Privacy Policy

The developer and operator of the BambuBee application acts as the data controller in respect of personal data collected through this website. Contact details are as follows:

We collect only the minimum personal data necessary to respond to your inquiry through the contact form. The table below sets out each data category alongside its processing purpose and legal basis:

No personal data beyond the above is collected. No data is collected directly from children through the application or this website.

Your personal data is collected electronically through the contact form on this website, strictly on a voluntary basis. Submission of the form requires you to read and expressly tick the consent checkbox — this constitutes your freely given, specific, informed, and unambiguous consent.

You may withdraw your consent at any time by contacting us at the address below. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

Your personal data is shared only with the following carefully selected sub-processor and solely for the purpose stated:

We do not sell, rent, trade, or otherwise disclose your personal data to any other third parties — including advertising networks, analytics providers, or public authorities — except where required by law.

Personal data is retained only for as long as necessary to fulfil the purpose for which it was collected. The following retention periods apply:

No personal data is kept beyond the periods set out above unless required by applicable law.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration:

• →All website communications are encrypted using HTTPS / TLS 1.2+.
• →Access to personal data is restricted to the data controller; third-party access is minimised to what is strictly necessary.
• →Third-party processors are selected on the basis of their industry-recognised security certifications.
• →Personal data is processed only to the extent necessary for the stated purpose (data minimisation).

This website uses only strictly necessary functional cookies required for the site to operate correctly (e.g. session management). No advertising, tracking, or third-party analytics cookies are placed. These cookies do not require separate consent and expire at the end of your browser session.

BambuBee is an educational application for children aged 3–6. However, we do not knowingly collect personal data directly from children through this website. The contact form is designed exclusively for parents, guardians, and other adults.

If we become aware that personal data has been submitted by or on behalf of a child under 13 without verifiable parental consent, we will delete it from our systems without delay. If you believe your child's data has been inadvertently collected, please contact us immediately.

Subject to applicable law, you have the following rights in respect of your personal data:

• ✓Right of Access: Obtain confirmation of whether your data is being processed and receive a copy (GDPR Art. 15 / KVKK Art. 11(b))
• ✓Right to Rectification: Request correction of inaccurate or completion of incomplete data (GDPR Art. 16 / KVKK Art. 11(d))
• ✓Right to Erasure: Request deletion of your data where it is no longer necessary for the purpose collected ('right to be forgotten') (GDPR Art. 17 / KVKK Art. 7)
• ✓Right to Restriction: Request that processing be restricted in certain circumstances (GDPR Art. 18)
• ✓Right to Data Portability: Receive your data in a structured, commonly-used format (GDPR Art. 20)
• ✓Right to Object: Object to processing based on legitimate interests (GDPR Art. 21)
• ✓Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing (GDPR Art. 7(3) / KVKK Art. 11)
• ✓Right to Lodge a Complaint: File a complaint with your local supervisory authority (e.g. Turkey: KVKK Board — kvkk.gov.tr; EU: your national DPA)

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data processing practices. The latest version will always be available at bambubee.com/privacy or via the "Privacy Policy" link in our website footer. Where changes are material, we will notify you by email if we hold your contact details.

This policy is prepared with reference to KVKK, COPPA, and GDPR provisions for children. App accounts are created and managed by parents or guardians.

Parent account data

Child profile data

We do not collect real name/surname, photos, biometric data, location, advertising IDs, birth date, health data, school details, or home address.

• →Personal data processing authority belongs to the parent/guardian.
• →We do not knowingly collect personal data directly from children.
• →Profiles include only parent-assigned nicknames and visual preferences.
• →Child-related data is deleted on parental request.

• →Service delivery: account management, content access, subscription control
• →Security: authentication and prevention of unauthorized access
• →Performance: error detection and service improvement
• →Communication: important security and service notices
• →Legal compliance: tax and accounting obligations

We do not sell personal data. Sharing is limited to the following providers for technical service delivery:

After account deletion, all personal data is permanently removed within 30 days.

You have rights to access, correction, deletion, portability, and objection under applicable law.

• →All communications are encrypted via HTTPS/TLS.
• →Session tokens are stored in secure device storage.
• →Passwords are stored as hashes.
• →No advertising cookies, tracking pixels, or third-party analytics SDKs are used.
• →Material policy changes are notified in-app or by email.