Istiqtal Unified Intelligence Platform · MMXXVI
One company. Four disciplines. A coherent platform engineered for the institutions that build the future — artificial intelligence, intelligent automation, custom software engineering and modern cybersecurity, unified.
Enterprise operating layer
Istiqtal brings AI, automation, software engineering and cybersecurity into one operating model, so institutions can move from idea to protected production without stitching together separate vendors.
Istiqtal operates where applied intelligence, automation, custom software and security all meet — building systems organisations rely on every day without having to think about them.
End-to-end data processing and cloud fabric designed for performance, scalability and operational stability across decades.
Current encryption protocols integrated across the platform, with forward-looking post-quantum approaches in active development.
A distributed compute fabric engineered for modern AI workloads, real-time inference and large-scale analytics.
Multi-agent learning systems that help organisations automate complex processes safely and efficiently at institutional scale.
Continuous verification at every boundary, with hardware attestation and encrypted micro-segmentation as operational default.
Worldwide support and monitoring across our global estate, with redundant systems and rapid failover built in.
A multi-modal AI platform bringing intelligent reasoning into everyday enterprise operations — foundation models, fine-tuning, retrieval-augmented generation and inference at scale, behind one unified API.
Read more
Intelligent process automation for operational and industrial workflows — combining RPA, multi-agent orchestration and event-driven control across the modern enterprise stack.
Read more
Custom software engineering and developer tooling — bespoke applications, internal platforms, APIs and modernisation programmes, delivered end-to-end with full operational handover.
Read more
A comprehensive AI-driven cybersecurity platform protecting networks, endpoints, cloud workloads, identity systems and supply chains from a single console — XDR, SOAR and threat intelligence unified.
Read more
An applied research lab working on multi-agent learning, neuromorphic compute, photonic systems and human-aligned interface design — from peer-reviewed publications to production-ready prototypes.
Read moreWhere the brief calls for it, Istiqtal builds on the same battle-tested platforms the rest of the modern enterprise relies on — and aligns with internationally recognised standards from day one.
The best technology is the kind you can rely on without thinking about it. We measure success not by attention captured but by problems quietly solved.Istiqtal Research · Applied Sciences
A study of cooperative multi-agent reasoning systems operating under strict latency and energy budgets, with applications to industrial control loops and edge inference at the network periphery.
Request preprint
An engineering note on integrated photonic switching for next-generation inference fabrics, presenting measured latency, energy and thermal characteristics for production-relevant workloads.
Request preprintEngineering, research and operational teams distributed across multiple regions, with a dedicated 24/7 security operations centre and follow-the-sun support.
Istiqtal is a global technology company building practical, dependable systems for the modern digital world. Our charter is simple — create technology that organisations can trust to perform reliably, year after year, without a second thought.
Today, Istiqtal operates internationally, with engineers, researchers and operational teams distributed across multiple regions. We process large volumes of data every day for clients across many industries, and maintain a strong commitment to engineering excellence in everything we ship.
Our philosophy is straightforward. We do not chase trends. We do not ship products before they are ready. Every system we deploy is built to perform consistently and to be maintained over the long term — because the best technology is the kind you can rely on without thinking about it.
Istiqtal incorporated as a global technology company, with an initial focus on secure communications and sovereign data infrastructure.
First release of our software engineering platform, adopted by enterprises internationally for custom systems and developer tooling.
Launch of the Cortex AI platform, expanding the company's footprint into applied artificial intelligence for enterprise contexts.
Operations expanded across multiple regions, with engineering and support teams added on every continent where our clients operate.
Public release of the SentinelShield cybersecurity platform, integrating XDR, SOAR and threat intelligence into a single console.
Launch of the integrated Istiqtal UIP — converging all product lines into a single operational platform with one command surface.
Every engagement begins with a thorough assessment of needs and fit. We focus on long-term partnerships, not short-term wins.
High availability is not an aspiration — it is a contractual commitment, backed by clearly defined service level agreements with each client.
Client data is handled with the highest levels of care, transparency and respect for the rights of every individual and organisation.
Each Istiqtal product line represents years of focused engineering. Together they form a unified platform for building reliable digital operations at any scale — from artificial intelligence to custom software, from automation to defence.
A multi-modal AI platform bringing intelligent reasoning into everyday enterprise operations. Cortex provides foundation models, fine-tuning pipelines, retrieval-augmented generation, evaluation frameworks and inference at scale — all behind a single unified API.
Intelligent process automation for operational and industrial workflows — combining RPA, multi-agent orchestration and event-driven control.
Custom software engineering and developer tooling. Bespoke applications, internal platforms, APIs and modernisation programmes, delivered end-to-end.
An applied research lab working on multi-agent learning, neuromorphic compute, photonic systems and human-aligned interface design.
A comprehensive, AI-driven cybersecurity platform protecting networks, endpoints, cloud workloads, identity systems and supply chains from a single console. SentinelShield correlates telemetry from every data source to detect and respond to threats quickly and decisively, with automation built in at every step.
About pricing: The figures shown are minimum starting prices — the amount payable before a service begins. Cortex AI and AutoPilot are quoted on request, starting from the stated minimums; final pricing is confirmed in a Statement of Work or order form. All fees are strictly non-refundable once a service has commenced, except where a mandatory statutory right applies — see our Refund & Cancellation Policy.
