Privacy Policy

Last Updated: January 22, 2025

📋Introduction

CORIA values your privacy and data security. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the CORIA mobile app and website.

CORIA is a vegan lifestyle assistant that helps users make conscious consumption decisions by scanning product barcodes to provide vegan compatibility, allergen warnings, health, and sustainability scores.

This policy complies with Turkey's Personal Data Protection Law (KVKK) and the European Union General Data Protection Regulation (GDPR).

🏢Data Controller

Data Controller: CORIA

As the data controller under KVKK and GDPR, we are responsible for processing your personal data. Use the contact information above to exercise your rights or ask questions.

📊Data We Collect

We collect the following categories of personal data when you use CORIA:

1. Account Information

  • Email address
  • Username
  • Profile photo (optional)
  • Authentication credentials (encrypted)

2. Usage Data

  • Scanned product barcodes
  • Product scanning history
  • Favorite products list
  • Allergen and dietary preferences (vegan, gluten-free, etc.)
  • AI chat history

3. Technical Data

  • Device information (model, operating system)
  • IP address
  • App usage metrics (analytics)
  • Error logs (crash logs)

4. Permission-Based Data

  • Camera: For barcode scanning (required)
  • Location: For regional product recommendations (optional)
  • Biometric: For secure login via fingerprint/face recognition (optional)
  • Gallery Access: To select product photos from gallery (optional)

🎯How We Use Your Data

We use your personal data for the following purposes:

1. App Functionality

  • Barcode scanning and product recognition
  • AI-powered vegan analysis
  • Personalized product recommendations
  • Allergen warnings and dietary compliance checks

2. User Experience

  • Account management and authentication
  • Saving your preferences (allergens, language, region)
  • Storing scanning history and favorite products
  • Regional product recommendations (if location permission granted)

3. Security and Fraud Prevention

  • Account security (biometric authentication)
  • Unauthorized access detection
  • Spam and abuse prevention

🔗Third-Party Services

CORIA shares data with the following third-party services:

Supabase (Authentication, Database)

  • Purpose: User authentication, data storage
  • Location: European Union (EU servers)
  • Privacy: supabase.com/privacy

OpenAI (AI Product Analysis)

  • Purpose: AI-powered vegan analysis
  • Location: United States
  • Data: Anonymous product information only (no user ID)
  • Privacy: openai.com/privacy

RevenueCat (In-App Purchases)

All third-party services use GDPR-compliant Standard Contractual Clauses (SCC) for data protection.

Your Rights (GDPR & KVKK)

Under KVKK and GDPR, you have the following rights:

Right to Access

Learn what personal data we process about you.

→ App → Profile → Settings → "View My Data"

Right to Rectification

Correct inaccurate or incomplete data.

→ App → Profile → "Edit Profile"

Right to Erasure ("Right to be Forgotten")

Permanently delete your account and all data.

→ App → Profile → Settings → "Delete Account"

Right to Data Portability

Receive your data in JSON format.

→ Email privacy@coria.app

Note: All data requests are processed within 30 days as required by KVKK and GDPR.

🔐Security Measures

We implement industry-standard security measures:

  • SSL/TLS Encryption: All data transmission is encrypted
  • Database Encryption: AES-256 encryption for stored data
  • Password Security: Bcrypt hashing (one-way, non-reversible)
  • Biometric Authentication: Device-based fingerprint/face recognition
  • Regular Security Audits: Continuous monitoring and updates

👶Children's Privacy

CORIA is not intended for children under 13 years old. We do not knowingly collect personal data from children under 13.

If you become aware that a child under 13 is using our app, please contact us immediately at privacy@coria.app and we will delete the account and all associated data within 7 days.

🔄Policy Changes

We may update this Privacy Policy from time to time. Significant changes will be communicated through:

  • In-app notification
  • Email to registered users
  • Updated "Last Updated" date on this page

Continued use of the app after changes constitutes acceptance of the updated policy.

📧Contact Us

For questions about this privacy policy or your data:

Email: privacy@coria.app

Website: getcoria.com/contact

Response time: General questions within 5 business days, data requests within 30 days (KVKK/GDPR requirement)

Data Protection Authorities

If you believe your privacy rights have been violated, you can contact:

This privacy policy was last updated on January 22, 2025. For questions, contact privacy@coria.app

Privacy Policy | CORIA | CORIA - Sürdürülebilir Yaşam Uygulaması