As part of its activities, Atak Taşıt Yedekleri AŞ takes all kinds of technical and legal measures for the processing of your personal data in accordance with the Personal Data Protection Law No. 6698 (the “PDPL”). Related persons can access in the following Disclosure Text detailed information on the processing of their personal data, transfer the same to third-parties, legal grounds for collecting personal data and their rights contained in the PDPL.

A. Purposes of Personal Data Processing

Your personal data is processed by Atak Taşıt Yedekleri A.Ş. or real/legal persons to be appointed as data controller by Atak Taşıt Yedekleri A.Ş. under the following circumstances and conditions and for the purposes of:

  1. Improving, developing, diversifying, producing alternatives for, our services and operations and making available the same to people with whom we have commercial relations;
  2. Preparing various reports, research and presentations, planning emergency management processes, following up financial and accounting affairs, ensuring company-wide security;
  3. Issuing the documents that we are obliged to issue in accordance with the relevant laws;
  4. Introducing, announcing events that we organize and attend, and informing the public related thereto;
  5. Executing and following up financial reporting and risk management procedures, establishing and following up visitor records, developing and improving public relations and marketing policies;
  6. Determining and implementing our commercial business strategies;
  7. Ensuring the full performance of the contracts to which our Company is a party and controlling whether counter parties to such contracts perform the contracts in full;
  8. Ensuring the legal security of real/legal persons who have commercial relations with our Company;
  9. Fulfilling our after-service obligations;
  10. Preparing and issuing our Company’s commercial books, invoices, tenders, checks and payrolls in accordance with the legislation, and carrying out the processes related to such transactions;
  11. Ensuring the security of our Company’s buildings, facilities and work areas with camera recording and other security measures and controlling entrances and exits;
  12. Evaluating the recruitment processes of our employee candidates, creating personal files of our employees and maintaining our company’s Human Resources policies;
  13. Taking necessary measures for occupational health and safety within the scope of our obligations arising from the legislation, planning and carrying out training processes, making early intervention in health-related issues;
  14. Increasing the morale and motivation, performance level, satisfaction of our employees, their interaction with each other and our Company and ensuring their loyalty to our Company;
  15. In case of communication with our call centres or company phones, establishing the communication and determining the content thereof;
  16. Performing personnel affairs more effectively;
  17. Fulfilling our obligation to pay wage arising from employment contracts, as well as our other obligations;
  18. Carrying out our commercial purchase and corporate correspondence;
  19. Operating the disciplinary process in cases that may occur in the workplace;
  20. Carrying out customer satisfaction-related activities;
  21. Fulfilling the demands of public institutions and organizations;
  22. Providing guests visiting our businesses and facilities with internet access;
  23. Preparing business execution programs, and preparing and implementing shift lists;
  24. Planning and executing services and various logistics activities;
  25. In case of visits to our website, creating statistical data, recording visitor information and providing feedback related thereto;
  26. Carrying out the necessary quality and standard audits or fulfilling our other obligations determined by laws and regulations;
  27. Notifying changes in legislation or policies we have adopted or making notifications concerning data subjects.

B. Transfer of Personal Data  

Your personal data processed can be transferred for the above purposes and within the framework of the requirements determined by the PDPL to:

