Privacy Policy

Last updated: June 4, 2026 Version: 2026.06.04.1

How CaterDeck processes personal data, shares it with processors, and stores it.

This English page is a support translation. The Turkish legal text prevails in case of inconsistency.

1. Controller

The data controller for CaterDeck services is POIEX TEKNOLOJİ LİMİTED ŞİRKETİ. Company contact details are listed on the Company Information page.

Who is the controller for employee data?

POIEX is also the independent data controller for personal data of employees who use CaterDeck — not your employer. POIEX determines the purposes and means of processing employee data under KVKK Article 3 in its own name. Your employer runs a separate service relationship through CaterDeck and acts as its own controller only for its own processes. KVKK Article 11 rights concerning employee data on CaterDeck are exercised directly against POIEX at kvkk@caterdeck.com.

2. Data we process

We process account and role data, phone-based login records, meal selections, cancellation and bulk-order records, delivery and billing-period data, invoice legal name, tax identifier, tax office, billing address, caterer payout IBAN, invoice evidence URL, settlement/collection/payout references, support and privacy-rights messages, ratings, feedback, uploaded avatars, organization logos, dish images, language and cookie preferences, backup records, cron monitoring metadata, masked diagnostic events, and opt-in analytics data.

3. Purposes and processors

Data is used for secure login, corporate meal coordination, headcount, delivery, invoicing, collection, caterer payout settlement, support, privacy-rights handling, service quality, media storage, backup and disaster recovery, security, cron monitoring, error monitoring, and optional analytics. Current starter processors include Hetzner, Cloudflare, Cloudflare R2, Google Workspace, Sentry, Healthchecks.io, Microsoft Clarity, and Vatansms. See Sub-processors for the current full list and the KVKK Article 9 transfer mechanisms. Company admins access the operational data of their own company (headcount, employee selections, name/phone, billing records). Caterers receive only the operational data needed to produce and deliver the meal: daily headcount, menu assignments, bulk-order line items, and delivery location. Employee identity data (name, phone, email) is not shared with caterers. So the caterer can issue the food invoice, the billing identity of the company it is actively linked to (legal name, tax identifier, tax office, billing address) is disclosed to that caterer; the intermediation invoice and collection run through POIEX.

The main legal-basis groups are: OTP/session records for account access and security under contract and legitimate interest; meal, delivery, headcount, and feedback records for service performance and quality; support/demo messages for pre-contractual requests, contract performance, and customer-support legitimate interest; privacy-rights request records for legal obligation; and media uploads, backups, and diagnostics for service operation, security, and continuity.

Some infrastructure, storage, business email, monitoring, and analytics providers operate outside Turkey, primarily in Germany, the United States, and Latvia. The KVKK Article 9 cross-border safeguards (Board adequacy decision, Standard Contractual Clauses notified to the Board within 5 business days, written undertaking, or Binding Corporate Rules) are currently being put in place for the affected processors. This page and the company’s records will be updated as each safeguard is recorded.

4. Retention

Retention depends on purpose: refresh sessions last 7 days, cookie consent lasts 6 months, language preference lasts 1 year, error/replay diagnostics last 90 days, private database backups rotate after 30 days, cron monitoring records remain for the active service account and may remain in provider backups for up to 2 months, Clarity analytics may last up to 13 months, support records are retained for the active customer period plus 2 years unless tied to legal or billing records, and invoice/legal records are retained for 10 years. Uploaded images remain until replaced, deleted, or no longer needed for the active service relationship.

5. Account deletion and what is kept afterwards

The in-app “Delete my account” flow (or your written KVKK Article 7 request) erases your name, phone number, profile image, and the technical fields on consent records (IP address, device). Active sessions are revoked and active memberships are ended. Your phone is replaced with an anonymous sentinel so the original number can be reused for re-registration.

Past meal selections, bulk orders, ratings, and billing-related records are retained — with the identity link cut — for the statutory retention period required by Vergi Usul Kanunu m. 253 and Türk Borçlar Kanunu m. 146. They appear as “Anonymous user” in any per-person historical view; aggregate billing, headcount, and quality analytics are unchanged. Consent records’ existence and timestamps are retained for audit; personal fields are scrubbed.

If you are the sole active admin of an organization, the deletion may be refused until another admin is appointed. This is not a refusal of your KVKK Article 7 right; it is a procedural prerequisite to protect other users’ access to a paid service.

6. Contact

Privacy questions and data protection rights requests can be sent to privacy@caterdeck.com.