Turnix.io Privacy Policy

1. Who We Are

Turnix.io ("Turnix", "we", "us", or "our") provides TURN (Traversal Using Relays around NAT) and related real-time communications infrastructure services. Our legal entity is [Legal Entity Name, e.g. Turnix GmbH], registered at [Full Registered Address]. For the purposes of the EU General Data Protection Regulation ("GDPR"), we are the data controller of personal data collected as described in this Policy.

If you have questions about this Policy, please contact our Data Protection Officer ("DPO") at [privacy@turnix.io] or via post at the address above.

2. Scope of This Policy

This Privacy Policy explains how we collect, use, disclose and safeguard personal data when you:

  • visit or interact with our website at turnix.io (the "Site");
  • create an account, purchase a subscription or otherwise use our TURN, STUN, or related network services (collectively, the "Services");
  • communicate with us via email, support tickets or social media; or
  • are otherwise referenced by this Policy.

3. What Data We Collect

Category Examples Purpose
Account Information Name, username, email address, company name, billing address, VAT/Tax ID, payment method tokens To create and manage your account, process payments and provide invoices
Service Usage & Connection Logs Session start/stop timestamps, client & peer IP addresses and ports, protocol type, amount of data relayed, authentication events To deliver the TURN service, maintain security, detect abuse, generate usage reports and billing metrics
Website & Device Data Browser type, operating system, referrer URL, pages viewed, cookies, approximate geolocation (city/region based on IP) To operate the Site, analyse traffic and improve user experience
Support & Communication Records Emails, support tickets, chat transcripts, feedback To respond to inquiries, diagnose issues and improve our Services

We do not collect or inspect the content of your media streams or application data relayed through our TURN servers.

Cookies & Similar Technologies

We use strictly-necessary cookies for authentication and session security. We use [list analytics provider, e.g. Plausible Analytics] for privacy-friendly traffic analytics. You can manage cookie preferences via your browser settings.

4. How We Use Personal Data

We process personal data to:

  1. Provide and maintain the Services (Art. 6 (1)(b) GDPR – performance of a contract);
  2. Monitor, secure and optimise our network (Art. 6 (1)(f) – legitimate interests);
  3. Bill and collect fees, prevent fraud, and enforce our Terms of Service (Art. 6 (1)(b) & (f));
  4. Respond to inquiries and provide customer support (Art. 6 (1)(b));
  5. Comply with legal obligations, such as accounting and tax rules, or lawful requests from authorities (Art. 6 (1)(c));
  6. Improve the Site and Services, including developing new features (Art. 6 (1)(f)).

5. Data Sharing & Disclosure

We only share personal data when necessary:

  • Service providers & subprocessors – e.g. cloud hosting, payment processors ([e.g. Stripe]), customer-support platforms. We contractually require them to process data only on our behalf.
  • Affiliates & corporate transactions – in the event of a merger, acquisition or asset sale.
  • Legal compliance – when required to comply with a legal obligation or to protect rights, property or safety of Turnix or others.

A current list of subprocessors with their locations is available at [link].

6. International Data Transfers

We operate servers in [list regions, e.g. Germany (primary), United States (redundant)]. Where we transfer personal data outside the European Economic Area, we rely on approved safeguards such as Standard Contractual Clauses (EU Commission Implementing Decision (EU) 2021/914) or an adequacy decision.

7. Data Retention

Data Category Retention Period
Connection logs [e.g. 30 days] (unless required longer for security or legal reasons)
Account & billing records Up to [10 years] to comply with tax & accounting laws
Support communications [2 years] after ticket closure

Data may be retained longer if required to establish, exercise or defend legal claims.

8. Security Measures

We implement appropriate technical and organisational measures to protect personal data, including:

  • Encryption in transit (TLS) and at rest;
  • Network segmentation and access controls;
  • Multi-factor authentication for administrative accounts;
  • Regular security audits and monitoring.

9. Your Rights (EU/EEA Users)

Subject to conditions set out in the GDPR, you have the right to:

  • Access your personal data;
  • Rectify inaccurate data;
  • Erase data ("right to be forgotten");
  • Restrict or object to processing;
  • Data portability;
  • Lodge a complaint with a supervisory authority;
  • Withdraw consent at any time where processing is based on consent.

To exercise your rights, contact us at [privacy@turnix.io].

10. Children

Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Policy from time to time. We will post the revised version on this page and, if the changes are material, provide notice via email or the Site. The date of the latest revision will appear at the top of the Policy.

12. Contact Us

If you have questions, concerns or requests regarding this Privacy Policy, please email [info@turnix.io]

Need more help? Reach out and we'll be happy to clarify any part of this Policy.