Privacy Policy

How TechnologyChecker.io collects, uses, and protects your personal information.

Effective Date: January 1, 2026

Last Updated: February 19, 2026

This Privacy Policy explains how Go Yazilim Danismanlik A.S., operating under the brand TechnologyChecker.io ("we," "us," "our," or the "Company"), collects, uses, discloses, and safeguards your personal data when you visit our website at technologychecker.io, use our web application at app.technologychecker.io, access our APIs, or use any of our related services (collectively, the "Service").

We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy is designed to comply with the European Union's General Data Protection Regulation (GDPR), the Turkish Personal Data Protection Law (KVKK, Law No. 6698), the California Consumer Privacy Act (CCPA), and other applicable data protection legislation.

Data Controller

The data controller responsible for your personal data is:

For questions or concerns about data protection or to exercise your rights, you may contact our Data Protection Officer at hello@technologychecker.io.

Information We Collect

Information You Provide Directly

We collect personal data that you voluntarily provide when you interact with our Service, including when you:

  • Create an account or register for our Service
  • Subscribe to a free or paid plan
  • Fill out a contact form, submit a support ticket, or send us an email
  • Participate in surveys, promotions, webinars, or events
  • Request a product demonstration or sales consultation
  • Apply for a job through our careers page
  • Subscribe to our newsletter or blog updates
  • Interact with us on social media or third-party platforms

This data may include your full name, email address, phone number, company name, job title, department, company size, billing and payment information (processed by Stripe), and any other information you choose to provide.

Information Collected Automatically

When you access the Service, we automatically collect certain technical and usage data, including:

  • Device Information: Browser type and version, operating system, device type, device identifiers, screen resolution, and language preferences
  • Log Data: IP address, date and time of access, pages viewed, time spent on each page, referring and exit URLs, clickstream data, and actions taken on the Service
  • Usage Data: Features used, search queries performed, technology lookups conducted, API calls made, lead lists created, alerts configured, exports generated, and general interaction patterns
  • Location Data: Approximate geographic location derived from your IP address (country and city level only)
  • Cookies and Similar Technologies: We use cookies, web beacons, pixel tags, local storage, and similar technologies to collect information about your browsing activity (see "Cookies and Tracking" section below for details)

Information from Third-Party Sources

We may receive information about you from third-party sources, which we combine with information we collect directly. These sources include:

  • Payment Processors: Stripe provides billing verification and transaction status data. We do not store full credit card numbers on our servers.
  • Analytics Providers: PostHog and similar tools provide aggregated and individual usage analytics
  • Customer Communication Platforms: Intercom provides chat and support interaction data
  • Identity and Fraud Prevention Services: For account verification and abuse prevention
  • Publicly Available Sources: Business directories, company registries, LinkedIn (public profiles), and other publicly accessible databases for business contact enrichment
  • Partners and Integrations: Data from CRM platforms or other tools you connect to the Service through integrations

How We Use Your Information

We process your personal data for the following purposes:

Service Delivery and Operations

  • Provide, operate, maintain, and improve the Service
  • Process account registration and manage your user account
  • Process transactions, billing, and send related invoices and payment confirmations
  • Deliver technology detection results, lead lists, alerts, and reports you request
  • Provide API access and process programmatic requests
  • Enable integrations with third-party platforms (CRM systems, etc.)

Communication

  • Send technical notices, updates, security alerts, and service-related messages
  • Respond to your comments, questions, and customer support requests
  • Send marketing communications about products, services, features, offers, and events (you may opt out at any time)
  • Deliver newsletters, blog updates, and industry reports you have subscribed to

Analytics and Improvement

  • Monitor and analyze usage trends, feature adoption, and user behavior
  • Conduct research and analysis to improve and develop new features
  • Personalize and enhance your experience based on your usage patterns
  • Perform A/B testing and feature experimentation

Security and Compliance

  • Detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal activities
  • Enforce our Terms of Use and other agreements
  • Comply with legal obligations, regulatory requirements, and lawful governmental requests
  • Establish, exercise, or defend legal claims

Data We Process as Part of Our Service

As part of our technology intelligence platform, we collect and process publicly available information about websites, domains, and their technology stacks. It is important to distinguish this "service data" from your personal account data:

