Privacy Policy

Last updated: 28.03.2025

Privacy Policy

v1.3 Last edited on March 28, 2025

1. Introduction

Welcome to Hardal. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our applications, or engage with our services.

2. Controller Information

Hardal Inc.

3. Information We Collect

3.1 Personal Data

We may collect the following personal data:

  • Identity Information: Your first and last name
  • Contact Information: Email address, telephone number
  • Business Information: Company name, type of business, job title
  • Technical Data: IP address, device ID, browser type and version, operating system
  • Usage Data: Information about how you use our website and services, including:
    • The URL and IP address of websites that referred you to us
    • Pages you visit on our website and links you click
    • Time and duration of your visits
    • Actions taken on our website
  • Marketing Preferences: Your consent to receive marketing materials
  • Communication Data: Information shared when contacting us

3.2 Data Collection Methods

We collect data through:

  • Direct interactions when you provide information
  • Automated technologies or interactions via cookies and similar technologies
  • Third parties or publicly available sources

4. How We Use Your Data

We use your personal data for these purposes:

Purpose Legal Basis
Account creation and management Performance of a contract
Provision of services Performance of a contract
Communication about services Legitimate interests
Technical administration and security Legitimate interests
Marketing (with consent) Consent
Compliance with legal obligations Legal obligation

5. Data Retention and Deletion

5.1 Account Information

If you already have an account on the Product, you may access, update, alter, or delete your basic user profile information by logging into your account and updating profile settings.

5.2 Retention Periods

Hardal will retain your information for as long as your account is active or as needed to:

  • Perform our contractual obligations
  • Provide you services through the Product
  • Comply with legal obligations
  • Resolve disputes
  • Preserve legal rights
  • Enforce our agreements

Retention periods will be determined taking into account:

  • The type of information collected
  • The purpose for which it is collected
  • Requirements applicable to the situation
  • The need to destroy outdated, unused information at the earliest reasonable opportunity

For instance, in respect of data held for the management of customers and potential customers, we consider the lead time necessary to develop and maintain our commercial relationships and how recent our interactions are with you. We may rectify, update or remove incomplete or inaccurate information, at any time and at our own discretion.

For more information on our retention periods, you can contact us at: support@usehardal.com

5.3 Special Retention Circumstances

Please note that due to the open-source nature of our products, services, and community, we may retain limited personal information indefinitely in order to ensure transactional integrity and nonrepudiation. For example:

  • If you provide your information in connection with a blog post, GitHub issue or comment, we may display that information even if you have deleted your account as we do not automatically delete community posts.
  • As described in our Terms of Use, if you contribute to a Hardal project and provide your personal information in connection with that contribution, that information (including your name) will be embedded and publicly displayed with your contribution and we will not be able to delete or erase it because doing so would break the project code.
  • We can open-source the product whenever we want.

5.4 Retention Time Guidelines

Personal Data shall be processed and stored for as long as required by the purpose for which they have been collected.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Owner's legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

6. Sharing Your Information

We may share your personal data with:

  • Service Providers: Third parties who perform services for us (hosting, payment processing, analytics)
  • Business Partners: When you have explicitly consented to such sharing
  • Legal Requirements: In response to lawful requests by public authorities
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We require all third parties to respect your data's security and to treat it in accordance with the law.

7. International Transfers

Your data may be transferred to and processed in countries outside your country of residence. We implement appropriate safeguards for such transfers, including:

  • EU Standard Contractual Clauses
  • Additional technical and organizational security measures

8. Confidentiality and Data Protection

8.1 Definition of Confidential Information

Ideas, projects, expert information, design, invention, business method and patent, copyright, disclosed by one of the Parties to the other Party or the person or persons assigned by it during the works/duties/services defined in this agreement or actually performed, or learned by the other Party or the person or persons assigned by it within the scope of the sale and service provided, all written or verbal commercial, financial, technical information and communication methods to be learned during the work and all kinds of innovations that are or are not subject to trademark, trade secret, know-how or other legal protection are considered confidential information.

8.2 Confidentiality Obligations

During the continuation of this agreement, the parties agree to take the necessary measures to keep the computer programs, designs, concepts, techniques, processes, methods, systems, circuits, formulas, experimental studies, experimental developments, studies in the development stage, source codes of the software, establishment and software development information belonging to each other completely confidential against third parties, except for the mandatory notifications required by the relevant legislation and laws. They accept and undertake not to benefit from the information. In the event that any of the parties does not comply with the confidentiality terms and the confidential information is shared, it undertakes to cover all damages incurred by the other party.

8.3 Personal Data Protection Compliance

In the event that the parties obtain data within the scope of the Personal Data Protection Law to be applied due to this Agreement, they will act in accordance with the relevant legal regulations ("Personal Data Legislation"), especially this law, the secondary legislation related to the law and the decisions of the Personal Data Protection Board, and take the necessary measures for the protection of personal data. They accept, declare and undertake that they will act in accordance with the Personal Data Legislation and that the necessary systems are available/established when faced with a request for deletion, destruction or anonymization from a data owner or the other party to the Agreement.

8.4 Third-Party Service Providers

Hardal uses the following third-party software providers:

  1. Companies which provide cloud server computing services
  2. Companies which provide communication, e-mail server, and client relationship management services, where the exchange of messages, e-mails may include personal data
  3. Companies which help to monitor the behaviour of the Website's visitors or provide advertising or marketing services
  4. Companies which provide financial services, processing accounting documents and the personal data contained therein
  5. Companies which help with work management with further personal data processing
  6. Companies which help with your account registration or authorization with further processing of your personal information

9. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. These include:

  • Encryption of sensitive data
  • Secure network infrastructure
  • Regular security assessments
  • Access controls

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access: Request copies of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Request limitation of processing your data
  • Right to data portability: Request transfer of your data
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw previously given consent

To exercise these rights, please contact us at support@usehardal.com.

11. Cookies and Similar Technologies

We use first-party cookies and similar tracking technologies to enhance your experience on our website. Types of cookies we use:

  • Strictly necessary cookies: Required for the website to function
  • Statistics cookies: Help us understand how you interact with our website
  • Marketing cookies: Used to track visitors across websites for advertising purposes

You can manage your cookie preferences through our cookie settings tool or your browser settings.

12. Children's Privacy

Our services are not intended for use by children under the age of 18, and we do not knowingly collect personal data from children.

13. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on our website with the effective date. For significant changes, we will notify you by email when possible.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

  • Email: support@usehardal.com
  • Address: Hardal Inc., 1401 PENNSYLVANIA AVE. UNIT 105 WILMINGTON DE, USA 19806

15. Legal Information

  • Bubrise Teknoloji A.Ş. is a Turkish company registered with the Turkish Trade Registry Office.
  • Hardal Inc. is a Delaware corporation registered under file number 564800.
  • Hardal is hosted on servers provided by Huawei Cloud, Google Cloud Platform, Amazon Web Services, Microsoft Azure, Yandex Cloud, and additional third-party cloud providers located in the US, EU, and Türkiye (Turkey).
  • Hardal uses authentication modules, tokens, and two-factor authentication (2FA) with open-source or licensed frameworks to manage user authentication.
  • All data transmitted by users is encrypted using SHA-256 and is not stored in logs. This data is programmatically deleted after 30 days.

This privacy policy relates solely to this Application unless otherwise stated within this document.

16. Details About the Right to Object to Processing

Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.