Cibusy Privacy Policy

1. Introduction

2. Data We Collect

We may collect and process the following categories of personal data:

• Full Name
• Phone Number
• Email Address
• Location Information
• Device Information
• IP Address
• Reservation Details
• Order and Payment Information
• Profile Photo
• Messaging Content
• Employee Shift, Leave, Schedule and Performance Records

3. How We Use Your Data

We process your personal data for the following purposes:

• To provide and maintain our services
• To manage user accounts and profiles
• To process reservations, orders, and payments
• To manage employee schedules and attendance
• To ensure system functionality and security
• To communicate with users and provide customer support
• To fulfill legal and regulatory obligations
• To perform analytics and internal reporting
• To improve service quality and user experience

4. Legal Basis for Processing (GDPR compliance)

Where applicable under international regulations such as the General Data Protection Regulation (GDPR), we process your personal data based on:

• Your explicit consent
• Contractual necessity
• Legal obligations
• Legitimate interests (such as service improvement and fraud prevention)

5. Data Sharing and Third Parties

We may share your personal data with trusted third parties solely for service delivery purposes:

• Cloud Infrastructure Providers
• Third-Party Service Providers
• Payment Providers
• Authorized public authorities: where legally required

We do not sell or rent your personal data to any third party.

6. International Data Transfers

Your personal data may be transferred and stored outside your country of residence due to our use of global cloud service providers. All international data transfers are performed in compliance with applicable data protection regulations and appropriate safeguards.

7. Data Retention

We retain personal data for as long as necessary to provide our services and to comply with our legal obligations. Where retention is no longer necessary, we securely delete or anonymize the data.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, or alteration, including:

• Access Controls
• Encryption
• Secure Storage
• Network Security
• Regular System Monitoring
• Employee Confidentiality Commitments

9. Children's Privacy

Our services are not specifically directed at children. We do not knowingly collect data from individuals under the age of 13. Parents or legal guardians who believe that we may have collected personal data from a child may contact us for immediate deletion.

10. Your Rights

Depending on your jurisdiction (e.g., GDPR, KVKK), you may have the following rights regarding your personal data:

• Access and obtain a copy of your data
• Rectify inaccurate data
• Request data deletion (right to be forgotten)
• Restrict or object to data processing
• Data portability
• File a complaint with a supervisory authority

For any such request, please contact us via:

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our platform, and material changes will be notified to users as appropriate.