PRIVACY
Privacy Policy
Last updated: July 2026
This Privacy Policy explains how Useroam Teknoloji ("Useroam", "we") collects, uses, shares and protects personal data in connection with its guest WiFi marketing platform and websites. For visitors in Türkiye, our KVKK notice also applies.
Controller and processor roles
When a business uses Useroam to run guest WiFi, that business is the data controller for its guests' personal data, and Useroam acts as a data processor on its behalf. For our own websites and business accounts, Useroam is the controller. A Data Processing Agreement (DPA) is available for business customers on request.
Data we process
- Guest verification data: the phone number, name, email or room number a guest provides to connect, plus verification method and timestamp.
- Access records: session and access logs, kept in a compliant, timestamped form where local law (e.g. Türkiye's Law No. 5651) requires it.
- Usage and analytics: visit frequency, device and network metadata, survey responses and campaign interactions.
- Business account data: the contact and account details of the business and its staff using the panel.
How we use data
- To provide guest network access and keep compliant access records.
- To run marketing campaigns, surveys and loyalty flows on behalf of the business, only where the guest has given consent.
- To produce analytics and reports for the business.
- To provide, secure and support the platform.
Legal basis
We rely on consent for marketing communications, on legitimate interests for providing and securing the service, and on legal obligations for compliant access logging where applicable.
Consent and marketing
Guests are informed on the welcome screen and marketing consent is captured separately and kept auditable. Guests can opt out of marketing messages at any time. Campaigns are sent only to guests who have opted in.
Sharing and subprocessors
We do not sell personal data. We share data with subprocessors that help us deliver the service — such as SMS/WhatsApp providers and hosting infrastructure — under contract. A current subprocessor list is available on request.
Retention
Access records are retained for the period required by applicable law. Other data is retained for as long as the business account is active or as needed to provide the service, then deleted or anonymized.
Security
We protect data with encryption in transit, access controls including two-factor authentication, and role-based permissions. See our Security & Compliance page for details.
Your rights
Subject to applicable law, individuals may request access to, correction, deletion, portability of, or objection to the processing of their personal data. Guests should contact the business that operates the WiFi; for data Useroam controls, contact us using the details below.
International transfers
Where data is transferred across borders, we apply appropriate safeguards in line with applicable law.
Cookies
Our websites use cookies as described in our Cookie Policy.
Changes
We may update this policy from time to time. The current version is always published here with its effective date.
Contact
For privacy questions or requests, contact kvkk@useroam.com or support@useroam.com.