VexfinVexfin
About UsPricingHow It WorksSupport
LEGAL

GDPR Compliance

Last Updated: February 2026

Our commitment to data protection regulations

LEGAL

GDPR Compliance

Last Updated: February 2026 Written in plain language

Our commitment to data protection regulations

ON THIS PAGE
RELATED
PrivacyTermsCookie Policy

Data Protection Commitment

Vexfin is committed to complying with the General Data Protection Regulation (GDPR) and the Turkish Personal Data Protection Law (KVKK - Kişisel Verilerin Korunması Kanunu). This page outlines how we fulfill our obligations under these regulations.

1. Data Controller

lonean.dev is the data controller responsible for your personal data. We determine the purposes and means of processing personal data in accordance with applicable laws.

2. Legal Basis for Processing

We process your personal data based on your consent when you create an account, the necessity to perform our contract with you (providing the Vexfin service), our legitimate interests (service improvement, security), and compliance with legal obligations.

3. Your Rights Under GDPR/KVKK

Under applicable data protection laws, you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can request correction of any inaccurate or incomplete personal data.

Right to Erasure

You can request the deletion of your personal data ('right to be forgotten').

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request your data in a structured, machine-readable format (CSV/PDF export).

Right to Object

You can object to the processing of your personal data for certain purposes.

4. Data Transfers

Your data may be processed in countries outside of Turkey and the EU/EEA. In such cases, we ensure appropriate safeguards are in place, including standard contractual clauses and adequacy decisions.

5. Data Protection Officer

For any data protection inquiries, you can contact our Data Protection Officer at dpo@lonean.dev. We will respond to your requests within the legally required timeframes (30 days under GDPR, 30 days under KVKK).

6. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In Turkey, this is the Personal Data Protection Authority (KVKK Kurumu). In the EU, you may contact the supervisory authority in your member state.

7. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay.

Questions about this document?
Email legal@lonean.dev — responses will be given within two business days.
RELATED
PrivacyTermsCookie Policy
Vexfin

Personal finance assistant, calmly. Built by people who used to lose their receipts.

FeaturesAI InsightsPricingEnterpriseBlogHelp CenterPrivacy PolicyTerms of UseCookie PolicyGDPR
© 2026 Vexfin. All rights reserved.v0.14.6
Vexfin

Personal finance assistant, calmly. Built by people who used to lose their receipts.

Product

  • Features
  • AI Insights
  • Pricing
  • Enterprise

Resources

  • Blog
  • Help Center

Legal

  • Privacy Policy
  • Terms of Use
  • Cookie Policy
  • GDPR

© 2026 Vexfin. All rights reserved.

Systems Operational