Privacy Policy
Last updated: February 13, 2026
This Privacy Policy describes how Peak ("we", "us", "our") collects, uses, and protects your personal information when you use our services.
1. Information We Collect
We collect information you provide directly to us when you create an account, including your name, email address, and password (stored securely as a cryptographic hash). We also automatically collect certain technical information when you use our services, including your IP address, browser type and version, operating system, device type, and session activity timestamps. This information is used solely for security purposes such as session management, abuse prevention, and audit logging.
2. How We Use Your Information
We use the information we collect to: provide, maintain, and improve our services; authenticate your identity and manage your account; protect against unauthorized access and ensure platform security; monitor and analyze usage patterns to improve user experience; comply with legal obligations; and communicate important service updates.
3. Information Sharing
We do not sell, trade, or otherwise transfer your personal information to third parties. We may share information only in the following circumstances: with your explicit consent; to comply with legal obligations, court orders, or governmental requests; to protect our rights, privacy, safety, or property; or with service providers who assist us in operating our platform, subject to confidentiality agreements.
4. Data Security
We implement industry-standard security measures to protect your personal information, including: bcrypt password hashing with high computational cost; encrypted session tokens; rate limiting to prevent brute-force attacks; CSRF protection; and comprehensive audit logging of all authentication events. While we strive to protect your information, no method of transmission over the Internet is 100% secure.
5. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you services. Session data is automatically cleaned up after expiration. Audit logs are retained for security and compliance purposes. You may request deletion of your account and associated data at any time.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data: Right to access your personal data; Right to rectify inaccurate data; Right to delete your data (right to be forgotten); Right to restrict processing; Right to data portability; Right to object to processing; Right to withdraw consent. To exercise any of these rights, please contact us.
7. GDPR Compliance (European Economic Area)
If you are located in the European Economic Area (EEA), we process your personal data based on: your consent; the necessity to perform a contract with you; compliance with legal obligations; and our legitimate interests, provided they do not override your rights. You have the right to lodge a complaint with your local data protection authority.
8. KVKK Compliance (Turkey)
In accordance with the Turkish Personal Data Protection Law No. 6698 (KVKK), we act as the data controller. We process your personal data in compliance with the fundamental principles set out in the KVKK. You have rights under Article 11 of the KVKK, including the right to learn whether your data is processed, request information about processing, learn the purpose of processing, know third parties to whom data is transferred, request rectification of incomplete or inaccurate data, request deletion or destruction of data, and object to negative consequences arising from automated processing.
9. CCPA Compliance (California)
If you are a California resident, you have the right to: know what personal information we collect and how it is used; request deletion of your personal information; opt-out of the sale of personal information (we do not sell personal information); and not be discriminated against for exercising your CCPA rights.
10. Cookies
We use cookies and similar technologies as described in our Cookie Policy. You can manage your cookie preferences through our cookie consent interface.
11. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will take steps to delete such information.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us through the appropriate channels provided on our website.