Nesil Teknoloji Logo
Information Society Services

NESİLGRUP BİLİŞİM TEKNOLOJİ TİCARET ANONİM ŞİRKETİ

Corporate information disclosed under Article 1524 of the Turkish Commercial Code.

Company Identity

UnvanNESİLGRUP BİLİŞİM TEKNOLOJİ TİCARET ANONİM ŞİRKETİ
MarkaNESİL Teknoloji
MERSİS No....0631172955000001
Ticaret Sicil No478284
Vergi Dairesi / NoBaşkent Tax Office / 6311729550
NACE Kodu62.01.01 — Bilgisayar programlama faaliyetleri
Fields of ActivityKVKK Consulting, TSE Class A Penetration Testing, ISO/IEC 27001 & 27701 Consulting, Cookie Management, Social Engineering Simulation, Web Accessibility, TSCM Services
Founded2003 (faaliyet) / 01.04.2008 (tescil)
SermayeTRY 1,000,000.00 (paid-in)
Webwww.nesilteknoloji.com

Certificates and Authorizations

TSE Class A Penetration TestingTS 13638/T2 — Belge No: TSE-STF-065
CRESTPenetration Testing Member
ISO/IEC 27001:2022Information Security Management System
ISO/IEC 27701Privacy Information Management System
Sector ComplianceAudit methodology aligned with BDDK, SPK (CMB), TCMB (Central Bank), and EPDK requirements

For certificate numbers, scope, and validity dates: Our Quality and Security Certificates →

Group Brands and Websites

CEREZGO
Cookie consent and management platform (CMP). KVKK and GDPR compliant.
cerezgo.com →
nesil.ai
Social engineering simulation and awareness platform. Phishing, vishing, and smishing scenarios.
nesil.ai →
Erişebilir
Web accessibility compliance solution (WCAG 2.2 / EN 301 549).
erisebilir.com →
Nesil Security
Group company for physical security and camera systems.
nesilguvenlik.com →

Offices and Contact

Istanbul Office Merkez

Oruçreis Mahallesi, Tekstilkent Caddesi
Tekstilkent Plaza D:B Blok
34235 Esenler / ISTANBUL

Ankara Ofisi Headquarters

Aşağı Öveçler Mahallesi 1320. Sokak No: 3/1
Çankaya / ANKARA

Antalya Ofisi

Fener Mahallesi, Tekelioğlu Caddesi No: 55
Kat: 2, 07160 Muratpaşa / ANTALYA

Call Center and Official Notices

Under Notification Law No. 7201, official notices are valid only when served via our KEP (registered electronic mail) address.

Departman E-Posta Adresleri

Ticari

Operasyon

Kurumsal

Banka Hesap Bilgileri

Yapı Kredi — TRY

Branch: Balgat
IBAN: TR31 0006 7010 0000 0004 1708 570

Yapı Kredi — USD

Branch: Balgat
IBAN: TR98 0006 7010 0000 0004 1875 659

IBAN change or update requests must be confirmed only via our official line 0312 911 46 40 . IBAN change notices received by e-mail are not processed.

Vulnerability Reporting (Responsible Disclosure)

Reports from researchers and customers who identify a vulnerability in NESİL Teknoloji systems, products (CEREZGO, nesil.ai, Erişebilir), or service infrastructure are handled under coordinated vulnerability disclosure (CVD) principles.

Reporting Channels

Response Times (SLA)

  • First response: within 72 hours
  • Triage and classification: 5 business days
  • Remediation planning: 30–90 days depending on severity
  • Coordinated disclosure: 30 days after the patch is released

Scope Dahilinde

  • nesilteknoloji.com, cerezgo.com, nesil.ai, erisebilir.com
  • Software and platforms developed by NESİL
  • Vulnerabilities within OWASP Top 10 and CWE Top 25
  • Authorization, authentication, data leakage, RCE, SSRF, IDOR, and cryptographic weaknesses

Out of Scope

  • DoS / DDoS testleri
  • Social engineering and attacks targeting employees or business partners
  • Physical security testing
  • Vulnerabilities in third-party services (report to the relevant provider)
  • Automated scanner output (without manual validation)

Researchers are expected to report findings to NESİL Teknoloji before public disclosure, refrain from accessing user data, and avoid disrupting service integrity. No legal action is taken against good-faith reports made under this policy (safe harbor).

Accreditations and Professional Memberships

CRESTPenetration Testing Member
TSEClass A Penetration Testing Service Qualification Certificate (TS 13638/T2)
ISO/IEC 27001:2022Information Security Management System certificate
ISO/IEC 27701Privacy Information Management System certificate
TÜBİSADMember of the Informatics Industry Association (TÜBİSAD)
OWASPTürkiye chapter supporter / participant
ISACACorporate membership (CISA and CISM certified auditors)

For membership numbers and validity dates: Certificates Page →

Professional Indemnity Insurance

Policy TypeProfessional Indemnity / Errors & Omissions (E&O) Insurance
Ek TeminatSiber Sorumluluk (Cyber Liability)
InsurerAllianz Sigorta A.Ş.
Policy NumberNSL-PI-2026-001
Teminat LimitiTRY 5,000,000 (per incident) / TRY 10,000,000 (annual aggregate)
Validity01.01.2026 – 31.12.2026
Geographic ScopeRepublic of Türkiye
ScopeDamages to clients arising from penetration testing, KVKK, and ISO 27001 consulting; data breaches, protection against third-party claims, and legal defense costs

A specimen policy and coverage details are provided to enterprise clients on request.

Legal and Financial Representation

Hukuk

  • KVKK Counsel: Av. İrem Genç
  • Data Protection & Information Security Lead Auditor: Uygar Aydın
  • Data Controller: NESİLGRUP BİLİŞİM TEKNOLOJİ TİC. A.Ş.

Certified Public Accountant (SMMM)

Primary channel for official notices: [email protected]

Compliance & Reporting Channels

Information Society Documents — Available on Request

Documents subject to disclosure under Article 1524 of the Turkish Commercial Code are provided on request via KEP or corporate e-mail. Please select the document you wish to request:

  • Articles of Association (current) Talep Et
  • General Assembly Call & Agenda Talep Et
  • Meeting Minutes / Attendance List Talep Et
  • Board Resolutions Talep Et
  • Finansal Tablolar & Faaliyet Raporu Talep Et
  • Trade Registry Gazette Announcements Talep Et
  • Tax Certificate & Certificate of Activity Talep Et
  • Signature Circular Talep Et

Identity / authority verification may be required depending on the nature of the request. For legal entities, delivery via KEP is the default.

Yasal Not

This page fulfils the "information society services" obligations under Article 1524 of Turkish Commercial Code No. 6102 and the Regulation on Websites of Capital Stock Companies. Personal data on this page is processed solely to fulfil your request, under Personal Data Protection Law No. 6698; for details, see the KVKK Privacy Notice.

Last updated: May 2026