Login

Gizlilik Politikası

1. PARTIES

  • 1.1. Synaps Yapay Zeka Firması Anonim Şirkerti

  • Address: Göztepe Mah. Pınar Sok. No.4/13 Kadıköy/Göztepe

    Tax Office / No: Göztepe Vergi Dairesi / 6421040257

    Trade Registry Office / Trade Registry No: 11322

    (Hereinafter referred to as “Synaps”).

  • 1.2. Party (User)

  • (Hereinafter referred to as “USER”).

    [User's Name and Surname]

    Address: [User's Address]

    [User's Phone and E-mail Information]

The Party disclosing Confidential Information or from which Confidential Information is obtained in any way shall be referred to as the “Disclosing Party”; the Party receiving or acquiring Confidential Information in any way shall be referred to as the “Receiving Party”. The Disclosing Party and the Receiving Party shall collectively be referred to as the “Parties” and individually as a “Party”.

2. SUBJECT OF THE AGREEMENT

The subject of this Agreement is to define the obligations of the Parties to keep confidential the information belonging to one of the Parties (“Disclosing Party”) and not to disclose it to third parties, as well as regulations related to personal data, within the framework of any existing and/or potential business relationship between the Parties and/or information obtained by other means, and to regulate the rights and obligations of the Parties regarding mutual personal data processing and sharing.

3. SCOPE OF CONFIDENTIAL INFORMATION

  • 3.1. All commercial, financial, and technical information of any kind that the Disclosing Party or its representatives, employees, or subcontractors disclose to the Receiving Party or its representatives, employees, or subcontractors, whether written or oral, before or after the signing of this Agreement, including trade secrets or legally protected or unprotected information, as well as personal information, improvement ideas, financial data, business plans, service-related information, databases, infrastructure information, ideas, discoveries, inventions, features, formulas, models, objectives, standards, trade secrets, drawings, samples, devices, computer programs, documentation of computer programs, know-how, encryption techniques, formulas, models, advertising, packaging and marketing plans, product plans, technical plans, business strategies, strategic alliances and partners, financial information, engineering information, data related to products and services, all methods and processes, forecasts, personnel information, customer information, subscriber data and information, product design capabilities, specifications, sample demonstrations (demos), technical information, all commercial agreements or agreements entered into between the Parties, contracts containing the exchange of confidential information, conversations, discussions, meetings, or written communications, and all information exchanged orally, Intellectual and Industrial Property Rights, all information protected by law, inventions, innovations, work, methods, patents, copyrights, industrial designs, trademarks, and trade secrets, personal data as defined under Law No. 6698 on the Protection of Personal Data ("Personal Data"), all information and strategies belonging to the Parties are included in the scope of confidential information. The fact that a Party does not benefit from intellectual and industrial property protection or any other legal protection does not prevent the information from being defined as confidential. Upon termination of the relationship between the Parties, the Receiving Party agrees and undertakes to immediately return and deliver all Confidential Information and all copies thereof, including all lists, CDs, materials, files, and other documents (including those transferred via e-mail, computer records, and disks) in writing or recorded form to the Disclosing Party, and not to retain any copies at its discretion. The commitments and obligations in this Agreement remain valid and binding indefinitely, regardless of whether the relationship between the Parties starts, is entered into for any reason, or ends.

4. INFORMATION NOT CONSIDERED CONFIDENTIAL

If the Confidential Information is already known or becomes publicly available without violating the confidentiality obligation by the Receiving Party, none of the provisions in this Confidentiality Agreement shall apply. Additionally, if Confidential Information is requested based on existing laws or the authority of a regulatory official body or court decision, the Receiving Party shall first inform the Disclosing Party and then provide necessary warnings about the confidentiality of the information to the requesting parties and take necessary precautions.

5. OWNERSHIP OF CONFIDENTIAL INFORMATION

The Parties shall retain all rights to their respective Confidential Information. No provision of this Agreement shall be interpreted as granting the Receiving Party any license, patent, copyright, database, financial data, or trade secrets of the Disclosing Party, either explicitly or implicitly, or allowing the Receiving Party to use them. The execution of this Agreement does not create any other commercial relationship between the Parties, nor does it oblige the Parties to enter into any contract or commercial relationship. Furthermore, it shall not be interpreted as a pre-contract or promise to enter into a contract, and it does not grant the Receiving Party the right to request information from the Disclosing Party on any matter.

6. PROTECTION OF CONFIDENTIAL INFORMATION

  • 6.1. By signing this Agreement, the Parties commit to keeping all information classified as Confidential, including information obtained before signing this Agreement, strictly private and confidential, treating it as a duty to keep a secret, and taking all necessary measures and due diligence to ensure and maintain confidentiality, prevent the disclosure of Confidential Information or any part thereof into the public domain, or to a third party without the written consent of the Disclosing Party.