  1. Judicial bodies, judicial authorities, security forces and other legally authorized public institutions and organizations in line with the demands of various public institutions and organizations;
  2. Our suppliers, audit firms, certification bodies and information security firms, in order to establish the necessary quality, confidentiality and standards;
  3. Our business partners, shareholders, suppliers, in order to prepare and implement strategies for our operations;
  4. Our business partners, suppliers, shareholders, in order to increase our quality standards and establish our marketing strategies;
  5. Health institutions, hospitals, legally authorized third-parties and relevant public institutions and organizations, in order to fulfil our obligations within the framework of the legislation on occupational health and safety and emergency medical interventions;
  6. Domestic and foreign real/legal persons and public institutions and organizations that we cooperate with, in order to achieve the purpose of our Company;
  7. Our shareholders, business partners, in order to plan, execute and maintain our human resources processes;
  8. Our business partners and suppliers, in order to carry out advertising, promotion and promotion processes;
  9. Audit firms and related public institutions and organizations, in order to audit our activities;
  10. Our suppliers, shareholders, banks, tax offices and other public institutions and organizations related to the audit of payment processes, in order to carry out our payment processes, banking and financial transactions;
  11. Security companies, in order to ensure workplace safety;
  12. Third-parties and institutions that request a reference based on valid legal grounds, limited to the subject of the request;
  13. Insurance companies and banks, in order to carry out insurance and private pension processes;
  14. Cargo companies, PTT, notary offices, in order to carry out communication and shipping processes,
  15. Software companies and our suppliers operating in this field due to the operating systems, computer programs, software, cloud service we use within the Company and their maintenance and repair;
  16. In order to carry out international and domestic travel and accommodation processes, to third-parties, consulates, visa application centres and legally authorized persons providing services in this field;
  17. Our suppliers, research and survey companies, in order to carry out research and survey activities within the framework of customer and personnel satisfaction;
  18. Domestic and/or foreign private and public legal entities, in order to increase the awareness and brand value of the Company, to improve the internet infrastructure and to keep up it to date;
  19. Domestic and foreign institutions/organizations that provide security, technology and cloud services for digital data;
  20. Our business partners, dealers, suppliers, in order to fulfil foreign exchange, export-import, financial, legal permits and responsibilities;
  21. Companies operating in the field of organizing events, conferences, celebrations, weddings and similar social events, in order to carry out the same;
  22. Tourism companies, hotels and organization companies for the purposes of accommodation, transportation and tourism.


C. Method of, and Legal Ground for, Collecting Personal Data

Personal data within Atak Taşıt Yedekleri A.Ş. is collected through all kinds of verbal, written or electronic media, especially using the following methods, considering the data processing requirements provided for in the PDPL:

  • contracts and offers;
  • official letters from public institutions and organizations;
  • persons shown as a reference by the related person;
  • information received through our business and solution partners;
  • face-to-face interviews;
  • companies from which we receive support in the field of human resources;
  • cookies and log records used in the internet environment;
  • social media applications;
  • applications to our call centre;
  • survey activities;
  • applications made personally, by mail or electronically, and interviews;
  • devices that record audio and video with CCTV in and around our buildings, facilities and work areas;

This data is obtained for the purposes of carrying out our activities within the framework of the laws and accordingly, for our Company to provide its services, to maintain its commercial life and to fulfil its liabilities arising from the laws in complete and proper manner. 

D. Storage and Destruction of Personal Data

Our Company stores personal data in proportion to the purpose of processing in line with the purpose of processing personal data. Personal data is stored until the end of the period required by the relevant legislation in case the purpose of, and/or ground for, processing no longer exists. When the purpose of, and ground for, the processing of personal data disappears, the personal data will be destroyed upon the expiry of the relevant time limits in order to fulfil our legal obligations arising from the law.

E. Rights of Related Persons

Each related person has the following rights in accordance with Article 11 of the PDPL:

  1. to find out whether their personal data has been processed;
  2. if their personal data has been processed, to request information related thereto;
  3. to find out the purpose of processing of their personal data and whether or not their personal data is used properly;
  4. to know about third-parties to whom their personal data is transferred home or abroad;
  5. in case personal data is processed incompletely or incorrectly, to request for correction of their personal data and for notification of such correction to third-parties to whom their personal data is transferred;
  6. in case of disappearance of the grounds that require processing of their personal data although processed in accordance with the provisions of the PDPL and other relevant law, to request for deletion or destruction of their personal data and for notification of such deletion or destruction to third-parties to whom their personal data is transferred;
  7. to object to the emergence of any consequence against themselves through analysis of the data processed exclusively by means of automated systems;
  8. in case of any loss and/or damage due to the unlawful processing of personal data, to claim indemnification for losses and/or damages suffered.

The related person may notify their requests regarding these rights to our Company’s address written below by sending a notice through a notary public or by applying personally with an identity card. The related person’s requests will be evaluated and decided free of charge as soon as possible and within thirty (30) days at the latest. If the evaluation and decision-making process requires any additional costs, the fee in the tariff determined by the Personal Data Protection Board will be taken as basis. 

Please check our cookie policy for information about the cookies we use on our website. Respectfully announced to the public.

F. Identity of Data Controller

CRS Number:

Web Address:          

Phone Number:

E-mail Address: