last updated: 2026-06-07

Note: This text is a draft and does not constitute legal advice. The final version may change before it takes effect.

This Privacy Policy explains how CyprusAI products and services (including CyprusAI Pharos) collect, use, and protect your personal data. This text is a draft and does not constitute legal advice.

Data Controller

The data controller for personal data processed within CyprusAI products and services (offered under the CyprusAI brand, including CyprusAI Pharos) is Ucar Solution LLC (Sumer Mah. 2482/2 Sk. Skycity B Blok Is Merkezi No: 4/1 Ic Kapi No: 58, Merkezefendi, 20030 Denizli / Turkiye; MERSIS: 0883-1230-2240-0002; Tax Office/No: Gokpinar VD 8831230224). CyprusAI provides artificial intelligence products and services for businesses.

For any questions, requests, or applications regarding your personal data, you may contact us at [email protected] or +90 548 845 11 11.

Data We Collect

Through our customer request form, we collect the following data: business name, sector of activity, contact details (full name, email, phone), social media and website links, and free-text where you describe your needs.

In addition, when you use the service, certain technical data may be collected automatically: IP address, browser type, device information, and your on-site interactions (via cookies, as described in our separate Cookie Policy).

We aim to collect only the data necessary to provide our service and do not request more data than needed.

How We Use Data

We primarily use the data we collect to prepare a tailored roadmap, market research, and AI-assisted solution proposals for you.

We also process data to provide and improve the service, respond to your requests, fulfil our contractual obligations, ensure security, and comply with our legal obligations.

We do not sell your personal data to third parties for marketing purposes without your explicit consent.

Legal Basis

We process your personal data within the framework of the GDPR (EU Regulation 2016/679) and the Turkish Data Protection Law (KVKK, Law No. 6698).

The legal bases for our processing are: the conclusion or performance of a contract (GDPR Art. 6(1)(b); KVKK Art. 5/2-c), our legitimate interests (GDPR Art. 6(1)(f); KVKK Art. 5/2-f), our legal obligations (GDPR Art. 6(1)(c); KVKK Art. 5/2-d), and, where required, your explicit consent (GDPR Art. 6(1)(a); KVKK Art. 5/1).

For processing based on consent, you may withdraw your consent at any time; this does not affect the lawfulness of processing carried out before the withdrawal.

Third Parties and Transfers

To provide our service, we may work with trusted third-party service providers. These may include third-party AI providers (e.g. large language model services), hosting, analytics, and infrastructure providers.

We try to keep data shared with AI providers to a minimum, transmitting only what is necessary to generate your tailored output.

Where data is transferred outside the European Economic Area, we commit to providing appropriate legal safeguards, such as standard contractual clauses. We share your data only when we have a lawful basis to do so.

Retention Period

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law.

When an active customer relationship ends, we will delete or anonymise your data within a reasonable period, subject to any legal retention obligations.

Your Rights

Under the GDPR and KVKK, you have certain rights as a data subject: access to your data, rectification, erasure (right to be forgotten), restriction of processing, objection to processing, and data portability.

You also have the right to withdraw consent where processing is based on consent, and to object to a decision that produces an adverse effect on you based solely on automated processing.

To exercise your rights, you may contact [email protected]. We will review and respond to your request within the legal timeframes. You also have the right to lodge a complaint with the competent data protection authority (the relevant supervisory authority in Cyprus/EU, or the Personal Data Protection Authority in Turkey).

Cookies

We use essential/functional cookies and analytics cookies on our website. Essential cookies are necessary for the site to work; analytics cookies help us improve the service.

For details on our use of cookies, please review our separate Cookie Policy. You can manage your cookie preferences through your browser settings.

Security

We implement appropriate technical and organisational measures (including access controls, encryption, and regular security reviews) to protect your personal data against unauthorised access, loss, or misuse.

While no method of transmission or storage is one hundred percent secure, we are committed to maintaining industry-standard protection and to complying with our legal notification obligations in the event of a data breach.

Contact

For any questions about this Privacy Policy, our privacy practices, or your rights, you can contact us at [email protected].

This text is a draft and does not constitute legal advice; the final version may change before it takes effect.