Legal

Privacy Policy

Last updated: 15 July 2026

This policy explains what personal data Octolyze collects, how we use and protect it, and the rights you have. It is aligned with the EU GDPR and Türkiye’s KVKK (Law No. 6698).

Contents

  1. 1. Who We Are
  2. 2. Data We Collect
  3. 3. How We Use Data
  4. 4. Legal Bases
  5. 5. Data From Sites You Crawl
  6. 6. Shared Reports & Clients
  7. 7. Cookies & Tracking
  8. 8. How We Share Data
  9. 9. International Transfers
  10. 10. Data Retention
  11. 11. Security
  12. 12. Your Rights
  13. 13. Children’s Privacy
  14. 14. Changes to This Policy
  15. 15. Contact

1 Who We Are

Octolyze (“we”, “us”) operates a cloud technical SEO audit platform. For the purposes of the GDPR and KVKK, we are the data controller for the personal data described in this policy. You can reach us at info@octolyze.com.

Data controller: Octolyze Technology Inc. · Mimar Sinan Mah. 307. Sok. No:2, Atakum / Samsun, Türkiye · Tax No: 53111112595

2 Data We Collect

CategoryExamples
Account dataName, email address, hashed password, role/plan, account preferences.
Audit & crawl dataTarget Site URLs you submit, and technical metadata we retrieve (status codes, titles, meta tags, headings, links, response times, sitemaps, resources). We do not intend to collect personal data from crawled pages, but public pages may contain some.
Usage dataActions in the app, feature usage, device/browser type, IP address, timestamps, and diagnostic logs.
Billing dataPlan, subscription status, and limited transaction details. Card details are handled by our payment processor — we do not store full card numbers.
CommunicationsMessages, support requests, and feedback you send us.
CookiesSession and preference identifiers (see “Cookies & Tracking”).

3 How We Use Data

4 Legal Bases

Where the GDPR/KVKK applies, we rely on: performance of a contract (to provide the Service you signed up for); legitimate interests (to secure, improve, and operate the Service, balanced against your rights); consent (e.g., certain cookies or marketing, which you can withdraw); and legal obligation (e.g., tax and accounting).

5 Data From Sites You Crawl

When you submit a Target Site, we crawl it on your instruction and store technical results in your account. With respect to any personal data contained in the pages you crawl, you act as the controller and we act as a processor on your behalf; you are responsible for having a lawful basis and the right to crawl and analyze that site. We process such data only to provide the Service to you.

You must only crawl websites you own or are authorized to analyze. Do not use Octolyze to collect personal data unlawfully.

6 Shared Reports & Client Accounts

If you share a report via a public link or provision a Report Member account, the recipient can view the shared report. When you create a client account, we process that person’s name and email to give them access and to show you their status in your Clients (CRM). You are responsible for ensuring you may share this data with them.

7 Cookies & Tracking

We use a small number of cookies and similar technologies that are strictly necessary to sign you in and remember your preferences (for example, an authentication token stored in your browser). Where we use any non-essential analytics, we will ask for consent as required by law and you can manage your choices. We do not sell your data or use it for cross-site advertising.

8 How We Share Data

We do not sell your personal data. We share it only with:

9 International Transfers

Our providers may process data in countries other than yours. Where we transfer personal data internationally, we use appropriate safeguards (such as Standard Contractual Clauses) and take steps consistent with the GDPR and KVKK to protect it.

10 Data Retention

We keep personal data for as long as your account is active and as needed to provide the Service. Crawl results are retained so you can compare audits over time and are removed when you delete them or close your account, subject to reasonable backup cycles. We keep certain records longer where required for legal, tax, or security purposes.

11 Security

We use technical and organizational measures to protect your data, including encryption in transit (HTTPS), hashed passwords (argon2id), scoped access controls, and session tokens that are never stored in plaintext. No method of transmission or storage is completely secure; we cannot guarantee absolute security, but we work to protect your data and to notify you of significant incidents as required by law.

12 Your Rights

Subject to applicable law (GDPR and KVKK Art. 11), you have the right to:

To exercise your rights, email info@octolyze.com. You can also update your profile or delete your account from within the app.

13 Children’s Privacy

The Service is not directed to children and is intended for users aged 18 and over. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

14 Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice (e.g., by email or in-app) and update the “Last updated” date above.

15 Contact

For any privacy question or to exercise your rights, contact us at info@octolyze.com.