PRIVACY & PERSONAL DATA PROTECTION POLICY
1. Data Controller
This Privacy and Personal Data Protection Policy has been prepared in accordance with the Turkish Personal Data Protection Law No. 6698 (“KVKK”) and, where applicable, the European Union General Data Protection Regulation (GDPR).
Spark Makina Sanayi ve Ticaret Ltd. Şti., located at
Akşemsettin Mah. Tercih Sk No: 18 / Sultanbeyli, Istanbul / Turkey,
acts as the Data Controller within the scope of applicable data protection legislation.
Spark (www.spark.net.tr) processes personal data of its customers, visitors, and business partners in compliance with relevant data protection laws.
2. Collection of Personal Data
Personal data is collected electronically when:
-
Registering on our website
-
Requesting quotations
-
Contacting us via forms or email
-
Placing orders
-
Subscribing to newsletters
The data collected may include:
-
Identity Information (name, surname)
-
Contact Information (address, country, city, email, phone number)
-
Company Information (company name, tax details for B2B transactions)
-
Financial Information (payment details where applicable)
-
Technical & Transaction Security Data (IP address, password, log records)
All personal data is processed in accordance with Article 4 of KVKK and GDPR principles, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, and storage limitation.
3. Purpose of Processing
Personal data is processed for the following purposes:
-
Conducting product and service sales processes
-
Managing international B2B trade operations
-
Preparing quotations and contracts
-
Fulfilling legal obligations
-
Managing advertising, campaign and promotional activities
-
Providing customer support
-
Improving website performance and user experience
Processing is based on:
4. Data Transfers
Personal data may be transferred:
-
To authorized public institutions where legally required
-
To payment service providers
-
To logistics and shipping partners
-
To IT infrastructure and hosting providers
International data transfers are conducted in compliance with Articles 8 and 9 of KVKK and GDPR cross-border transfer requirements where applicable.
Personal data will not be shared with third parties without explicit consent, except where legally permitted.
5. Data Retention & Destruction
Personal data is stored only for the period required by relevant legislation or necessary for the purpose of processing.
When the purpose of processing ceases and no legal retention obligation remains, the data will be deleted, destroyed, or anonymized in accordance with applicable legal requirements.
6. Rights of Data Subjects
Under Article 11 of KVKK and relevant GDPR provisions, you have the right to:
-
Learn whether your personal data is processed
-
Request information regarding processing
-
Learn the purpose of processing and whether data is used accordingly
-
Learn third parties to whom data is transferred
-
Request correction of incomplete or inaccurate data
-
Request deletion or destruction where legal grounds no longer exist
-
Object to automated decision-making
-
Request compensation for damages caused by unlawful processing
If you are located in the European Economic Area (EEA), you may also have additional rights under the GDPR.
You also have the right to lodge a complaint with the competent supervisory authority in your jurisdiction.
7. Application Procedure
You may submit your requests regarding your personal data:
-
Via registered electronic mail (KEP)
-
Through secure electronic signature or mobile signature
-
By written application to:
Akşemsettin Mah. Tercih Sk No: 18 / Sultanbeyli, Istanbul / Turkey
-
By notary public
-
By contacting us through the email address registered in our system
Identity verification may be required before processing your request.
8. Contact
For all privacy-related matters:
📧 [email protected]
🌍 www.spark.net.tr