Services
Seaway Partial LCL
Seaway Full Container FCL
Routes
ABD
China
India
Morocco
Tunisia
Egypt
Ship Programs
About Us
Logistics Dictionary
Load Tracking
Home Page
>

All logistics services which ARKAS LOJISTIK A.S. (“ARKAS LOJISTIK”) provides in order to carry out transportation and logistics activities in various transportation modes as freight forwarder, the actual carrier and/or deemed as carrier for the situations as required by law, shall be subject to terms and conditions in this ARKAS LOJISTIK A.S. Logistics Services Standard Terms and Conditions (“STC”). Namely, all logistics services provided by ARKAS LOJISTIK shall be executed in accordance with the working conditions set forth herein.

1) DEFINITIONS AND IMPLEMENTATION

For the purpose of this STC, the terms listed hereunder shall have the following meanings:

- Shipeedy (www.shipeedy.com ): The online website, with all its rights belonging to ARKAS LOJISTIK A.Ş., that offers “indicative prices” for logistics services provided to those who register as users and are defined as “Client” in accordance with this STC, and where all correspondence regarding the Offer Form to be prepared in line with the Logistics Services needs to be determined by the Client, as well as Payment, Commitment, Booking and Service Tracking, Documentation and processes are carried out;

- Indicative Prices : Market rates and pricing provided for indicative information purposes to the Clients who have registered as users without any Offer Form work on Shipeedy, to which the Clients can access quickly by entering relevant general information related to the location, date, mode of transport to the application on the website, and to which a binding nature can in no way be attributable with regard to the scope, date, pricing or method of the final Logistics Services to be offered by ARKAS LOJISTIK;

- Client : Real and legal person merchants, who have rights and obligations against ARKAS LOJISTIK, as the one submitting their request from the website www.shipeedy.com by performing membership and use transactions on the relevant Shipeedy website at the beginning, and then through the Call Centre and all other communication channels and mediums pursuant to this STC signed with ARKAS LOJISTIK , regardless of appearing on the official or transport documents regarding the services, and the PURCHASER defined in the www.shipeedy.com Terms of Use and Membership Agreement and the real and/or legal persons represented by the PURCHASER and their guarantors, as well as all addressees and Cargo Senders and Receivers whose names are on the transport documents and invoices;

- Logistics Service(s) : Forwarding services, provided that its scope may differ according to each consignment or order and consensus, refers to:
(i) Free and/or paid logistics services-themed content services such as guidance, offer, information, news, opportunity presentation, service promotion, service sales, etc., which are offered on the website www.shipeedy.com and/or its mobile applications to the Client after he fulfils the membership processes on the website www.shipeedy.com;
(ii) The service which is deemed to be established after the Client fulfils the acceptance process and the payment subject to the Service Fee, based on a request that might be submitted by the Client over the Shipeedy and in accordance with the terms and conditions in the Offer Form to be bid by ARKAS LOJISTIK to them;
(iii) Internationally transporting the Cargoes notified by the Client, or having them transported, with the modes of transportation, including sea, land, rail, and airways, to be mutually agreed upon by setting the special and standard terms and conditions in the Offer Form, using various vehicles and ways;
(iv) Storage services (warehousing, removing from the warehouse, handling, management of the warehouse, etc.) for the relevant cargoes, if requested by the Client;
(v) Other services regarding the transportation and storage that must be specifically requested and accepted by the Client and under special conditions that must be transmitted on the Offer Form by ARKAS LOJISTIK and agreed upon by both parties, including but not limited to the following: (consolidation of the goods, separation and storage of the consolidated goods, packaging, collection, handling, labelling or overhauling of the consolidated goods, as well as the following services each of which are available on request: procurement of custom clearance services, procurement of cargo insurance for goods, providing of consultation services for transportation and distribution services, preparation or providing support for the preparation of import/export documents on behalf of the Client, etc.)

Any Logistics Services SHİPEEDY provides for the Client are provided in compliance with the terms and conditions specified in this STC. The Logistics Services which are given herein as examples to form a framework may be provided partially or completely, as well as separately or as a whole, depending on the order and expectations of the Client.

