Pars Player LogoPars Player

Privacy Policy

Last updated: March 17, 2026

Pars IPTV Player ("we", "our", or "us") operates the Pars IPTV Player mobile application (the "App"). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our App. By using the App, you acknowledge that you have read and understood this Privacy Policy.

1. Contact Information

For KVKK (Turkish Personal Data Protection Law) purposes, Pars IPTV Player is the data controller (veri sorumlusu) responsible for your personal data.

[email protected]

2. Information We Collect and Legal Basis

We process your personal data based on specific legal grounds as required by GDPR Article 6 and KVKK Article 5.

2.1 Account & Authentication Data

Source: Google Sign-In (Android) or Apple Sign-In (iOS). We only receive the data listed below from these services.

  • Email address — for account management and communication (Contract performance, Art. 6(1)(b))
  • Display name — for account identification (Contract performance)
  • Profile photo — for account personalization (Contract performance)
  • Authentication tokens — for secure session management (Contract performance)

2.2 Cloud Sync Data

Storage: Encrypted database on servers in Germany (EU). All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Legal Basis: Contract performance (Art. 6(1)(b)).

  • IPTV playlists (names, credentials) — for cross-device synchronization
  • Favorites — for personalization and sync
  • Watch history — for continue watching feature
  • Watch progress — for resume playback
  • App settings & preferences — for cross-device consistency

2.3 Device Registration Data

Device registration occurs automatically on first launch and does not require an account. Legal Basis: Legitimate interest — security (Art. 6(1)(f)).

  • Device identifier (PARS-XXXXXXXX) — for service delivery and session management
  • Device fingerprint (hashed, non-reversible) — for fraud prevention and device verification
  • Platform type (Android, iOS, Android TV) — for platform-specific features

2.4 Analytics Data (Consent-Based)

When you grant analytics consent, we collect the following through Google Firebase Analytics. Legal Basis: Your explicit consent (Art. 6(1)(a)). Analytics is disabled by default (opt-in). You can enable or disable analytics at any time: Settings > General > Privacy & Data > Analytics. Retention: 14 months (Firebase default), then automatically deleted. Processor: Google LLC, under the EU-US Data Privacy Framework.

  • Device information (model, OS version, screen size, language) — to understand device compatibility
  • App usage data (screens viewed, features used, session duration) — to improve app experience
  • Advertising identifiers (Android Advertising ID or SSAID; iOS IDFV) — for anonymized user counting
  • Approximate location (country/region derived from IP address) — for regional usage patterns
  • App performance data (version, updates) — to monitor update adoption

2.5 Crash Reporting Data (Consent-Based)

When you grant crash reporting consent, we collect the following through Google Firebase Crashlytics. Legal Basis: Your explicit consent (Art. 6(1)(a)). Crash reporting is disabled by default (opt-in). You can enable or disable crash reporting at any time: Settings > General > Privacy & Data > Crash Reports. Retention: Crash data — 90 days; Installation UUID — 60 days. Processor: Google LLC, under the EU-US Data Privacy Framework.

  • Crash stack traces and error logs — to diagnose and fix app crashes
  • Device information (model, OS version, available memory/storage) — to identify device-specific issues
  • Crashlytics Installation UUID (anonymous identifier) — to group crash reports per device
  • App version and build information — to track crash rates per version

2.6 Security Data

We use freeRASP to protect the App and your data from tampering, reverse engineering, and unauthorized access. Legal Basis: Legitimate interest — maintaining the security and integrity of the App and user data (Art. 6(1)(f)). Security monitoring cannot be disabled as it is essential for protecting the service. Processor: Located within the EU. No international transfer required.

  • Device integrity status (root/jailbreak detection) — to prevent unauthorized access
  • App integrity verification (signature check) — to detect tampering
  • Basic device information (model, OS version) — for security threat identification

2.7 Subscription Data

Payment card details and financial information are processed exclusively by Google Play or Apple App Store. We do not receive or store any payment card information.

