Privacy Policy

1. Introduction
2. Data Controller
3. Data We Collect
4. How We Use Your Data
5. Legal Basis for Processing
6. Third-Party Services
7. Data Storage & Security
8. Data Retention
9. Your Rights (GDPR)
10. Children's Privacy
11. Changes to This Policy
12. Contact Us

1. Introduction

Only Fasting ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App").

By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the App.

2. Data Controller

Company: Mustafa Baykal (Individual Developer)

Email: privacy@onlyfasting.com

Address: Istanbul, Turkey

For any privacy-related questions or to exercise your data rights, please contact us at the email address above.

3. Data We Collect

3.1 Information You Provide

Data Type	Examples	Purpose
Account Information	Email, name, profile photo	Account creation & authentication
Fasting Data	Start/end times, fasting plans, streaks	Core app functionality
Hydration Data	Water intake amounts, timestamps	Hydration tracking feature
Willpower Entries	Resisted cravings, calories avoided	Motivation tracking
Preferences	Language, notification settings, goals	Personalization

3.2 Information Collected Automatically

Data Type	Examples	Purpose
Device Information	Device model, OS version, unique identifiers	App functionality & support
Usage Data	Features used, session duration	App improvement
Crash Reports	Error logs, stack traces	Bug fixing

4. How We Use Your Data

Provide Services: Track your fasting periods, hydration, and progress
Sync Data: Keep your data synchronized across devices
Send Notifications: Remind you about fasting start/end times and hydration
Process Payments: Handle premium subscription transactions
Improve App: Analyze usage patterns to enhance features
Customer Support: Respond to your inquiries and requests
Legal Compliance: Meet legal obligations and protect our rights

We do NOT:

- Sell your personal data to third parties

- Use your data for targeted advertising

- Share your health data with insurance companies

5. Legal Basis for Processing

Under GDPR Article 6 and Article 9

Processing Activity	Legal Basis
Account creation & authentication	Contract performance (Art. 6(1)(b))
Fasting & hydration tracking	Contract performance (Art. 6(1)(b))
Health data processing	Explicit consent (Art. 9(2)(a))
Push notifications	Legitimate interest (Art. 6(1)(f))
Analytics & improvement	Legitimate interest (Art. 6(1)(f))
Subscription processing	Contract performance (Art. 6(1)(b))

6. Third-Party Services

We use the following third-party services to operate our App:

Service	Purpose	Data Shared
RevenueCat	Subscription management	Purchase data, anonymous user ID
Apple (Sign in with Apple)	Authentication	Email (optional), name
Supabase	Database hosting (EU)	All user data (encrypted)
Expo	Push notifications	Device tokens

7. Data Storage & Security

7.1 Where We Store Data

In the current release, fasting and hydration records are stored locally on your device. If optional account sync is enabled in future updates, synced data will be stored on secure servers located in the European Union (Frankfurt, Germany).

7.2 Security Measures

All data transmitted using TLS 1.3 encryption (HTTPS)
Passwords hashed using bcrypt with salt
Database encrypted at rest
Regular security audits
Access controls and authentication for all systems
Rate limiting and brute force protection

8. Data Retention

Data Type	Retention Period
Account data	Until account deletion
Fasting history	Until account deletion
Health tracking data	Until revoked or account deletion
Audit logs	2 years (anonymized after deletion)
Subscription records	7 years (legal requirement)

After account deletion, your personal data is permanently removed within 30 days, except where retention is required by law.

9. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the following rights:

Right	Description	How to Exercise
Access (Art. 15)	Request a copy of your data	Contact privacy@onlyfasting.com
Rectification (Art. 16)	Correct inaccurate data	Profile > Edit Name
Erasure (Art. 17)	Delete your account and data	In-app Delete Account (Profile > Data) or Delete Account page or privacy@onlyfasting.com
Portability (Art. 20)	Receive data in machine-readable format	Contact privacy@onlyfasting.com
Withdraw Consent	Revoke previously given consent	Settings or contact us
Lodge Complaint	Complain to supervisory authority	Your local DPA

To exercise any of these rights, contact us at privacy@onlyfasting.com. We will respond within 30 days.

10. Children's Privacy

Our App is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent and believe your child has provided us with personal data, please contact us immediately at privacy@onlyfasting.com and we will delete such information.

