Privacy Policy

At Orca SaaS, we highly value the privacy of our users. This policy explains how we collect, use, and protect your personal data.

Last Updated: November 4, 2025

General Information

Orca SaaS ("we", "our" or "company") is committed to protecting user privacy. This Privacy Policy explains how personal information is collected, used, and shared when you use the www.orcasaas.com website and related services.

Our Commitment: Your personal data will never be shared with third parties for marketing purposes.

Information We Collect

2.1. Personal Information

When using our services, we may collect the following personal information:

  • Full name
  • Email address
  • Phone number
  • Company name and position details
  • Billing and payment information
  • Account username and password

2.2. Automatically Collected Information

When you use our website, we may automatically collect the following information:

  • IP address and location information
  • Browser type and version
  • Operating system information
  • Pages visited and usage duration
  • Click data and navigation information
  • Cookie data

2.3. Business Communication Information

Collected during platform usage:

  • CRM data and customer interaction records
  • Email campaign metrics
  • Sales and performance analytics

How We Use Your Information

We use the information we collect for the following purposes:

Purpose Description
Service Delivery To provide platform features and manage your account
Communication To provide updates, notifications and support
Development To improve our services and add new features
Security To prevent fraud and ensure security
Analytics To analyze usage trends and generate reports
Legal Obligations To comply with legal requirements and regulations

Cookies

Our website uses cookies to improve user experience. Cookies are small text files stored on your device by your browser.

Cookie Types:

  • Performance Cookies: Analyze how visitors use the site
  • Functional Cookies: Remember your preferences and provide personalization
  • Marketing Cookies: Used to display relevant advertisements
  • Essential Cookies: Provide basic website functionality

You can manage or reject cookies through your browser settings.

Data Security

We implement industry-standard security measures to protect your personal data:

  • 256-bit SSL/TLS encryption for data transmission
  • Encrypted storage in secure data centers
  • Regular security audits and penetration testing
  • Multi-factor authentication (MFA) support
  • Access control and authorization systems
  • Automated backup and disaster recovery plans
  • Employee training and confidentiality agreements

Data Sharing

We may share your personal information with third parties only in the following cases:

  • Service Providers: For payment processing, data analysis, and customer support
  • Legal Requirements: Court orders or legal obligations
  • Business Transfer: In case of merger, acquisition, or asset sale
  • Explicit Consent: With your explicit permission

We Never: Sell your data to third parties for marketing or advertising purposes.

Your Rights (GDPR/KVKK)

Under GDPR and Turkish Personal Data Protection Law (KVKK), you have the following rights:

  • To learn whether your personal data is being processed
  • To request information if it has been processed
  • To learn the purpose of processing and whether it is used accordingly
  • To know third parties to whom data is transferred domestically or abroad
  • To request correction if data is incomplete or inaccurate
  • To request deletion or destruction under legal conditions
  • To request notification of correction, deletion to third parties
  • To object to adverse results from automated analysis
  • To claim compensation for damages from unlawful processing

To exercise your rights: You can submit a written request to privacy@orcasaas.com.

Data Retention Period

We retain your personal data only as long as necessary:

  • Active Accounts: As long as your account is active
  • Closed Accounts: 3 years after account closure (for legal requirements)
  • Financial Records: 10 years as required by tax legislation
  • Communication Records: 2 years for support requests
  • Log Records: 1 year for security purposes

International Data Transfer

Our services may use global infrastructure. Your data may be processed on servers abroad. In this case:

  • Data transfer is only done through secure channels
  • EU Standard Contractual Clauses (SCC) are applied
  • GDPR and KVKK compliance is ensured
  • Data protection level is guaranteed

Children's Privacy

Our services are not designed for individuals under 18 years of age. We do not knowingly collect personal information from persons under 18. If we become aware that we have collected data from a user under 18, we will delete that information immediately.

Privacy Policy Changes

We may update this Privacy Policy from time to time. When significant changes are made, we will notify you via email or platform notification. The last update date is indicated at the top of the page.

We recommend that you review the policy regularly.

Have Questions?

If you have any questions or concerns about our privacy policy, please contact us.

privacy@orcasaas.com

Orca SaaS
Data Controller
Data Protection Compliance Unit