  • Subscription status (active, expired, trial) — for service delivery (Contract performance, Art. 6(1)(b))
  • Purchase tokens (verification only) — to validate entitlement (Contract performance)
  • Transaction records — for tax and legal compliance (Legal obligation, Art. 6(1)(c))

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Account Management — Create and maintain your account, authenticate sessions
  • Cloud Synchronization — Sync your data across devices
  • Service Delivery — Provide app features, manage subscriptions
  • Service Improvement — Analyze anonymized usage patterns (with consent)
  • Error Resolution — Identify and fix crashes (with consent)
  • Security — Detect and prevent fraud, unauthorized access, and tampering
  • Legal Compliance — Fulfill tax, accounting, and regulatory obligations

4. Data Sharing

We do NOT sell, trade, rent, or otherwise transfer your personal information to third parties for their marketing purposes. We share data only with the following categories of recipients, solely for the purposes described:

  • Google LLC (Firebase Analytics) — Analytics data (with consent) — for app improvement (USA, EU-US DPF)
  • Google LLC (Firebase Crashlytics) — Crash data (with consent) — for error resolution (USA, EU-US DPF)
  • Google LLC (Google Sign-In) — Authentication tokens — for account verification (USA, EU-US DPF)
  • Apple Inc. (Apple Sign-In) — Authentication tokens — for account verification (USA, EU-US DPF)
  • Google Play / Apple App Store — Purchase tokens — for subscription verification (USA, EU-US DPF)
  • freeRASP (security SDK) — Device integrity data — for security monitoring (EU)
  • Cloud hosting provider — All cloud sync data — for data hosting (Germany, EU)

5. International Data Transfers

Your primary data is stored on servers in Germany (EU) and is subject to EU data protection standards. For authentication and analytics services, data may be transferred to the United States. These transfers are protected by:

  • EU-US Data Privacy Framework (DPF): Google LLC and Apple Inc. are certified participants under the EU-US Data Privacy Framework adequacy decision adopted by the European Commission on July 10, 2023.
  • Standard Contractual Clauses (SCCs): Where the DPF does not apply, we rely on European Commission-approved Standard Contractual Clauses.

6. Data Retention

When you delete your account, all associated personal data is immediately and permanently removed from our servers. This action cannot be undone. Exceptions: We may retain certain data (e.g., transaction records) beyond account deletion if required by law (tax, accounting) or to resolve disputes, enforce agreements, or protect legal rights.

  • Account data (email, name, photo) — Until account deletion (immediately deleted)
  • Cloud sync data (playlists, favorites, history) — Until account deletion (immediately deleted)
  • Analytics data — 14 months (Firebase default)
  • Crash reports — 90 days
  • Crashlytics Installation UUID — 60 days
  • Device registration data — Until factory reset or manual request
  • Subscription/transaction records — 10 years (legal/tax obligation)
  • Security event logs — 90 days

7. Your Rights

Under GDPR (Articles 15-22) and KVKK (Article 11), you have the following rights:

  • Access (Art. 15) — Request a copy of your personal data
  • Rectification (Art. 16) — Request correction of inaccurate data
  • Erasure (Art. 17) — Request deletion of your data ("right to be forgotten"). In-app: My Account > Delete Account, or email us
  • Restriction (Art. 18) — Request restriction of processing
  • Portability (Art. 20) — Request your data in a machine-readable format
  • Objection (Art. 21) — Object to processing based on legitimate interest
  • Withdraw Consent (Art. 7(3)) — Withdraw analytics/crash reporting consent at any time. In-app: Settings > General > Privacy & Data
  • Complaint (Art. 77) — Lodge a complaint with a supervisory authority

8. Data Security

We implement industry-standard security measures to protect your personal data:

  • Encryption at rest: AES-256 for all stored data
  • Encryption in transit: TLS 1.3 for all network communications
  • Secure storage: Sensitive credentials stored in platform-native secure storage (Android Keystore / iOS Keychain)
  • Certificate pinning: Prevents man-in-the-middle attacks (enabled in production builds)
  • Request signing: HMAC-SHA256 authenticated API requests
  • Runtime protection: freeRASP monitoring for rooting, jailbreaking, hooking, and tampering
  • Hive encryption: Sensitive local databases encrypted with device-specific keys

9. Children's Privacy

Our App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected]. We will promptly delete such data. Users between 13 and 18 years of age may use the App only with parental or guardian consent.

10. Automated Decision-Making

We do not use automated decision-making or profiling as defined in GDPR Article 22.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new "Last updated" date and displaying an in-app notification for significant changes. Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

[email protected]