Reserve a product line and pay the non-refundable starting fee through our secure, encrypted checkout. Final scope and pricing are confirmed afterwards in a Statement of Work.
A multi-modal AI platform bringing intelligent reasoning into everyday enterprise operations.
Intelligent process automation for operational and industrial workflows.
Custom software engineering and developer tooling, delivered end-to-end.
A comprehensive, AI-driven cybersecurity platform protecting networks, endpoints, cloud workloads, identity systems and supply chains from a single console.
An applied research lab working on multi-agent learning, neuromorphic compute and photonic systems.
About pricing: The figures shown are minimum starting prices — the amount payable before a service begins. All fees are strictly non-refundable once a service has commenced, except where a mandatory statutory right applies — see our Refund & Cancellation Policy.
No product lines selected yet.
Thank you. Your payment was processed securely. You will receive a confirmation e-mail with next steps shortly.
Back to storeCheckout is handled end-to-end by our secure payment provider. We never see or store your card details.
Effective 1 January 2026 · Last updated 1 April 2026 · Version 3.0
Istiqtal is a global technology company providing artificial intelligence, intelligent automation, custom software engineering and cybersecurity services to enterprise and institutional clients worldwide. This Privacy Policy describes how we collect, use, store, share and protect personal data when you visit our website, contact us, evaluate our services or enter into a contractual relationship with us.
This policy applies to personal data of website visitors, prospective clients, current clients, contractual counterparties, suppliers, applicants and any other natural person whose data we process in the course of our business activities. It is governed by, and shall be interpreted in accordance with, the data protection laws applicable to each data subject's jurisdiction, including but not limited to the General Data Protection Regulation (EU) 2016/679 (GDPR), the UK GDPR and Data Protection Act 2018, the Turkish Personal Data Protection Law No. 6698 (KVKK), the California Consumer Privacy Act / California Privacy Rights Act (CCPA / CPRA), the Brazilian General Data Protection Law (LGPD, Law No. 13.709/2018), the Personal Information Protection Law of the People's Republic of China (PIPL), and Russian Federal Law No. 152-FZ on Personal Data.
Istiqtal collects only the personal data necessary to operate our services, fulfil contractual obligations, comply with statutory requirements and respond to legitimate communications. The categories of personal data we may process include the following.
Full name, professional title, organisation name, business email address, business telephone number, postal address (where required for contractual delivery) and any equivalent identifying information you voluntarily provide through our enquiry forms or direct correspondence.
IP address, browser type and version, operating system, device identifiers, referring URL, pages visited, time and duration of visit, language preferences and other diagnostic information collected automatically by our web servers and (where you have consented) by analytics tools.
Information necessary to negotiate, conclude, perform and audit contracts, including authorised signatories, billing information, payment details processed by our payment service providers (we do not store full card numbers), service usage logs, support tickets and technical telemetry generated by our products.
Encrypted credentials, multi-factor authentication tokens, access logs, audit trails and security event records required to operate our services securely and to detect, investigate and respond to incidents.
We do not collect or process special categories of personal data (such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health data, or data concerning a person's sex life or sexual orientation) unless this is strictly necessary for a specific contractual purpose, in which case we obtain explicit consent and apply additional safeguards as required by applicable law.
Under GDPR Article 6, KVKK Article 5, LGPD Article 7, PIPL Article 13 and equivalent provisions in other jurisdictions, Istiqtal processes personal data only where one or more of the following legal bases applies.
We process personal data for the following specific purposes: providing and improving our services; managing the customer relationship; processing payments; ensuring the security and integrity of our systems; complying with legal, regulatory and tax obligations; responding to legitimate enquiries; and defending against legal claims.
Istiqtal develops and operates artificial intelligence systems as a core part of its business. We are committed to the responsible, transparent and human-aligned development of AI, in line with the EU AI Act (Regulation (EU) 2024/1689), the OECD AI Principles and equivalent emerging frameworks.
Client data is never used to train our AI models without explicit, separate written authorisation. Data processed through our AI systems on behalf of a client is used solely for the contracted operational purpose. Our foundation models are trained on proprietary curated datasets, properly licensed third-party data and lawfully accessible public information, with safeguards against the inclusion of personal data wherever feasible.
In accordance with GDPR Article 22, KVKK Article 11(g), LGPD Article 20 and EU AI Act Article 86, you have the right not to be subject to a decision based solely on automated processing — including profiling — that produces legal effects concerning you or similarly significantly affects you. Where Istiqtal does carry out such processing, we will inform you, provide meaningful information about the logic involved, and offer the right to obtain human intervention, to express your point of view and to contest the decision.
In accordance with EU AI Act Article 50 transparency obligations, where you interact with an AI system (e.g., a Cortex AI chatbot), we will inform you that you are interacting with a machine. Where AI-generated content is published, it is marked accordingly.
Istiqtal does not sell, lease, licence, rent or otherwise commercially distribute personal data to any third party for their own marketing or commercial purposes. We do not engage in "sharing" or "selling" of personal information as those terms are defined under the CCPA / CPRA.
