Privacy Policy — Destek Chat

Last updated: 30.06.2026

This Privacy Policy is drafted specifically for the Destek Chat application published on the Bitrix24 Marketplace, and for the Destek Chat platform (https://destek.chat) that the application connects to. Destek Chat ("Destek Chat", "we", "us") provides an AI-powered customer-service chat product.

Protecting the privacy and security of the personal data we process is one of our highest priorities. This policy explains what data the application collects, the purposes for which we process it, what it reads from and writes to your Bitrix24 portal, with whom it is shared, and the rights you have. It is prepared in line with the Turkish Personal Data Protection Law No. 6698 ("KVKK") and the EU General Data Protection Regulation ("GDPR").

Section 6 describes the Bitrix24 integration in detail.

1. Personal Data We Collect

We may collect the following categories of data when you use our website and services:

  • Identity data: first name, last name.
  • Contact data: email address, phone number, address.
  • Transaction security data: IP address, login/logout records, authentication credentials.
  • Usage and marketing data: purchase history, cookie records, campaign usage.
  • Support data: messages and requests you submit through our website or chat.

2. Purposes of Processing

We process your personal data for the following purposes:

  • Fulfilling obligations arising from applicable legislation (e.g. retention of log records).
  • Carrying out sales of products/services and performing billing.
  • Synchronizing conversation data with your Bitrix24 CRM at your instruction.
  • Conducting customer-satisfaction activities.
  • Tracking and resolving requests and complaints.
  • Sharing information with authorized public institutions when legally required.
  • Operating information-security processes.

3. Sharing of Personal Data

Your personal data may be shared with authorized public institutions (e.g. courts, regulators) to fulfil legal obligations, and with our business partners (e.g. payment-infrastructure and hosting providers) to operate our services, within the conditions set out in Articles 8 and 9 of the KVKK and the relevant provisions of the GDPR.

When you enable the Bitrix24 integration, data is transmitted to the Bitrix24 portal that you own and control. We do not sell your data and we do not share it with any other third party.

4. Your Rights (KVKK Article 11 / GDPR)

As a data subject, you have the right to:

  • Learn whether your personal data is being processed,
  • Request information if it has been processed,
  • Learn the purpose of processing and whether the data is used accordingly,
  • Know the third parties to whom data is transferred, domestically or abroad,
  • Request correction of incomplete or inaccurate data,
  • Request erasure or destruction of your data within the conditions of the law,
  • Object to decisions made solely by automated processing,
  • Claim compensation for damage caused by unlawful processing.

5. Data Security Measures

We take all necessary technical and administrative measures to keep your personal data secure. Our services are protected with SSL/TLS, and your data is encrypted against unauthorized access. OAuth access tokens for connected integrations are stored securely and are never written to logs in plaintext.

6. Bitrix24 Integration

When you connect your Bitrix24 portal to Destek Chat, the application accesses your Bitrix24 account through Bitrix24's official OAuth 2.0 flow with the crm scope. With this access, Destek Chat:

  • Reads existing CRM contacts (name, phone, email) in order to recognise returning visitors and avoid creating duplicate records, and reads open deals (title and stage) linked to a contact to give the assistant context.
  • Creates and updates CRM contacts from chat conversations (first name, last name, phone, email).
  • Creates leads in your CRM when a chat indicates sales or reservation intent, including the conversation summary.
  • Writes conversation transcripts to the CRM contact timeline so your team has the full context of each conversation.

Data read from your Bitrix24 portal for returning-visitor recall is used only during the conversation and is not stored by us. A phone number or email address belonging to a looked-up contact is never disclosed back into the chat.

We store the OAuth access and refresh tokens, their expiry, the granted scope, your portal domain, and your member ID solely to perform this synchronization, together with a reference to the Bitrix24 contact ID so that repeat syncs do not create duplicates. We do not sell this data or share it with third parties.

You can disconnect the integration at any time from the Destek Chat dashboard or by uninstalling the application from your Bitrix24 portal, after which we stop accessing your portal and delete the stored tokens.

7. Cookies

We use cookies to improve the user experience and analyze site traffic. You can block cookies at any time from your browser settings.

8. Contact

To exercise your rights or for any question about this policy, contact us:

  • Company: Destek Chat
  • Address: Beykoz, İstanbul, Türkiye
  • Phone: +90 539 299 5440
  • Email: info@destek.chat
  • Data controller representative: Enes Demirağ

This policy may be updated periodically. The last update date is shown at the top.