heyvisa
Legal

Privacy Policy

Last updated: June 11, 2026

Introduction

HeyVisa (“HeyVisa”, “we”, “us”) is a visa-intelligence software brand. This Privacy Policy explains how we collect, use, share, and protect personal data when you use the HeyVisa website, applications, and APIs (the “Services”).

We comply with the EU General Data Protection Regulation (GDPR) and Türkiye’s Kişisel Verilerin Korunması Kanunu (KVKK, Law No. 6698). For the purposes of these laws, the data controller is HeyVisa.

Information We Collect

We collect personal data that you provide directly, data we generate while you use the Services, and limited data from third parties (for example, payment processors). This typically includes:

  • Account information such as name, email address, and password hash.
  • Application data you submit for a visa report (travel purpose, destination, financials, document metadata).
  • Uploaded documents, which are processed by our AI pipeline.
  • Technical data such as IP address, device information, browser, and usage logs.
  • Billing data handled by our payment provider — we do not store full card numbers.

How We Use Your Information

We use personal data to deliver, maintain, and improve the Services, to generate visa reports, to communicate with you, to detect fraud and abuse, and to meet legal obligations under Turkish and applicable international law.

  • Generating, delivering, and improving AI visa reports.
  • Account management, authentication, and security.
  • Customer support and service announcements.
  • Analytics to understand how the Services are used and how to improve them.
  • Compliance with legal, regulatory, and accounting requirements.

Data Sharing

We do not sell personal data. We share data only with vetted processors who help us run the Services — for example, cloud infrastructure, error monitoring, email delivery, and payment processing. Each processor is bound by a written agreement that requires adequate technical and organisational measures.

We may disclose data when required by a binding legal request from a competent Turkish authority or other lawful authority, and when necessary to protect the rights, safety, or property of HeyVisa, our users, or third parties.

Data Security

We apply industry-standard safeguards including encryption in transit (TLS 1.3) and at rest (AES-256), least-privilege access controls, audit logging, and regular security reviews. No system is perfectly secure, but we work continuously to reduce risk.

Your Rights (GDPR & KVKK)

Depending on your jurisdiction, you have rights regarding your personal data, including:

  • The right to access the personal data we hold about you.
  • The right to request correction of inaccurate or incomplete data.
  • The right to request deletion of your personal data (“right to be forgotten”).
  • The right to restrict or object to certain processing activities.
  • The right to data portability in a structured, machine-readable format.
  • The right to withdraw consent where processing is based on consent.
  • The right to lodge a complaint with a supervisory authority — in Türkiye, the Kişisel Verileri Koruma Kurumu (KVKK).

To exercise these rights, contact us at privacy@heyvisa.com.

Cookies

We use a small number of cookies and similar technologies for authentication, preferences, security, and aggregated analytics. You can control cookies through your browser settings. Disabling essential cookies may break parts of the Services.

Children’s Privacy

HeyVisa is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date above and, for material changes, notify you through the Services or by email.

Contact Us

For any questions about this Privacy Policy or our handling of personal data, contact the data controller:

HeyVisa
Email: privacy@heyvisa.com