Technology Detection Data

  • Information about technologies, frameworks, CMS platforms, analytics tools, payment processors, and other software detected on publicly accessible websites through HTTP headers, JavaScript libraries, DNS records, HTML patterns, and other public signals
  • We scan over 50 million domains regularly and maintain detection data for 40,000+ technologies

Business Intelligence Data

  • Publicly available business contact information associated with domains and organizations, sourced from public registries, LinkedIn public profiles, company websites, and other open sources
  • Company metadata including industry, size, location, founding year, and revenue estimates derived from public sources

Historical Data

  • Historical records spanning 20+ years of technology adoption, changes, migrations, and trends across monitored domains
  • Point-in-time snapshots of technology usage to enable trend analysis

This service data is collected exclusively from publicly available sources and is processed in accordance with applicable data protection laws, including under the legitimate interest basis (Article 6(1)(f) GDPR) for providing technology intelligence services.

If you are located in the European Economic Area (EEA), United Kingdom, or Turkey, we process your personal data based on the following legal grounds under Article 6(1) GDPR and the corresponding provisions of KVKK:

  • Consent (Art. 6(1)(a)): Where you have given explicit, informed consent for specific processing activities, such as subscribing to marketing emails or enabling optional analytics cookies. You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Contract Performance (Art. 6(1)(b)): Where processing is necessary to perform our contract with you, including account creation, service delivery, billing, and support.
  • Legitimate Interests (Art. 6(1)(f)): Where processing is necessary for our or a third party's legitimate business interests, provided those interests are not overridden by your rights. Our legitimate interests include: improving and securing the Service, conducting analytics, preventing fraud, marketing our products to existing customers, and providing technology intelligence services based on publicly available data.
  • Legal Obligation (Art. 6(1)(c)): Where processing is required to comply with applicable laws, such as tax regulations, anti-money laundering requirements, or court orders.

Sharing and Disclosure of Your Information

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

Service Providers and Processors

We engage trusted third-party companies to perform services on our behalf, all bound by data processing agreements:

  • Cloud Hosting: Infrastructure providers for hosting and data storage
  • Payment Processing: Stripe for secure payment handling (PCI DSS compliant)
  • Analytics: PostHog for product analytics and usage tracking
  • Customer Support: Intercom for live chat and support ticket management
  • Email Delivery: Transactional and marketing email service providers
  • Content Delivery: CDN providers for fast, reliable content delivery

Other Disclosures

  • Business Transfers: In connection with a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your data may be transferred to the acquiring entity
  • Legal Requirements: When required to comply with applicable law, regulation, legal process, or enforceable governmental request
  • Protection of Rights: To protect the rights, property, safety, or security of Go Yazilim Danismanlik A.S., our users, or the public as required or permitted by law
  • With Your Consent: When you have given us explicit, informed permission to share your information for a specific purpose
  • Aggregated or De-identified Data: We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, for research, industry reports, or business purposes

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. Specifically:

  • Account Data: Retained for the duration of your account and for up to 12 months following account deletion, to enable account recovery and address any outstanding issues
  • Billing and Transaction Records: Retained for a minimum of 7 years as required by tax and financial regulations
  • Communication Records: Support tickets and email correspondence retained for up to 3 years after the last interaction
  • Usage and Analytics Data: Aggregated analytics data retained indefinitely; individual-level usage data retained for up to 24 months
  • Marketing Data: Retained until you unsubscribe or withdraw consent, plus a suppression record to ensure you are not re-contacted
  • Technology Detection Data: Historical data retained indefinitely as part of our core service offering

When personal data is no longer needed, we securely delete or anonymize it. You may request deletion of your account and associated personal data at any time by contacting us at hello@technologychecker.io.

Data Security

We implement industry-standard technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (HTTPS). Data at rest is encrypted using AES-256 or equivalent encryption standards.
  • Access Controls: Role-based access controls, multi-factor authentication for administrative access, and the principle of least privilege for all systems
  • Infrastructure Security: Firewalls, intrusion detection systems, DDoS protection, and regular vulnerability scanning
  • Security Assessments: Regular security audits, penetration testing, and code reviews
  • Employee Security: Background checks, confidentiality agreements, and mandatory security awareness training for all staff
  • Incident Response: Documented incident response procedures, including notification protocols in compliance with GDPR's 72-hour breach notification requirement
  • Payment Security: All payment processing is handled by Stripe, which is PCI DSS Level 1 certified. We never store full credit card numbers on our servers.

