Last updated: 22 July 2025
At GetSim (“App,” “Service”), we care about the protection of personal data. This Privacy Policy explains what data we collect, for which purposes and legal bases we process it, with whom we share it, how long we retain it, and what rights you have. The Policy is prepared in accordance with the EU General Data Protection Regulation (GDPR), Türkiye’s Personal Data Protection Law (KVKK No. 6698), and other applicable legislation.
1. Data Controller
Mia Digital Solutions
Hasanpaşa, Nabizade Sk. No: 82 D:1, 34722 Kadıköy/İstanbul, Türkiye
Email: [email protected]
2. Categories of Data Collected
Account/Profile Data: Email address, username, authentication tokens, subscription plan, usage limits.
Virtual Number Usage Data: Numbers you rent, incoming/outgoing SMS contents and timestamps (only to provide the service and to prevent fraud and abuse).
Device and Technical Data: Device model, operating system version, app version, IP address, language/country setting, advertising identifier (IDFA/AAID), log files.
Payment/Billing Data: Limited transaction information provided by the store (Google Play / App Store) (transaction ID, product type). We do not collect or store card details.
Communication and Support Records: Support requests, email correspondence, error reports.
Error/Performance Data: App crash reports, error logs (via Sentry, etc.).
AI Feature Content: Text prompts and outputs shared with services such as OpenAI.
3. Purposes and Legal Bases
| Purpose | Legal Basis |
|---|---|
| Providing the service, managing your account | Performance of a contract (GDPR 6/1-b, KVKK 5/2-c) |
| Security, fraud and abuse prevention | Legitimate interests (GDPR 6/1-f), legal obligations |
| Analytics, performance and error tracking | Legitimate interests (GDPR 6/1-f) |
| Personalized ads/measurement (AdMob) | Consent (GDPR 6/1-a) |
| Fulfilling legal obligations (invoicing, tax, etc.) | Legal obligation (GDPR 6/1-c, KVKK 5/2-ç) |
| Support and communication processes | Performance of a contract / Legitimate interests |
4. Third-Party Service Providers
We use the following providers only as necessary and under our instructions:
Google AdMob – Ad display and measurement (consent-based).
Google Firebase – Analytics, push notifications, crash reporting.
Shorebird – OTA/dynamic update distribution and version tracking.
Sentry – Error and crash report collection.
OpenAI – User inputs for AI/LLM-based features.
Hetzner Online GmbH (Germany) – Server and database hosting.
We recommend reviewing each provider’s own privacy policy. For processing activities requiring consent, we present consent screens in the app; you may withdraw your consent at any time.
5. International Data Transfers
Your data may be transferred outside the EEA (e.g., to the USA). In such cases, we apply appropriate safeguards under the GDPR, such as Standard Contractual Clauses (SCCs) and additional technical/organizational measures. Under the KVKK, we rely on adequate protection measures approved by the Authority or your explicit consent.
6. Retention Periods
Account data: For as long as your account is active; anonymization/deletion within 90 days after your deletion request (unless we must keep it due to legal obligations).
SMS content & number records: Up to 30 days for service provision and fraud prevention; longer if required for dispute resolution.
Logs/error records: Up to 180 days, then anonymized.
Billing data: 10 years (or the legally required period) due to tax and commercial laws.
Marketing data: Until you withdraw consent or a maximum of 2 years.
Once these periods expire, data is deleted or irreversibly anonymized.
7. Cookies, SDKs and Tracking Technologies
Within the mobile app, advertising and analytics SDKs (AdMob, Firebase, etc.) and device advertising identifiers may be used. You can limit personalized ads or reset your advertising ID in your device settings.
8. Your Rights
Under the GDPR (for EU/EEA users):
Right of access, rectification, erasure (“right to be forgotten”), restriction of processing
Data portability
Right to object to processing based on legitimate interests or direct marketing
Right to withdraw consent at any time
Under the KVKK (for users in Türkiye):
Pursuant to Article 11 of the KVKK, you have the right to learn whether your data is processed, to request information if it has been processed, to learn the purpose of processing and whether it is used in accordance with its purpose, to know the third parties to whom it is transferred, to request correction/deletion, and to object, among other rights.
To exercise your rights, you can contact us via email. We will respond as soon as possible and within the statutory time limits.
9. Children’s Privacy
The Service is not directed to individuals under 18. We do not knowingly collect data from anyone under 18. If we become aware of such collection, we will promptly delete the data or obtain the necessary legal consents.
10. Security
We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse (encryption, access control, network security, etc.). However, no system can be guaranteed 100% secure.
11. Changes to This Policy
We may update this policy from time to time. In case of material changes, we will notify you via in-app notification or email and update the “Last updated” date.
12. Contact
To exercise your rights, ask questions, or submit complaints:
Mia Digital Solutions
Hasanpaşa, Nabizade Sk. No: 82 D:1, 34722 Kadıköy/İstanbul, Türkiye
Email: [email protected]
You also have the right to lodge a complaint with your local data protection authority (in Türkiye, the KVKK Authority; in the EU, your local supervisory authority).