top of page

Privacy Policy

Effective Date: 02.10.2025

Last Updated: 02.10.2025

1. Who We Are
LazyLiz is provided by Ege Ferhat Kıymaz, established in Türkiye, acting as the data controller under GDPR and Türkiye’s KVKK.


2. What We Collect

  • Account Info: name, email (from Apple/Google sign‑in); optional profile fields.

  • User Content: documents, images, notes you upload (processed to generate summaries/quizzes).

  • Usage & Analytics: feature interactions, session metrics, quiz/game stats (only if analytics is enabled).

  • Diagnostics: crash and performance data (e.g., Crashlytics/ANR).

  • Identifiers: user ID, device/instance IDs.

  • Purchase Metadata: subscription/product status (no card data).

  • We do not collect precise location, contacts, health, or browsing history.

Payments are processed by Apple App Store / Google Play. We do not process or store your card details.


3. Legal Bases (GDPR/KVKK)

  • Contract: account creation, content processing, quiz/summary features.

  • Legitimate Interests: security, fraud prevention, essential analytics/performance.

  • Legal Obligation: tax/financial records, responding to lawful requests.

  • Consent (where required): optional notifications or experimental features.

4. How We Use Data

  • Provide and operate the App (account, content processing, subscriptions).

  • Improve performance, fix errors, ensure security.

  • Comply with legal obligations.

  • We do not sell personal data and do not use User Content to train our foundation models.

5. Sub‑processors (Data Processors)

  • Google Firebase (Auth, Firestore, Storage, Crashlytics/Analytics optional)

  • RevenueCat (subscription management)

  • Google Cloud Vertex AI (Gemini) (transforming User Content to generate outputs)

  • Apple App Store / Google Play (billing)

These providers act as processors under DPAs and appropriate safeguards.


6. International Transfers

Data may be processed in the EU/EEA, US, and other regions by the above providers. We rely on Standard Contractual Clauses (SCCs) and apply technical/organizational safeguards (e.g., encryption in transit/at rest).


7. Retention

  • Account Data: permanently deleted upon account deletion.

  • Backup copies maintained by our service providers (e.g., Google Firebase) may persist for a limited time in accordance with their backup-cycle policies before being automatically removed.

  • User Content: deleted immediately when you delete it or close your account.

  • Usage / Diagnostics: retained 12–24 months (may be aggregated or anonymized where feasible).

  • Purchase Records: retained only for legally required periods (e.g., tax or billing records).

8. Your Rights (GDPR/KVKK)
You may request access, correction, deletion, restriction/objection, portability, and withdraw consent where applicable. Contact info@lazyliz.app. We respond within 30 days after verifying your identity. You may also lodge a complaint with KVKK (Türkiye) or your EU Supervisory Authority.


9. Children
The App is not directed to children under 13. Users under 18 should use the App under parental/guardian supervision. We do not perform cross‑app tracking or request ATT permissions.


10. Security & Breach
We implement appropriate technical and organizational measures (access controls, encryption, logging). In case of a personal data breach, we will notify users and authorities without undue delay as required by law.


11. Changes
We may update this Policy; material changes will be highlighted in‑App or on our website. Continued use after the "Last Updated" date signifies acceptance.


12. Contact
Ege Ferhat Kıymaz — Data Controller
Email: info@lazyliz.app
Address: Ankara, Turkey

bottom of page