  • 6.2. The Disclosing Party is only required to disclose its Confidential Information to the Receiving Party to the extent necessary for their commercial relationship.

  • 6.3. The Receiving Party commits to protecting the Confidential Information disclosed by the Disclosing Party with the highest level of confidentiality, not to provide it to any third party or organization under any circumstances, not to report, publish, or disclose it in any form, or to take all necessary legal or other measures to avoid such disclosure, and not to use it for any purpose other than the objectives of their commercial relationship.

  • 6.4. The Receiving Party agrees not to use the Confidential Information for its own benefit or the benefit of any third party, directly or indirectly, and not to permit its use for any purpose other than those permitted by the Disclosing Party.

  • 6.5. The Receiving Party shall apply the same level of care to protect the Disclosing Party's Confidential Information as it does to protect its own Confidential Information.

  • 6.6. The Receiving Party shall disclose the Confidential Information only on a strict 'need-to-know' basis and only to employees, agents, or representatives who are bound by obligations no less strict than those in this Agreement, provided that such disclosure is based on the Receiving Party's explicit written consent. The Receiving Party acknowledges that its employees, subcontractors, agents, representatives, and any other persons working under its control will not violate the obligations of this Agreement and will be liable for any such violations. The Receiving Party also agrees to indemnify the Disclosing Party for any direct or indirect damages resulting from such violations. If the Receiving Party becomes aware that Confidential Information has been disclosed or used in violation of this Agreement, it is obliged to immediately notify the Disclosing Party in writing.

  • 6.7. The Receiving Party agrees, declares, and undertakes not to disclose the Confidential Information obtained from the Disclosing Party or any new data created from it to any third parties for any reason without the explicit written permission of the Disclosing Party.

  • 6.8. Except for legal obligations, the Parties shall not disclose any business meetings, discussions, consultations, agreements, or work results related to joint projects to public media, the internet, or other environments without the prior written approval of the other Party.

  • 6.9. The Receiving Party undertakes that the Confidential Information will not be entirely or partially copied without the explicit written consent of the Disclosing Party.

  • 6.10. The Parties or any companies or organizations directly or indirectly connected with the Parties agree and undertake not to transfer technology and data without the written permission of the other Party under any circumstances.

  • 6.11. The Parties agree, declare, and undertake to process Personal Data in compliance with Law No. 6698 on the Protection of Personal Data, limited to the extent necessary for the purpose of processing and in connection with the purpose, and not to provide, transfer, disclose, publicize, alter, mutilate, delete, destroy, or anonymize Personal Data to third parties without the prior written permission of the Disclosing Party, except for mandatory cases as specified in Law No. 6698 on the Protection of Personal Data. They also agree to retain Personal Data until the end of the legally required retention period if required by the nature of the service.

7. RETURN OF CONFIDENTIAL INFORMATION

In cases where the commercial relationship between the Parties ends, the Parties agree that they remain bound by the obligations of this Agreement without affecting other obligations: All documents, data, and created works containing Confidential Information will be returned to the Disclosing Party or to other persons notified by the Disclosing Party. All computer records (including e-mails and other records), CDs, materials, and files containing Confidential Information, along with all copies, will not be retained by the Receiving Party and will be immediately returned to the Disclosing Party or to other persons notified by the Disclosing Party.

8. PROTECTION OF PERSONAL DATA

Under this Agreement, the "Disclosing Party" is the Data Controller, and the "Receiving Party" is the Data Processor.

  • 8.1. Data Controller;

    • 8.1.1. The Data Controller obtains Personal Data within the scope of the commercial relationship between the Parties by obtaining the explicit consent of the relevant individuals or in accordance with other lawful reasons specified in the Law, and transfers it to the Data Processor;

    • 8.1.2. The Data Controller has made the necessary disclosures to the relevant individuals regarding the processing and transfer of data in accordance with the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Provide Information dated 10.03.2018, No. 30356;

  • 8.2. Data Processor;

    • 8.2.1. The Data Processor processes and retains the Personal Data given to it by the Data Controller in accordance with the relevant legislation, including the Law, relevant regulations, decisions, and guidelines of the Personal Data Protection Board, the standard procedures and policies determined by the Data Controller for the protection of personal data, and the instructions communicated by the Data Controller;

    • 8.2.2. The Data Processor is obliged to process the Personal Data transferred or made accessible to it by the Data Controller only in a manner that is connected to the purpose of the commercial relationship and does not exceed the limits of this purpose;

    • 8.2.3. The Data Processor shall not disclose the Personal Data obtained from the Data Controller to others in a manner that violates the Law;

    • 8.2.4. If the Data Processor needs to obtain Personal Data on behalf of the Data Controller, it will present the Data Controller's Information Text to the relevant individuals in the manner specified by the Data Controller in accordance with the provisions of the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Provide Information before starting data processing;

9. AUTHORIZATION OF SUB-PROCESSORS AND RESPONSIBILITY OF THE DATA PROCESSOR

  • 9.1. The Data Processor may authorize a sub-processor for data processing activities by obtaining the written consent of the Data Controller and ensuring that the authorization is in line with the purposes of the commercial relationship between the Parties. In such cases, the Data Processor is obliged to provide a copy of the agreement with the sub-processor to the Data Controller. The Data Controller reserves the right to reject the sub-processor.

