Privacy Policy

Effective Date: 16.06.2026
Version: 1.0

This Privacy Policy explains how Wipelot Teknoloji A.Ş. (“Wipelot”, “we”, “us” or “our”) collects, uses, stores and protects personal data when you visit or interact with our website at https://wipelot.io, its related language versions or subdirectories, and the portal areas provided through the same website.

We respect your privacy and are committed to processing personal data in a transparent, lawful and secure manner.

This Privacy Policy applies to personal data collected through our website, portal environment, contact forms, digital communication channels, cookies and similar technologies, and the AI-powered assistants available on our website and portal.

1. Data Controller

For the purposes of applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the data controller is:

Wipelot Teknoloji A.Ş.

You may contact us regarding privacy and personal data protection matters at:

info@wipelot.com

2. Personal Data We Collect

Depending on how you interact with our website or portal, we may collect the following categories of personal data.

a) Contact and Identity Data

When you fill out a contact form, request information, communicate with us, use the AI assistants, or submit information through the portal, we may process:

• Name and surname
• Company name
• Job title, if provided
• Email address
• Phone number
• Country or region, if provided
• Any other information you choose to include in your message or request

b) Website Usage and Technical Data

When you visit our website, we may process technical and usage-related data such as:

• IP address
• Browser type and version
• Device type
• Operating system
• Referring URL
• Pages visited
• Date and time of visit
• Session information
• Cookie preferences

c) Portal Account and Authentication Data

If you are provided with a username and password by Wipelot to access the Wipelot portal, we may process account, authentication and authorization data such as:

• Username or user identifier
• User role
• Access permissions
• Login status
• Password reset requests
• Session records
• Account activity
• Authentication and security logs

d) Portal Usage and Activity Data

Within the portal, we may process information about how authorized users interact with portal content and functions. This may include:

• Login dates and times
• Accessed pages
• Viewed documents
• Navigation activity
• Product or technical documentation accessed
• Role-based actions
• Service form activity
• Ticket submissions
• Feedback records
• Portal interaction records

This data may be processed for access control, security, audit, troubleshooting, service quality, portal improvement and user support purposes.

e) Technical Service, Ticket and Feedback Data

Some authorized portal users may have access to technical service forms, ticketing areas, feedback forms or similar portal functions depending on their assigned role or permission level.

These areas may require certain mandatory information in order to submit, track, evaluate or respond to the relevant request. The information processed may include:

• Request subject
• Request description
• Product, system or service information
• Technical issue details
• Uploaded or submitted content, where applicable
• Status and history of the relevant request
• Feedback or evaluation content

f) Request and Communication Data

When you contact us or interact with our digital channels, we may process:

• Your questions, requests and feedback
• Product or solution areas you are interested in
• Communication history related to your request
• Information required to respond to sales, support or business inquiries

g) AI Assistant Interaction Data

When you use the AI-powered assistants available through the website or portal, we may process:

• Messages you send to the assistant
• Questions, requests and product-related interests shared during the conversation
• Contact details you voluntarily provide during the chat
• Session ID
• IP address
• Date and time of interaction
• Chat transcripts used for service quality, security and audit purposes

Please do not share sensitive personal data, confidential business information, health data, biometric data, trade secrets, or personal data belonging to third parties when using the AI assistants.

3. How We Collect Personal Data

We collect personal data through the following methods:

• Directly from you when you fill out forms, send messages, request information, submit portal forms or use the AI assistants
• Automatically through cookies, similar technologies, server logs, authentication records and session data
• Through portal activity, login records, role-based access logs and user interactions within the portal
• Through third-party services used for analytics, advertising, embedded media, AI services and website functionality
• Through business communications initiated by you or your organization

4. How We Use Personal Data

We may process personal data for the following purposes:

• To operate, maintain and secure our website and portal
• To create, manage and authenticate portal user accounts
• To provide access to portal content, technical documents, product information and role-based portal functions
• To manage user roles, permissions and access rights
• To process technical service forms, tickets, feedback submissions and related requests
• To respond to your questions, requests and contact form submissions
• To provide information about Wipelot products, solutions and services
• To communicate with you regarding sales, marketing, technical or support requests
• To improve website and portal performance, content, usability and user experience
• To analyze website and portal usage, navigation activity and user interactions
• To measure the performance of digital marketing campaigns
• To provide and improve the AI-powered assistants
• To detect, prevent and investigate misuse, technical issues, unauthorized access or security incidents
• To comply with legal obligations
• To establish, exercise or defend legal claims

5. Legal Bases for Processing

We process personal data only where we have a valid legal basis under applicable data protection laws. Depending on the context, the legal bases may include the following.

a) Consent

We may rely on your consent for optional cookies, analytics, marketing technologies, certain international data transfers, and other processing activities where consent is required.

