Meva1 Mühendislik ve İnşaat Meva1 Mühendislik & İnşaat
Legal

GDPR Notice

Last updated: May 18, 2026 · Version 1.0

This Notice is provided by Meva1 Mühendislik ve İnşaat pursuant to Articles 13 and 14 of the EU General Data Protection Regulation ("GDPR", Regulation (EU) 2016/679) to inform EU-based data subjects how their personal data is processed.

Data Minimisation

This website operates as a public information presence. No CRM, marketing list, customer database, lead-scoring system, or behavioural profiling is used on this site. The only personal data processed through the website is: 1. Strictly necessary cookies (session, security, language preference). 2. Google Analytics with anonymised IP, aggregated reporting only — advertising features, remarketing audiences and cross-device tracking are disabled. 3. Contact channel content — if a visitor voluntarily reaches us by e-mail or phone, only the content of that communication is processed for the purpose of responding. Engineering project data is processed separately under contract performance once a service relationship is established off-site. No other personal data is collected, profiled, sold, or shared for marketing purposes via this website.

1. Data Controller

Data controller for website operations: • Data Controller: Devrim Tunçer • Address: Kestel Mahallesi, Üniversite Caddesi No: 86/3, Alanya / Antalya, Türkiye • KEP (registered electronic mail): devrim.tuncer@hs01.kep.tr • E-mail: devrim@donedynamics.com • Web: https://donedynamics.com • Tax office / VKN: Alanya Tax Office — 8670898531 This site is an informational presentation of the services of Meva1 Mühendislik. The data controller for site operations (hosting, analytics, cookies, contact-form metadata) is Devrim Tunçer, as stated above. Engineering project data and customer information processed under a project contract are processed under a separate legal framework. No EU representative under GDPR Art. 27 has been appointed for the scope of this website.

2. Data Protection Officer (DPO)

No Data Protection Officer has been designated under GDPR Art. 37 for the scope of this website. All data protection requests are handled by the data controller, Devrim Tunçer, at devrim@donedynamics.com.

3. Categories of Data Processed

We may process identity and contact data, contract data, project / building data, payment data, visual records (site photographs), and Site usage data (IP, cookies) of our customers and prospective customers.

4. Purposes and Legal Bases (Art. 6)

Data is processed on the following bases: • Art. 6(1)(b) — Performance of a contract: preparing engineering and construction proposals, concluding and performing contracts. • Art. 6(1)(c) — Legal obligation: occupational health and safety records (Turkish Law No. 6331), tax obligations, building inspection legislation. • Art. 6(1)(f) — Legitimate interests: business development, maintaining customer relationships, network and system security, defending against legal claims. • Art. 6(1)(a) — Explicit consent: marketing communications and optional cookies.

5. Recipients

Data may be shared with: subcontractors and processors (hosting, email, analytics); legal counsel and auditors; competent public authorities (Turkish Ministry of Environment, Urbanisation and Climate Change; municipalities; the Social Security Institution; courts). Data is never sold for marketing purposes.

6. International Transfers (Chapter V)

Your data is stored in Turkey. Some processors (e.g., Cloudflare, Google) may process data outside the EU. Such transfers are carried out under Art. 46 on the basis of Standard Contractual Clauses (SCCs) or appropriate safeguards. For information about safeguards for transfers to countries without an adequacy decision, please contact us.

7. Retention (Art. 5(1)(e))

Your data is retained for the period required by the purpose of processing or by statutory retention obligations. Typical periods: contract and project records 10 years, tax/invoice records 5 years, work accident records 50 years, contact form records up to 2 years, CCTV records up to 30 days.

8. Automated Decision-Making

We do not engage in automated decision-making or profiling within the meaning of GDPR Art. 22 that produces legal effects concerning you or similarly significantly affects you.

9. Your Rights as a Data Subject (Art. 15-22)

You have the rights of access (Art. 15), rectification (Art. 16), erasure / right to be forgotten (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), objection (Art. 21), and the right not to be subject to automated decisions (Art. 22). Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

10. Right to Lodge a Complaint (Art. 77)

If you reside or work in an EU Member State, or the alleged infringement occurred there, you have the right to lodge a complaint with the relevant supervisory authority.

11. Obligation to Provide Data

Some data (identity, contact, invoice) is required for the conclusion of a contract and the fulfilment of legal obligations. If you do not provide this data, we may not be able to provide engineering services.

12. Contact

For all GDPR-related questions and requests to exercise your rights: info@meva1muhendislik.com.