As ARI TEKNOKENT PROJE GELİŞTİRME PLANLAMA ANONİM ŞİRKETİ (TIN: 0740264905) (“İTÜ ARI Teknokent”” or “Company”) located “Reşitpaşa Mah. Katar Cad.No:4 İ.Kapı No:1101 Sarıyer/İSTANBUL” we pay the utmost attention to the security of your personal data. With this awareness, we give a particular importance to process and preserve the personal data of the natural people whom we interact in accordance with the Law no. 6698 (“PDPL” or “the Law”), secondary legislations (regulation, declaration etc.) and binding resolutions of Personal Data Protection Committee.

As a result of our sense of responsibility, we, as the “Data Controller” process your personal data considering legal limitations and purposes mentioned below; by providing all necessary technical and administrative measures to ensure the appropriate level of security, to prevent unlawful processing of personal data and unlawful access to personal data and to ensure the protection of personal data.

This Data Protection Statement aims to announce the personal data of the related persons/data owners with whom İTÜ ARI Teknokent has contacted while performing the main area of activity on the website in full compliance with the principle of transparency, and within this text, the Data Protection Statement is made regarding the personal data processing activities within the scope of the Company’s main activity and business operations.

  1. Identity of the Data Controller

ITU Magnet is an entrepreneurship center operating under İTÜ ARI Teknokent, carrying out activities focused on supporting the growth, business development, and investment processes of advanced-stage ventures and startups. ITU Magnet provides services within the scope of activities planned and implemented for stakeholders operating at the advanced stage of the entrepreneurship ecosystem.

Within ITU Magnet, programs, organizations, and supportive initiatives are carried out to foster collaboration among entrepreneurs, investors, corporate partners, and domain experts. As part of these activities, the planning, coordination, and monitoring of initiatives related to the growth and business development processes of ventures are conducted. ITU Magnet carries out its activities within the Technology Development Zone, in alignment with the organizational structure and operational framework of İTÜ ARI Teknokent.

  1. Purposes of Personal Data Processing

Your personal data shall be collected and processed by the Company within the limits specified in the Law, in a limited and measured manner in accordance with the law, in good faith and always related to the following purposes of;

  • Managing event registration, participation, and accreditation processes; ensuring the physical and digital security of events; addressing technical issues and enhancing operational efficiency,
  • Communicating with applicants, participants, investors, and stakeholders; sending announcements, information notices, and commercial electronic messages regarding İTÜ Magnet programs,
  • Facilitating potential matchings and cooperation opportunities between entrepreneurs and investors, mentors, and corporate stakeholders, and organizing networking activities,
  • Evaluating applications, projects, and business models; managing grant, award, and financial support processes,
  • Taking visual and audio recordings (photographs and videos) for the purpose of promoting events and successful ventures and publishing such content through promotional channels (website, social media, etc.),
  • Measuring program performance; conducting statistical studies, analyses, and official reporting related to the entrepreneurship ecosystem; and implementing improvements aimed at enhancing the quality and impact of the program,
  • Fulfilling legal obligations arising from applicable legislation; responding to requests from authorized public institutions and organizations; and managing potential legal dispute processes,
  • Ensuring the commercial and legal security of natural and legal persons with whom the Company maintains business relations,
  • Managing risk and ensuring the security of data controller operations.
  1. Personal Data Collection Methods and Cause of Actions

Your personal data transmitted by you in directly oral, written or electronic media are processed by the Company with automatic, semi-automatic and under condition of being part of a data recording system: non-automatic methods by means website or similar applications and software.

In this regard, the general personal data classified below are processed based on the cause of actions stated in Article 5/2 of the Law.

While creating the classification below, both the execution of the Company’s main business activities and the conduct of its website-related activities have been taken into consideration. The necessary Data Protection Statements and/or consent notifications regarding each process and operation of the Company are separately communicated to the relevant data subject groups through layered data protection notices or via various other means.

  Category Type Cause of Action for Processing
1. Identification Name, surname Processed for the following cause of actions stated in Article 5/2 of the Law; a) if it is expressly provided for by the laws, c) if the processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract, ç) if it is necessary for compliance with a legal obligation to which the data controller is subject, d) if the personal data have been made public by the data subject himself/herself
2. Contact Information E-mail address and phone number, LinkedIn profile link (URL).
3. Personal & Professional Experience Resume information, education, work experience and foreign language, attendance to courses and seminars, Processed for the following cause of actions stated in Article  Article 5/2 of the Law; (c) If the processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract, (d) If the personal data have been made public by the data subject himself/herself (f) If the processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.
  Visual and Audio Recordings Photographs, Camera, and Video Images  

PDPL art. 5/1; Based on your explicit consent.
4. Transaction Safety IP address information, website login-exit information. Processed for the following cause of actions stated in Article 5/2/f of the Law; if the processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.

 
5. Risk Management Information to manage commercial, technical and administrative risks.

 

In line with your demand, the purpose of processing each personal data category and data type will be detailed and communicated to you through the other personal data processing processes maintained within the Company.

