Terms & Privacy


S.P.A.C. ENG. ELECTRONIC INFORMATION. INS. INTERNAL AND FOREIGN TRADE. A.S. (hereinafter referred to as the Company.) This “Disclosure Text Pursuant to the Law on Privacy & Security Policy and Protection of Personal Data” on the website of [www.spac.com.tr] (hereinafter referred to as the Company Website) as Data Controller In order to protect your fundamental rights and freedoms in line with its obligation, it has been prepared in order to bring to the attention of our valued visitors, with which legal reasons and methods we collect your personal data, how we process your data, and how we ensure your data security.

Law No.6698 on Protection of Personal Data (LPPD) entered into force after being published in the Official Gazette numbered 29677 on 07.04.2016. LPPD aims to protect the fundamental rights and freedoms of natural persons whose personal data are processed, including the confidentiality of private life, which are also protected by the Constitution, and to determine the obligations of natural and legal persons who process personal data as data controllers.

The Company reserves the right to update and make changes in the Disclosure Text Pursuant to this Privacy & Security Policy and the Law on Protection of Personal Data in line with the provisions of the LPPD and applicable legislation.


According to LPPD, personal data refers to all kinds of information regarding an identified or identifiable natural person. This information is information such as the name, surname, date of birth, gender, identity number, e-mail address, residence / delivery address, telephone number of a certain person, and is defined as personal data in our legal regulations because they can identify the person.


Processing of personal data, obtaining personal data by fully or partially automated means, saving, storing, preserving, changing, rearranging, disclosure, transfer, taking over, making available, classifying or preventing their use. expresses.

Your personal data by the Company, limited to the purposes specified in the Disclosure Text in accordance with this Privacy & Security Policy and Personal Data Protection Law, and the Law on the Regulation of Electronic Commerce No.6698, the Law on the Protection of Personal Data No.6698, the Law on the Protection of the Consumer and the Regulation on Distance Contracts Due to our legal obligation arising from the relevant legislation, it is processed by us for the period specified in the laws.

Our Main Purposes of Processing Personal Data;

  • Planning or executing visitor satisfaction activities,
  • Planning or execution of organization, event processes and activities,
  • Planning or execution of the sales processes of products or services,
  • Follow-up of customer demands or complaints,
  • Follow-up of contract processes or legal requests,
  • Planning and execution of the necessary operational activities and ensuring the safety of the Company’s activities in order to ensure that the Company’s activities are carried out in accordance with the Company’s procedures or relevant legislation,
  • Ensuring that personal data are accurate and up to date,
  • Giving information to the authorized institutions based on the legislation,


When the company website is accessed, the “Register for our E-Newsletter” will appear on the home page. and “Join the Mail Group” located at the bottom right of the website. It is accepted that you give your express consent to the processing of your phone number and also your e-mail address (personal data) if you, our valued visitors or members, fill in your mobile phone number or e-mail address with your free will to call me in order to communicate with us and share it with us. . The processed personal data are processed for the purposes of communicating with you, informing you about advertisements and campaigns, in accordance with the law and relevant legislation and for a period of time that will be in connection with the specified purposes.

In case of filling out the membership information on the company website via the online system and marking the “I Have Read, I Accept,” box “Disclosure Text According to the Membership Agreement, Privacy & Security Policy and the Law on Protection of Personal Data” in the relevant section and the membership process is completed after this process. The personal data of the relevant member related to the establishment and execution of the distance sales contract, consumer contract and other related contracts are processed, recorded, stored and stored by the Company.


The company complies with the following basic principles and complies when processing personal data.
  • Compliance with the law and honesty rules,
  • Being accurate and up-to-date when necessary,
  • Processing for specific, explicit and legitimate purposes,
  • Being connected, limited and measured for its purpose,
  • Keeping it for the time required for its purpose.


The company will establish the necessary systems and control mechanisms for the deletion, destruction or anonymization of the personal data it obtains, prevent unlawful processing of the data, prevent unlawful access to data, ensure the preservation of data and take all technical and administrative measures in this direction, within its own structure and agrees, declares and undertakes that in case the data is processed by another real person or legal person, it will carry out and have the necessary inspections and will take all technical and administrative measures.

The Company informs the concerned person and the Personal Data Protection Board in case the processed personal data is illegally seized by others, and if the processed personal data is obtained by others illegally, the Company shall inform the relevant person in writing or to the registered e-mail address and Personal Data as soon as possible. It will report the data to the Protection Board.


• DOMESTIC DATA TRANSFER The company can only transfer the personal data to the third real or legal persons in the country with the express consent of the relevant person. The transfer of the personal data of the relevant person to the third real or legal person without his express consent is available in the following situations and can be transferred to authorized persons in accordance with the law and in connection with the purpose.
  • It is clearly stipulated in the laws,
  • It is mandatory for the protection of the life or physical integrity of the person who is unable to disclose his consent due to the actual impossibility or whose consent is not legally valid,
  • It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract,
  • It is mandatory for the data controller to fulfill his legal obligation,
  • It is made public by the person concerned,
  • Data processing is mandatory for the establishment, use or protection of a right,
  • Provided that it does not harm the fundamental rights and freedoms of the relevant person, it is necessary to process data for the legitimate interests of the data controller,
• DATA TRANSFER ABROAD The company can only transfer the personal data it obtains to third real or legal persons abroad with the express consent of the relevant person. In the foreign country where the personal data will be transferred with the domestic transfer conditions stated above in order to transfer personal data abroad;
  • Having adequate protection,
  • In the absence of adequate protection of an adequate protection of responsible data in Turkey and in the relevant foreign country, subject to the and the Board’s permission to commit in writing to the Company, personal data can be transferred abroad in searching for the person concerned ‘consent.
Countries with adequate protection explained above will be determined and announced by the Personal Data Protection Board. In the event that safe countries are announced by the Board, personal data may be transferred abroad without the need for permission from the Personal Data Protection Board and without the need for data controllers in the foreign country to commit to protection in writing.


