Legal

Privacy Policy

Effective Date: 1 January 2026 | Last Updated: 1 March 2026 | Version 1.0

Your privacy matters deeply to us. OpenPatent is committed to handling your personal data transparently, fairly, and in compliance with applicable data protection laws including the EU General Data Protection Regulation (GDPR) and Turkish Law No. 6698 on the Protection of Personal Data (KVKK).

1. Who We Are

OpenPatent is operated by Tech Tank, a technology company registered in Istanbul, Turkey. We act as the data controller for personal data collected through the platform. Contact us at openpatent@techtank.com.tr for all privacy-related matters.

2. Data We Collect

Category	Examples	Basis
Account Data	Email address, hashed password, account preferences	Contract
Usage Data	Pages visited, features used, session duration, IP address	Legitimate Interest
Payment Data	Billing address, last-four card digits (via Stripe — we never store full card numbers)	Contract
Content Data	Invention descriptions, patent drafts, uploaded documents	Contract
Communication Data	Emails, support tickets, contact form submissions	Legitimate Interest

3. How We Use Your Data

Service Delivery — to create and manage your account, process payments, and deliver core platform functions.
AI Processing — to perform prior art searches, generate patent claim drafts, and provide analysis. Your content is used only for your requests and is not used to train shared AI models.
Platform Improvement — aggregate, anonymised analytics to improve performance and user experience.
Communications — transactional emails (invoices, security alerts) and, with your consent, product updates and news.
Legal Obligations — to comply with applicable law, court orders, or regulatory requirements.

4. Data Sharing

We do not sell your personal data. We share data only with trusted third-party service providers operating under strict data processing agreements, including:

Stripe — payment processing (PCI-DSS Level 1 certified);
Cloud infrastructure providers — hosting and data storage (EU/EEA or adequacy-decision countries);
Analytics providers — anonymised usage analytics only.

We may disclose data to law enforcement or regulators only where required by law.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account deletion, we retain minimal data for up to 90 days for backup integrity, then securely delete it. Billing records are retained for 7 years to meet tax obligations.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

Access — request a copy of your personal data;
Rectification — correct inaccurate data;
Erasure — request deletion of your data ("right to be forgotten");
Portability — receive your data in a machine-readable format;
Restriction — restrict processing of your data;
Objection — object to processing for legitimate interests;
Withdraw consent — at any time where processing is based on consent.

To exercise any right, email openpatent@techtank.com.tr. We will respond within 30 days.

7. Cookies

We use session cookies required for authentication and security. We do not use third-party advertising cookies. You can configure your browser to block cookies; however, core platform functionality may be affected.

8. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, access controls, and regular penetration testing. In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR.

9. International Transfers

If we transfer your data outside your country of residence, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission or adequacy decisions under GDPR.

10. Children's Privacy

OpenPatent is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, contact us immediately.

11. Updates to This Policy

We may update this Policy periodically. We will notify you via email and post the updated policy with a new effective date. Continued use after the notification constitutes acceptance.

12. Contact & Complaints

For privacy enquiries: openpatent@techtank.com.tr. If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.