Last Updated: July 7, 2026
Welcome to Mexa ("Mexa," "we," "our," or "us"), operated by GD MOBIL VE YAZILIM TEKNOLOJILERI LIMITED SIRKETI.
We are committed to protecting your privacy and providing a secure and transparent experience when using the Mexa mobile application ("the App"). This Privacy Policy explains how we collect, use, process, store, and protect information when you use our AI-powered photo, video, face swap, and image generation features.
By using the App, you acknowledge the practices described in this Privacy Policy.
Depending on the features you use, we may process:
Photos and images you upload to the App
Facial images contained in uploaded photos
Camera and photo library permissions
In-app purchase and subscription-related information
User preferences and application settings
Information you voluntarily provide when contacting customer support
We only process information necessary to provide the requested App features and services.
When you use the App, certain technical information may be collected automatically, including:
Device model
Operating system and version
Application version
App usage and interaction statistics
Performance and diagnostic information
Crash reports and error logs
Technical identifiers necessary for application functionality, analytics, and security
This information is used to maintain, secure, troubleshoot, and improve the App.
We may use collected or processed information to:
Provide AI-powered photo, video, face swap, and image generation services
Process user-uploaded content and generate requested results
Process and manage in-app purchases and subscriptions
Improve App functionality, performance, and user experience
Diagnose and troubleshoot technical issues
Prevent misuse, fraud, and security incidents
Provide customer support
Communicate important service, policy, or application updates
Comply with applicable legal obligations
We do not use uploaded facial images for advertising profiling, facial recognition, identity verification, or user tracking.
Photos and images uploaded by users are processed only for the purpose of providing the feature requested by the user.
Uploaded photos may be temporarily transferred to and processed on secure servers when server-side AI processing is required.
Uploaded photos are not used to identify users, create biometric identity profiles, or track individuals.
Photos and images temporarily stored for AI processing are automatically and permanently deleted within 1 hour of upload or processing completion, unless a longer retention period is required by law or explicitly requested by the user for a specific feature.
We do not sell user-uploaded photos or facial images.
Certain AI-powered features of Mexa require users to upload photographs that may contain human faces. These photographs may contain facial data.
The following principles apply to our processing of face data:
The facial image contained in a user-uploaded photograph may be temporarily processed.
Face data is processed solely to provide the AI image, video, or face-related generation feature specifically requested by the user.
We do not perform facial recognition for identity verification or identification purposes.
We do not identify individuals based on their facial features.
We do not create biometric profiles or biometric identifiers.
We do not use face data to track users or individuals.
We do not use face data for advertising or marketing profiling.
We do not sell face data.
We do not share face data with third parties for advertising, marketing, tracking, or independent commercial purposes.
Face data is processed through secure systems and servers where server-side AI processing is required.
Face data is retained only for the time necessary to complete the requested processing.
All temporarily stored face data is permanently deleted within 1 hour of upload or processing completion.
Face data is used exclusively to generate personalized AI-powered content requested by the user.
We implement technical and organizational safeguards designed to protect uploaded images and facial data against unauthorized access, disclosure, alteration, or misuse.
We use reasonable technical and organizational security measures designed to protect information processed through the App.
These measures may include:
Encryption of data in transit
Secure server infrastructure
Access controls and authentication mechanisms
Restricted access to production systems
Technical monitoring and security controls
Regular security and system assessments
However, no electronic transmission or storage method can be guaranteed to be completely secure.
The App may use third-party service providers to support certain functions, including:
Payment and subscription processing
Analytics
Crash reporting and diagnostics
Cloud infrastructure and storage
AI processing infrastructure
Third-party service providers may process limited technical or transactional information where necessary to provide their services.
These service providers operate according to their own privacy policies and applicable data protection obligations.
We do not authorize third-party service providers to use user-uploaded facial images for advertising, marketing, user tracking, or independent facial recognition purposes.
In-app purchases and subscriptions may be processed by the applicable application marketplace or payment platform.