According to the special and standard terms to be applied as per the characteristics of the modes of transport such as railway, airway, etc., as well as the specific regulations in the Offer Form, they might be primarily applied as long as they befit the STC transport terms and legal regulations, as well as the specialty of the incident.

- SDR : Also known as the Special Drawing Right, it refers to an international type of monetary reserve currency created by the International Monetary Fund (IMF);
- Party : It refers to either ARKAS LOJISTIK or the Client individually;
- Parties : It refers to ARKAS LOJISTIK and Client collectively.
- Offer Form : The Offer Form in which ARKAS LOJISTIK includes operational details, pricing, service scope and transport conditions specific to the individual Logistics Services in line with the preliminary information and request shared by the Client to assign the final Logistics Services, that the Client has intended to purchase after reviewing the Indicative Prices on the Shipeedy, to ARKAS LOJISTIK, which also contains the complementary terms and conditions of the STC, and which includes the bid of ARKAS LOJISTIK for the establishment of the service between the parties, and for which acceptance is sought along with the STC;
- Cargo(es) : Refers to any good that is deemed not be included in the category of prohibited goods notified by ARKAS LOJISTIK or on the Shipeedy, of which trade and transport as part of the selected Logistics Services is permitted by the legislation, which will be subject to Logistics Services pursuant to this STC, as well as any container, pallet, package or similar transport container or packaging device which are not provided to the Client as part of the Logistics Services promised to be provided by ARKAS LOJISTIK, and the Cargo(es) may also be referred to as “load”, “goods” or “items” between the Parties from time to time.

Without prejudice to the terms and conditions in the current national and international legislation are prior to apply to the Parties, any Logistics Services which ARKAS LOJISTIK provides for the Client in pursuance to this STC, against remuneration or free of charge, are subject to the terms and conditions set forth in this STC.

Any terms and conditions provided in this STC shall apply to any bilateral relations between the Parties, on the condition these terms and conditions do not contradict with the mandatory national law or the imperative provisions of any international conventions of which Turkey is a party. None of the terms and conditions set forth in this STC can be construed as ARKAS LOJISTIK’s waiver of the rights entitled to it by the national law or international conventions, or increase of its liabilities arising from the aforementioned legislation.

2) ACKNOWLEDGEMENT AND UNDERTAKINGS OF CLIENT:

2.1) Upon the signing of this STC, the Client irrevocably acknowledges and undertakes that the terms and conditions set forth herein are also an inseparable part of the quotes the Client requests from ARKAS LOJISTIK as well as the work orders, Offer Form acceptances and other instructions the Client imparts to ARKAS LOJISTIK, and that relevant work order, Offer Form, instruction or quote requests, regardless of their acceptance status on Shipeedy website, by e-mail or facsimile, and/or at recorded verbal interviews held through a call center, gain practicability for all bilateral relationship and services.

2.2) The Client shall be responsible to ARKAS LOJISTIK directly, alone, and acting as principal for any rights and liabilities which may arise from this STC, regardless of whether the Client is the owner of the Cargo subject to the STC /authorized representative/agent/representative of the owner/in a contractual relationship with the owner/guarantor of the owner.

2.3) ARKAS LOJISTIK shall not be responsible for ;(i) loadings and sealing operations carried out in places under the control and maintenance of the Client, and (ii) loading, unloading, packaging and stowing operations unless explicitly agreed otherwise in writing between the Parties,

2.4) The Client declares, acknowledges and undertakes that with relation to any types of Logistics Services, all information he provides to ARKAS LOJISTIK regarding the Cargo subject to the STC, concerned persons, and the qualities of the requested service, shall be complete and accurate.

2.5) Unless explicitly stated otherwise in writing, the Client acknowledges and undertakes in advance that he has consent for the carriage of the Cargo subject to the Logistics Services on board and in the usual customary ways and when necessary, by transhipping them by ARKAS LOJISTIK and/or actual carriers, as the case may be.

2.6) The Client agrees and undertakes that the Cargo subject to the Logistics Services has been packed in pursuance with the mutually agreed mode of transportation (sea, land, air, rail, combined, etc.) or the Logistics Services, and the Cargo has been labelled in accordance with its quality and transportation; the Cargo does not contain any hazardous substance or goods which are harmful to human health and environment and the carriage or storage of them are not prohibited; and if otherwise, the Client shall be obliged to give ARKAS LOJISTIK a reasonably early warning notification in writing and in an explicit and comprehensible manner on the type of the hazard, as well as the measures to be taken.