We may, however, share personal data with the following categories of recipients, in each case subject to appropriate contractual safeguards (such as data processing agreements under GDPR Article 28).
As a global organisation, Istiqtal may transfer personal data to jurisdictions other than the data subject's country of residence. Where personal data is transferred outside the European Economic Area, the United Kingdom, Türkiye, Brazil, China, Russia or any other jurisdiction with data localisation requirements, we implement appropriate safeguards as required by the applicable law, including:
A transfer impact assessment is performed prior to any transfer to a third country, and supplementary technical and organisational measures (including end-to-end encryption and pseudonymisation) are applied where the destination country does not offer an essentially equivalent level of protection.
Istiqtal implements technical and organisational measures appropriate to the risk, in accordance with GDPR Article 32 and equivalent provisions of other applicable laws. These include:
Despite these measures, no method of transmission over the internet or electronic storage is fully secure. We cannot guarantee absolute security but commit to maintaining the highest reasonable standard at all times.
Subject to applicable law and to verification of your identity, you have the following rights with respect to the personal data we process about you.
To exercise any of these rights, please contact our Data Protection Officer at dpo@istiqtal.com. We will respond to your request within 30 calendar days (or such shorter period as required by applicable law). We may need to verify your identity before processing the request, and in some cases statutory exemptions may apply.
Data subjects in the EEA and UK have the rights set out in Articles 12–22 of the GDPR / UK GDPR, summarised in Section 8 above. You may also lodge a complaint with the data protection authority of your habitual residence, place of work or place of the alleged infringement.
Under Article 11 of Law No. 6698 (KVKK), every data subject has the right to apply to the data controller and: (a) learn whether their personal data is being processed; (b) request information if their personal data has been processed; (c) learn the purpose of processing personal data and whether the data are used in accordance with their purpose; (ç) know the third parties to whom personal data are transferred, domestically or abroad; (d) request correction of personal data in case of incomplete or inaccurate processing, and request that the correction be communicated to third parties to whom the data have been transferred; (e) request deletion or destruction of personal data when the reasons requiring processing have disappeared, and request that this be communicated to third parties to whom the data have been transferred; (f) object to any adverse outcome arising from the analysis of the data exclusively through automated systems; and (g) claim compensation for damage arising from the unlawful processing of personal data. The 2025 KVKK amendments additionally confer rights to data portability and restriction of processing. Complaints may be filed with the Turkish Personal Data Protection Authority (KVK Kurumu) at kvkk.gov.tr.
California residents have the right to know what personal information is collected, used, shared or sold; the right to delete personal information; the right to correct inaccurate personal information; the right to opt out of the sale or sharing of personal information; the right to limit the use of sensitive personal information; and the right not to be discriminated against for exercising privacy rights. Istiqtal does not sell or share personal information for behavioural advertising. We honour Global Privacy Control (GPC) signals as opt-out signals where applicable. To submit a request, contact privacy@istiqtal.com.
Data subjects in Brazil have the rights set out in Article 18 of the LGPD, including confirmation of processing, access, correction, anonymisation, blocking, deletion, portability, information about sharing, information about the option not to consent, withdrawal of consent and the right to petition the National Data Protection Authority (ANPD).
Personal information subjects in the People's Republic of China have the rights provided under Articles 44–50 of the PIPL, including the right to be informed, to decide on, restrict or refuse processing, to access and copy, to portability, to correction, to deletion and to obtain explanations of the processing rules. Cross-border transfers are subject to the additional separate consent and security assessment requirements set out in Articles 38–43.
Personal data subjects in the Russian Federation have the rights provided under Article 14 of Federal Law No. 152-FZ. Personal data of Russian citizens is recorded, systematised, accumulated, stored, modified and retrieved using databases located in the territory of the Russian Federation, in accordance with Article 18(5).
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting or reporting requirements. Specifically:
Upon expiry of the retention period, or upon a valid erasure request, personal data is securely deleted or fully anonymised. Clients may request immediate deletion at contract termination, with a certificate of destruction provided within 30 business days.
Istiqtal's services are intended exclusively for business and institutional use. We do not knowingly collect or process personal data from children. In line with GDPR Article 8, we treat 16 as the minimum age for consent unless local law specifies a higher minimum (and we apply the higher minimum). If we become aware that personal data of a child has been collected without verifiable parental consent, we will delete that information without undue delay.
Our website uses a strictly limited set of cookies and similar technologies. Strictly necessary cookies are used to operate the site and remember your language and consent preferences. Optional analytics cookies (where present) are loaded only after you have given explicit consent through our cookie banner, and may be withdrawn at any time. We do not use advertising or third-party tracking cookies.
For full details, please refer to our Cookie Policy.
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this document indicates when revisions were last made. Material changes will be notified to existing clients in writing.
If you believe that our processing of your personal data infringes applicable law, you have the right to lodge a complaint with the relevant supervisory authority. The principal authorities by jurisdiction include:
We strongly encourage you to contact our DPO first, so that we may resolve your concern directly.
For all privacy-related enquiries, please contact our Data Protection Officer at dpo@istiqtal.com, or use our contact form. General privacy enquiries may also be sent to privacy@istiqtal.com. We respond to all formal enquiries within 30 calendar days, or sooner where required by applicable law.