Furthermore, within the scope of service marketing and strategic marketing activities, the sending of informative commercial electronic messages for advertising, campaign, and promotional purposes shall be carried out in compliance with the Regulation on Commercial Communication and Commercial Electronic Messages, and where required, your explicit consent shall be obtained separately. Personal data within the identity and contact data categories processed for the purpose of sending commercial electronic messages may be processed based on the legal ground of your explicit consent pursuant to Article 5/1 of the Law, provided that such explicit consent has been separately obtained.

  1. Transfer of Personal Data and Purposes of the Transfer

Your personal data may be transferred, for the purposes stated above and to ensure the uninterrupted execution of the Company’s commercial operations and business processes, where necessary, based on your explicit consent as per Article 8/1 of the Law. In addition to this, your data may also be transferred without explicit consent in accordance with Article 8/2(a) of the Law, in cases where it is explicitly stipulated by law, required for the data controller to fulfill its legal obligations, necessary for the establishment, exercise or protection of a right, or required for the legitimate interests of the data controller provided that it does not harm the fundamental rights and freedoms of the data subject. Moreover, your personal data may be transferred abroad in accordance with the legal bases set forth under Article 9 of the Law, by implementing all necessary technical and administrative measures to ensure data security.

  • Legally authorized public institutions and organizations, judicial and administrative authorities,
  • Legal entities and natural persons under private law permitted by other legislations,
  • Private and public institutions and organizations authorized to audit the Company,
  • To business partners from whom services are received or with whom the Company cooperates for the execution and development of the Company’s activities,
  • To suppliers of the Company only, when necessary,

In this regard, you can withdraw the explicit consent you have given for the transfer at any time and consult with the Company’s officials. The relevant data protection statements and consent statements are notified to the related persons in the form of gradual disclosure or in various ways unique to the Company’s processes and activities.

  1. Rights of the Data Subjects Under the Law

You may apply to İTÜ ARI Teknokent at any time and request to exercise your rights arising from the Article 11 of the PDPL: “a) to learn whether your personal data has been processed, b) to demand for information if your personal data have been processed, c) to learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose, ç) to know the third parties to whom your personal data are transferred in country or abroad, d) to request the rectification of the incomplete or inaccurate data e) to request the erasure or destruction of your personal data under the conditions referred to in Article 7, f) to request reporting of the operations carried out pursuant to sub-paragraphs (d) and (e) to third parties to whom your personal data have been transferred, g) to object to the occurrence of a result against the person himself/herself by analyzing the data processed solely through automated systems, ğ) to claim compensation for the damage arising from the unlawful processing of your personal data”. You may submit your requests regarding your rights and the enforcement of the Law by filling and signing out the application form that you can obtain from us or from www.itumagnet.com;

  • Send it with wet-ink signature “Reşitpaşa Mah. Katar Cad.No:4 İ.Kapı No:1101 Sarıyer/İSTANBUL” via notary public, by registered mail with return receipt requested at your discretion for ease of proof or by your personal application,
  • By sending your application via e-mail to [email protected] using the registered electronic mail (KEP) address assigned to your name,
  • By sending an e-mail [email protected] using the e-mail address notified to the Brand by you and registered in the brand system.

As the personal data owner, in the application you will make to exercise your rights mentioned above and which contains the explanations regarding the right you have request to exercise; the requested matter needs to be clear and understandable, the subject needs to be related to yourself and in case you are acting on behalf of someone else, you will need to submit your special power of attorney certified by the notary in this regard. In accordance with the “Communiqué on The Principles and Procedures for the Request to Data Controller”, it is mandatory to include name-surname, signature, Turkish Identification (“ID”) number (for foreigners, nationality, passport number or ID number if any), residential or workplace address for notice, e-mail address, telephone and fax number and the subject of the request in your applications. Applications that do not fulfill such elements will be rejected by İTÜ ARI Teknokent or directed to the valid application channels.

All registered or unregistered intellectual property rights such as title, business name, trademark, patent, logo, design, information and method contained in this Site belong to the site operator and owner brand or the person signified and are under the protection of national and international law. Visiting this Site or utilizing the services on this Site does not give any rights to the intellectual property rights in question. The information contained on the Site cannot be reproduced, published, copied, presented and/or transferred in any way. The whole or part of the Site cannot be used on any other website without permission.

All employees of İTÜ ARI Teknokent are equipped with education on the Law on the Personal Data Protection Law, periodically informed, highly aware and have gained the notion of confidentiality. İTÜ ARI Teknokent acts with awareness and sensitivity in all activities carried out by the Company and throughout the life cycle of personal data within the Company.

İTÜ ARI Teknokent reserves the right to make changes in this Data Protection Statement, due to the Law, secondary legislations and committee resolutions. Each related person who visits the www.itumagnet.com website is deemed to have accepted the above-mentioned terms.

 

İTÜ ARI Teknokent reserves the right to change all products and services, pages, information, visual elements on the Site without prior notice.

 

This data protection statement has been updated on 13.02.2026.