1. Introduction

Welcome to MicroTarget. This Privacy Policy describes how MicroTarget (a product of Aurict, hereinafter referred to as 'we', 'us', or 'our') collects, uses, processes, and protects data when you use our website and services. We are committed to protecting your personal data and respecting your privacy in accordance with global data protection regulations, including the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and KVKK (Turkish Personal Data Protection Law).

2. Definitions

To ensure clarity, we define key terms used in this policy:

Personal DataAny information relating to an identified or identifiable natural person.
Usage DataData collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., duration of a page visit).
ProcessingAny operation or set of operations which is performed on Data, whether or not by automated means.
Data ControllerThe entity which determines the purposes and means of the processing of Personal Data (Aurict).

3. Legal Basis for Processing

We process Personal Data under the following legal bases pursuant to GDPR Art. 6:

ConsentYou have given clear consent for us to process your personal data for a specific purpose.

Contractual NecessityProcessing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

Legal ObligationProcessing is necessary for us to comply with the law (e.g., tax, accounting).

Legitimate InterestsProcessing is necessary for our legitimate interests regarding the security and improvement of our services.

4. Data Collection & Minimization

We strictly adhere to the principle of data minimization. We only collect what is absolutely necessary.

Data We Collect (Website & Account)

Identity Data: Name, email address, password hash (if creating an account).
Technical Data: IP address, browser type, device information, operating system.
Usage Data: Pages visited, time spent, referral sources (via privacy-friendly analytics).

Data We DO NOT Collect (The MicroTarget Promise)

End-User Behavioral Data: Raw event data processed by our SDK stays on the device.
Private Content: We do not access contacts, messages, or photos.
Precise Location: We do not track GPS coordinates of end-users.

5. On-Device Processing Architecture

Security by Design

MicroTarget is architected with a 'Privacy-First' philosophy. Our SDK utilizes on-device Edge ML to process user behavior locally. This means the sensitive targeting profile of an end-user is generated and stored directly on their smartphone. It is NOT uploaded to our cloud servers. We only receive aggregated, anonymous signals for billing and high-level reporting performance, which cannot be reverse-engineered to identify a specific individual.

6. How We Use Your Information

We use the collected data for the following purposes:

To provide and maintain our Service, including monitoring the usage of our Service.
To manage your Account: To manage your registration as a user of the Service.
To contact you: regarding updates, security alerts, and support messages.
To comply with legal obligations and enforce our agreements.

7. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. Account data is retained until you delete your account, plus a grace period of 30 days. Logs and technical data are retained for 90 days for security auditing, then permanently deleted. We may retain usage data for internal analysis purposes for a shorter period.

9. Your Data Protection Rights

You have the following rights regarding your data:

Right of Access

You have the right to request copies of your personal data.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate.

Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data.

Right to Data Portability

You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

Right to Object

You have the right to object to our processing of your personal data.

10. CCPA/CPRA Notice (California Residents)

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal information. We do not sell personal information. You have the right to request disclosure of data collection and sales practices in connection with the requesting consumer, including the categories of personal information we have collected, the source of the information, the use of the information and, if the information was disclosed or sold to third parties, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold.

11. Security

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. We employ bank-grade encryption (TLS 1.3) for data in transit and AES-256 encryption for data at rest. We utilize strict access controls, multi-factor authentication, and regular security audits.

12. Contact Us

If you have any questions about this Privacy Policy, looking to exercise your rights, or wish to file a complaint, you can contact our Data Protection Officer (DPO):

Emailprivacy@aurict.com

DPOdpo@aurict.com

Address

Aurict Inc.
Istanbul, Turkey

Table of Contents

Privacy Policy