Petacomm Petacomm
Use Cases Support GitHub LinkedIn All Petacomm
Legal · Privacy

Privacy Policy

Last updated: 7 May 2026
KVKK · GDPR Compliant
Petacomm · Istanbul, Turkey
Plain language summary: We collect your name and email address only when you contact us through our support form. We do not sell your data, we do not run ads, and we do not share your data with anyone except the two third-party services listed in Section 5. You can ask us to delete your data at any time.
Section 1

Who we are

This Privacy Policy applies to the website petacomm.io and all associated subdomains operated by Petacomm, a software company based in Istanbul, Turkey.

Petacomm develops and distributes open source Linux server and user tools including Petacomm Easy, GateBell, PetaShell, PetaFiles, PetaSync and RouteChecker.

For the purposes of the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Turkish Personal Data Protection Law No. 6698 (KVKK), Petacomm acts as the data controller for personal data collected through this website.

Our contact details are provided in Section 12.

Section 2

Data we collect

We collect the minimum personal data necessary to operate our services. The table below describes what we collect, why and how.

Data When collected Purpose Required?
First & last name Support form submission To address you correctly in our reply Yes
Email address Support form submission To reply to your support ticket Yes
Message content Support form submission To understand and resolve your issue Yes
Linux distribution (optional) Support form submission To provide distribution-specific guidance No
IP address All web requests Security, DDoS protection (Cloudflare) Automatic
We do not collect: We do not collect payment information, passwords, location data, device identifiers, browsing behaviour, cookies for tracking, or any data from Petacomm Easy commands you run on your own server. Commands you type into Petacomm Easy are sent directly to Anthropic's Claude API — see Section 5.
Section 3

How we use your data

We use the personal data we collect for the following purposes only:

3.1 — Responding to support tickets

When you submit a message through our support form, we use your name, email address and message to read your inquiry and send you a reply. We do not use this data for any other purpose.

3.2 — Security and fraud prevention

We use Cloudflare as our content delivery network and DDoS protection provider. Cloudflare processes your IP address and certain request metadata to protect our services from abuse. This processing is necessary for the legitimate interests of operating a secure public website.

3.3 — Improving our tools

We may use aggregate, anonymised statistics about support ticket topics (e.g. "many users asked about GateBell configuration") to improve our documentation and tools. This processing uses anonymised data only — no individual personal data is involved.

We never: sell your personal data, share it with advertisers, use it for profiling, send marketing emails without explicit consent, or transfer it outside of the purposes stated in this policy.
Section 4

Legal basis for processing

Under the GDPR (Article 6) and KVKK (Article 5), we rely on the following legal bases for processing your personal data:

Processing activity Legal basis (GDPR) Legal basis (KVKK)
Responding to support tickets Art. 6(1)(b) — performance of a contract / pre-contractual steps Art. 5(2)(c) — necessary for performance of a contract
Security & DDoS protection via Cloudflare Art. 6(1)(f) — legitimate interests Art. 5(2)(f) — legitimate interests
Anonymised aggregate statistics Not applicable — anonymised data is not personal data Not applicable

Where we rely on legitimate interests, we have assessed that our interests do not override your fundamental rights and freedoms. You may object to processing based on legitimate interests at any time — see Section 7.

Section 5

Third-party services

We use two third-party services that may process personal data as part of operating our website and products. We have assessed both providers and entered into data processing agreements where required by GDPR.

Cloudflare, Inc.
CDN · Security · Turnstile
What they process: IP addresses, HTTP request headers and Turnstile CAPTCHA interaction data (used on our support form to prevent automated spam submissions).

Why: To protect our website from DDoS attacks and automated abuse, and to verify that support form submissions are made by humans.

Where: Cloudflare operates data centres globally. Data may be processed outside the EU/EEA. Cloudflare is certified under the EU-U.S. Data Privacy Framework and provides Standard Contractual Clauses for GDPR compliance.

Retention: Cloudflare retains request logs for a limited period in accordance with their own privacy policy.

Privacy policy: cloudflare.com/privacypolicy
Anthropic, PBC
AI · Claude API
What they process: When you use Petacomm Easy, the natural language requests you type (e.g. petacomm -r "show disk usage") are sent to Anthropic's Claude API to generate the appropriate Linux command. These requests may contain incidental personal data depending on what you type.

