Privacy policy

1. Data controller and contact

The data controller for Mindfull Pause Services is the operator of the Mindfull Pause brand. For privacy and data-protection requests relating to the App and Mindfull Pause accounts, contact: support@mindfullpause.app.

For requests that specifically concern Ai Solutions corporate accounts, billing, or personal data processed solely through the main website aisolutionstr.com (outside the Mindfull Pause product), you may contact: info@aisolutionstr.com.

We may require reasonable identity verification before fulfilling sensitive requests (including deletion). We may refuse manifestly unfounded or excessive requests as permitted by law, or charge a reasonable fee where allowed.

2. Scope and exclusions

This Policy applies to processing we perform as a controller for the Services. It does not govern third-party applications (e.g., food delivery, social networks, streaming platforms) that you choose to pause or delay using Mindfull Pause — those services have their own controllers and policies. Publicly available information you publish elsewhere is not controlled by this Policy.

3. Categories of personal data

Depending on device permissions, product version, region, and your choices, we may process the following categories (non-exhaustive):

• Identifiers & contact: name, username, email address, account identifiers.
• Authentication & security: password hashes (never stored in plain text where passwords are used), tokens, device fingerprints, login history, fraud signals.
• Device & technical: device type, OS version, language, time zone, IP address, user agent, crash logs, performance diagnostics.
• Usage & configuration: in-app events, pause rules you configure, feature toggles, support interactions, feedback text.
• Communications: email content you send us, notification preferences, marketing consent records.
• Payment & billing (if applicable): transaction IDs, subscription status, receipt metadata; payment card data is handled by certified payment processors, not stored on our servers in full form.
• Approximate location (only if you enable a feature requiring it): coarse location derived from IP or OS APIs — not precise GPS unless explicitly stated in-product.

We do not intentionally collect special categories of personal data (e.g., health, biometric templates for identification, political opinions). If you voluntarily submit such data, we process it only to the minimum extent necessary to respond or delete it.

4. Purposes and lawful bases

We process personal data for purposes including: providing and operating the Services; authenticating users; applying pause/delay rules you configure; security and abuse prevention; troubleshooting and product improvement; customer support; legal compliance; enforcing our Terms of Use; and, where permitted, analytics and marketing.

Lawful bases under KVKK and related standards may include: legal obligation; performance of a contract; establishment, exercise, or defense of legal claims; explicit consent where required; and legitimate interests (such as securing the Services, preventing fraud, and improving reliability) where not overridden by your rights.

5. Sources of data

We collect data directly from you, automatically from your device when you use the Services, from payment processors, from app stores where relevant, and occasionally from fraud-prevention or security partners.

6. Cookies and similar technologies (web)

Our websites may use cookies, local storage, pixels, and similar technologies for session management, preferences, security, and analytics. You can control cookies through browser settings; disabling certain cookies may degrade functionality.

7. Analytics and product telemetry

We may use analytics to understand aggregate usage (e.g., feature adoption, crash rates). Where feasible, we aggregate or de-identify data. We do not use analytics to sell personal data as traditionally defined under consumer privacy laws.

8. Disclosure to recipients and subprocessors

We may disclose personal data to vendors that process data on our behalf under contractual terms (subprocessors), including for example: cloud infrastructure, email delivery, customer support tooling, error/crash reporting, push notifications, payment processing, and security monitoring. We may disclose data if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of users, the public, or Mindfull Pause.

We may disclose or transfer data as part of a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to confidentiality and continued protection consistent with this Policy where required by law.

9. International transfers

Your data may be processed in Turkey and other countries where we or our subprocessors operate. Where transfers outside Turkey occur, we implement safeguards required under KVKK Article 9 and applicable law (e.g., contractual clauses, adequacy decisions where available).

10. Retention

We retain personal data only as long as necessary for the purposes described, including satisfying legal, tax, accounting, or reporting requirements, resolving disputes, and enforcing agreements. Retention periods vary by data category; backup copies may persist for a limited technical period after deletion. Aggregated or de-identified information may be retained without time limit.

11. Security

We implement administrative, technical, and physical safeguards appropriate to the risk, including access controls, encryption in transit (and in storage where appropriate), logging, vulnerability management, and staff training. No method of transmission or storage is 100% secure; you use the Services at your own risk to the extent permitted by law.

12. Children

The Services are not directed to children under the age required by applicable law (typically 18 unless a lower age is permitted with parental consent). We do not knowingly collect personal data from children without verifiable parental consent where required. If you believe we have collected data from a child improperly, contact us and we will take appropriate steps.

13. Automated decision-making and profiling

We do not use fully automated decisions that produce legal or similarly significant effects concerning you unless we specifically disclose such processing, provide a legal basis, and offer meaningful human review where required. Product features that rank or prioritize content solely for in-app convenience are not treated as legally significant profiling unless stated otherwise.

14. Marketing and communications

Where marketing is based on consent, you may withdraw consent at any time via unsubscribe links or by emailing us. Transactional and service-related messages (security alerts, receipts) may be sent without marketing consent where permitted. A consolidated overview of opt-outs and regional choices is available on our Your privacy choices page.

15. Your rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict processing, object, data portability (where technically feasible), and withdraw consent (without affecting prior lawful processing). Under KVKK Article 11, you may exercise the rights enumerated in our Data protection notice.

To exercise rights, email support@mindfullpause.app. You may lodge a complaint with the Turkish Personal Data Protection Board or another competent supervisory authority where applicable.

16. Account and data deletion

Mindfull Pause (App) accounts: To initiate deletion of your Mindfull Pause account and associated personal data (subject to legal retention exceptions), send an email from the address registered on your account (if any) to support@mindfullpause.app with the subject line “Mindfull Pause — account deletion request”. Include sufficient information to verify your identity and locate your account. Where the App provides an in-app deletion flow, you may use that instead.

Ai Solutions website / corporate accounts: If your request relates to an account or personal data processed in connection with Ai Solutions’ main corporate website or services (not the Mindfull Pause product), contact info@aisolutionstr.com with the subject line “Account deletion request — Ai Solutions” and describe the service or account involved.

We will confirm receipt when appropriate and respond within the timelines required by law (typically within thirty (30) days for KVKK-related requests, unless an extension applies). Deletion may be delayed where we must retain certain records for legal, security, or fraud-prevention reasons; we will explain any limitation where required.

17. Breach notification

In the event of a personal data breach likely to result in risk to your rights, we will notify regulators and/or affected users as required by applicable law, including timelines prescribed under Turkish law and other applicable regimes.

18. Third-party links

The Services may contain links to third-party websites or apps. We are not responsible for their privacy practices. Review their policies before providing personal data.

19. Limitation of liability (privacy-related)

To the maximum extent permitted by applicable law, we are not liable for indirect, incidental, consequential, special, exemplary, or punitive damages arising from unauthorized access, alteration, theft, or destruction of personal data caused by events outside our reasonable control (including your device compromise, network failures, or third-party attacks), except where such exclusion is prohibited by mandatory law.

20. Changes to this Policy

We may update this Policy at any time. The “Last updated” date will change. Material changes may be communicated via the App, email, or a prominent notice on our site. Continued use after changes constitutes acceptance unless applicable law requires a different consent mechanism.

21. Language

The English version of this Policy controls for international users unless local law requires a different controlling version. Translations are provided for convenience only.