PRIVACY POLICY AND PROTECTION OF PERSONAL DATA

Turkish Republic of Northern Cyprus
Last Updated: April 2026
Version: 1.0

1. PURPOSE AND SCOPE

This Privacy Policy explains how Dashad Group (hereinafter referred to as the “Company”, “we”, or “our”) collects, processes, stores, transfers, and protects personal data obtained through our website (dashad.net), mobile applications, social media accounts, and physical sales offices.

This policy has been prepared in accordance with the Turkish Republic of Northern Cyprus (TRNC) Personal Data Protection Law (Law No. 89/2007), the principles of the European Union General Data Protection Regulation (GDPR), and international best practices.

This policy applies to all natural persons (“Data Subject” or “you”) who visit our website, fill out our forms, request information about our projects, participate in our sales processes, or contact us through any channel.

2. DATA CONTROLLER

The data controller responsible for the processing of your personal data:

Company Name: Dashad Construction Ltd.

Address: Gazimağusa-Karpaz Yolu, Ötüken Kavşağından önce, Yeniboğaziçi, Kuzey Kıbrıs Türk Cumhuriyeti

Email: info@dashadgroup.com

Phone: +90 (533) 828 80 28

Website: https://dashad.co

3. PERSONAL DATA COLLECTED

3.1 Data Collected Directly from You

The following information may be collected through contact forms on our website, phone calls, email correspondence, face-to-face meetings, and sales office visits:

Full name
Email address
Phone number
Postal address and residency information
ID or passport information (for sales and title deed transactions)
Citizenship and nationality information
Payment and financial information (instalment plans, bank details)
Preferred project, unit type, and budget range
Communication preferences and marketing consents

3.2 Automatically Collected Data

When you use our website and digital platforms, the following data may be automatically collected:

IP address
Browser type and version
Device information (operating system, screen resolution, device model)
Cookie data
Pages visited, click data, and time spent on the site
Referring URL
Approximate geographic location (IP-based)

3.3 Data Obtained from Third Parties

We may obtain additional information from the following sources:

Referral information from real estate agencies and business partners
Advertising interaction data through social media platforms (Facebook, Instagram, Google)
Analytics and advertising network providers (Google Analytics, Meta Pixel, etc.)

4. PURPOSES OF PROCESSING PERSONAL DATA

Your personal data is processed for the following purposes:

Providing information about our projects and responding to your enquiries
Conducting sales, contract, and title deed transactions
Creating and monitoring payment plans
Maintaining customer relationship management (CRM) activities
Sharing construction progress updates and project notifications
Providing after-sales support and warranty services
Sending marketing, campaign, and promotional communications based on your explicit consent
Improving our website, services, and user experience
Conducting statistical analyses and market research
Fulfilling our legal obligations and managing legal proceedings
Preventing fraud and ensuring information security
Performing identity verification and security checks

5. LEGAL BASIS FOR DATA PROCESSING

Your personal data is processed based on the following legal grounds:

Your explicit consent (particularly for marketing communications)
Necessity for the performance of a contract (sales agreements, payment plans)
Compliance with legal obligations (tax, title deed, and regulatory reporting)
Our legitimate interests (service quality improvement, security, fraud prevention)
Legal provisions under TRNC Personal Data Protection Law No. 89/2007

6. TRANSFER OF PERSONAL DATA

Your personal data may be transferred to the following parties for the stated purposes:

Our group companies and business partners: for the provision of services and execution of business processes
Law firms and consultants: for the management of legal proceedings
Payment service providers and banks: for the execution of payment transactions
IT service providers: for website hosting, email, CRM, and analytics services
Advertising and analytics platforms: for digital marketing and performance analysis (Google, Meta, etc.)
Public authorities: in compliance with legal obligations and official requests
Land registry and cadastral offices: within the scope of real estate transfer transactions

Where your personal data is transferred internationally, the necessary technical and legal measures are taken to ensure an adequate level of protection.

