Privacy Policy

Effective Date: January 15, 2025
Last Updated: January 15, 2025

Rookelçi ("we," "our," "us") values your privacy. This Privacy Policy explains how we collect, use,

and protect your information when you use the Rooklance mobile application

("Mobile App") and admin panel ("Admin Panel") (collectively, the "Services"). By using our Services, you agree to the terms of this Privacy Policy.

1. Information We Collect

1.1 Personal Information

  • Account Information: Name, email address, profile picture, phone number, and biographical information

  • Authentication Data: Login credentials and authentication tokens

  • Profile Data: Content categories, specialties, and professional information

1.2 Social Media Information

  • Connected Accounts: Instagram, TikTok, and YouTube usernames

  • Social Media Metrics: Follower counts, subscriber numbers, and verification status

  • Automated Data Collection: We use Apify API services to automatically scrape and update your social media follower counts and metrics

  • Data Refresh: Social media data is updated periodically to maintain accuracy

1.3 Campaign & Task Data

  • Campaign Applications: Application details, personal messages, sample content, portfolio links, and price offers

  • Task Information: Assigned tasks, requirements, deliverables, submission content, and progress updates

  • Performance Data: Task completion rates, approval status, and feedback received

  • Campaign Participation: Application status, acceptance/rejection notifications, and campaign history

1.4 Financial & Wallet Data

  • Wallet Information: Balance, total earnings, and transaction history

  • Payment Data: Reward amounts, payment status, and withdrawal requests

  • Promotional Codes: Discount codes, redemption history, and promotional offers

  • Transaction Records: Detailed logs of all financial transactions including deposits, withdrawals, and earnings

1.5 Device & Technical Information

  • Device Data: Device type, operating system, unique device identifiers, and IP address

  • Push Notifications: Push tokens for mobile notifications (stored securely in our database)

  • App Usage: In-app activity, feature usage, and interaction patterns

  • Technical Logs: Error reports, performance metrics, and system diagnostics

1.6 Content & Media

  • Task Submissions: Screenshots, images, videos, and other content submitted for tasks

  • Portfolio Materials: Sample content, portfolio links, and creative work samples

  • Profile Media: Profile pictures and associated media files

2. How We Collect Information

2.1 Direct Collection

  • Account Registration: When you create an account and provide profile information

  • Profile Updates: When you update your profile, connect social media accounts, or modify preferences

  • Campaign Participation: When you apply for campaigns, submit tasks, or interact with campaign content

  • Financial Transactions: When you perform wallet operations, redeem codes, or receive payments

2.2 Automated Collection

  • Social Media Scraping: We use Apify API services to automatically collect your social media follower counts and metrics

  • Push Notifications: We collect and store push tokens to deliver notifications

  • Real-time Updates: We use Supabase real-time subscriptions to provide live updates

  • Analytics: We collect usage analytics to improve our services

2.3 Third-Party Collection

  • Social Media Platforms: We access publicly available data from Instagram, TikTok, and YouTube

  • Payment Processors: We work with payment service providers for financial transactions

  • Cloud Services: We use Supabase for data storage and real-time functionality

3. How We Use Your Information

3.1 Service Provision

  • Account Management: To create and maintain your account, verify your identity, and provide personalized services

  • Campaign Matching: To match you with appropriate campaigns based on your social media metrics and content categories

  • Task Management: To assign tasks, track progress, and manage submissions

  • Payment Processing: To process payments, manage your wallet, and handle financial transactions

3.2 Communication & Notifications

  • Push Notifications: To send task assignments, status updates, payment confirmations, and campaign notifications

  • Email Communications: To send important updates, security alerts, and service announcements

  • In-App Notifications: To provide real-time updates about your applications, tasks, and earnings

3.3 Service Improvement

  • Analytics: To analyze usage patterns, improve app performance, and enhance user experience

  • Feature Development: To develop new features and optimize existing functionality

  • Quality Assurance: To ensure service quality and identify potential issues

3.4 Legal Compliance

  • Regulatory Requirements: To comply with applicable laws, regulations, and legal obligations

  • Tax Purposes: To maintain financial records as required by tax authorities

  • Dispute Resolution: To resolve disputes and enforce our terms of service

4. How We Share Information

4.1 Service Providers

  • Cloud Infrastructure: Supabase for data storage, authentication, and real-time services

  • Social Media APIs: Apify for social media data collection and verification

  • Payment Processors: For secure payment processing and financial transactions

  • Push Notification Services: Expo Push API for mobile notifications

4.2 Business Partners

  • Brands & Campaigns: We share your application data and social media metrics with brands when you apply for campaigns

  • Campaign Managers: Task requirements and submission data are shared with campaign administrators

  • Payment Partners: Financial data is shared with payment processors for transaction processing

4.3 Legal Requirements

  • Law Enforcement: When required by law, regulation, or legal process

  • Government Authorities: For tax purposes, regulatory compliance, or legal investigations

  • Court Orders: When compelled by court orders or subpoenas

4.4 Data Protection

We do not sell your personal information to third parties.

