Privacy policy

This privacy policy applies to all applications (“Applications”) created by COKLUK and Ali Salih ÇOKLUK (“Service Provider”) distributed via Google Play Store and Apple App Store. We are committed to protecting your privacy and ensuring a high level of data security across our digital ecosystem.

Information collection and use

Upon downloading and using any of our Applications, the Service Provider may collect technical information, including:

• Device Internet Protocol (IP) address
• Specific Application features accessed, including timestamps
• Mobile device operating system, browser type, and hardware identifiers
• General geographical location (city/country) for localized service delivery

Depending on the Application, we may request personally identifiable information such as phone number, name, age, gender, or email address. This data is used solely to provide and improve the services within the respective Application.

Third-party services

Anonymized data may be shared with trusted third-party services for performance and monetization, including:

• Google Play Services
• AdMob
• Firebase Analytics
• Apple App Store Services

Ethical AI & content processing

Data processed by AI is used exclusively for real-time content generation within the Application session.

User-generated content — including images, texts, or audio — is never used to train, test, or enhance general AI models. Processing is ephemeral and anonymous unless an app-specific section describes otherwise.

Security & retention

We maintain administrative, technical, and physical safeguards. Personal data is retained only as long as necessary to fulfill the purposes outlined here or as required by law.

Children's privacy

Our Applications do not knowingly address anyone under 13 unless an individual app sets a higher age limit (e.g. Davay requires 18+). If you believe a child has provided personal information, contact us so we can delete it.

1. Information collection

The Application collects IP address, device information, and location data. It may also request personal information such as phone number, name, and age.

2. Device identifier

We generate a device-specific anonymous unique identifier (UUID) stored in your device's secure storage (Keystore/Keychain) for:

• Abuse prevention — blocking multiple accounts from the same device
• Security — detecting unauthorized access
• Fraud prevention — preventing misuse of system resources

Device identifiers are used solely for application security and are not shared with advertising networks or third-party marketing companies.

3. Third parties

Google Play Services, AdMob, and Firebase are used. Anonymized data may be shared for application improvement.

4. Artificial intelligence

AI technologies provide personalized content and automated features. User data (images/texts sent for fortune telling) is never used to train AI models; processing is anonymous.

5. Your rights

Uninstalling the App stops data collection. For deletion requests, email [email protected].

6. Marketing & communications

VangaFal may use personal information you share to contact you with promotions, campaigns, tailored recommendations, and advertising partnerships.

7. Security & moderation (App Store Guideline 1.2)

8. In-app purchases & location

Payments use Apple In-App Purchase (IAP). Payment information is never stored on Service Provider servers. Location is used solely to list nearby consultants and is not shared with ad networks or stored with profiles without explicit consent.

9. Account deletion

Deleting your account permanently removes personal data, fortune history, and identity information from our servers. Request deletion via the in-app flow or email [email protected].

1. Introduction

This section describes information collected, used, and protected when you use the Vangia mobile application. By using the App you agree to the practices described here.

2. Data we collect

Stored on-device only (never sent to servers):

• Journal and reflection entries
• Mood and emotion logs
• Favourite crystals and preferences
• Notification settings

Health data (optional, Apple Health only):

• Step count and activity data (read-only via HealthKit)
• Stays on your device; never transmitted to any server

When you use AI analysis, submitted text or images are sent to the Groq API solely to generate a response. Groq does not store your content.

3. How we use your data

• Running core App features
• Personalised daily content (crystal of the day, motivational notifications)
• Managing in-app purchases via the Apple App Store
• Debugging and improving App stability

4. Third-party services

• Apple App Store / StoreKit — subscriptions and purchases
• Apple HealthKit — health data (with permission)
• Google AdMob — advertising for free-tier users
• Groq API — AI analysis feature
• Apple Push Notification Service (APNs)

5. Data security

Personal data is stored locally on your device. No cloud synchronisation. Uninstalling permanently deletes all local data.

6. Your rights

• Delete all in-app data from your device
• Disable notifications in iOS Settings → Notifications
• Revoke HealthKit access in iOS Settings → Health
• Opt out of personalised ads via iOS Settings → Privacy → Tracking

7. Delete your account

To permanently delete a Vangia account (Apple Sign In) and associated server data:

• In-App: Profile → Apple Account Card → “Permanently Delete Account”
• Email: Send your Apple User ID to [email protected]

Deletion is irreversible. Server data is removed within 30 days.

1. Data we collect

2. How we use data

• Account creation and authentication
• Location-based recommendations and matching
• Trust score calculation (reliability and response speed)
• Push notifications (matches, messages, super likes)
• Purchase verification (Premium, Boost, Blue Tick)
• Reports, blocks, and platform security

3. Data sharing

We do not sell or rent personal data. Sharing occurs only with:

• Google Firebase (FCM): push infrastructure — device token only
• Google AdMob: ads for free users — advertising ID may be used
• Legal obligation: when required by authorized authorities

Instagram and Spotify links you add are visible to other users. Adding them is optional.

4. Security

• All API traffic over HTTPS
• Passwords stored with bcrypt hash
• Per-session random 64-character tokens
• Parameterized queries against SQL injection
• Server logs configured to avoid personal data

5. Cookies & ads

AdMob may use your Advertising ID for ad personalization. Disable via device settings. Premium subscription removes ads entirely.

6. Your rights (KVKK & GDPR)

• Access, correction, deletion, portability, and objection rights
• Account deletion via in-app flow or email

You may stop data collection by uninstalling Applications. You have the right to access, correct, or delete personal data across all services.

This policy aligns with international privacy regulations. See also our Terms of Service.