Home   /   PDPL Clarification Text


PDPL Clarification Text


As The Scientific and Technological Research Council of Turkey (TÜBİTAK), we attach utmost importance to the security and confidentiality of your personal data. Acting as the "Data Controller" within the scope of the Personal Data Protection Law No. 6698 (PDPL); this information text has been prepared in order to clarify that the responsibilities such as the collection, storage, processing, transfer of personal data in accordance with the legislation, the duration of storage, the data subjects' rights and other responsibilities applied in accordance with the legal provisions.


TÜBİTAK can process personal data in order to carry out its activities and in accordance with the principles and procedures prescribed by the PDPL and other related laws and regulations. Personal data related to our stakeholders can be collected directly or indirectly by TÜBİTAK units, website, social media etc. through written, oral or electronic means. Personal data obtained within the scope of the PDPL can be processed for the purposes listed below:

  • Maintaining activities in line with the founding objectives set out in TÜBİTAK's Law on the Establishment of TÜBİTAK,
  • Meeting information and other requests from public institutions and organizations and relevant stakeholders in a timely manner,
  • Full and proper performance of contractual and legal obligations
  • Follow-up of financial and/or accounting affairs,
  • Execution of legal proceedings and follow-up of legal processes,
  • Planning of human resources processes and execution of activities,
  • Planning, auditing and execution of information and information security processes,
  • Performing quality and standard inspections and improvements,
  • Ensuring the security of the institution and personnel,
  • Ensuring coordination in processes related to visitors and meeting participants,
  • Developing and diversifying the support and services provided,
  • Evaluating and responding to suggestions/wishes/complaints and requests to be conveyed by the stakeholders and visitors of the institution through all kinds of channels, and to carry out improvement studies in accordance with the notifications.


As expressed in Articles 5 and 6 of the Law:

  • In cases where the explicit consent of the data subject is necessary, explicit consent of the data subject,
  • If it is clearly envisaged in the laws,
  • If processing of personal data belonging to the parties of a contract is necessary directly for the establishment or performance of a contract,
  • If it is compulsory for the data controller to fulfill its legal obligations,
  • If data processing is mandatory for the establishment, exercise or protection of a right,
  • If it is mandatory to process personal data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject, etc. and within the framework of Article 234 (t) of the Decree Law No. 4 of the Presidency, as well as the duties and powers given therein;

Personal data is collected in accordance with the provisions of Articles 5, 6, and 8 of the Law through call centers, cameras and sound recordings, application forms, website membership and contact forms, the internet, mobile applications, website newsletters registration forms, cookies, social media and other publicly available media, or through training sessions, meetings, organizations, and similar events, from the data subjects, third parties including solution partners with whom TÜBİTAK cooperates or has a 2/3 relationship within the scope of communication and/or establishment of legal relations with TÜBİTAK, and legal authorities. Personal data collected through these methods can be processed and transferred for the purposes specified in Article 2 of this text within the framework of the conditions for processing personal data and processing of special categories of personal data stipulated by the Law.


In case of transferring the collected personal data into and out of the country, TÜBİTAK acts in accordance with the provisions defined in Articles 8 and 9 of the Law. In order for TÜBİTAK to carry out its services more effectively and fulfill legal requirements, in mandatory cases, within the scope of relevant laws, regulations and protocols, authorized public institutions and organizations in the country, law enforcement, courts and enforcement offices, legally authorized private legal persons, related third parties. parties, natural and legal persons, service providers and their officials, project partners, suppliers and support service providers.


In accordance with Article 11 of the Law, the data subjects who apply to TÜBİTAK have the following rights:

  • To learn whether their personal data has been processed or not,
  • To request information regarding the processing of their personal data if it has been processed,
  • To learn the purpose of the processing of their personal data and whether they are used in accordance with this purpose,
  • To know the third parties to whom their personal data has been transferred within the country,
  • To request the correction of their personal data in case they are incomplete or incorrect, and to demand that the third parties to whom their personal data has been transferred be notified of such correction,
  • To request the deletion, destruction or anonymization of their personal data if the reasons requiring the processing of their personal data have ceased to exist in accordance with the purpose, duration, and legitimacy principles, and to demand that the third parties to whom their personal data has been transferred be notified of such deletion, destruction or anonymization,
  • To object to a result that is against them if their personal data is analyzed through automated systems,
  • To demand the compensation for damages in case their personal data is processed unlawfully and they suffer harm.


You can personally send your requests within the scope of Article 11 of the KVKK "regulating the rights of the data subject" to the address of TUBITAK Tunisia Caddesi No:80 06100 Kavaklıdere / Ankara, by attaching the documents identifying the identity information in accordance with the "Communiqué on the Procedures and Principles of Application to the Data Controller" or you can send it to this address with a secure electronic signature. The person concerned must clearly and comprehensibly state the requested issue in the application to be made to use the above-mentioned rights. Information and documents related to the application must be attached to the application. 3 / 3 Applications to be made within this scope will be accepted following the identity verification to be made by us, and your requests regarding your rights will be finalized as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. In the event that the application is answered in writing or through recording media such as CD and flash memory, the processing fee specified in Article 7 of the "Communiqué on Application Procedures and Principles to the Data Controller" may be charged. You can reach TÜBİTAK via the contact information given below.

Presidential Address: TÜBİTAK Tunus Avenue No: 80 06100 Kavaklıdere / Ankara

Telephone: 0312 468 5300

Fax: 0 312 427 6817



© 2023 TÜBİTAK BİLGEM | All rights reserved.


(SGE) Cyber Security Institute

The Cyber Security Institute, which was established to carry out studies to increase the national cyber security capacity, carries out research and development activities in the field of cyber security; carries out solutions-oriented projects for military institutions, public institutions and organizations and the private sector.

The main fields of activity of our institute, which has made a significant contribution to the creation of cyber security knowledge and tactical infrastructure in our country with many successful projects to date, are secure software development, penetration tests and vulnerability analysis.

6-yze card logo

(IZE) Artificial Intelligence Institute

Artificial Intelligence Institute is the first institute established within the scope of TUBITAK centers and institutes, which cuts the sectors and research fields horizontally and focuses directly on the emerging technology field. For this reason, it constitutes an innovative model in terms of both the open innovation and co-development approach of the institute and its focus on emerging technology.

Artificial Intelligence Institute aims to develop core technologies in the field of artificial intelligence and bring these innovations from the forefront of science to the use of the industry as soon as possible. Focusing on the transformative potential of artificial intelligence, it will continue to play its part in pioneering efforts to create and sustain artificial intelligence-based innovation, growth and productivity in Turkey. Working with industry and public institutions in Turkey, together with other organizations within the artificial intelligence ecosystem, spreading the use of artificial intelligence and increasing the workforce specialized in this field are among its primary goals.


Discover institutes laboratories technologies products projects of BİLGEM.

Competence Centers

MILSEC 4 - Secure IP Terminal


While the MİLSEC-4 terminal offers an up-to-date solution for next-generation secure communication (voice, data and video) in IP networks, it provides an uninterrupted communication service by maintaining the compatibility of secure voice communication in PSTN networks with PSTN secure phones in use.

Configuration, surveillance and software update processes of MILSEC-4 terminals are carried out securely remotely using the Security Management Center (GYM). MİLSEC-4 terminal is capable of IP Network Key Loading (IPAAY) through secure communication with GYM without the need for an additional device.

MİLSEC-4 terminals are interoperable with MİLSEC-1A and MİLSEC-2 phones and offer the opportunity to replace MİLSEC-1A and MİLSEC-2 phones without interruption in the gradual transformation of PSTN networks to next generation IP networks.


  • End-to-end secure voice communication in PSTN networks
  • End-to-end secure voice, image and data transmission in IP networks
  • NATO SCIP compliance on IP networks
  • Compatibility with commercial SIP products
  • Interoperability with MILSEC1A and MILSEC2 secure phones
  • National and AES crypto algorithms
  • Remote software update
  • Easy operation with touch screen

It is subject to the sales license to be given by the Ministry of National Defense.