Effective 1 January 2026 · Last updated 1 April 2026 · Version 2.0
These Terms of Service (the "Terms") constitute a binding legal agreement between you (the "Customer", "you" or "your") and Istiqtal (the "Provider", "we", "us" or "our"). By accessing our website, requesting a quotation or signing an order form, you confirm that you have read, understood and agree to these Terms in full.
Istiqtal services are intended for business and institutional use only. To enter into an agreement with Istiqtal you must (a) be at least 18 years old; (b) have the legal capacity and authority to bind the entity on whose behalf you are contracting; (c) not be located in, ordinarily resident in or otherwise associated with any jurisdiction that is the subject of comprehensive sanctions imposed by the United Nations, the European Union, the United Kingdom, the United States or other applicable authorities; and (d) not be listed on any restricted-party list maintained by such authorities.
Istiqtal provides a unified suite of enterprise technology services covering artificial intelligence (the Cortex AI Platform), intelligent automation (AutoPilot), software engineering and custom development (CodeForge), cybersecurity and defence (SentinelShield) and applied research (Istiqtal Research). The specific services to be provided to a Customer, together with their scope, deliverables, timelines, fees and any service-level commitments, are defined in a separate written order form, statement of work, master services agreement or equivalent commercial document (each an "Order").
In case of any conflict between these Terms and an Order, the Order prevails for the matters specifically addressed therein. These Terms govern all aspects of the Customer's use of Istiqtal services that are not expressly addressed by an Order.
Where access to our services requires the creation of a user account, the Customer is responsible for: (a) the accuracy and completeness of all information provided during registration; (b) the confidentiality of authentication credentials, including passwords, API keys, certificates and multi-factor tokens; (c) all activity occurring under their accounts; and (d) the prompt notification of Istiqtal of any unauthorised use, suspected compromise or security incident affecting their accounts.
Istiqtal may suspend or terminate access to any account in the event of a confirmed or reasonably suspected security incident, breach of these Terms or any unlawful activity, with reasonable notice to the Customer where lawful and practicable.
Subject to the Customer's compliance with these Terms and the applicable Order, Istiqtal grants the Customer a non-exclusive, non-transferable, non-sublicensable, revocable, limited licence to access and use the contracted services solely for the Customer's internal business purposes, during the term of the Order.
The Customer shall not, and shall not permit any third party to: (a) reverse engineer, decompile, disassemble or attempt to derive the source code, algorithms or models of any Istiqtal service; (b) copy, modify, translate or create derivative works based on our services or documentation; (c) resell, sublicense, lease, rent or commercially exploit our services in any form, except as expressly permitted by an Order; (d) use the services in violation of any law or third-party right; (e) use the services to develop a competing product or service; (f) circumvent any technical protection, access control or rate limit; or (g) remove, alter or obscure any proprietary notice, trademark or attribution.
All right, title and interest in and to the Istiqtal services, including all software, models, algorithms, documentation, designs, trademarks, trade names, trade secrets and other intellectual property rights therein, are and shall remain the exclusive property of Istiqtal or its licensors. Nothing in these Terms transfers any ownership of intellectual property rights to the Customer.
The Customer retains all right, title and interest in and to its own data, content and materials submitted to or processed by our services (collectively, "Customer Data"). The Customer grants Istiqtal a limited, worldwide, royalty-free licence to use, host, store, transmit and display Customer Data solely as necessary to provide the contracted services.
Unless expressly authorised in writing through a separate agreement, Customer Data is not used to train Istiqtal's AI models or for any purpose other than performance of the Order.
The Customer shall use Istiqtal services only for lawful purposes and in accordance with these Terms. The Customer agrees not to use, or permit any third party to use, the services to:
Istiqtal reserves the right to investigate suspected violations and to suspend or terminate services without notice where a serious breach is identified.
Fees, payment terms, billing currency and any minimum commitments are set out in the applicable Order. Unless otherwise agreed: (a) invoices are payable within 30 calendar days of issue; (b) all amounts are stated exclusive of taxes; (c) the Customer is responsible for all applicable VAT, GST, withholding taxes, duties and similar levies, except for taxes on Istiqtal's net income; (d) overdue amounts may bear interest at the lower of 1.5% per month or the maximum rate permitted by law; and (e) Istiqtal may suspend services for material non-payment after providing reasonable notice and opportunity to cure.
All payments must be made in cleared funds to the bank account specified on the invoice, free of any deduction or withholding except as required by law.
Istiqtal services are provided on a bespoke, professional and enterprise basis. Once a service has been substantially performed or a deliverable accepted, fees are non-refundable. Cancellation rights and refund entitlements set out in any Order shall apply.
Statutory consumer rights are preserved. Where applicable mandatory law (including EU Directive 2011/83/EU on consumer rights, the UK Consumer Contracts Regulations 2013, Turkish Law No. 6502 on the Protection of the Consumer, and equivalent legislation in other jurisdictions) grants a non-waivable right of withdrawal or refund to a consumer, that right is fully preserved and not limited by these Terms.
Refund procedures and timelines are set out in the applicable Order. Where no Order specifies otherwise, validly approved refunds are issued to the original payment method within 14 business days of approval.
