1. Plain-language summary
Phantia is a social platform that lets people share content, message each other, host live rooms and support creators with Phantia Coins.
We collect the minimum data needed to run those features. We never sell personal data and we never share it with advertisers without your explicit consent.
You can export, correct or delete your data at any time, from inside the app or from this website.
2. Data controller
The data controller for Phantia is Phantia Teknoloji A.Ş. ("Phantia", "we", "us"), registered in Türkiye.
For privacy questions you can reach our Data Protection Officer at privacy@phantia.app or by post to the address listed in the Contact page.
3. Data we collect
Account data — email, phone, username, password hash, language, country.
Profile data — display name, photo, biography, links, age confirmation.
Content data — posts, messages, voice and video recordings you choose to publish.
Device data — device model, OS version, app version, IP address (truncated within 30 days), crash reports.
Payment data — transaction IDs, purchase history. Card details are processed by Apple, Google and our regulated payment processors and never stored on Phantia servers.
Optional sensitive data — biometric authentication is on-device only via Apple Face ID / Touch ID; we never receive the biometric template.
4. Why we use your data
Provide the service and authenticate you securely.
Operate live rooms, messaging and the Phantia Coin economy.
Detect fraud, abuse and breaches of our Acceptable Use Policy.
Comply with legal obligations (tax, KYC for creator payouts, court orders).
Improve the product through privacy-preserving analytics. You can opt out at any time from Settings → Privacy → Analytics.
5. Legal basis (GDPR / KVKK)
Performance of the contract you enter when you create a Phantia account.
Legitimate interest in keeping the platform safe and reliable.
Consent for optional analytics, marketing emails and personalised content recommendations.
Legal obligation for tax, anti-fraud and law-enforcement requests.
7. International transfers
Phantia is operated from Türkiye and the European Economic Area.
Where data is transferred outside the EEA we rely on Standard Contractual Clauses approved by the European Commission and additional safeguards required by KVKK Board decisions.
8. Retention
Account data is kept while your account is active and for up to 30 days after deletion (then anonymised in aggregates).
Financial records are kept for 10 years as required by Turkish Tax Procedure Law.
Moderation evidence relating to safety reports may be kept for up to 12 months.
9. Your rights
Access, correction, deletion, restriction, objection and portability — exercise any of these from Settings → Privacy.
Withdraw consent at any time without affecting prior processing.
Lodge a complaint with the KVKK (kvkk.gov.tr) or your local data protection authority.
11. Security
TLS 1.3 in transit, AES-256 at rest.
Multi-factor authentication for every employee with production access.
Annual penetration testing and continuous Sentry monitoring.
Encrypted backups with a documented disaster-recovery plan.
12. Children
Phantia is not directed at children under 13 (or 16 in jurisdictions that require it).
We rely on age-gating at sign-up and remove accounts found to be under-age.
If you believe a child is using Phantia, write to safety@phantia.app and we will take swift action.
13. Changes to this policy
Material changes will be notified inside the app, by email and on this page at least 30 days before they take effect.
14. Contact
Privacy questions: privacy@phantia.app
Postal address: Phantia Teknoloji A.Ş., Maslak Mah. Büyükdere Cad. No:255, Sarıyer / İstanbul
Still need a hand?
Email us and a real person will reply, usually within a working day.