Privacy Policy

1. Who We Are (Data Controller)

MELIQ LABS LLC is the data controller responsible for the personal data described in this policy. The company is a limited liability company registered in the State of Wyoming, United States, building custom websites, mobile applications, and admin panels for businesses worldwide.

• Legal entity: MELIQ LABS LLC
• Registered address: 30 N Gould St Ste N, Sheridan, WY 82801, USA
• Contact for privacy matters: [email protected]

2. Data We Collect

2.1 Contact Form Data

When you submit our contact form, we collect your name, email address, company name (if provided), selected service type, and message content. This information is provided voluntarily and is necessary for us to respond to your inquiry.

2.2 Analytics Data

With your consent, we use Google Analytics to understand how visitors interact with our website. This includes page views, session duration, device type, browser information, approximate geographic location, and referral source. Data is collected in an aggregated, anonymised form.

2.3 GeoIP Data

We detect your approximate country based on your IP address to deliver a localised experience (language, theme). This detection is performed server-side and no granular location data is stored.

2.4 Cookies

Our website uses a limited number of cookies to function properly. See Section 9 for a detailed breakdown.

3. How We Collect Your Data

• Directly from you when you complete the contact form or interact with the cookie consent banner.
• Automatically through server logs (IP address, request headers) and Google Analytics scripts running in your browser.
• From third parties only when our sub-processors (listed in Section 5) return technical data such as email delivery status.

4. Legal Basis for Processing

We process personal data under the following legal bases (GDPR Article 6 and KVKK Article 5):

• Consent - When you submit the contact form or accept cookies, you provide explicit consent for that processing.
• Legitimate interest - Aggregate analytics that help us understand and improve the website. Processing is proportionate and does not override your privacy rights.
• Performance of a contract - When you contact us about a project, processing your details is necessary to take steps toward a service contract.
• Legal obligation - Limited record retention required by accounting, tax, or other applicable laws.

5. Sub-Processors and Third Parties

We never sell, trade, or rent your personal data. We share data only with the following service providers (sub-processors) strictly for the operation of the website:

All transfers outside the European Union take place under Standard Contractual Clauses (SCC) or equivalent safeguards. You may request an up-to-date sub-processor list at any time via the contact email listed in Section 1.

6. International Data Transfers

Because some of our sub-processors are located in the United States, your personal data may be transferred outside the European Economic Area (EEA) and Türkiye. Each transfer is protected by Standard Contractual Clauses approved by the European Commission (or equivalent contractual safeguards under KVKK Article 9).

7. Data Retention

• Contact form submissions are retained for up to 12 months from initial inquiry, then permanently deleted.
• Email delivery logs at Resend are retained according to their default policy (typically 30 days for content, longer for delivery metadata).
• Analytics data follows Google Analytics' default retention (14 months).
• Server access logs (IP, timestamp, URL) are kept up to 30 days for security and debugging.
• Cookies expire according to their individual durations, set out in Section 9.

8. Your Rights

8.1 Under GDPR (EU/EEA residents)

If you are a resident of the European Union or European Economic Area, you have the following rights:

• Right of access - Request a copy of your personal data.
• Right to rectification - Correct inaccurate or incomplete data.
• Right to erasure - Request deletion of your data.
• Right to restriction - Limit our processing of your data.
• Right to data portability - Receive your data in a structured, machine-readable format.
• Right to object - Object to processing based on legitimate interest.
• Right to withdraw consent - Withdraw consent at any time without affecting prior lawful processing.
• Right to lodge a complaint - File a complaint with your local supervisory authority.

8.2 Under KVKK (Türkiye residents)

If you reside in Türkiye, under the Personal Data Protection Law (No. 6698 / KVKK) you have all the rights listed above, including the right to lodge a complaint with the Personal Data Protection Board (KVKK Kurulu).

To exercise any of these rights, please contact [email protected]. We respond to all verified requests within 30 days.

9. Cookies We Use

All cookies above are strictly functional. We do not use advertising or tracking cookies other than Google Analytics, which is only loaded after you grant consent.

10. Data Security

We use industry-standard technical and organisational measures to protect your personal data: HTTPS by default, hashed authentication secrets, dependency updates, restricted server access, and daily backups. No internet transmission can be 100% secure, but we continuously improve our security posture.

11. Data Breach Notification

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of it (GDPR Article 33) and the KVKK Board where applicable. If the breach is likely to result in a high risk to you, we will also notify you directly without undue delay (GDPR Article 34).

12. Children's Privacy

Our website is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can delete it.

13. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.