Istiqtal targets a service availability of 99.99% (calculated on a monthly basis) for production-grade managed services, excluding scheduled maintenance and force majeure events. The specific service-level commitments, measurement methodology, exclusions and remedies (such as service credits) applicable to a given engagement are set out in the relevant Service Level Agreement appended to the Order.
Where no SLA is included in the Order, services are provided on a commercially reasonable basis without specific availability guarantees.
Istiqtal warrants that the services will be performed in a professional and workmanlike manner, in accordance with generally accepted industry practice and the specifications set out in the applicable Order. The exclusive remedy for breach of this warranty is the re-performance of the affected services or, at Istiqtal's option, a refund of the fees paid for the non-conforming services.
EXCEPT AS EXPRESSLY SET OUT IN THESE TERMS OR AN ORDER, AND TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ALL SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT. ISTIQTAL DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE OR FREE FROM HARMFUL COMPONENTS. AI-GENERATED OUTPUTS ARE PROBABILISTIC AND SHOULD NOT BE RELIED UPON FOR HIGH-RISK DECISIONS WITHOUT INDEPENDENT HUMAN VERIFICATION.
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, BUSINESS, GOODWILL, DATA OR ANTICIPATED SAVINGS, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OR THE SERVICES.
EACH PARTY'S TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY THE CUSTOMER TO ISTIQTAL UNDER THE RELEVANT ORDER DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
Mandatory carve-outs. Nothing in these Terms excludes or limits liability for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; (c) gross negligence or wilful misconduct; (d) any liability that cannot lawfully be excluded or limited under applicable law (including statutory consumer protection rights, where applicable). The limits set out above shall apply to the fullest extent permitted by applicable mandatory law.
The Customer shall defend, indemnify and hold harmless Istiqtal, its affiliates and their respective officers, directors, employees and agents from and against any third-party claim arising out of or relating to (a) the Customer's breach of these Terms; (b) the Customer's violation of applicable law; (c) the Customer's use of the services in a manner not authorised by Istiqtal; or (d) the content or processing of Customer Data.
Istiqtal shall defend the Customer against any third-party claim that the services as supplied by Istiqtal infringe a valid intellectual property right, and shall pay any final judgement awarded or settlement agreed by Istiqtal, subject to the Customer (i) promptly notifying Istiqtal of the claim, (ii) providing reasonable cooperation, and (iii) granting Istiqtal sole control of the defence and settlement.
Each party shall keep confidential, and not disclose to any third party, any non-public information disclosed by the other party in connection with these Terms ("Confidential Information"), and shall use such information only as necessary to perform its obligations or exercise its rights. Confidentiality obligations survive termination for five (5) years, except for trade secrets, which remain confidential indefinitely.
Processing of personal data is governed by our Privacy Policy and, where Istiqtal acts as a processor, by a separate Data Processing Agreement (DPA) entered into in accordance with GDPR Article 28 and equivalent provisions in other applicable jurisdictions.
Each party shall comply with all applicable export control, sanctions and trade-restriction laws, including those of the United Nations, the European Union, the United Kingdom, the United States (including the Export Administration Regulations and OFAC programmes) and the Russian Federation. The Customer represents and warrants that it is not located in, ordinarily resident in or otherwise associated with any comprehensively sanctioned jurisdiction, and that it will not export, re-export or transfer Istiqtal services or any output thereof in violation of applicable law.
Neither party shall be liable for any failure or delay in performance to the extent caused by events beyond its reasonable control, including acts of God, natural disasters, pandemics, war, terrorism, civil unrest, governmental action, labour disputes, internet or utility outages, cyber-attacks against critical infrastructure, or other comparable events. The affected party shall promptly notify the other and shall use reasonable efforts to mitigate the impact and resume performance.
These Terms commence on the earlier of (a) the date the Customer accepts an Order or (b) the date the Customer first accesses the services, and continue in force until terminated in accordance with these Terms or the applicable Order.
Either party may terminate these Terms or any Order with immediate effect upon written notice if the other party (a) commits a material breach that is not cured within 30 calendar days of written notice; (b) becomes insolvent, enters into liquidation or makes an assignment for the benefit of creditors; or (c) ceases to carry on business.
On termination, the Customer's licence terminates and any outstanding amounts become immediately due. Sections that by their nature should survive termination (including intellectual property, confidentiality, limitation of liability and governing law) shall continue in full force.
These Terms are governed by and construed in accordance with the laws of England and Wales, without regard to conflict-of-law principles, save where mandatory law of the Customer's jurisdiction of habitual residence applies (in particular, mandatory consumer protection law).
The parties shall first attempt to resolve any dispute arising under or in connection with these Terms through good-faith negotiation. If the dispute is not resolved within 30 calendar days, it shall be finally settled by arbitration under the Rules of Arbitration of the International Chamber of Commerce (ICC) by one or more arbitrators appointed in accordance with the said Rules. The seat of arbitration shall be London, United Kingdom. The language of arbitration shall be English. Notwithstanding the foregoing, either party may seek interim or injunctive relief from a court of competent jurisdiction.
