KVKK Aydınlatma Metni

PERSONAL DATA PROTECTION AND PROCESSING DISCLOSURE TEXT FOR WEBSITE USERS AND VISITORS

1. Purpose, Scope and Legal Basis

This Disclosure Text is prepared to inform relevant individuals regarding the processing of personal data within the scope of the website (satisofisi.com) and the services offered through this site. The Data Controller Company conducts its activities in compliance with the Personal Data Protection Law No. 6698 ("KVKK"), relevant secondary legislation, and decisions of the Personal Data Protection Board.

The Company processes personal data in accordance with the law and good faith, accurately and up-to-date, for specific, explicit, and legitimate purposes, in a manner that is relevant, limited, and proportionate to the purpose of processing, and for the duration stipulated in the legislation.

2. Data Controller

Data Controller: E-Veri Bilişim Turizm San. ve Tic. Ltd. Şti.
Address: Küçükbakkalköy Mah. Tandoğan Sok. No:7 Ataşehir / İstanbul
Email: [email protected]
MERSIS No: 0323 0489 8380 0019
Web: satisofisi.com

3. Legal Grounds for Processing Personal Data

Your personal data may be processed based on one or more of the following legal grounds within the scope of Article 5 of the KVKK:

  • Explicitly provided for by law
  • Directly related to the establishment or performance of a contract
  • Fulfillment of the Company's legal obligation
  • Being made public by the data subject
  • Necessary for the establishment, exercise, or protection of a right
  • The legitimate interest of the Company, provided it does not harm the fundamental rights and freedoms of the data subject
  • Explicit consent of the data subject, where necessary

Explicit consent is not, as a rule, substituted for another legal ground when such a ground exists.

4. Data Subject Groups

  • Website visitors
  • Members and users
  • Real persons providing listings/projects
  • Real estate consultants / sales office representatives
  • Property owners or their representatives
  • Potential buyers
  • Individuals using contact/request forms
  • Individuals submitting requests, suggestions, or complaints
  • Individuals applying for projects or services
  • Other real persons contacted through the site

5. Purposes of Processing Personal Data

  • Operating the site and technical infrastructure
  • Creating and managing user accounts
  • Executing membership and user transactions
  • Publishing, updating, and managing projects/listings
  • Facilitating communication between buyers and sales offices/companies (transmitting requests)
  • Receiving and concluding contact and application requests
  • Improving user experience and ensuring site security
  • Detecting and preventing fraud/abuse/security breaches
  • Evaluating requests, suggestions, questions, and complaints
  • Executing legal and commercial processes and obligations
  • Meeting requests from authorized institutions and organizations
  • Marketing/promotion/commercial communication, subject to obtaining explicit consent where necessary

6. Categories of Processed Personal Data

  • Identity: name, surname
  • Contact: phone, email
  • User/Membership: account, preference, and profile information
  • Transaction/Listing: request content, project-related information
  • Transaction Security: IP, log, session, device information
  • Usage: visited pages, viewed projects, browsing data
  • Cookie: technical data and preference records obtained through cookies and similar technologies
  • Communication Content: information submitted during forms/messages/requests

7. Sources of Obtaining Personal Data

Your data is primarily obtained directly from you when you visit the site, create a membership, submit a request/application, or use a contact form; and additionally through automatic means via cookies, logs, and similar technologies within the scope of the site's technical operation. Regarding cookies, your preferences and explicit consent are taken into account where necessary.

8. Transfer of Personal Data

Your data may be transferred to the following parties, provided that the transfer is necessary, based on a valid legal ground, and is relevant, limited, and proportionate to the purpose:

  • Relevant sales offices / construction companies to enable them to respond to your request
  • Hosting, server, and IT service providers
  • Email and technical infrastructure/software service providers (data processors)
  • Business partners, suppliers, and consultants
  • Authorized public institutions and organizations, and judicial/administrative authorities

Conditions set forth in Articles 8 and 9 of the KVKK are complied with during transfers. Data is not transferred abroad without the necessary legal conditions and safeguards being met.

9. Retention Period

Your data is retained for the duration required by the processing purpose, periods stipulated in the legislation, statute of limitations, and the period necessary for the resolution of legal disputes. Upon the expiry of the period or the cessation of the legal ground, data is deleted, destroyed, or anonymized.

10. Security of Personal Data

The Company takes technical and administrative measures (access control, audit logs, security precautions) proportionate to the nature of the data and the level of risk to prevent unlawful processing, access, transfer, loss, and unauthorized use of data, and observes reasonable security criteria in the selection and supervision of data processors.

11. Rights of the Data Subject (KVKK Art. 11)

  • To learn whether personal data is being processed
  • To request information if it has been processed
  • To learn the purpose of processing and whether it is used in accordance with its purpose
  • To know the third parties to whom it has been transferred domestically/abroad
  • To request rectification if it is incomplete/incorrectly processed
  • To request erasure/destruction if the relevant conditions are met
  • To request notification of rectification/erasure operations to third parties to whom the data has been transferred
  • To object to a result arising against the person solely through automated analysis
  • To claim compensation for damage caused by unlawful processing

12. Exercising Rights and Application Procedure

Data subjects may exercise their rights under Article 11 by applying to the Data Controller in accordance with Article 13 of the KVKK. Applications will be concluded within a maximum of 30 days. Applications can be made in writing to the address above, with a secure electronic/mobile signature, or via [email protected] using your email address registered in the system. Security measures may be applied to verify your identity.

13. Cookies and Similar Technologies

Cookies are used on the site for technical operation, security, user experience, and performance measurement. See the Cookie Policy for details. Your preferences and the requirement for explicit consent are taken into account where necessary.

14. Listings and User Content

If personal data belonging to third parties is shared in content uploaded by users, the person uploading the content is responsible for obtaining and sharing this data lawfully. The Company may take necessary actions regarding content reported or identified as unlawful.

15. Contact, Requests and Complaints

Questions/requests regarding the Disclosure Text and personal data practices can be submitted via [email protected]. The rights of data subjects to apply and complain to the competent supervisory authorities are reserved.

16. Effective Date and Updates

This Disclosure Text enters into force on the date of its publication and may be updated according to changes in legislation/practice. The updated text becomes valid from the date of its publication on the site.