Important: This processing occurs on your server, via your own Anthropic API key. Petacomm does not relay, store or access your Claude API requests. Your relationship with Anthropic is direct and governed by Anthropic's own terms.

Recommendation: Avoid including sensitive personal data (passwords, credentials, personal identifiers) in natural language requests to Petacomm Easy.

Privacy policy: anthropic.com/privacy

We do not use Google Analytics, Meta Pixel, advertising networks, or any other tracking or analytics services. Petacomm products are advertisement-free.

Section 6

How long we keep your data

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected.

Data Retention period Reason
Support ticket (name, email, message) 24 months from ticket closure To handle follow-up questions and maintain support history
Anonymised ticket statistics Indefinitely No personal data — used only for product improvement
IP address (via Cloudflare) Per Cloudflare's retention policy Security logs managed by Cloudflare

After the retention period, personal data is permanently deleted from our systems. You may also request earlier deletion at any time — see Section 7.

Section 7

Your rights

Under the GDPR and KVKK, you have the following rights regarding your personal data. These rights are not absolute and may be subject to limitations in specific circumstances — but we will always respond to your request and explain our reasoning.

Right of Access
You may request a copy of all personal data we hold about you, along with information about how it is processed.
Right to Rectification
You may request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
You may request deletion of your personal data. We will comply unless we are required by law to retain it.
Right to Portability
You may request your data in a structured, machine-readable format (JSON or CSV) to transfer to another service.
Right to Restriction
You may request that we restrict processing of your data in certain circumstances, such as while a dispute is resolved.
Right to Object
You may object to processing based on legitimate interests at any time. We will cease processing unless we can demonstrate compelling grounds.
Right to Lodge a Complaint
If you believe we have processed your data unlawfully, you have the right to lodge a complaint with your national data protection authority.
KVKK Application Right
Under KVKK Article 11, you may apply to us in writing or electronically to exercise any of the above rights. We will respond within 30 days.

To exercise any of these rights, contact us at the details in Section 12. We will respond within 30 days. We do not charge a fee for exercising your rights.

Supervisory authorities

If you are located in the EU/EEA and believe we have not adequately addressed your concerns, you may lodge a complaint with the supervisory authority in your country of residence. If you are located in Turkey, you may contact the Kişisel Verileri Koruma Kurumu (KVKK) at kvkk.gov.tr.

Section 8

Cookies and tracking

We do not use cookies for tracking, analytics or advertising purposes. The only cookies that may be set on your device are:

Cookie Set by Purpose Duration
__cf_bm Cloudflare Bot management and DDoS protection 30 minutes
cf_clearance Cloudflare Security challenge verification 1 year
cf-turnstile-* Cloudflare Turnstile CAPTCHA verification on support form Session

These cookies are strictly necessary for the secure operation of this website. They do not track you across other websites and are not used for advertising.

Section 9

How we protect your data

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These include:

All data in transit between your browser and our servers is encrypted using TLS 1.2 or higher. Access to support ticket data is restricted to authorised Petacomm personnel only. Our website is protected by Cloudflare, which provides DDoS mitigation, Web Application Firewall (WAF) and bot management.

If we become aware of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, in accordance with GDPR Article 33–34 and KVKK Article 12.

To report a security vulnerability in our products, please follow our responsible disclosure process.

Section 10

Children's privacy

Petacomm's website and products are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child under 16 has provided us with personal data, please contact us immediately at the details in Section 12 and we will delete that data without delay.

Section 11

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or the services we offer. The date at the top of this page indicates when the policy was last updated.

For significant changes — such as new categories of data being collected or new purposes for processing — we will take reasonable steps to notify you, such as posting a notice on our website or sending an email to users who have previously contacted us.

We encourage you to review this policy periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

Section 12

Contact us

If you have any questions about this Privacy Policy, wish to exercise your rights, or want to make a complaint, please contact us using the details below. We will respond within 30 days.

Data Controller — Petacomm

You may contact us in English or Turkish.

Email: [email protected]
Support form: petacomm.io/support
Istanbul, Turkey
For security issues: Do not send vulnerability reports to the privacy email address. Please use our responsible disclosure process instead.