10b. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out: You can opt-out of the sale of your personal information. Note: We do not sell your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at privacy@onlyfasting.com or use our Delete Account page.

Categories of Information Collected: Identifiers (email, name), health information (with consent), commercial information (subscription status), internet activity (app usage).

Do Not Track: Our App does not respond to "Do Not Track" signals as there is no industry standard for this.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new policy on this page
Updating the "Last updated" date
Sending an in-app notification for significant changes

12. Contact Us

For privacy inquiries:

Email: privacy@onlyfasting.com

For general support:

Email: support@onlyfasting.com

Website: onlyfasting.com/support.html

1. Giris

Only Fasting ("biz", "bizim") gizliliginizi korumaya kararliyiz. Bu Gizlilik Politikasi, mobil uygulamamizi ("Uygulama") kullandiginizda bilgilerinizi nasil topladigimizi, kullandigimizi, ifsa ettigimizi ve korudugumuzu aciklar.

Uygulamayi kullanarak, bu politikaya uygun olarak bilgilerin toplanmasini ve kullanilmasini kabul etmis olursunuz.

2. Veri Sorumlusu

Sirket: Mustafa Baykal (Bireysel Gelistirici)

E-posta: privacy@onlyfasting.com

Adres: Istanbul, Turkiye

Gizlilikle ilgili sorulariniz veya veri haklarinizi kullanmak icin yukaridaki e-posta adresinden bize ulasabilirsiniz.

3. Topladigimiz Veriler

3.1 Sagladiginiz Bilgiler

Veri Turu	Ornekler	Amac
Hesap Bilgileri	E-posta, isim, profil fotografi	Hesap olusturma ve kimlik dogrulama
Oruc Verileri	Baslangic/bitis zamanlari, oruc planlari, seriler	Temel uygulama islevselligi
Su Tuketimi Verileri	Icilen su miktarlari, zaman damgalari	Su takibi ozelligi
Irade Gucu Kayitlari	Direnilen istekler, kacinilan kaloriler	Motivasyon takibi
Tercihler	Dil, bildirim ayarlari, hedefler	Kisillestirme

3.2 Otomatik Toplanan Bilgiler

Veri Turu	Ornekler	Amac
Cihaz Bilgileri	Cihaz modeli, isletim sistemi, benzersiz tanimlayicilar	Uygulama islevselligi ve destek
Kullanim Verileri	Kullanilan ozellikler, oturum suresi	Uygulama iyilestirme
Cokme Raporlari	Hata gunlukleri	Hata duzeltme

4. Verilerinizi Nasil Kullaniyoruz

Hizmet Sunmak: Oruc donemlerinizi, su tuketiminizi ve ilerlemenizi takip etmek
Veri Senkronizasyonu: Verilerinizi cihazlar arasinda senkronize tutmak
Bildirim Gondermek: Oruc baslangic/bitis zamanlari ve su hatirlat icin
Odeme Islemek: Premium abonelik islemlerini yonetmek
Uygulamayi Gelistirmek: Ozellikleri iyilestirmek icin kullanim kaliplarini analiz etmek
Musteri Destegi: Sorulariniza ve taleplerinize yanit vermek

YAPMIYORUZ:

- Kisisel verilerinizi ucuncu taraflara satmiyoruz

- Hedefli reklam icin kullanmiyoruz

- Saglik verilerinizi sigorta sirketleriyle paylasmiyoruz

5. Islemenin Hukuki Dayanagi

KVKK Madde 5 ve Madde 6 kapsaminda

Isleme Faaliyeti	Hukuki Dayanak
Hesap olusturma ve kimlik dogrulama	Sozlesmenin ifasi
Oruc ve su takibi	Sozlesmenin ifasi
Saglik verisi isleme	Acik riza
Anlik bildirimler	Mesru menfaat
Abonelik isleme	Sozlesmenin ifasi

6. Ucuncu Taraf Hizmetler

Uygulamamizi calistirmak icin asagidaki ucuncu taraf hizmetleri kullaniyoruz:

Hizmet	Amac	Paylasilan Veri
RevenueCat	Abonelik yonetimi	Satin alma verileri, anonim kullanici ID
Apple (Apple ile Giris)	Kimlik dogrulama	E-posta (istege bagli), isim
Supabase	Veritabani barindirma (AB)	Tum kullanici verileri (sifreli)

7. Veri Depolama ve Guvenlik

7.1 Verileri Nerede Sakliyoruz

Mevcut surumde oruc ve su takibi verileri cihazinizda yerel olarak saklanir. Gelecek guncellemelerde istege bagli hesap senkronizasyonu acildiginda, senkronize veriler Avrupa Birligi'nde (Frankfurt, Almanya) bulunan guvenli sunucularda saklanacaktir.

