Privacy Policy

This Privacy Policy was executed by and between Ayasis Yazılım ve Bilişim Teknolojileri Anonim Şirketi (“the Company”) located at Yıldız Teknik Üniversitesi Davutpaşa Kampüsü Teknopark D2 Blok No: 1B06 Esenler/Istanbul in its capacity as the “Data Controller” and all individuals (“Member”) using MentalUP products/services through and web sites and MentalUP mobile application (“MentalUP”) owned and operated by the Company. In this context, the purpose of this Privacy Policy is to provide information on the collection, processing and use of the data provided by you in connection with the use of MentalUP as well as the grade, purpose and scope of transfer thereof.

When the Member uses MentalUP; or somehow communicates with MentalUP, MentalUP collects information about the Member in accordance with the nature of the information and transaction within the current technical possibilities. The Member accepts, acknowledges and promises that his / her personal information and data might be used in a limited manner by the Company and/or through MentalUP to the extent that it is limited to the format and purposes set forth in this Privacy Policy.

The Company might collect the Member's personal information (user name, name if provided, IP address, the date and time of access, the pages accessed while being on MentalUP) and the activities taken place under MentalUP in order to provide better service to the Member, to make suggestions, to improve its services, to facilitate the use of MentalUP at the works related to the Member's interests and preferences, within the framework of legal legislation.

The information provided by the Member in order for the Company to communicate with itself as well as the information obtained by the Company via cookies and similar methods during the Member’s activities on MentalUP; might be recorded, stored in printed / magnetic archives, updated whenever necessary, shared, transferred, used and processed by the Company in accordance with the personal data processing requirements and purposes set out in the applicable legislation and also for the Company to provide certain services to you in connection with the use of MentalUP, to fulfill the necessary procedures for payment in the event that the goods and services provided are subject to any fee, to inform regarding the services rendered, to be able to respond to questions, to make sure that the necessary permits are received and taken from parents/legal representatives if the Member is between the ages of 13 and 18, if it is required directly for the execution and performance of a contract between the Company and the Member and for the Company to fulfill its legal obligations and also for the purposes of asserting the relevant rights or establishing the defense in relation to such personal data, limited to the purpose of use, and for a period of time limited with such use. This information shared may be changed and updated by the Member at any time. Data collected through MentalUP may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the MentalUP’s functionality.

The data shared by the Member shall not be used directly or indirectly for the benefit of any third party for any reason whatsoever; without the express and explicit written permission of the Member, shall not be shared, partly or completely copied and published with any third party, firm or entity other than for the purposes set forth in this Privacy Policy. Additional authorization from the Member may be required if it is compulsory within the provisions of the relevant legislation or if the data transmitted by the Member must be used for purposes other than those specified in this text. In this case, the Member will be contacted and its explicit consent will be requested. If the Member does not agree, no additional data shall be obtained.

If the personal data provided to the Company by the Member is requested by official institutions/organizations as necessitated by the law, the data may be transmitted to the relevant authorities and courts if requested by the courts.

It may be required to open an account in order to have access to the services. The member declares that he or she is at least 18 years old (or older) and understands and accepts these conditions in order to open an account on his behalf. If the member is at least 13 years of age and under 18 years of age, and have the power to discriminate, he/she must sign up to MentalUp and must provide his / her data only in the presence of one of his/her parents or his/her legal representative. In this context, the Member declares that his or her parent or legal representative has reviewed and accepted this Privacy Policy and that the data has been shared following the said permission. Neither person under 13 (thirteen) years of age can be directly a member of the MentalUP itself, nor submit his/her own personal data directly.

In the event that the internet sites of the Company contain links to other internet sites according to the nature of the situation, the Company shall have no commitment to ensure that the operators of these sites comply with the data protection provisions. The Company shall never be responsible for the content of the sites to which it links with other methods such as links or the like.

Within the scope of the data you have provided to the Company, the Member may apply to the Company and be entitled to
  • find out whether personal data is being processed;
  • request information on personal data, if it has been processed;
  • find out the purpose of processing his/her personal data and whether they are being used appropriately in line with their purposes;
  • know the third parties to whom personal data is transmitted in or out of the country;
  • request that his/her personal data be corrected if it is incomplete or incorrectly processed;
  • request that personal data be erased or destroyed if the circumstances requiring the processing of the personal data disappearance;
  • require correction, deletion or destruction to be reported to a third party to whom personal data is transferred;
  • object to the occurrence of an adverse consequence by analyzing the processed data exclusively through automated systems; and
  • have the right to claim damages in case of impairment because his/her personal data is processed in violation of the relevant legal legislation.

In the event that a Member submits his/her claims for his/ her rights towards the Company in the manner set forth in the Administrative Privacy Policy, the Company shall conclude the application as soon as possible and in any event not later than 30 (thirty) days in accordance with the nature of the claim. However, if the transaction also requires the assumption of a cost, the fee may be charged at the rate specified by the Personal Data Protection Board.

Despite the fact that the processing activity is carried out in accordance with the relevant legislation, the personal data of the Member shall be deleted, destroyed or anonymized in accordance with the related legislation after the end of the processing purposes stated in this Privacy Policy.

In order to use the rights notified to the Member in this Privacy Policy, the Member must include the necessary information that can be used by the Company to identify the Member and the description/explanations regarding which right he/she requests to exercise must be delivered to Yıldız Technical University Davutpaşa Campus at Kampüsü Teknopark D2 Blok No:1B06 Esenler/Istanbul by hand or sent through notary or other methods specified in the related legislation or may be sent as signed by secure electronic signature to, which is the e-mail address of the Company. The Company accepts the request on the application of the Member or rejects it by explaining the reason and declares the answer to the related person in writing or in electronic form. If the application is accepted, it will be fulfilled by the Company. If the Applicant is attributable to any fault of the Company and a fee is collected from the Member, the remuneration shall be returned to the Member.

The Company undertakes to keep the Member's data and any confidential information strictly private and confidential, without prejudice to the contents hereof, to regard it as an obligation to keep confidentiality, to take all measures and act in due diligence to prevent all or any part of the Member's information from entering into the public domain or be subject to unauthorized use, or to take measures to prevent the confidential information from disclosure to any third party. If, despite all necessary data security measures taken by the Company, the confidential information is damaged as a result of attacks on the system or captured by third parties, the Company shall have no responsibility with that respect.

The Company shall not disclose personal data and confidential information of the Member unless (a) it is required to disclose such information in accordance with applicable laws or regulations or a court decision or administrative order issued and/or (b) it is Member's request and/or (c) it is stated within this Privacy Policy or within other agreements executed by and between the Member and the Company.

The Company shall not be responsible for damages caused by the use of information that the member discloses in comments made or messages given by third parties in public areas. If the member shares his/her name, password, etc. used by the member when creating the membership record with third parties, the Company shall not be responsible for any damages that may arise from the information shared with third parties.

The Company may review the personal information and data of a Member who is in breach of the User Agreement or Privacy Policy or is the subject of complaint by other members.

The Company may at any time update, amend, or revoke the provisions of this Privacy Policy. In this case, the Member shall be notified via the services/products or by other means such as e-mail. Any provision that is updated, modified or removed from effect shall enure for the Member at the time of publication. The Member shall be deemed to have accepted such amendment if the Member continues to use the services or products of the Company after such modification has been made.

You can find detailed information about your personal data processed by the company in the Acknowledgement Letter Regarding Personal Data.