Real persons whose personal data are processed have the right to apply to the Company as a data controller in order to implement the provisions of the LPPD and other relevant legal legislation, and the rights you have as a relevant person in accordance with Article 11 of the LPPD are presented for your information below;
  • Learning whether personal data is processed,
  • If personal data has been processed, to request information regarding this,
  • Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
  • To know the third parties to whom personal data are transferred domestically or abroad,
  • To request correction of personal data in case of incomplete or incorrect processing,
  • To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7 of the LPPD,
  • Request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data have been transferred,
  • Object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems,
  • In case of damage due to unlawful processing of personal data, to demand the compensation of the damage,


The burden of applying to the Company as a data controller within the most appropriate timeframe associated with the use of the right, if the person whose personal data is processed requests the exercise of his / her personal data processed or processed by the Company.

The Related Person accepts that he is under the obligation to submit his applications to the Company with a “Request for Information on the Law on Protection of Personal Data” in written form via registered letter / notary or e-mail.

In order to use the rights specified in Article 6 titled rights of the person concerned above, in order to be able to respond to the applications made to the Company in accordance with the law and legislation in accordance with Article 5/2 of the Communiqué on the Procedures and Principles of Application to the Data Controller, which entered into force after being published in the Official Gazette numbered 30356 on 10.03.2018. The mandatory issues that should be included in the application are presented below for your information;

  • Name, surname and signature if application is in writing,
  • For citizens of the Republic of Turkey T. C. identification number, nationality for foreigners, passport number or identification number, if any,
  • Place of residence or workplace address for notification,
  • E-mail address, telephone and fax number for notification, if any,
  • Demand.

Request petition containing the above-mentioned information and documents and explanations for the requested right “Hacettepe Teknopark Üniversiteler Mah. 1596. Cad. 6. AR-GE E Blok Bina No: 6E Kat No: 1 Office No: 7 Beytepe, 06800, Çankaya, Ankara “or via a notary public or to info@spac.com.tr.

The company accepts and undertakes that it will finalize the requests in the application as soon as possible and within thirty days at the latest, depending on the nature of the request. If the application is answered in writing, the relevant person will not be charged up to 10 (ten) pages in accordance with Article 8 of the relevant Communiqué, and a transaction fee of 1 Turkish Lira will be charged for each page above 10 (ten) pages.

If the answer to the application is given in a recording medium such as CD or flash memory, the fee that may be requested by the data controller will be in proportion to the cost of the recording medium.

The company accepts the request for the use of the right directed to it by the person concerned as a data controller or has the right to reject it by explaining the reason. In this case, the data controller accepts that he is under the obligation to inform the person in writing or electronically the response to the request. If the request in the application is accepted, the data controller accepts and undertakes that he is under the obligation to fulfill the request.

In case the application is rejected, the response is insufficient or the application is not responded in time (30 days); The person concerned has the right to file a complaint with the Personal Data Protection Board within thirty (30) days from the date of learning the response of the data controller, and in any case within sixty (60) days from the date of application.

In case the application is caused by the fault of the Company, the fee collected will be refunded to the person concerned.


Cookies are small text files stored by websites you visit on your device or network server via browsers..

The use of cookies is available on the company website, and the purpose of use of cookies is to improve the user experience of our visitors and our members who are members of our website, to improve and optimize the site, to offer more appropriate, interest-based advertising, to be interesting for visitors and To provide a personalized website and advertising portfolio, to ensure the legal and commercial security of our visitors, our members and our company, and thus to make the most of the site.

The company website works with third party reliable, well-known advertising providers, and cookies placed by the third party collect the browsing information of our visitors and direct you using your information in line with your interests.

Regarding the use of cookies on the Company website, if our visitors access the website, “We use cookies to improve your shopping experience and our website” at the bottom of the site. There is a small box with the text written and thus we inform our visitors about the use of cookies. If you close this text box with your free will, we assume that you are informed about the use of cookies and that you accept the use of cookies. Although you have accepted the use of cookies with your free will, you always have the right to opt out of the use of cookies through your internet provider. However, we would like to point out that if the use of cookies is removed, you will not be able to view our website properly.


In accordance with the economic and commercial decision of the Company or the principle decisions of the Personal Data Protection Board, this Privacy & Security Policy and Personal Data Protection Law will be published by making changes in the Clarification Text at all times.


In accordance with this Privacy & Security Policy and Law on Protection of Personal Data, the Clarification Text enters into force by the relevant person by ticking the “I Have Read, I Accept” box.

Last Update: 25.12.2019