The Client also acknowledges, declares and undertakes that the Client shall be responsible and ARKAS LOJISTIK shall bear no responsibility for any loss, legal or administrative sanction, fine, etc., as well as any financial or legal results which may arise from the carriage and/or maintenance of the goods classified as hazardous without taking the necessary measures and which are not previously notified ARKAS LOJISTIK.

In the event that ARKAS LOJISTIK is unaware of the type of the hazard during its admission of the Cargo, and it was not previously notified by the Client, ARKAS LOJISTIK is entitled, without having any compensation obligation, to request the discharge, storage, back-haul, or disposal and rendering harmless of the hazardous goods if necessary, and the expenses arising from taking of such measures, from the Client.

2.7) The Client agrees and undertakes that he, upon the request of ARKAS LOJISTIK, shall provide ARKAS LOJISTIK the usage purpose of the Cargo and/or the credentials and contact information of all concerned parties related to the Cargoes subject to this STC and any those persons/parties who have any legal, financial and/or commercial interest, link or relation on the cargoes and, even the persons/parties who are likely to use the Cargo.

2.8) The Client accepts and undertakes beforehand that the Cargo /shipment to be carried out within the scope of the Logistics Services to be provided pursuant to the terms and conditions of this STC (received to be carried, delivery to the consignee, any insurance issued by ARKAS LOJISTIK or underwriting insured on the name of SHİPEEDY) shall not expose ARKAS LOJISTIK or its personnel, employees, agencies, subcarriers, insurance providers to any embargo, risk of embargo, fine, or indemnity obligation to be imposed by any country, international official body or organization, or their associated authorities.

2.9) Any correspondence made over Shipeedy portal, by e-mail, registered e-mail, or facsimile with written acknowledgement of receipt, or all originally signed correspondence and all verbal agreements made through a call center by audio recording between the Parties shall be binding for both Parties and shall be considered as legal evidence.

The verbal notifications between the Parties shall not be valid and binding unless confirmed via the aforementioned means of communication.

The provisions of Article 18 of the Turkish Code of Commerce are reserved.

2.10) Any notification made/instruction given by the Client on weekends, official holidays and public holidays, shall be deemed made or given on the first workday following these holidays when ARKAS LOJISTIK is incapable of responding right away.

2.11) The Client acknowledges and undertakes that any instructions he may give to ARKAS LOJISTIK during the execution of this STC shall be required to be in conformity with national and international transportation regulations and other regulations, as well as the standards of the common knowledge, and these instructions can be performed by ARKAS LOJISTIK on the condition that the Client covers the additional expenses which ensue from the performance of the concerning instructions.

2.12) In the correspondence made between the Parties, the Cargo shall be explicitly defined in terms of quantity and quality, and where a clear definition is unavailable, the specifications shall be based on the prevailing product types, measurements, quantities, amounts, qualities and situations, known and applied in the logistics sector.

2.13) The terms of transportation prescribed during the quotation and the execution of the STC, available transportation routes, current exchange rates and tariffs, any changes unpredictable to ARKAS LOJISTIK, such as the departure and arrival dates, shall exactly be reflected to the terms and conditions of this STC and any additional fees and expenditures which may arise from these changes shall be borne by the Client.

2.14) The Client shall be responsible for providing and delivering to ARKAS LOJISTIK any and all documents in complete and accurately as required pursuant to the related import/export and customs legislations, for ARKAS LOJISTIK to be able to perform the requested Logistics Services. The Client hereby acknowledges and undertakes that he shall be the sole and principle Party responsible for the incompleteness and inaccuracy of the concerning documents and information, and any expenditure, expense, administrative fine, fee and tax liabilities which may be incurred by ARKAS LOJISTIK due to such incompleteness and inaccuracy, may be recoursed to the Client, and that he has consent for ARKAS LOJISTIK’s collecting of the mentioned losses from the Client’s rights and receivables in the presence of ARKAS LOJISTIK, and/or securities if any.

