Bazaarly Privacy & Security Policy

Last Updated: June 8, 2026

This document has been prepared by Bazaarly ("Platform") for the purpose of informing our users regarding the processing, storage, and protection of their personal data within the framework of the Personal Data Protection Law No. 6698 ("KVKK") and relevant legislation.

Bazaarly is a catalog and communication platform where sellers (artisans) can list their products, and customers can review, favorite, comment on these products, and message sellers directly to make appointments.

1. Data Controller

Your personal data may be processed by Bazaarly [Company Title to be Established or Names of the 3 Partners] in its capacity as data controller, whom you can contact via the information below:

Email: info@bazaarly.com
Address: [Official Company Address Will Be Added]

2. Processed Personal Data

Within the scope of our services and in accordance with the unique dynamics of the platform, data is processed in the following categories.

Important Note: Since there is no direct product sale, transaction collection, or payment step on our platform, users' credit card data, bank account numbers, or financial passwords are never requested or processed under any circumstances.

Identity and Contact Information: First name, last name, email address, phone number, profile photo, and shop/workshop location for sellers.
Customer Transaction Information: Favorited products, search history, comments submitted under products, ratings given, and appointment history logs requested from sellers.
Communication and Messaging Data: Instant text messages and shared images exchanged between the Seller and Customer through the in-app chat module.
Transaction Security and Technical Data: IP address, log records (system activity), device ID, operating system, and selected language preferences, which are mandatory to be kept pursuant to Law No. 5651.

3. Purposes of Processing Personal Data

Based on the security and moderation standards of marketplace platforms like Trendyol and Hepsiburada, your personal data is processed for the following purposes:

• Establishing and executing customer and seller membership agreements, and managing account processes.
• Ensuring appointment coordination between Sellers and Customers and providing an uninterrupted instant communication (chat) infrastructure.
• Publishing product reviews and ratings entered by Customers after routing them through filters (moderation) for unfair competition, public morality, and cybersecurity.
• Optimizing the interface according to the user's language choice due to the multi-language global structure of the platform.
• Ensuring information security, preventing fake accounts, and blocking fraudulent attempts.
• Fully complying with legal obligations, primarily Laws No. 5651 and 6563.

4. Legal Grounds

Your personal data is processed based on the legal grounds of the establishment or performance of a contract, the legal obligation of the data controller, and the legitimate interests of the data controller to ensure platform security, in accordance with the legal framework regulated in Article 5 and Article 6 of the KVKK.

5. Data Transfer

Due to the nature of the service, your data is only transferred to the counterparty (the relevant Seller or Customer) with whom you choose to initiate the appointment and messaging process. Furthermore, due to the multi-language structure and global access speed architecture of the platform, your data may be transferred to the overseas servers of our technical infrastructure and secure cloud hosting (AWS, Google Cloud, etc.) providers in compliance with KVKK legislation. Data is also shared with authorized public institutions and organizations in case of legal obligations.

6. Retention Period

Your personal data is stored as long as your membership relationship continues and for the legal durations required for the purpose for which they were processed. Traffic (log) records within the scope of Law No. 5651 are legally retained for 2 years; at the end of this period or when you delete your account, your data will be deleted, destroyed, or anonymized.

7. Your Rights Under KVKK

Pursuant to Article 11 of the KVKK, you have the right to learn whether your data is processed, request information if processed, learn the purpose of processing and whether it is used appropriately, know the third parties to whom it is transferred domestically or abroad, request correction if it is incompletely or incorrectly processed, and request its deletion or destruction.

You can submit your requests to info@bazaarly.com via your email address registered in our system.

8. Cookies

Technical cookies are used on our platform to improve user experience, optimize in-app steps, and especially to display the platform in the correct language by remembering your preferred language choice (Turkish, English, etc.).

9. Security and Moderation

The highest level of technical and administrative measures are taken for the security of your personal data and in-app communications.

Messaging Security Notice: Text and images shared in in-app chat rooms may be inspected by automatic filtering systems and moderators to prevent cyberbullying, scam attempts, and to detect violations of the Terms of Use. Users accept in advance that in-app correspondence is subject to this inspection for cybersecurity purposes.

10. Updates

This policy may be updated when necessary in line with new features to be added to the platform (such as payment steps likely to be introduced in the future) or amendments in legal legislation. The current version is always published on this page.