iTahminiTahmin.com

Privacy Policy

Last updated: 22 June 2026

Privacy Policy

This Privacy Policy explains how iTahmin.com ("iTahmin", "we", "us") collects, uses, shares and protects users' personal data. It is prepared in line with the EU General Data Protection Regulation (GDPR) and the Turkish Personal Data Protection Law No. 6698 (KVKK). iTahmin is a sports statistics and data analysis platform; it does not offer betting or gambling.

1. Data Controller

2. Data We Collect

2.1 Account Data

  • Name or username, email address
  • Password (stored using a one-way hash algorithm — never stored in plain text)
  • Year of birth (for age verification, optional)
  • Phone number (for SMS verification, optional)

2.2 Telegram Data

If you use our Telegram bot integration, we store your Telegram User ID and username in order to deliver real-time alerts.

2.3 Usage Data

  • IP address, browser type, device information and language preference
  • Page views, session length, interaction events such as strategies created and matches viewed (for security and service improvement; may be anonymised)
  • Error logs and performance metrics (for service stability)

2.4 Payment Data

VIP access is purchased via bank transfer/EFT, crypto (USDT) or mobile in-app purchase. Your card/wallet details are never seen, received or stored by iTahmin; they are processed by the payment infrastructure or the app store. Only the following limited data is kept on our side:

  • Subscription/access status, start and end dates, and plan
  • For bank transfers: the sender's name and the receipt/reference note (for matching)
  • For crypto payments: an anonymous transaction/chain identifier
  • For mobile purchases: an anonymous transaction/subscription identifier issued by the store

2.5 Communication Data

Support tickets, email correspondence and messages sent via the contact form.

3. Purposes and Legal Bases

Purpose Legal Basis (GDPR Art. 6 / KVKK Art. 5)
Account creation and session management Performance of a contract
VIP access provisioning and billing Performance of a contract
Telegram/email notifications Performance of a contract / explicit consent
Service security, fraud and account-sharing prevention Legitimate interest
Compliance with legal obligations (tax, KVKK, GDPR) Legal obligation
Marketing communications (email, push) Explicit consent
Analytics and service improvement Legitimate interest

4. Data Sharing

We do not sell your personal data to third parties for marketing purposes. Data is shared only with the trusted infrastructure providers necessary to operate the Service:

  • Hosting and server providers — to store data in a secure cloud/server environment.
  • Payment infrastructure and app stores — the relevant bank for bank transfers/EFT; the payment processor for crypto payments; the Apple App Store / Google Play for mobile purchases. These parties process only the data needed for collection and subscription status.
  • Email delivery, error monitoring and backup providers — with limited access as contractual data processors.
  • Public authorities — only where required by law, court order or legitimate request from competent authorities, limited to the requested scope.

5. Cookies

The Platform uses cookies for session management, security and to remember your preferences. For details, see the Cookie Policy. You may change your cookie preferences via your browser at any time; however, disabling strictly necessary cookies may prevent core functions such as login from working.

6. Retention Periods

  • Active account data: until the account is deleted
  • After account deletion: data is kept until applicable statutory retention periods (tax law: 10 years; related litigation) expire, then deleted or anonymised.
  • Anonymous analytics data: up to 26 months.
  • Server error logs: 90 days.

7. Your Rights

Under GDPR Articles 15–22 and KVKK Article 11 you have the right to:

  • Access your data
  • Request correction
  • Request deletion (the right to be forgotten) — subject to retention obligations (see section 6)
  • Object to processing
  • Data portability (in a machine-readable format)
  • Information about automated decision-making and the right to human intervention
  • Withdraw any consent you previously gave

To exercise these rights: destek@itahmin.com. We respond to requests within 30 days at the latest.

8. Security

  • All traffic is encrypted with HTTPS/TLS
  • Passwords are stored using a one-way hash algorithm (bcrypt)
  • Access control, audit logs and regular security reviews are in place
  • Please note that no method of transmission over the Internet is 100% secure; in the event of a data breach, supervisory authorities are notified within 72 hours and affected users are informed directly

9. Children's Data

The Platform is not directed to persons under the age of 18. If we become aware that a child's data has been collected, please contact us — we will delete the data.

10. International Data Transfers

Some of our infrastructure providers may host servers outside the EU/EEA or Türkiye. In such cases, additional safeguards are applied through Standard Contractual Clauses (SCCs) or an adequacy decision.

11. Changes to This Policy

This Policy may be updated. Material changes will be notified by email or via the Platform; the effective date is always shown at the top of the page.

12. Contact

For all data protection matters: