Back to Jeolife

Privacy Policy

Effective date: 09.06.2026 · Version: v1.0

This document explains how the Jeolife app processes personal data. Under Turkish Law No. 6698 (KVKK) it serves as the information notice. Consent for location access is obtained through a separate in-app permission flow.

1. Data Controller

Jeolife is operated by Erkan Öztürk, an individual developer based in Istanbul, Türkiye. Under KVKK the operator is the data controller; under the GDPR, the controller.

Contact: erozturk0381@gmail.com · Postal address: available on request.

2. About the App

Jeolife is a free, ad-free earthquake-tracking and disaster-communication app with no in-app purchases and no user accounts/login. Available in Turkish and English.

3. Categories of Personal Data We Process

  • Feedback (Firebase Firestore): star rating, message text, category, device model, OS version, app version, locale, timestamp. No name or email is collected.
  • Diagnostics & usage (Firebase Crashlytics + Google Analytics): crash reports, device identifiers, usage/event data.
  • Notifications (Firebase Cloud Messaging): FCM device token.
  • Location: processed only on your device (see Section 5).

4. Purposes & Legal Bases (KVKK Art. 5/6, GDPR Art. 6)

  • Feedback — improve the app, review bugs/suggestions (legitimate interest, KVKK Art. 5/2-f; GDPR Art. 6(1)(f)).
  • Diagnostics/usage — fix crashes, stability & performance (KVKK Art. 5/2-f; GDPR Art. 6(1)(f) or consent where required).
  • FCM token — deliver earthquake/disaster alerts (request/consent; GDPR Art. 6(1)(a)/(f)).
  • Location — compute distance to the nearest earthquake on your device (explicit consent; GDPR Art. 6(1)(a)).

5. Location Handling (On-Device)

Location is used only after your explicit consent and only on your device, to compute the distance to the nearest earthquake. Your location is not transmitted to the operator or to any server, and is not stored there.

You may withdraw consent at any time by revoking the location permission in your device settings, which disables that feature.

6. Feedback Data

If you voluntarily submit feedback, the fields above are stored in Google's Firebase Firestore. Please do not include personal information in the message text.

7. Analytics & Crash Diagnostics

Firebase Crashlytics and Google Analytics for Firebase process diagnostics, device identifiers, and event data to understand stability and usage. This data is processed by Google.

8. Push Notifications (FCM)

Earthquake and disaster alerts are sent via Google's FCM; your FCM token is processed by Google for this purpose.

9. Mesh Messaging (BLE / Wi-Fi Aware) — End-to-End Encrypted, Not Collected

Offline peer-to-peer messages are end-to-end encrypted (X25519 key exchange + ChaCha20-Poly1305) and relayed device-to-device. Message content is not collected, seen, or stored by the operator or any server. Relaying devices carry only encrypted, unreadable data.

10. Third-Party Earthquake Data Sources

Earthquake information is sourced from AFAD, Kandilli Observatory (Boğaziçi University, KOERI), USGS, and EMSC. These provide data to the app and do not collect personal data about you.

11. Sub-processors & International Transfer (KVKK Art. 9, GDPR Chapter V)

Our sub-processor is Google LLC / Firebase (Firestore, FCM, Crashlytics, Analytics). By the nature of these services, data may be processed outside Türkiye and the EU (e.g., the United States).

Under KVKK Art. 9, cross-border transfer relies on an adequacy decision, appropriate safeguards (Board-published standard contract / binding corporate rules), or, in exceptional cases, explicit consent after being informed of the possible risks. For EU users, transfers rely on GDPR Chapter V (Art. 44–49); you may request a copy of the safeguards.

12. Retention

  • Feedback: a reasonable period after the purpose is met, up to 24 months.
  • Diagnostics/usage: per Firebase/Google retention settings, typically 14 months.
  • FCM token: while you remain subscribed.
  • Location and mesh content: not stored.

13. Security

Network traffic is encrypted with TLS; mesh messages are end-to-end encrypted; Firebase data is protected by Google's security controls (KVKK Art. 12, GDPR Art. 32).

14. Children

Jeolife is not directed to children under 13 (or under 16 where required by local law) and does not knowingly collect their data.

15. Your Rights & How to Exercise Them (KVKK Art. 11 & GDPR Art. 15–22)

Under KVKK Art. 11 you may: learn whether your data is processed; request information; learn the purpose and whether used accordingly; know third parties (domestic/abroad) to whom data is transferred; request rectification; request erasure/destruction; request that rectification/erasure be notified to recipients; object to outcomes from solely automated analysis; and claim compensation for unlawful processing.

Under the GDPR (Art. 15–22) you have rights of access, rectification, erasure, restriction, portability, and objection. Requests may be sent to erozturk0381@gmail.com and are answered within 30 days.

16. Complaints

Under KVKK you may complain to the Personal Data Protection Board (kvkk.gov.tr, sikayet.kvkk.gov.tr). In the EU/EEA you may complain to your local supervisory authority.

17. Cookies / SDK Identifiers

The app uses no web cookies; Firebase SDKs may use device/SDK identifiers for diagnostics.

18. Changes

We may update this policy; material changes are announced in-app and the effective date is updated.