1. Data We Collect
We collect the following data to provide our service:
- Account data: Company name, email, username, hashed password
- Billing: Name, billing address, last 4 digits of payment method (full card data is stored by Stripe)
- Technical data: IP address, user-agent, browser type
- Server data: FiveM server IP, port, AC database credentials (AES-256 encrypted)
2. How We Use Data
- Manage your account and deliver the service
- Billing and payment processing
- Service improvement (anonymous analytics)
- Legal obligations (tax, lawful requests)
3. Who We Share Data With
We do not sell your data. We only share with:
- Stripe — payment processing
- Email provider (SendGrid/SES) — transactional emails
- Authorities — only when legally required
4. Retention
When you delete your account, data is kept in soft delete for 30 days, then permanently removed. Billing records are kept for 5 years for tax law.
5. Security
- AC database credentials encrypted with AES-256-GCM
- Passwords hashed with Argon2id
- All traffic over HTTPS TLS 1.2+
- Optional 2FA
6. Your Rights (GDPR / KVKK)
- Access: Export all data as JSON from the panel
- Erasure: Delete your account anytime
- Rectification: Update in account settings
- Objection: Contact support@tosun.site
7. Cookies
Only strictly necessary cookies (session, CSRF, language). No tracking or advertising cookies.
8. Contact
Questions: support@tosun.site