2.15) The Client, in case the service cannot be performed or is cancelled due to reasons arising from him after the performance of the service has started, accepts and undertakes that ARKAS LOJISTIK has the right to claim the entire service fee, and in any case all costs incurred due to such cancellations and changes, and all Cancellation, Change and/or No-Show Fees that ship owners or agencies may apply, whether the transportation has taken place under the new conditions or not.

2.16) The Client acknowledges and undertakes that, in the event of the Client’s or its consignee’s avoidance from taking the delivery of the Cargo subject to this STC, or failure to reach to consignee, ARKAS LOJISTIK shall be deemed to be fulfilled its liability of delivery with when ARKAS LOJISTIK unloaded the Cargo to any customs bonded area, temporary storing area, or warehouse and notified the Client on the situation. The Client also accepts and commits that any pecuniary and penal liabilities which may ensue from the failure of the Client or its consignee to clear the Cargo from the concerning customs bonded area or warehouse shall be the Client’s liability in person, any fee, tax burden, fine, warehousing charges, demurrage and additional expenses which may incur ARKAS LOJISTIK due to this failure shall be on Client’s account and the Client shall reimburse these amounts immediately and in cash and lump sum to ARKAS LOJISTIK upon ARKAS LOJISTIK’s first request.

2.17) The Client acknowledges and undertakes that any carriage documents and/or invoice which bears the clause ‘Cash on Delivery’ or similar on them shall not be construed as ARKAS LOJISTIK’s undertaking of the collection of the cost or insuring of the freight.

2.18) The Client, with the purpose of securing of any potential additional expenses (demurrage, warehousing, etc.) and ARKAS LOJISTIK’s receivables concerning the Logistics Services subject to the provisions of this STC, acknowledges and undertakes that, prior to the initiation of or during the execution of the Logistics Services, ARKAS LOJISTIK may demand security, the property and amount of which are to be determined by ARKAS LOJISTIK, and the Client shall immediately fulfil such request.

2.19) The Client acknowledges and undertakes in advance that, provided that all expenses and risks shall be at Client’s account, ARKAS LOJISTIK shall be entitled and authorized to make the decisions concerning the loading, unloading, and storing of the Cargo, and ARKAS LOJISTIK may elect and change the means and route of transportation, the manner of overhauling, stuffing, storage, dispose when indispensable, returning to the country of origin and/or the method followed for carriage of the Cargoes without having notified to the Client.

2.20) The Client acknowledges and undertakes in advance that ARKAS LOJISTIK, in pursuance with the requirements of the public authority which is entitled to any kinds of rule-making including those concerning customs, safety, etc., shall always hold the right to open and inspect the package and/or wrapping of the Cargo in order to inspect the goods subject to the Logistics Services, and ARKAS LOJISTIK shall not be responsible for any cost, delay and/or loss, damage or harm which may ensue from such inspection and control, and the Client has to bear the said items in person.

2.21) Taking out a cargo insurance policy is solely at the Client’s discretion and responsibility. ARKAS LOJISTIK may take out a cargo insurance policy on the account of the Client provided that the Client explicitly accepts SHİPEEDY’ insurance quote which SHİPEEDY provides upon the explicit written request of the Client and ARKAS LOJISTIK’s acknowledgement of the Client’s request. The conditions and coverage of the cargo insurance taken out on the mutual agreement of the Parties are subject to the conditions and exemptions applied by the insurance provider, and ARKAS LOJISTIK shall not be responsible to the Client for such coverage conditions and/or exemptions.

2.22) ARKAS LOJISTIK, within the legal authority vested itself by the law, may provide to the Client the customs clearance services for the Cargo against an amount to be determined by the Parties in writing. In order for ARKAS LOJISTIK to be able to fulfil the customs clearance services which may be requested by the Client, the Client is obliged to duly authorize ARKAS LOJISTIK in conformity with the law in force.

2.23) The Client shall take the delivery of the bill of landing, etc. documents from ARKAS LOJISTIK itself and/or the offices notified by ARKAS LOJISTIK, concerning the carriage. In return, the Client may request from ARKAS LOJISTIK to deliver the transportation documents to the Client itself or another address designated by the Client, or third parties, via cargo, express mail, mail, moto-courier, courier, etc. by means of third parties.