7. COOKIES AND TRACKING TECHNOLOGIES

7.1 Types of Cookies

The following types of cookies are used on our website:

Essential Cookies: Required for the basic functions of the website to operate and cannot be disabled.
Performance and Analytics Cookies: Used to analyse website traffic, understand visitor behaviour, and improve our services (e.g., Google Analytics).
Functionality Cookies: Used to remember user preferences such as language and region selection.
Targeting and Advertising Cookies: Used to deliver more relevant advertisements and measure campaign performance (e.g., Meta Pixel, Google Ads).

7.2 Cookie Management

You can control, limit, or completely block cookies through your browser settings. However, disabling essential cookies may prevent the website from functioning properly.

8. DATA SECURITY

We implement the following technical and organisational measures to ensure the security of your personal data:

Secure data transmission via SSL/TLS encryption
Firewalls and intrusion detection systems
Regular security audits and vulnerability assessments
Access control and authorisation mechanisms
Data protection and information security training for employees
Physical security measures (office and server access controls)
Data backup and disaster recovery procedures

We would like to note that no method of data transmission over the internet or electronic storage is one hundred percent secure. While we cannot guarantee absolute security, we make every effort in accordance with industry standards to protect your data.

9. RIGHTS OF THE DATA SUBJECT

Under the TRNC Personal Data Protection Law No. 89/2007 and international data protection principles, you have the following rights:

The right to learn whether your personal data is being processed
The right to request information if it has been processed
The right to learn the purpose of processing and whether it is used in accordance with its purpose
The right to know the third parties to whom personal data is transferred, domestically or abroad
The right to request correction of personal data if it is processed incompletely or incorrectly
The right to request deletion or destruction of personal data when the reasons requiring processing have ceased
The right to request that correction, deletion, and destruction operations be notified to third parties to whom the data has been transferred
The right to object to the emergence of a result against you through analysis exclusively via automated systems
The right to claim compensation for damages resulting from unlawful processing of personal data
The right to opt out of marketing communications at any time

9.1 How to Exercise Your Rights

To exercise the rights listed above, you may submit a written application to info@dashad.net. Your application will be concluded free of charge within a maximum of 30 (thirty) days. If the transaction requires an additional cost, the fee schedule stipulated by legal regulations may be applied.

10. DATA RETENTION PERIOD

Your personal data is retained for the duration required by the purpose of its collection. Retention periods are determined considering legal obligations, contractual requirements, and statutes of limitations. Following the expiry of the relevant periods, your personal data is securely deleted, destroyed, or anonymised.

Data relating to real estate sales transactions is subject to legal retention periods arising from title deed and contractual obligations.

11. CHILDREN’S PRIVACY

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from individuals under the age of 18. If you believe that a child for whom you are a parent or guardian has provided us with personal data, please contact us and we will take the necessary steps to promptly delete the relevant data.

12. THIRD-PARTY LINKS

Our website may contain links to websites belonging to third parties. We are not responsible for the privacy practices of these sites. We recommend that you review the privacy policy of the relevant site when redirected to third-party websites.

13. COMMERCIAL ELECTRONIC MESSAGES

Subject to your explicit consent, we may send commercial electronic messages (email, SMS, push notifications) regarding our projects, campaigns, and services. Each of these messages contains an unsubscribe mechanism allowing you to cancel your subscription. Your unsubscribe request will be processed within a maximum of 3 (three) business days.

14. INTERNATIONAL DATA TRANSFERS

Dashad Group serves an international client base. Therefore, your personal data may be transferred to countries where our service providers and business partners are located. In such transfers, the necessary legal and technical measures are taken to ensure that your data is adequately protected.

15. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. In the event of significant changes, we will notify you through our website and/or via email. The updated policy takes effect on the date it is published on our website. We recommend that you review this policy regularly.

16. CONTACT

For any questions, requests, or complaints regarding this Privacy Policy or the processing of your personal data, you may contact us through the following channels:

Dashad Group Ltd.

Email: info@dashad.net

Phone:+905338288028

Address: Turkish Republic of Northern Cyprus