Consumer rights. If the Customer is a consumer, this clause does not deprive the Customer of the protection afforded by mandatory provisions of the law of the country where the Customer has their habitual residence, and the Customer may bring proceedings in the courts of that country.
Istiqtal may modify these Terms from time to time. Material changes will be notified to existing Customers in writing, with at least 30 calendar days' advance notice where reasonably practicable. Continued use of the services after the effective date of a modification constitutes acceptance of the modified Terms.
Entire agreement. These Terms, together with any Order and the Privacy Policy, constitute the entire agreement between the parties relating to the subject matter and supersede all prior or contemporaneous understandings.
Severability. If any provision is held to be invalid or unenforceable, the remaining provisions shall continue in full force, and the invalid provision shall be modified to the minimum extent necessary to make it enforceable while preserving the parties' original intent.
Assignment. The Customer may not assign these Terms or any Order without Istiqtal's prior written consent. Istiqtal may assign these Terms to an affiliate or in connection with a corporate transaction.
Notices. All formal notices shall be sent in writing to legal@istiqtal.com, with confirmation of receipt.
No waiver. Failure to enforce any provision shall not constitute a waiver of any future right under that provision.
No agency. Nothing in these Terms creates a partnership, joint venture, agency or employment relationship between the parties.
Effective 1 January 2026 · Last updated 1 April 2026
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work more efficiently, to remember user preferences and to provide aggregate analytics about site usage. Similar technologies — such as local storage, session storage, pixels and software development kits (SDKs) — may also be used. In this policy, we refer to all such technologies collectively as "cookies".
Istiqtal uses a deliberately minimal set of cookies. We do not use third-party advertising cookies or cross-site tracking. Our cookies fall into the following categories.
These cookies are essential for the operation of our website and cannot be disabled. They are used to record your cookie consent choices, to remember your selected language, to maintain session integrity and to protect against cross-site request forgery. No consent is required for these cookies under EU and UK e-privacy law.
These cookies remember choices you make to provide an enhanced experience (such as theme preference). They are loaded only after you have indicated consent.
If activated by you, anonymised analytics cookies help us understand how visitors interact with our site, so that we can improve content and structure. We use privacy-respecting analytics with IP anonymisation. These cookies are loaded only after you have given explicit consent through our cookie banner, in accordance with EU ePrivacy Directive 2002/58/EC and equivalent provisions of UK PECR, KVKK and other applicable laws.
We do not use advertising cookies, third-party retargeting cookies or cross-site tracking pixels.
You can review and change your cookie preferences at any time by clicking the "Cookie preferences" link in the footer of our website, or by clearing your browser cookies and revisiting our site.
Most browsers also allow you to manage cookies directly through their settings — including blocking all cookies, blocking third-party cookies or deleting cookies after each session. Disabling strictly necessary cookies may affect site functionality.
We honour Global Privacy Control (GPC) signals as opt-out signals where applicable.
Cookies are retained for varying durations depending on their purpose: session cookies are deleted when you close the browser; consent cookies are retained for up to 12 months; analytics cookies (where activated) are retained for up to 14 months in accordance with the recommendations of European data protection authorities.
This Cookie Policy may be updated from time to time. The effective date at the top of this document indicates the latest version. For any questions, please contact privacy@istiqtal.com.
Turkish Personal Data Protection Law (KVKK) Article 10 disclosure notice — for data subjects in Türkiye.
Yürürlükte 1 Ocak 2026 · Son güncelleme 1 Nisan 2026 · Sürüm 2.0
6698 sayılı Kişisel Verilerin Korunması Kanunu ("KVKK") uyarınca veri sorumlusu sıfatıyla, Istiqtal ("Şirket") olarak kişisel verilerinizin işlenmesinde aşağıdaki esaslar çerçevesinde hareket etmekteyiz. Bu metin, Kanun'un 10. maddesi kapsamında aydınlatma yükümlülüğümüzün yerine getirilmesi amacıyla hazırlanmıştır.
İşlenen kişisel veri kategorileri: kimlik bilgileri (ad, soyad, unvan), iletişim bilgileri (e-posta, telefon, adres), kurumsal bilgiler (çalıştığınız kuruluş), teknik veriler (IP adresi, tarayıcı bilgisi, çerez verileri), sözleşmesel veriler (sipariş bilgileri, ödeme verileri — tam kart numarası saklanmaz), güvenlik verileri (kimlik doğrulama logları, denetim izleri).
Kişisel verileriniz şu amaçlarla işlenir: hizmetlerin sunulması ve geliştirilmesi; sözleşmesel yükümlülüklerin yerine getirilmesi; müşteri ilişkilerinin yönetimi; ödeme işlemlerinin gerçekleştirilmesi; sistemlerin güvenlik ve bütünlüğünün sağlanması; yasal, düzenleyici ve vergi yükümlülüklerine uyum; meşru sorulara cevap verilmesi; hukuki taleplere karşı savunma.
KVKK'nın 5. ve 6. maddeleri uyarınca işleme dayanaklarımız: bir sözleşmenin kurulması veya ifasıyla doğrudan doğruya ilgili olması (m.5/2-c); hukuki yükümlülüğün yerine getirilebilmesi (m.5/2-ç); ilgili kişinin temel hak ve özgürlüklerine zarar vermemek kaydıyla, veri sorumlusunun meşru menfaatleri için veri işlenmesinin zorunlu olması (m.5/2-f); ilgili kişinin açık rızası (m.5/1, opsiyonel pazarlama vb. için).