We do not directly collect or store full credit card or payment card information.
Payment providers and application marketplaces may process transaction information according to their own privacy policies and terms.
We retain personal information only for as long as reasonably necessary to:
Provide our services
Maintain App functionality
Fulfill the purposes described in this Privacy Policy
Resolve disputes
Enforce our agreements
Comply with legal obligations
User-uploaded photos and face data temporarily processed for AI generation are permanently deleted within 1 hour of upload or processing completion.
Technical, analytics, transaction, or legal records may be retained for longer periods where reasonably necessary or legally required.
Depending on your country or region, you may have the right to:
Request access to your personal data
Request correction of inaccurate personal data
Request deletion of your personal data
Request information about how your data is processed
Object to or restrict certain processing activities
Withdraw consent where processing is based on consent
Request data portability where applicable
Opt out of eligible marketing communications
To exercise your privacy rights, please contact us at:
gdmobiledesk@gmail.com
We may need to verify your request before processing certain privacy-related requests.
Mexa is not intended for children under the age of 13.
We do not knowingly collect personal information from children under 13.
If we become aware that personal information has been collected from a child under 13 without appropriate authorization, we will take reasonable steps to delete the information.
Parents or legal guardians who believe that a child has provided personal information through the App may contact us at gdmobiledesk@gmail.com.
California residents may have additional privacy rights under applicable California privacy laws, including the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA").
Subject to applicable legal requirements, California residents may have the right to:
Know what categories of personal information are collected
Request access to personal information
Request deletion of personal information
Request correction of inaccurate personal information
Know whether personal information is sold or shared
Opt out of certain sales or sharing of personal information
Exercise privacy rights without unlawful discrimination
We do not sell user-uploaded photos or face data.
Privacy requests may be submitted to gdmobiledesk@gmail.com.
Mexa may use service providers and technical infrastructure located in different countries.
As a result, information may be processed in countries other than the country in which the user resides.
Where required by applicable law, we take reasonable measures designed to ensure appropriate safeguards are used for international data transfers.
The Mexa mobile application does not directly use traditional web browser cookies.
However, our websites, analytics providers, attribution providers, or other third-party services may use cookies, device identifiers, SDK technologies, or similar technologies in accordance with their own privacy policies and applicable laws.
Where applicable under data protection laws, we process information based on one or more of the following legal grounds:
User consent
Performance of a contract or provision of requested services
Compliance with legal obligations
Legitimate business interests, including maintaining, securing, and improving the App
Where processing is based on consent, users may have the right to withdraw their consent at any time, subject to applicable law.
We are committed to responsible data protection practices, including:
Transparency regarding our data processing practices
Limiting data processing to necessary purposes
Implementing appropriate security measures
Responding to privacy and data protection requests
Reviewing our privacy and security practices
Cooperating with applicable regulatory authorities where legally required
By using Mexa and voluntarily submitting content for processing, you acknowledge the data processing practices described in this Privacy Policy.
Where required by applicable law, we will request specific consent before processing certain categories of information.
We may update this Privacy Policy from time to time to reflect changes to the App, our services, legal requirements, or data processing practices.
When this Privacy Policy is updated, we will revise the "Last Updated" date at the top of this page.
Material changes may also be communicated through the App or other appropriate methods where required by applicable law.
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Company: GD MOBIL VE YAZILIM TEKNOLOJILERI LIMITED SIRKETI
Email: gdmobiledesk@gmail.com
Postal Address:
Telsizler Mahallesi, Özdeniz Sokak No: 12/A
Kağıthane, İstanbul
Türkiye
For privacy inquiries, data deletion requests, or concerns regarding personal data or face data processing, please contact:
GD MOBIL VE YAZILIM TEKNOLOJILERI LIMITED SIRKETI
Email: gdmobiledesk@gmail.com
Address:
Telsizler Mahallesi, Özdeniz Sokak No: 12/A
Kağıthane, İstanbul
Türkiye