You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

b) Performance of a Contract or Pre-Contractual Steps

We may process your personal data when it is necessary to respond to your requests, provide information about our products or services, manage portal access, provide portal functions, or take steps before entering into or performing a business relationship.

c) Legal Obligation

We may process personal data when necessary to comply with applicable legal, regulatory or administrative obligations.

d) Legitimate Interests

We may process personal data where necessary for our legitimate interests, provided that your fundamental rights and freedoms do not override those interests.

Our legitimate interests may include website and portal security, service improvement, access management, business communication, fraud prevention, internal reporting, audit, troubleshooting, and the protection of our legal rights.

6. Wipelot AI Assistants

Our website and portal environment may include AI-powered assistants. These assistants are designed for different purposes and operate in different access environments.

a) Website AI Assistant

The Website AI Assistant is available to website visitors and is designed to provide general information about Wipelot, its systems, solutions, products, industries and services.

It generates responses based on a prepared knowledge base related to Wipelot’s public-facing product, solution, industry and service information.

The Website AI Assistant does not provide access to portal-only content, user-specific portal information, private technical documents or information that is restricted to authorized portal users.

b) Portal AI Assistant

The Portal AI Assistant is available only to authorized portal users after login.

It is designed to help authorized users access and understand information available within the portal environment, depending on their assigned role, permission level and access rights.

The Portal AI Assistant is separate from the Website AI Assistant. It is intended to respond based on portal-related information available to the authorized user within the portal environment.

The Portal AI Assistant does not provide access to information outside the user’s authorized portal permissions.

c) Nature and Limitations of the AI Assistants

The AI assistants are artificial intelligence-based tools. Their responses may occasionally be incomplete, inaccurate or not fully up to date.

The information provided by the AI assistants does not constitute legal, financial, medical, engineering, technical specification, pricing, project commitment or contractual advice.

Final and binding information regarding Wipelot products, projects, pricing, technical requirements, service processes or contracts can only be provided by authorized Wipelot sales, technical, support or management teams in writing.

d) Data Processed Through the AI Assistants

When you interact with the AI assistants, we may process:

• The content of your messages
• Questions and requests you submit
• Product, solution, technical or portal-related interests you mention
• Contact details you voluntarily provide
• Portal username or user identifier, where applicable
• User role and permission level, where applicable
• Portal session information, where applicable
• IP address
• Session ID
• Date and time of interaction
• Referring URL
• Chat transcript
• Technical logs and security records

e) Purposes of Processing

Data processed through the AI assistants may be used for the following purposes:

• To answer your questions through the relevant AI assistant
• To provide information about Wipelot products, solutions, services or portal content
• To provide portal-related assistance to authorized portal users
• To allow Wipelot teams to follow up if you voluntarily share contact details
• To improve the accuracy, performance and user experience of the AI assistants
• To monitor service quality
• To detect misuse, abuse, technical issues, unauthorized access or security incidents
• To comply with legal obligations or support legal claims where necessary

f) AI Service Providers

In order to generate responses and provide the AI assistant services, messages sent to the AI assistants may be processed through third-party artificial intelligence service providers, including:

• Google LLC
• OpenAI, Inc.

These providers may process data on infrastructure located outside your country or region, including outside the European Economic Area. You may review the privacy practices of these service providers through their respective privacy policies. Please note that the processing activities of these providers may also be subject to their own privacy notices, terms and applicable data protection practices.

g) International Transfers Related to AI Assistants

Where personal data is transferred outside the European Economic Area, we take steps to apply appropriate safeguards where required by applicable data protection laws. These may include Standard Contractual Clauses or other legally recognized transfer mechanisms.

Where a transfer requires your consent under applicable law, we may rely on your consent.

You may choose not to use the relevant AI assistant if you do not wish your messages to be processed through the relevant AI infrastructure.

h) Retention of AI Assistant Data

Chat transcripts are retained for up to 12 months from the last interaction date and are then deleted or anonymized.

Technical and security logs, including IP address, session information and log records, are retained for up to 90 days.

If you share contact details and your request turns into a sales, support, technical service, ticketing or business process, the relevant data may continue to be processed in accordance with the retention rules applicable to that process.

i) User Responsibility

You are responsible for the content you submit to the AI assistants.

Please do not submit confidential information, sensitive personal data, trade secrets, personal data of third parties, or any information that you are not authorized to share.

7. Portal Access, User Roles and Activity Monitoring

The Wipelot portal may be accessed only by users who have been provided with login credentials by Wipelot or who are otherwise authorized to access the portal.

Portal users may be assigned different roles, permission levels or access rights. These roles may determine which portal content, product information, technical documents, service forms, ticketing areas, feedback forms or other functions the user can access.

We may process portal access and activity data to:

• Authenticate users
• Manage login sessions
• Provide access to authorized portal content
• Control role-based permissions
• Maintain portal security
• Review portal usage and activity
• Support users and respond to portal-related requests
• Monitor service quality
• Troubleshoot technical issues
• Maintain audit records
• Improve portal functions and content

Portal activity data may include login dates and times, accessed pages, viewed documents, navigation activity, role-based actions, ticket or service form activity, and feedback records.