Despite these measures, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

Your Rights

Rights Under GDPR and KVKK

If you are located in the EEA, United Kingdom, or Turkey, you have the following rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): Request a copy of the personal data we hold about you and information about how we process it
  • Right to Rectification (Art. 16 GDPR): Request correction of inaccurate or incomplete personal data
  • Right to Erasure (Art. 17 GDPR): Request deletion of your personal data where there is no compelling reason for its continued processing
  • Right to Data Portability (Art. 20 GDPR): Request a copy of your data in a structured, commonly used, machine-readable format (CSV or JSON)
  • Right to Restriction of Processing (Art. 18 GDPR): Request restriction of processing in certain circumstances, such as while we verify the accuracy of your data
  • Right to Object (Art. 21 GDPR): Object to processing based on legitimate interests, including direct marketing. We will cease processing unless we demonstrate compelling legitimate grounds.
  • Right to Withdraw Consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of prior processing
  • Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority. In Turkey, this is the Personal Data Protection Authority (KVKK Kurumu).

Rights Under CCPA (California Residents)

If you are a California resident, you have additional rights under the CCPA:

  • Right to Know: Request information about the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the third parties with whom we share it
  • Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
  • Right to Opt-Out of Sale: We do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.

To exercise any of these rights, contact us at hello@technologychecker.io or write to us at the address listed above. We will verify your identity and respond to your request within 30 days (or the applicable statutory period). There is no fee for exercising your rights, though we may charge a reasonable fee for manifestly unfounded or excessive requests.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and support our marketing efforts. Below is a detailed overview of the types of cookies we use:

Essential Cookies

Required for the Service to function correctly. These cookies enable core functionality such as user authentication, session management, security features, and load balancing. You cannot opt out of essential cookies as the Service will not function without them.

Analytics Cookies

Help us understand how visitors interact with the Service by collecting information such as pages viewed, session duration, and interaction patterns. We use PostHog for product analytics. These cookies are only set with your consent.

Functional/Preference Cookies

Remember your preferences and settings, such as language selection, theme preference (dark/light mode), and display options. These cookies improve your experience but are not strictly necessary.

Marketing Cookies

Used to track visitors across websites to display relevant advertisements and measure ad campaign effectiveness. We only set marketing cookies with your explicit consent.

Third-Party Cookies

Our Service integrates with third-party tools that may set their own cookies:

  • Intercom: For live chat support and in-app messaging
  • PostHog: For product analytics and session recording (anonymized)
  • Stripe: For secure payment processing

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of the Service. You can also manage your cookie preferences through the cookie consent banner displayed when you first visit our website.

International Data Transfers

Go Yazilim Danismanlik A.S. is headquartered in Turkey. Your information may be transferred to and processed in countries outside your country of residence, including Turkey, the European Union, and the United States, which may have different data protection laws.

When we transfer personal data outside the EEA or Turkey, we ensure adequate protection through one or more of the following safeguards:

  • Adequacy Decisions: Transferring data to countries recognized by the European Commission or Turkish KVKK as providing adequate data protection
  • Standard Contractual Clauses (SCCs): Using EU-approved Standard Contractual Clauses with all relevant data processors
  • Data Processing Agreements: Binding contractual agreements with all service providers that include data protection obligations
  • Supplementary Measures: Additional technical and organizational measures where required by the circumstances of the transfer

You may request a copy of the relevant transfer safeguards by contacting us at the details provided above.

Children's Privacy

The Service is designed for business use and is not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete such information. If you believe we may have collected data from a child, please contact us at hello@technologychecker.io.

Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. Currently, there is no industry standard for how companies should respond to DNT signals. We do not currently respond to DNT signals, but we respect your cookie preferences as set through our cookie consent mechanism.

The Service may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our Service.

Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for processing activities that are likely to result in a high risk to individuals' rights and freedoms, as required under Article 35 of the GDPR. This includes our technology detection and business contact data processing activities.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Post the revised policy on this page
  • Notify registered users via email for material changes
  • Display a prominent notice on our website where appropriate

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy, our data practices, or wish to exercise your data protection rights, please contact us:

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.