YULA Lab
YULA Lab
Explore Projects
Privacy
Braavolabs

Braavolabs privacy policy

Last updated: 2026-05-12

Summary

Braavolabs (com.braavolabs.mobile) is a mobile app that helps you monitor your autonomous AI workflows with a human-in-the-loop. We collect only the minimum data needed for the app to function; we never use your data for advertising or model training.

Data we collect

  • Account information: Email, name, hashed password (Argon2id). If you sign in via a third-party SSO provider, we receive that provider's identity token.
  • Application usage data: Workflows you create, run results, approval decisions, integration configurations. These belong to your workspace and are visible only to you.
  • Device identifiers: Expo Push token for sending notifications. We do not collect advertising IDs.
  • Crash reports: Anonymous crash stack traces via Sentry. No personally identifying information is attached.
  • Purchase information: Apple App Store and Google Play receive your payment; we only see the subscription status (active/inactive/tier) and the receipt verification data.

Third parties

  • Apple App Store / Google Play: Processes subscription payments. We use Apple's App Store Server API and Google Play Developer API to validate receipts.
  • Sentry: Crash reporting (anonymous). Only application-generated error data is sent via the DSN.
  • Expo / EAS Push: Stores push tokens for notification delivery.
  • Integrations you configure: Slack, GitHub, etc. — their privacy policies are independent. Your tokens are stored encrypted in your account.

Data retention

Your data is retained while your account is active. If you delete your account, all personal data is removed within 30 days (after backup rotation). Billing records are kept for legal retention periods (10 years under Turkish KVKK).

Children

Braavolabs is not designed for children under 13. If we discover that we have collected data from a user below this age, we delete the account and clear the records immediately.

Your rights

Under KVKK Article 11 and GDPR Articles 15-22, you have the right to access, correct, delete, port, and object to processing of your data. Send requests to merhaba@yulalab.com; we respond within 30 days.

Data security

Communication is encrypted with TLS 1.2+. Passwords are hashed with Argon2id. Database backups are encrypted with AES-256-CBC. Third-party integration tokens are encrypted per-user.

Changes

We may update this policy from time to time. Significant changes will be announced via in-app notice and reflected in the 'Last updated' date on this page.

Contact

Data Controller: YULA Lab — Mustafa Kaan Koçak
Email: merhaba@yulalab.com
Location: Istanbul, Turkey