7.2 Guvenlik Onlemleri

Tum veriler TLS 1.3 sifreleme (HTTPS) ile iletilir
Sifreler bcrypt ile hashlenmistir
Veritabani duragan halde sifrelidir
Duzenli guvenlik denetimleri
Tum sistemler icin erisim kontrolleri

8. Veri Saklama Sureleri

Veri Turu	Saklama Suresi
Hesap verileri	Hesap silinene kadar
Oruc gecmisi	Hesap silinene kadar
Saglik takip verileri	Iptal edilene veya hesap silinene kadar
Denetim gunlukleri	2 yil (silindikten sonra anonimlestiirlir)
Abonelik kayitlari	7 yil (yasal gereklilik)

9. Haklariniz (KVKK)

6698 sayili Kisisel Verilerin Korunmasi Kanunu kapsaminda asagidaki haklara sahipsiniz:

Hak	Aciklama	Nasil Kullanilir
Bilgi Edinme	Verilerinizin islenip islenmedigini ogrenme	privacy@onlyfasting.com
Erisim	Verilerinizin bir kopyasini talep etme	privacy@onlyfasting.com
Duzeltme	Yanlis verileri duzeltme	Profil > Isim Duzenle
Silme	Hesabinizi ve verilerinizi silme	Uygulama icinden Hesap Sil (Profil > Veri) veya Hesap Silme sayfasi veya privacy@onlyfasting.com
Itiraz	Veri islemeye itiraz etme	privacy@onlyfasting.com
Sikayet	Kisisel Verileri Koruma Kurulu'na basvuru	kvkk.gov.tr

Bu haklarinizi kullanmak icin privacy@onlyfasting.com adresinden bize ulasin. 30 gun icinde yanit verecegiz.

10. Cocuklarin Gizliligi

Uygulamamiz 16 yasin altindaki cocuklara yonelik degildir. 16 yasin altindaki cocuklardan bilerek kisisel bilgi toplamiyoruz. Ebeveynseniz ve cocugunuzun bize kisisel veri sagladigini dusunuyorsaniz, lutfen derhal privacy@onlyfasting.com adresinden bize ulasin, bu bilgileri silecegiz.

10b. Kaliforniya Gizlilik Haklari (CCPA)

Kaliforniya'da ikamet ediyorsaniz, Kaliforniya Tuketici Gizlilik Yasasi (CCPA) kapsaminda ozel haklariniz vardir:

Bilme Hakki: Hakkinda topladigimiz kisisel bilgilerin kategorileri ve belirli parcalari hakkinda bilgi talep edebilirsiniz.
Silme Hakki: Belirli istisnalara tabi olarak kisisel bilgilerinizin silinmesini talep edebilirsiniz.
Vazgecme Hakki: Kisisel bilgilerinizin satilmasindan vazgecebilirsiniz. Not: Kisisel bilgilerinizi satmiyoruz.
Ayrimcilik Yapmama Hakki: CCPA haklarinizi kullandiginiz icin size karsi ayrimcilik yapmayacagiz.

Bu haklari kullanmak icin privacy@onlyfasting.com adresinden bize ulasin veya Hesap Silme sayfamizi kullanin.

11. Politika Degisiklikleri

Bu Gizlilik Politikasini zaman zaman guncelleyebiliriz. Onemli degisiklikleri su sekillerde bildirecegiz:

Yeni politikayi bu sayfada yayinlayarak
"Son guncelleme" tarihini guncelleyerek
Onemli degisiklikler icin uygulama ici bildirim gondererek

12. Iletisim

Gizlilik sorulari icin:

E-posta: privacy@onlyfasting.com

Genel destek icin:

E-posta: support@onlyfasting.com

Web sitesi: onlyfasting.com/support.html

← Back to Home

Table of Contents