8. Cookies and Tracking Technologies

Our website and portal use cookies and similar technologies to operate the website and portal, remember preferences, manage authentication, maintain login sessions, analyze usage, improve performance and measure marketing activities.

Some cookies are strictly necessary for the website or portal to function. These may include cookies or similar technologies used to:

• Maintain login sessions
• Manage authentication
• Support password reset flows
• Remember login status where applicable
• Protect portal security
• Provide access to role-based portal functions
• Store cookie preferences

Other cookies, such as analytics or marketing cookies, are used only where legally permitted and, where required, based on your consent.

If you choose to save your username or password in your browser, this is managed by your browser or password manager settings and not directly by Wipelot cookies. Wipelot does not intentionally store plain-text passwords in cookies.

For detailed information about the types of cookies we use, third-party providers, retention periods and how you can manage your preferences, please review our Cookies Policy.

You can manage your cookie preferences through the cookie banner displayed on our website or through the “Cookie Preferences” link available on the website.

9. Third-Party Services

We may use third-party service providers for website hosting, portal infrastructure, analytics, advertising, embedded video content, AI services, cybersecurity, communication, business operations and technical infrastructure.

These providers may process personal data only where necessary for the relevant service and in accordance with applicable data protection requirements.

Third-party services used on or through our website or portal may include, depending on configuration:

• Google Analytics
• Google Ads
• Google Tag Manager
• LinkedIn Insight Tag
• YouTube embedded videos
• Vimeo embedded videos
• Google AI services
• OpenAI services
• Hosting, infrastructure and cybersecurity service providers

The privacy practices of third-party providers are governed by their own privacy policies.

10. External Links

Our website or portal may contain links to external websites that are not operated by Wipelot.

If you click on a third-party link, you will be directed to that third party’s website. We recommend that you review the privacy policy of every website you visit.

We are not responsible for the content, privacy practices, security measures or policies of third-party websites, products or services.

11. International Data Transfers

As Wipelot operates internationally and uses global technology providers, your personal data may be transferred to and processed in countries outside your country of residence, including countries outside the European Economic Area.

Where required by applicable data protection laws, we take steps to apply appropriate safeguards for international data transfers. These safeguards may include:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions, where applicable
• Other lawful transfer mechanisms under applicable data protection laws
• Consent, where required and applicable

12. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Retention periods may vary depending on the type of data and the relevant processing activity.

In general:

• Contact form and business inquiry data are retained for the period necessary to manage and follow up on the relevant request.
• Portal account and authentication data are retained for as long as the relevant portal account remains active or as long as necessary for access management, security, audit and legal purposes.
• Portal usage and activity records are retained for the period necessary for security, audit, troubleshooting, service quality and portal improvement purposes.
• Technical service forms, ticket records and feedback submissions are retained for the period necessary to manage, evaluate and respond to the relevant request, unless a longer period is required for legal, contractual, warranty, support or audit purposes.
• AI assistant chat transcripts are retained for up to 12 months from the last interaction date.
• AI assistant technical and security logs are retained for up to 90 days.
• Cookie-related data is retained according to the relevant cookie category and provider settings, as described in our Cookies Policy.
• Data related to legal obligations, disputes, contracts or business records may be retained for longer where required or permitted by applicable law.

At the end of the applicable retention period, personal data is deleted, anonymized or securely destroyed.

13. Your Data Protection Rights

Subject to the conditions and limitations under applicable data protection laws, you may have the following rights regarding your personal data:

• Right to access your personal data
• Right to request correction of inaccurate or incomplete personal data
• Right to request deletion of your personal data
• Right to request restriction of processing
• Right to object to processing based on legitimate interests
• Right to data portability
• Right to withdraw consent at any time where processing is based on consent
• Right not to be subject to a decision based solely on automated processing, including profiling, where such decision produces legal or similarly significant effects
• Right to lodge a complaint with a competent data protection supervisory authority

To exercise your rights, you may contact us at:

info@wipelot.com

We may need to verify your identity before responding to your request.

14. Children’s Privacy

Our website, portal, products and services are intended for business users and professional audiences. They are not directed to children.

We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us so that we can take appropriate action.

15. Security

We take appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration or disclosure.

However, no method of transmission over the internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security of personal data transmitted through our website or portal.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time due to legal, technical or operational changes.

The most current version will always be published on this page. The effective date at the top of this Privacy Policy indicates when it was last updated.

17. Contact

If you have any questions about this Privacy Policy, the Wipelot AI Assistants, portal data processing, cookies, or the way we process personal data, you may contact us at:

info@wipelot.com

For more information about cookies and similar technologies used on our website and portal, please review our Cookies Policy.