All data sharing is conducted under strict confidentiality agreements and data protection measures.

5. Data Storage & Security

5.1 Storage Infrastructure

  • Primary Storage: Supabase cloud database with enterprise-grade security

  • File Storage: Supabase Storage for media files and documents

  • Backup Systems: Regular automated backups with encryption

  • Geographic Location: Data is stored in secure, compliant cloud infrastructure

5.2 Security Measures

  • Encryption: All data is encrypted in transit and at rest using industry-standard encryption

  • Authentication: Multi-factor authentication and secure session management

  • Access Controls: Row-level security (RLS) policies ensure users can only access their own data

  • API Security: Secure API endpoints with rate limiting and authentication

  • Regular Audits: Security assessments and vulnerability testing

5.3 Data Retention

  • Account Data: Retained while your account is active

  • Financial Records: Retained for 7 years as required by tax regulations

  • Campaign Data: Retained until campaign completion or account deletion

  • Social Media Data: Updated regularly and retained for service functionality

  • Deletion: Data is securely deleted when no longer needed or upon account deletion

6. Your Rights & Choices

6.1 Access & Control

  • Data Access: Request a copy of all data we hold about you

  • Data Correction: Update or correct your personal information

  • Data Portability: Request your data in a portable format

  • Account Deletion: Request complete deletion of your account and associated data

6.2 Communication Preferences

  • Push Notifications: Control which notifications you receive through app settings

  • Email Preferences: Opt out of marketing emails while maintaining essential communications

  • Social Media Updates: Control automatic social media data collection

6.3 Privacy Settings

  • Profile Visibility: Control what information is visible to other users

  • Data Sharing: Manage permissions for data sharing with third parties

  • Location Services: Control location-based features and data collection

6.4 Exercising Your Rights

To exercise any of these rights, contact us at hello@rooktech.ai or through the app's support features.

7. International Data Transfers

7.1 Data Location

Your data may be transferred and stored in countries outside your residence.

We ensure all international transfers comply with applicable data protection laws.

7.2 GDPR Compliance

For European users, we comply with GDPR requirements including:

  • Legal Basis: Clear legal basis for data processing

  • Data Subject Rights: Full implementation of GDPR rights

  • Data Protection Impact Assessments: Regular assessments for high-risk processing

  • Breach Notification: Prompt notification of data breaches

8. Children's Privacy

8.1 Age Restrictions

Rook Elçi is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

8.2 Parental Controls

If you are a parent and believe your child has provided us with personal information, please contact us immediately.

9. Third-Party Services

9.1 Social Media Platforms

  • Instagram: We access publicly available follower counts and profile information

  • TikTok: We collect follower metrics and account verification status

  • YouTube: We gather subscriber counts and channel information

9.2 Payment Services

  • Payment Processors: Secure payment processing for transactions

  • Banking Partners: For withdrawal and deposit operations

9.3 Analytics & Monitoring

  • Performance Monitoring: App performance and error tracking

  • Usage Analytics: Service improvement and feature optimization

10. Data Breach Response

10.1 Breach Detection

We have systems in place to detect and respond to potential data breaches.

10.2 Notification Process

In the event of a data breach, we will:

  • Immediate Response: Contain and assess the breach

  • User Notification: Notify affected users within 72 hours

  • Regulatory Reporting: Report to relevant authorities as required

  • Remediation: Implement measures to prevent future breaches

11. Changes to This Privacy Policy

11.1 Policy Updates

We may update this Privacy Policy from time to time. Significant changes will be communicated through:

  • In-App Notifications: Direct notifications within the app

  • Email Communications: Email notifications to registered users

  • Website Updates: Updated policy posted on our website

11.2 Continued Use

Continued use of our Services after policy changes constitutes acceptance of the updated policy.

12. Contact Information

12.1 Privacy Team

For privacy-related questions, concerns, or requests:

Rooklance Privacy Team

📧 General Support: hello@rooktech.ai

📍 Address: REŞİTPAŞA MAH. DENİZBANK SİTESİ SK. NO: 19 İÇ KAPI NO: 1 SARIYER/ İSTANBUL

12.2 Response Times

We aim to respond to all privacy inquiries within 48 hours.

12.3 Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority.