xeref.ai is operated by Bugra Karsli, based in Turkey. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information when you use our platform.
By using xeref.ai, you agree to the collection and use of information in accordance with this policy.
We collect the following categories of data:
We use the data we collect to:
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
Your data is stored on Supabase (database and authentication) and served via Vercel (hosting and edge infrastructure). Both providers implement industry-standard security measures including encryption in transit (TLS) and encryption at rest.
While we take reasonable steps to protect your data, no method of electronic storage or transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to using best practices to safeguard your information.
xeref.ai integrates with the following third-party services to deliver its functionality. Each is subject to their own privacy policies:
When you use AI features, the content of your messages is transmitted to AI model providers through OpenRouter. Do not send sensitive personal information in AI chat sessions.
We use cookies solely for authentication session management — to keep you logged in across page navigations. We do not use advertising, tracking, or analytics cookies from third parties. You can disable cookies in your browser settings, but doing so will prevent you from staying logged in.
Under the Turkish Personal Data Protection Law (KVKK — Kişisel Verilerin Korunması Kanunu No. 6698), you have the following rights regarding your personal data:
To exercise any of these rights, contact us at support@xeref.ai. We will respond within 30 days.
We retain your personal data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g., transaction records).
xeref.ai is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it promptly.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or an in-app banner at least 7 days before the changes take effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.
For any privacy-related questions, data requests, or concerns, please contact us at:
This Privacy Policy is governed by and construed in accordance with the laws of the Republic of Turkey, including the Personal Data Protection Law (KVKK No. 6698). Any disputes arising in connection with this policy shall be subject to the exclusive jurisdiction of the courts of Istanbul, Turkey.
Last updated: April 25, 2026