LOKIVA PRIVACY POLICY

Last Updated: 02.05.2026

1. Introduction

Lokiva is a location-based food discovery platform that allows users to explore restaurants, dishes, and trending foods based on their location and preferences.

This Privacy Policy explains how personal data is collected, used, and protected when using the Lokiva mobile application and related services.

By using Lokiva, you agree to this Privacy Policy.

2. Data Controller

Data Controller: Zelal Durmaz (Individual Developer)

Location: Istanbul, Türkiye

Email: infolokiva@gmail.com

3. Information We Collect

We collect the following categories of personal data when you use Lokiva:

  • Identity data: name or username, and a profile picture if you choose to upload one.
  • Contact data: email address.
  • Account data: a unique user ID assigned by Firebase Authentication.
  • Location data: approximate or precise device location, used only with your permission to surface nearby restaurants and dishes.
  • Usage data: in-app actions, searches, viewed content, reviews and ratings you submit, and other interaction data.
  • Device and technical data: device model, operating system version, language, time zone, app version, IP address, and crash diagnostics.

4. How We Use Your Data

  • To provide and operate the Lokiva service.
  • To personalize your experience and surface relevant restaurants and content based on your location and preferences.
  • To create and secure your account, including authentication and account recovery.
  • To send transactional emails such as account verification and security notifications.
  • To monitor app performance, diagnose crashes, and improve reliability.
  • To detect, prevent, and respond to fraud, abuse, and security incidents.
  • To comply with applicable legal obligations.

5. Third-Party Services

Lokiva relies on a small number of trusted third-party providers to deliver core functionality. Each provider processes data only to perform the specific function listed below.

  • Firebase / Google (Google LLC): Firebase Authentication (sign-in and account management), Cloud Firestore (database for user content and app data), Firebase Storage (image and file storage), Firebase Cloud Messaging (push notifications), Google Analytics for Firebase (usage analytics), and Firebase Crashlytics (crash reporting).
  • Resend (Resend, Inc.): transactional email delivery, for example verification and notification emails.

These providers act as data processors on our behalf and are bound by their own privacy and security commitments. Data may be processed on servers located outside Türkiye, including in the European Union and the United States.

6. Data Sharing

We do NOT sell your personal data. We do not share your personal data with advertisers or data brokers.

We share personal data only in the following limited circumstances:

  • With the third-party service providers listed in Section 5, strictly to operate Lokiva.
  • When required by law, court order, or other valid legal process.
  • To protect the rights, property, or safety of Lokiva, our users, or the public.
  • In connection with a business transfer such as a merger or acquisition, in which case you will be notified.

7. Data Retention

We retain your personal data only for as long as necessary to provide the service and for legitimate business or legal purposes.

  • Account data is retained while your account is active.
  • When you delete your account, your profile and associated personal data are deleted within 30 days, except where we are required to keep certain records to comply with legal obligations or to resolve disputes.
  • Anonymized or aggregated data that can no longer be linked to you may be retained for analytics and product improvement.

How to delete your account: you can request deletion at any time through one of the following methods:

  • In the Lokiva mobile app: open Settings, tap "Delete Account", and confirm the action.
  • From the web: visit lokiva.app/account-deletion and follow the instructions.
  • By email: send a deletion request to infolokiva@gmail.com from the email address associated with your Lokiva account. We will verify your identity before processing the request.

Once we receive a verified request, your account and associated personal data will be deleted within 30 days, except for records we are legally required to retain.

8. Children's Privacy

Lokiva is not directed to children under the age of 13, and we do not knowingly collect personal data from children under 13 in compliance with the United States Children's Online Privacy Protection Act (COPPA).

If you believe a child under 13 has provided us with personal data, please contact us at infolokiva@gmail.com and we will take steps to delete that information.

9. Your Rights

Under the Turkish Personal Data Protection Law (KVKK No. 6698) and other applicable data protection laws, you have the following rights regarding your personal data:

  • The right to access the personal data we hold about you.
  • The right to request correction of inaccurate or incomplete personal data.
  • The right to request deletion of your personal data.
  • The right to object to or restrict the processing of your personal data.
  • The right to learn whether your personal data has been transferred and to whom.
  • The right to lodge a complaint with the Turkish Personal Data Protection Authority (KVKK) or another competent supervisory authority.

To exercise any of these rights, contact us at infolokiva@gmail.com. We respond to verified requests within the timeframes required by applicable law.

10. Data Security

We implement appropriate technical and organizational measures designed to protect your personal data against unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit (HTTPS/TLS), encrypted storage on Google Cloud infrastructure, role-based access controls, and Firestore security rules.

No method of transmission over the internet or electronic storage is fully secure. While we work to protect your data, we cannot guarantee its absolute security.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you in the app or by email. Your continued use of Lokiva after the changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how your personal data is handled, you can reach us at:

Email: infolokiva@gmail.com

Data Controller: Zelal Durmaz

Location: Istanbul, Türkiye