  • 9.2. If the Data Processor authorizes a subcontractor within the scope of the provided services, the Data Processor agrees, declares, and undertakes that the subcontractor's data processing activities will comply with the Law, relevant legislation, decisions of the Personal Data Protection Board, the standard procedures and policies related to the protection of personal data determined by the Data Controller, and the instructions communicated by the Data Controller.

  • 9.3. The Data Processor accepts, declares, and undertakes that it will be directly responsible for both the violation of Article 6.2 and the data processing activities carried out by the sub-processor.

  • 9.4. Authorized sub-processors will also be responsible to the Data Controller in the same manner as the Data Processor.

10. OBLIGATIONS REGARDING THE TRANSFER OF DATA

  • 10.1. The Data Processor may transfer Personal Data within the scope of the commercial relationship in accordance with the legislation and solely for purposes connected to the commercial relationship to third parties or institutions within the country.

  • 10.2. The Data Processor may not transfer Personal Data abroad without the written permission of the Data Controller and without fulfilling the conditions specified in Article 9 of the Personal Data Protection Law.

  • 10.3. The Data Processor is obliged to ensure that the Personal Data transfer activities of authorized sub-processors are in compliance with the Law and relevant legislation, and to conduct the necessary audits in this regard.

  • 10.4. Authorized sub-processors will also be responsible to the Data Controller in the same manner as the Data Processor.

11. OBLIGATIONS REGARDING THE STORAGE AND DELETION OF DATA

  • 11.1. The Data Processor agrees and undertakes to retain Personal Data until the end of the legally required retention period for the performance of obligations and commitments within the scope of the commercial relationship, and to delete or destroy the data at the Data Controller's discretion once this period ends.

  • 11.2. The Data Processor agrees and undertakes to deliver all media and environments where Personal Data is recorded to the Data Controller upon request.

12. DATA SECURITY OBLIGATIONS

  • 12.1. The Data Processor agrees, declares, and undertakes to prevent the unlawful processing, transfer, retention of data, and unauthorized access by third parties by taking all necessary administrative and technical measures in line with current technology.

  • 12.2. If the processing of special categories of personal data is involved within the scope of the commercial relationship, the Data Processor is obliged to take additional security measures and precautions as required by the Law and other legal regulations.

  • 12.3. In the event of a security breach, cyber-attack, or data leak, the Data Processor is obliged to notify the Data Controller within 24 hours from the date they become aware of the breach, attack, or leak.

  • 12.4. In cases where data is accidentally lost, corrupted, tampered with, or destroyed, the Data Processor agrees, declares, and undertakes to provide a detailed incident report to the Data Controller within 24 hours, including how, why, and when the incident occurred, the quantity and nature of the data involved, and the potential damages resulting from the incident.

  • 12.5. The obligations in this article also apply to authorized sub-processors.

13. RELATED PERSON APPLICATIONS AND PERSONAL DATA PROTECTION BOARD REQUESTS

  • 13.1. Applications made by Related Persons to the Data Processor within the scope of the commercial relationship and all requests from the Personal Data Protection Board related to the process will be notified in writing to the Data Controller by the Data Processor within a maximum of 72 hours.

  • 13.2. The Data Processor agrees, declares, and undertakes to promptly and fully comply with the instructions communicated by the Data Controller regarding these applications and requests, and will not respond to the Related Persons in any way without the knowledge and approval of the Data Controller.

14. AUDIT

  • 14.1. The Data Processor is obliged to provide full and prompt administrative and technical support to the Data Controller within the scope of audits conducted by the Personal Data Protection Board regarding the Data Controller.

  • 14.2. The Data Processor acknowledges that the Data Controller has the authority to conduct or commission audits to verify whether the Data Processor is fulfilling its obligations regarding personal data processing activities within the scope of the commercial relationship. The Data Controller may conduct audits personally or through a third party, or request the Data Processor to perform such audits. The Data Processor is obliged to provide audit reports to the Data Controller upon request.

  • 14.3. If it is determined through an audit that the Data Processor has not fulfilled its obligations regarding the processing of Personal Data within the scope of the commercial relationship, the relevant audit costs will be borne by the Data Processor, and the Data Processor has the right to offset this amount against payments it makes to the Data Processor.

  • 14.4. If the Data Processor does not allow an audit, obstructs it in any way, or fails to conduct the requested audit, the Data Controller may terminate the contracts between the Parties unilaterally without any prior notice.