AutoWarehouse
Request Demo
Legal

Privacy Policy

Last updated · July 2026

AutoWarehouse is a product of Intellica (a PiA Group company). We are committed to protecting your privacy and being transparent about how we collect and use data.

Data Controller

The controller responsible for personal data processed through this website is Intellica, a PiA Group company, registered at Atatürk Mah. Turgut Özal Blv. Gardenya 1 Plaza, Floor 1, Ataşehir, Istanbul, Türkiye. For any data-protection matter you can reach us at [email protected].

What We Collect

This policy covers the AutoWarehouse marketing website (autowarehouse.ai). On the website we collect only:

  • Contact / demo-request form submissions — the name, email, company, and use-case (message) details you enter. These are handled by Web3Forms, which emails them to Intellica.
  • Usage analytics — consent-gated Google Analytics 4 signals about how the site is used (see Cookies & Analytics below).
  • Server and CDN logs — standard technical records such as IP address and user agent, generated by our GitHub Pages hosting and Cloudflare DNS/CDN.

The AutoWarehouse product is self-hosted: the application, AI/agent engine, LLM runtime, and database all run on the customer’s own infrastructure. Your source data, the data warehouse, agent state, and query results stay within your perimeter and are not transmitted to, received by, or processed by Intellica. Air-gapped deployment with no internet access is supported.

How & Why We Use It

We use website data only for the purposes below, each on a specific lawful basis under the GDPR and KVKK:

  • Responding to demo requests and enquiries — to contact you and prepare a possible engagement. Lawful basis: steps taken at your request prior to entering into a contract.
  • Website usage analytics — to understand and improve how the site performs. Lawful basis: your consent, which you may withdraw at any time.
  • Security, integrity, and abuse prevention — operating server/CDN logs to keep the site available and secure. Lawful basis: our legitimate interest in protecting the service.

Cookies & Analytics

We use Google Analytics 4 with Consent Mode v2. Your consent choice determines exactly what is collected at every stage:

Third-Party Processors

We rely on a small set of service providers to run the website. Each processes data only on our instructions:

  • Web3Forms — receives contact-form submissions and delivers them to us by email.
  • Google Analytics 4 — consent-gated website usage analytics.
  • Cloudflare — DNS and content-delivery network (CDN).
  • GitHub Pages — static hosting for the website.

Data Retention

We keep personal data only as long as needed for the purpose it was collected for:

  • Demo-request enquiries — retained for the duration of our correspondence and any resulting business relationship, then deleted or archived per our records policy.
  • Analytics — retained according to the Google Analytics 4 retention window configured for the property; only aggregated, non-identifying reporting is kept longer.
  • Server / CDN logs — retained for a short period for security and diagnostics.

International Transfers

Some of our processors (for example, US-based analytics and form-handling providers) may process data outside Türkiye and the EEA. Where that happens, transfers are made under appropriate safeguards — such as Standard Contractual Clauses and the applicable provider data-processing terms — to give your data an equivalent level of protection.

Data Security

Website traffic is served over encrypted connections (TLS/HTTPS). We limit data collection to what is necessary and keep it with reputable processors.

The self-hosted AutoWarehouse product is engineered with defence-in-depth security controls that run entirely within the customer’s environment: source-connection credentials are encrypted at rest with AES-256-GCM; PostgreSQL Row-Level Security enforces per-tenant isolation with server-side tenant verification; role-based access control (RBAC) guards every action; and authentication is OIDC-first single sign-on (NextAuth v5) with bcrypt-hashed password fallback.

Your Rights

Subject to applicable law, you have the right to access, rectify, erase, or restrict the processing of your personal data, to data portability, to object to processing, and to withdraw any consent you have given (for analytics, this also works by clearing your browser local storage, which resets your consent choice). To exercise any of these rights, email us at [email protected]. You also have the right to lodge a complaint with a supervisory authority — the Personal Data Protection Board (KVKK Kurulu) in Türkiye, or your local data protection authority in the EU/EEA.

KVKK Aydınlatma Notice

For visitors in Türkiye, personal data is processed by Intellica as data controller under Law No. 6698 on the Protection of Personal Data (KVKK). We process it for the purposes and on the legal grounds set out above, and you hold the data-subject rights granted by Article 11 of the KVKK, including the right to learn whether your data is processed, request information and correction, and request erasure. Requests can be sent to [email protected].

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal requirements. When we do, we revise the “Last updated” date at the top of this page; material changes will be highlighted here. Please review it periodically.

Contact

For any privacy question or to exercise your rights, reach us at [email protected].