SatoLOC Insight CMS

Privacy Policy

SatoLOC Insight

Effective Date: January 21, 2026

Last Updated: January 21, 2026

1. Introduction

SatoLOC Dil ve Çeviri Hizmetleri Limited Şirketi, operating under the brand SatoLOC Insight (“Company,” “we,” “us,” or “our”), is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our AI-powered content and localization platform and related services (collectively, the “Services”).

We are the Data Controller for personal data processed through our Services, in accordance with the Turkish Law on Protection of Personal Data No. 6698 (“KVKK”), the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and other applicable data protection laws.

2. Corporate Identity and Contact Information

Data Controller: SatoLOC Dil ve Çeviri Hizmetleri Limited Şirketi

MERSIS No: 0752103887200001

Registered Address: Kırmızıtoprak Mah. Porsuk Bulvarı, Nilay Sokak, Emin Apt. No:11/B, Odunpazarı, Eskişehir, Türkiye

General Email and Privacy Inquiries: info@satoloc.com

Registered Electronic Mail (KEP): satolocdil@hs01.kep.tr

3. Personal Data We Collect

3.1 Information You Provide Directly

  • Account Information: Name, surname, email address, phone number, company name, job title, and password credentials.
  • Financial Information: Billing address, payment card details (processed via PCI-DSS compliant providers), bank account information, and Tax ID/VAT numbers.
  • Communication Data: Records of correspondence (email, chat, KEP) when you contact support.

3.2 Information Collected Automatically

  • Technical Data: IP address, browser type, device identifiers, operating system, and time zone.
  • Usage Data: Click patterns, features accessed, session duration, and workflow actions.
  • Log Data: Traffic data collected pursuant to Law No. 5651.

3.3 Customer Content

Our Services enable Customers to upload and translate content. Customers are responsible for ensuring they have the appropriate legal basis to process any Personal Data contained within “Customer Content” (e.g., source text for translation). We process this data solely on behalf of the Customer.

4. Purposes and Legal Bases for Processing

We process Personal Data for the following purposes:

  • Service Provision: To provide the platform, authenticate users, and process payments. Legal Basis: Performance of Contract (KVKK Art. 5/2-c).
  • Legal Compliance: To comply with tax, commercial, and internet regulation obligations (TCC, VUK, Law No. 5651). Legal Basis: Legal Obligation (KVKK Art. 5/2-ç).
  • Platform Improvement: To analyze usage trends and improve our AI models (where opted-in). Legal Basis: Legitimate Interest (KVKK Art. 5/2-f).
  • Marketing: To send updates and offers. Legal Basis: Explicit Consent (KVKK Art. 5/1) or Permissible Commercial Electronic Message laws.

5. Artificial Intelligence and Data Usage

  • Default Setting: By default, Customer Content is not used to train our general public AI models. It is processed solely to deliver your specific localization results.
  • Opt-In Training: Customers may voluntarily opt-in to allow anonymized content to be used for model improvement.
  • Third-Party AI: We utilize enterprise-grade API providers (e.g., OpenAI, DeepL) under strict data processing agreements that prohibit them from using your data to train their models.

6. Data Retention

We retain Personal Data only as long as necessary, complying strictly with Turkish statutory periods:

Data CategoryRetention PeriodLegal Basis
Commercial Books & Correspondence (Invoices, Contracts, Account Logs)10 Years following the end of the calendar year in which the relationship ended.Turkish Commercial Code (TCC) Art. 82; Turkish Code of Obligations Art. 146.
Tax Records5 Years (minimum); retained for 10 years to align with TCC.Tax Procedure Law (VUK) / TCC.
Traffic / Access Logs2 YearsLaw No. 5651.
Marketing DataUntil consent withdrawal (plus statutory suppression period).ETK (Law on Regulating E-Commerce).
Customer ContentDeleted 90 days after account termination unless otherwise legally required.Service Agreement.

7. Data Sharing and International Transfers

  • Sub-processors: We share data with trusted vendors (cloud hosting, payment processors). 
  • International Transfers: SatoLOC operates globally. Data may be transferred to servers in the EU or USA. For transfers originating from Turkey or the EEA, we rely on standard contractual clauses (SCCs) and adequacy decisions where applicable, ensuring compliance with KVKK Art. 9 and GDPR Chapter V.

8. Your Rights

Under KVKK Article 11 and GDPR, you have the right to:

  • Learn whether your personal data is processed.
  • Request information if your data has been processed.
  • Learn the purpose of processing and whether it is used appropriately.
  • Know the third parties to whom your data is transferred.
  • Request correction of incomplete or inaccurate data.
  • Request deletion or destruction of data (subject to legal retention obligations defined in Section 6).
  • Object to negative consequences arising from automated analysis.

To exercise these rights, please submit your request via our portal or send a digitally signed email to our KEP address: satolocdil@hs01.kep.tr.

9. Security

We implement technical and administrative measures designed to align with ISO 27001 standards, including encryption (TLS/AES), access controls, and regular security assessments.