Privacy Policy & Data Protection

This Privacy Policy describes how Phogo ("Phogo", "we" or "company") processes personal data in connection with phogo.app and our services. Data Controller: Phogo Contact: [email protected] Website: phogo.app

The following data may be processed when you use our services: a) Contact Form Data • Full name • Email address • Phone number (optional) • Company/organization name (optional) • Message content b) Admin Account Data • Email address • Encrypted (hashed) password • Account creation date c) Face Recognition Data (Event Attendees) IMPORTANT: Phogo processes facial recognition data in real-time and does not store any facial data. The attendee's selfie is held in memory only during the matching process and is immediately deleted after completion. No permanent biometric record is created.

• Processing demo requests and customer communications • Establishing and performing service agreements • Secure management of administrator accounts • Compliance with legal obligations • Service quality improvement within our legitimate interests

Your personal data is processed under the following legal bases in accordance with GDPR Article 6 and Turkey's KVKK: • Your explicit consent (for face recognition processing) • Performance of a contract • Legitimate interests of the data controller • Compliance with legal obligations

• Contact form data: 3 years • Admin account data: Until account deletion • Event photos: Until deleted by event owner (maximum 1 year) • Face recognition data: Limited to processing time (real-time, not stored)

Your data may be shared with the following categories of third-party service providers to deliver our services: • Cloud infrastructure and storage provider — Photo storage and face recognition processing; servers located in Europe • Web application hosting provider • Database service provider • Email communication service provider All transfers comply with GDPR Chapter V and KVKK Articles 8-9.

Under GDPR Article 15-22 and KVKK Article 11, you have the right to: • Know whether your personal data is being processed • Request information about processed data • Learn the purpose of processing and whether it is used accordingly • Know third parties to whom your data is transferred • Request correction of incomplete or inaccurate data • Request deletion or destruction of your data • Object to automated decision-making • Claim compensation for damages arising from unlawful processing To exercise your rights: [email protected]

Our website uses cookies to a minimum extent. Please refer to our Cookie Policy for more information.

Industry-standard security measures are in place to protect your personal data: • HTTPS/TLS encryption • Passwords protected with a strong cryptographic hash algorithm • Token-based session management • Role-based access control • Photos protected with signed URLs

This policy may be updated from time to time. Users will be notified of significant changes. The current policy is always available at phogo.app/privacy. For questions: [email protected]