GDPR Text

Information text under the EU General Data Protection Regulation

1. DATA CONTROLLER INFORMATION

Under the EU General Data Protection Regulation ("GDPR"), your personal data is processed by SCARLET SPACE TECHNOLOGIES INC. ("Scarlet" or "Company") as the data controller.

Contact Information:
Address: Maslak Mah. AOS 55. Sk 42 Maslak A Blok No: 2 İç Kapı No:9 Sarıyer İstanbul , Turkey
Email: info@scarletspace.com.tr
Phone: +90 541 744 62 77 (Corporate)

2. DATA PROTECTION OFFICER

Our company has appointed a Data Protection Officer to manage GDPR compliance processes:

Email: info@scarletspace.com.tr

3. PURPOSES AND LEGAL BASIS FOR PROCESSING

3.1. Processing Purposes

  • Responding to communication requests
  • Providing training and course services
  • Evaluating business partnership opportunities
  • Improving website performance
  • Fulfilling legal obligations
  • Taking security measures

3.2. Legal Basis (GDPR Article 6)

  • Contract Performance: Course and training services
  • Legitimate Interest: Website analytics, security
  • Consent: Marketing communications, cookies
  • Legal Obligation: Accounting, tax records

4. TYPES OF PERSONAL DATA COLLECTED

  • Identity Data: First name, last name
  • Contact Data: Email address, phone number
  • Technical Data: IP address, cookie identifiers, login data
  • Profile Data: Username, preferences, feedback
  • Usage Data: Website usage information
  • Marketing and Communication Data: Marketing preferences

5. DATA SHARING AND INTERNATIONAL TRANSFERS

5.1. Third Parties

Your data may be shared with third parties in the following categories:

  • Service Providers: Cloud storage, email services
  • Professional Advisors: Law firms, accountants
  • Regulatory Authorities: Within the framework of legal obligations

5.2. International Transfers

When your data is transferred to countries outside the EU, appropriate safeguards are provided in accordance with Articles 44-49 of GDPR:

  • European Commission Adequacy Decisions
  • Standard Contractual Clauses (SCC)
  • Approved Codes of Conduct

6. YOUR DATA SUBJECT RIGHTS

6.1. Fundamental Rights

  • Right to Information: Receiving information about data processing
  • Right of Access: Requesting access to your processed data
  • Right to Rectification: Requesting correction of incorrect data
  • Right to Erasure: Data deletion under "right to be forgotten"
  • Right to Restrict Processing: Stopping data processing
  • Right to Data Portability: Transferring your data to another provider
  • Right to Object: Objecting to data processing

6.2. Automated Decision Making

You have the right not to be subject to fully automated decision-making processes, including profiling. We will inform you if such a situation exists.

7. DATA RETENTION PERIODS

We will retain your personal data only for the following periods:

  • Communication Records: 3 years
  • Course and Training Records: 7 years
  • Website Logs: 12 months
  • Marketing Data: Until consent is withdrawn
  • Accounting Records: 10 years (legal obligation)

8. DATA SECURITY MEASURES

Technical and organizational measures taken for data security:

8.1. Technical Measures

  • AES-256 encryption
  • TLS/SSL protocols
  • Secure server infrastructure
  • Regular security updates
  • Penetration testing

8.2. Organizational Measures

  • Staff training programs
  • Access control policies
  • Data breach response plans
  • Regular security audits

9. DATA BREACH NOTIFICATION

In case of a breach that threatens personal data security:

  • Notification to the relevant supervisory authority within 72 hours
  • Data subjects will be informed in case of high-risk breaches
  • Necessary measures will be taken immediately

10. EXERCISING YOUR RIGHTS

10.1. Application Methods

To exercise your GDPR rights:

  • Email: info@scarletspace.com.tr
  • Mail: Maslak Mah. AOS 55. Sk 42 Maslak A Blok No: 2 İç Kapı No:9 Sarıyer İstanbul , Turkey
  • Online Form: GDPR request form on our website

10.2. Response Times

Your requests will be responded to within 1 month. This period may be extended by 2 more months for complex situations.

11. RIGHT TO COMPLAINT

If you believe your GDPR rights have been violated:

  • Turkey: Personal Data Protection Board (KVKK)
  • EU: Data protection authority in your country

Effective Date: 19.04.2026

Last Updated: 19.04.2026