Kişisel verileriniz aşağıdaki taraflarla, KVKK'nın 8. ve 9. maddeleri kapsamında ve gerekli koruma önlemleri alınarak paylaşılabilir:
KVKK'nın 9. maddesi uyarınca, yurt dışına yapılan aktarımlar için: yeterlilik kararı, taraflar arasında yazılı taahhütname (Standart Sözleşme Maddeleri / SCC), Bağlayıcı Şirket Kuralları (BCR) veya açık rıza gibi uygun güvenceler uygulanır. Avrupa Birliği için 2021 SCC, Birleşik Krallık için UK IDTA / Addendum kullanılır. Çin, Rusya, Brezilya gibi yargı alanları için yerel hukuk gereklilikleri ek olarak gözetilir.
Kişisel verileriniz; web sitesi formları, e-posta yazışmaları, telefon görüşmeleri, sözleşmesel ilişkiler ve tarayıcınızda otomatik olarak çalışan teknik araçlar (çerezler, sunucu logları) aracılığıyla toplanır. Üçüncü taraflardan veri toplandığı durumlarda kaynak ayrıca size bildirilir.
6698 sayılı Kanun'un 11. maddesi gereğince, veri sorumlusu sıfatıyla bize başvurarak kendinizle ilgili olarak aşağıdaki haklara sahipsiniz:
2025 KVKK değişiklikleri ile veri taşınabilirliği ve işlemenin kısıtlanması hakları da eklenmiştir.
Yukarıda sayılan haklarınızı kullanmak için, "Veri Sorumlusuna Başvuru Usul ve Esasları Hakkında Tebliğ" hükümleri çerçevesinde, kimliğinizi tevsik edici belgelerle birlikte aşağıdaki yollardan biriyle başvurabilirsiniz:
Başvurularınız Kanun'un 13. maddesi uyarınca en geç 30 (otuz) gün içinde sonuçlandırılır. Cevabımızdan tatmin olmamanız hâlinde Kişisel Verileri Koruma Kurulu'na (KVK Kurumu, kvkk.gov.tr) şikayette bulunma hakkınız saklıdır.
Veri sorumluları siciline (VERBIS) kayıt durumumuz: başvuru süreci devam etmektedir. Kayıt numarası, KVKK Kurumu tarafından tahsis edildiğinde bu sayfada güncellenecektir. [TODO: insert VERBIS registration number once filed]
2025 KVKK değişiklikleri uyarınca, kişisel veri ihlali tespit edildiğinde KVKK Kurumu'na ve etkilenen veri sahiplerine en geç 72 (yetmiş iki) saat içinde bildirim yapılır. İhlal değerlendirme prosedürlerimiz ISO/IEC 27001 standardı ile uyumludur.
Bu aydınlatma metni, Istiqtal'ın Gizlilik Politikası'nın bir parçasıdır ve tek başına okunmamalıdır. Politika, KVKK'ya ek olarak GDPR, UK GDPR, CCPA/CPRA, LGPD, PIPL ve 152-FZ gibi diğer yargı alanlarındaki yükümlülüklerimizi de detaylandırır.
Effective 1 January 2026 · Last updated 1 April 2026 · Version 1.0
This Refund Policy applies to all paid services purchased from Istiqtal — whether through direct invoice, the Cortex AI Platform, AutoPilot subscriptions, CodeForge engagements, SentinelShield licences or via our Merchant of Record (Dodo Payments). It applies in addition to, and does not derogate from, any mandatory consumer rights granted under applicable law.
Consumers in the European Union and United Kingdom have the right to withdraw from a distance contract within 14 calendar days from the date of conclusion, without giving any reason, as set out in EU Directive 2011/83/EU and the UK Consumer Contracts Regulations 2013. To exercise this right, send an unequivocal statement to legal@istiqtal.com; refunds are issued to the original payment method within 14 business days of approval.
Digital content exception: Where the customer expressly consents to immediate performance of digital content, and acknowledges that they thereby lose their right of withdrawal once delivery has begun, the right of withdrawal may not apply. This consent is captured at checkout for digital products.
Türkiye'de tüketici sıfatıyla satın alım yapanlar, 6502 sayılı Tüketicinin Korunması Hakkında Kanun ve Mesafeli Sözleşmeler Yönetmeliği uyarınca 14 günlük cayma hakkına sahiptir. Cayma bildirimi legal@istiqtal.com adresine yazılı olarak iletilebilir.
Monthly and annual subscriptions may be cancelled at any time through your account dashboard or by emailing hello@istiqtal.com. Cancellations take effect at the end of the current billing cycle. Pro-rata refunds for unused periods are not provided unless required by mandatory law.
Refunds for bespoke engagements are governed by the relevant Statement of Work (SoW) or Order Form. Once a deliverable has been substantially completed and accepted, fees are non-refundable. Disputed deliverables are resolved through the dispute mechanism specified in the contract.