The Client shall be the sole party responsible for any delay, loss, unauthorized receipt which may occur during the transportation documents’ communication via cargo, courier, express mail, etc. means, provided that the communication is carried out upon the request of the Client. In such case, the Client, who requests for ARKAS LOJISTIK to perform the transportation of the Cargo without the concerning documents, agrees and undertakes beforehand that the Client shall grant any undertaking and security which ARKAS LOJISTIK may request, act in accordance with the ARKAS LOJISTIK Lost Bill of Lading procedure, and hold ARKAS LOJISTIK harmless against any claims which may arise from the loss or unauthorized receipt of the transportation documents, and immediately reimburse ARKAS LOJISTIK for any loss which it may incur.

2.24) The Client shall be the sole and principle party responsible for any operations and related documentation concerning the weighing and determination of the gross weight of any Cargo subject to the Logistics Services (including partial carriage) in accordance with the applicable legislation and guideline, as well as the SOLAS Convention, prior to the carriage of the cargoes by sea.

The Client states, acknowledges and undertakes that, the Client shall determine the verified gross weight for each container, to be declared by himself or the third parties appointed by the Client, in compliance with the International Convention for the Safety of Life at Sea (SOLAS) and the Guidelines Regarding the Determination and Declaration of Gross Mass of Packed Containers by Sea, including the cases where SHİPEEDY is authorized by the Client to fill in the concerning documents, and the Client holds sole responsibility for any liabilities which may arise thereupon, accordingly, the Client shall sign the Verified Gross Mass Document (“VGM”) if requested by SHİPEEDY, keep the evidence documents concerning the verified gross mass of each container and provide immediately to SHİPEEDY and its agencies upon request, the Client is aware that the loading of containers to the vessel will not be permitted in case of absence or inaccurate or incomplete declaration of the gross mass of containers, the transportation operations’ being carried out by SHİPEEDY as the freight forwarder may not be construed by any partial shipment client as to nullify their liability of accurate gross mass declaration specified herein and other responsibilities associated.

This article is also valid for the legislation and regulations applicable to air transport, to the extent that it is applicable for the assignment of party responsibilities in the application of the relevant air transport legislation.

2.25) The Parties hereby irrevocably undertake that they shall execute a Power of Attorney upon the execution of this STC to the representative party with respect of international freight management business inclusive of the business listed here. The Relevant Representatives of Parties, individually and collectively, for and in the Parties’ name listed in the PoA shall have right to exercise the following rights entitled on behalf of the assigning Party.

- To make, endorse, sign or declare the bills of lading of air/ocean freight forwarding, air/ocean freight forwarding waybill, any statements, any supplementary schedules, any certificates, withdrawals, declarations, and/or any other affidavits of document related to authorities which may be required by law or regulation, regardless of whether such bills of lading, statements, schedules, certificates, any other affidavits and any forms of abstracts of such documents are intended for filing in any customs district;
- To receive any merchandise deliverable to the Parties;
- To perform any act of condition which may be required by laws and regulations in connection with such merchandise.

2.26. The Parties are obliged to act in compliance with the requirements of ARKAS LOJISTIK Authorized Liable Certificate (ALC), which is a certificate that provides some convenience and privileges in logistics services and allows to prove the compatibility of the delivery chain, and with the attached ALC Letter of Undertaking for Compliance. ALC means ensuring the safety and security of the cargo belonging to the Client, and the registry system for the cargoes is in order and is traceable. Within this scope, all Parties accept, represent and undertake that they shall establish the necessary permission and authorization mechanisms and take the necessary measures for the safety, security and traceability of the cargo.

3) LIABILITIES

ARKAS LOJISTIK shall exercise due and reasonable diligence for any and all Logistics Services it shall provide.

While the goods subject to this STC are under the possession and care of SHİPEEDY, SHİPEEDY’ liabilities regarding the loss and damage, and losses which may arise due to the breach of the STC and deeds which may be deemed as wrongful act, shall be subject to the conditions and limitations set forth in this STC.

The Client acknowledges, declares and undertakes that ARKAS LOJISTIK shall not provide Logistics Services to the Client unless the liability conditions and limitations are implemented described in this STC, and these conditions and limitations constitute the basis for the commercial relationship, work orders, instructions and contracts from the point of ARKAS LOJISTIK.

