GDPR & Data Protection

inMOLA is a marketing intelligence platform operated by Bester Media Reklam Bilişim Teknolojileri Ticaret Limited Şirketi("Bester Media", "we", "us"), headquartered at Ayazağa Mah. Azerbaycan Cad. 2B Ofis No:3K Kat:2, Sarıyer, İstanbul, Türkiye.

For all GDPR-related requests, the data controller is Bester Media. You can reach us at contact@inmola.com.

We collect and process the following categories of personal data:

• Account & billing data — name, email, phone, tax/identity number, billing address. Provided by you during signup or checkout. Required to deliver the service and issue invoices.
• Company & setup data — company name, website, sector, competitors, marketing practices. Provided in the signup form. Used to configure your inMOLA Spark or Core instance.
• Usage data — pages visited, features used, session timestamps. Collected through Google Analytics 4 and our application logs.
• Payment data — card information is collected and processed by iyzico (PCI-DSS compliant). We never store full card numbers on our infrastructure.
• Communications — support emails, demo requests, contact form submissions, partnership inquiries.

We process your personal data on one of the following legal bases (Art. 6 GDPR):

• Performance of a contract — to deliver the inMOLA service you subscribed to.
• Legitimate interest — to operate, improve, and secure the service; to respond to inquiries.
• Consent — for marketing communications, analytics cookies, and other optional processing. You can withdraw consent at any time.
• Legal obligation — to comply with tax, accounting, anti-fraud and other statutory requirements.

Under the GDPR, you have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — ask us to correct inaccurate or incomplete data.
• Right to erasure ("right to be forgotten") — request deletion of your data, subject to legal retention obligations.
• Right to restriction of processing — limit how we use your data in certain circumstances.
• Right to data portability — receive your data in a structured, commonly used, machine-readable format.
• Right to object — object to processing based on legitimate interest or for direct marketing.
• Right not to be subject to automated decision-making — including profiling that produces legal effects.
• Right to withdraw consent — at any time, where processing is based on consent.

To exercise any of these rights, email us at contact@inmola.com with the subject "GDPR Request". We will respond within 30 days as required by the regulation.

We retain personal data only as long as necessary for the purposes for which it was collected:

• Active account data — retained for the duration of your subscription.
• Billing & invoice records — retained for the statutory period required by Turkish tax law (currently 10 years).
• Marketing data & analytics — retained for up to 14 months, then anonymized.
• Support tickets & communications — retained for up to 3 years.

inMOLA data is hosted primarily on infrastructure located in the European Union and Türkiye. Where data is transferred to third parties outside these regions (for example, certain AI service providers), we ensure such transfers are protected by:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Adequacy decisions where applicable.
• Explicit consent where required.

We use the following sub-processors to deliver our service:

• iyzico — payment processing (PCI-DSS, EU/TR).
• Brevo — transactional and marketing email (EU).
• Google Analytics 4 — anonymized usage analytics.
• OpenAI / Anthropic / Perplexity — AI processing for select intelligence modules (where applicable).

We will update this list as our sub-processors change. Material changes will be communicated via email to account holders.

We protect personal data with encryption in transit (HTTPS/TLS), encryption at rest for sensitive fields, role-based access controls, and continuous security monitoring. For more detail, see our Security page.

If you believe we have not handled your personal data in accordance with the GDPR, you have the right to lodge a complaint with the supervisory authority in your EU member state or with the Turkish Personal Data Protection Authority (KVKK Kurulu) for inquiries related to Turkish data subjects.

For all GDPR-related matters, data subject requests, or general privacy questions:

• Email: contact@inmola.com
• Subject line: "GDPR Request"
• Address: Ayazağa Mah. Azerbaycan Cad. 2B Ofis No:3K Kat:2, Sarıyer, İstanbul, Türkiye