Privacy Policy

Last updated: February 3, 2026

1. Data Controller

TLU Consulting is the data controller responsible for your personal data collected through CIFA.

Contact:

Email: tulu@tluconsulting.com

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address used for registration and authentication
  • Report Requests: Commodities you select and reports you generate

2.2 Information Collected Automatically

  • Usage Data: Reports generated, features used, timestamps of activity
  • Device Information: Browser type, operating system, IP address
  • Cookies: Authentication tokens and session data

3. How We Use Your Information

We use your information to:

  • Provide and maintain the CIFA service
  • Authenticate your account and manage your session
  • Track credit usage and generate reports
  • Send important service notifications
  • Improve and optimize our service
  • Comply with legal obligations

4. Third-Party Services

We use the following third-party services to provide CIFA:

Supabase

Used for user authentication and database storage. Your email and account data are stored securely on Supabase infrastructure.

Supabase Privacy Policy

Google Gemini AI

Used to generate commodity forecast reports. Your commodity selection is sent to Google's AI services to generate analysis. Google may process this data according to their policies.

Google Privacy Policy

Netlify

Used for hosting and serverless functions. Technical logs and request data may be processed by Netlify.

Netlify Privacy Policy

5. Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Generated Reports: Stored for the duration of your account
  • Usage Logs: Retained for up to 12 months for analytics and debugging

6. Your Rights

Under GDPR, KVKK (Turkish Data Protection Law), and other applicable regulations, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Request your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction: Request restriction of processing

To exercise these rights, contact us at tulu@tluconsulting.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via Supabase
  • Regular security reviews of our systems
  • Access controls limiting data access to authorized personnel

8. International Data Transfers

Your data may be transferred to and processed in countries outside your residence, including the United States (where our service providers operate). We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

9. Children's Privacy

CIFA is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the service. Your continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

For questions about this Privacy Policy or our data practices, please contact:

TLU Consulting

Email: tulu@tluconsulting.com