Where payment is made in cryptoassets (via MoonPay, Mercuryo or any other licensed cryptoasset processor): refunds are issued in fiat currency to a verified bank account, not in cryptoassets, due to the irreversible nature of on-chain settlement. Refund amounts are calculated using the fiat-equivalent rate at the time of the original payment, plus or minus any network fees. Volatility-related losses between payment and refund are not compensable.
For purchases processed through Dodo Payments as Merchant of Record: Dodo handles refunds, chargebacks and tax remittance on Istiqtal's behalf in accordance with the Dodo Payments Master Service Agreement. Customers may contact Dodo Payments support directly or contact Istiqtal at legal@istiqtal.com — both routes are accepted.
To request a refund: (1) send a written statement to legal@istiqtal.com with the order reference, payment method, and reason; (2) we acknowledge within 2 business days; (3) approved refunds are issued within 14 business days to the original payment method; (4) processing times beyond our control (banking systems, card networks, MoonPay/Mercuryo settlement windows) may add additional days.
If a customer initiates a chargeback through their bank or card network without first contacting us, Istiqtal reserves the right to (i) provide all transaction evidence to the network; (ii) suspend service pending resolution; (iii) recover legitimate costs through legal channels for fraudulent chargebacks. Customers are encouraged to contact us first; we resolve the vast majority of disputes amicably without involving banks.
Refund and cancellation enquiries: legal@istiqtal.com. For unresolved disputes, EU consumers may use the EU Online Dispute Resolution platform. Türkiye'de tüketici hakem heyetlerine veya tüketici mahkemelerine başvuru hakkı saklıdır.
Effective 1 January 2026 · Last updated 1 April 2026 · Version 1.0
This page sets out material risks associated with cryptoasset payment services and any cryptoasset products available through Istiqtal — whether processed by us directly, by Dodo Payments as Merchant of Record, or via licensed third-party processors such as MoonPay or Mercuryo. Cryptoassets are largely unregulated in many jurisdictions and you may have limited or no recourse if something goes wrong.
Cryptoasset prices can fluctuate dramatically — by tens of percent or more within a single day, and have historically lost more than 90% of their value in market downturns. The fiat value of any cryptoasset payment, refund or balance can change materially between transaction initiation and final settlement. Past performance is not indicative of future results.
Markets for cryptoassets, particularly low-cap tokens, can become illiquid suddenly. You may be unable to sell or convert cryptoassets at the time and price you expect. Order books can thin, exchanges can pause withdrawals, and stablecoins can de-peg.
Cryptoassets are a common target for fraud, phishing, social engineering, exchange hacks and wallet compromise. We strongly advise: (i) never sharing your private keys, seed phrases or recovery codes with anyone, including Istiqtal staff; (ii) using hardware wallets where possible; (iii) verifying URLs carefully; (iv) treating all unsolicited contact suspicious. We will never ask you for your seed phrase.
Once a cryptoasset transaction is broadcast and confirmed on its native blockchain, it cannot be reversed by Istiqtal, by any payment processor, or by any third party — not even by court order. Sending funds to the wrong address, with the wrong amount, or on the wrong network typically results in permanent loss. Always verify recipient addresses and amounts before signing.
The EU Markets in Crypto-Assets Regulation (MiCA) imposes specific requirements on issuers of asset-referenced tokens (ARTs) and e-money tokens (EMTs). Some stablecoins available through third-party processors may not be MiCA-compliant. Where a stablecoin lacks MiCA authorisation, EU customers should expect that processors may restrict or withdraw access. We do not issue any stablecoin ourselves.
The regulatory treatment of cryptoassets is evolving rapidly. New legislation, enforcement actions, sanctions, or tax positions may materially affect availability, custody, transferability or value. Cryptoasset products may be withdrawn from certain jurisdictions on short notice.
Nothing on this site or in any payment flow constitutes investment advice, a recommendation, a solicitation, or financial promotion. Decisions to acquire, hold or dispose of cryptoassets are solely yours. Consider seeking independent advice from a qualified financial adviser regulated in your jurisdiction.
Acquiring, holding, exchanging or disposing of cryptoassets may give rise to capital gains, income tax or VAT obligations in your jurisdiction. Tax treatment varies by country and by the nature of the transaction. You are solely responsible for determining and meeting your tax obligations. Istiqtal does not provide tax advice.
Cryptoasset services may not be available in your jurisdiction. We restrict service in countries subject to comprehensive sanctions and in jurisdictions where we lack the necessary regulatory authorisation. Attempting to access services from a restricted jurisdiction (e.g., via VPN) is a breach of our Terms of Service.
Where Istiqtal facilitates cryptoasset payments via third-party processors, those processors operate under their own regulatory authorisations and terms of service. Istiqtal is not regulated as a virtual asset service provider (VASP) and does not custody cryptoassets on your behalf. Your relationship with any processor is governed by its own agreement, which you should read before transacting.
Risk-related questions: legal@istiqtal.com. For complaints about a third-party processor (e.g., MoonPay, Mercuryo), contact the processor directly first; their regulator (FCA, AMF, BaFin, FCMC, etc.) is the appropriate escalation route.
For new engagements, partnerships or qualified press enquiries. All transmissions are encrypted; we typically respond within one business day.