While the goods subject to this STC are under the possession and care of SHİPEEDY, SHİPEEDY’ liabilities regarding the loss and damage, and losses which may arise due to the breach of the STC and deeds which may be deemed as wrongful act, shall be subject to the liability conditions and limitations set forth in the national or international regulations which are mandatory pursuant to the nature of the mentioned services (the international agreements to which the Republic of Turkey is a party, such as CMR, CIM, COTIF, CER and the Warsaw Convention, Montreal Convention and its amendments, and the Hague Protocol).

3.1) LIABILITY FOR DAMAGE AND LOSS TO CARGO

With respect to the situations where ARKAS LOJISTIK is held liable for the Cargo damages and losses subject to this STC, the extent of ARKAS LOJISTIK’s maximum liability shall be determined based on the liability conditions and limitations set forth in the Turkish Code of Commerce and international agreements and conventions to which the Republic of Turkey is a party.

3.2) LIABILITY IN EVENT OF DELAYS

The transportation period which ARKAS LOJISTIK notified to the Client are estimated and intended for informative purposes only, and do not involve any undertakings. Therefore, ARKAS LOJISTIK shall bear no liability concerning the delays, which may ensue from the exceeding of the transportation period.

Should ARKAS LOJISTIK be held responsible for the delay for any reason, however, the maximum amount of compensation which ARKAS LOJISTIK may have to pay shall not exceed the carriage fee of the related carriage subject to delay.

The amount of this compensation is not a fixed amount but the maximum amount which can be paid only if such loss is proved.

3.3) LIABILITY FOR MISCELLANEOUS DAMAGES

Should ARKAS LOJISTIK fail to prevent the occurrence of a damage despite exercising due care and diligence of a prudent merchant, ARKAS LOJISTIK shall not be liable for any damages that ensue from the breach of the STC or wrongful act but only the loss and damage to the Cargo subject to the STC.

In cases where ARKAS LOJISTIK is liable pursuant to the related legislation for damages other than those which do not arise from the loss or damage to the Cargo subject to the STC, however, the extent of ARKAS LOJISTIK’s maximum liability shall be determined based on the liability conditions and limitations set forth in the Turkish Code of Commerce and the international agreements and conventions to which the Republic of Turkey is a party

3.4) LIABILITY EXEMPTIONS

ARKAS LOJISTIK shall, under no circumstances, be liable for the damages / losses as a result of the below given situations:

a) Loss and damage to property, in addition to indirect loss such as profit loss, income loss, job loss, customer loss, market loss, portfolio compensation, as well as intangible loss such as loss of commercial reputation, consequent loss, third party claims and/or reflective loss, which may arise from the breach of the STC or any deed considered wrongful act,,

b) Transport of, or loss or damage to valuable and dangerous goods about which SHİPEEDY is not notified by the Client during the drawing up of the STC, or later in the party correspondence before the Logistic Services such as the work order, instruction, etc.,

c) Losses which may arise as a result of the following situations:

- Losses which may ensue from the Client’s own fault,
- Losses which may occur as a result of the loading, unloading, stuffing, handling operations which are procured by the Client, its representatives or assistants,
- Losses due to rupture, leakage, flare-up, degradation, corrosion, fermentation, evaporation or exposure to cold, hot, or humidity,
- Losses and damages due to the nature of the Cargo,
- Losses due to insufficient and/or poor packaging of the Cargo,
- Losses due to inaccurate and/or incomplete marking and labelling of the Cargo,
- Losses due to incomplete and/or inadequate information on the quality and quantity of the Cargo,
- Any losses arising from SHİPEEDY’ delivery of transportation and service documents via third parties such as cargo, express mail, courier, etc. to the Client upon the Client’s instruction which is notified to SHİPEEDY through written means such as e-mail, fax, etc., or the failure or delay of the delivery of the said documents,
- Losses, the occurrence of which are impossible to prevent despite ARKAS LOJISTIK’s exercise of due care and diligence of a prudent merchant,
- Losses caused by third parties not limited to the transporter, warehousemen, freight unloader, port officers, other freight forwarders, other service providers, in situations where ARKAS LOJISTIK provides services as the freight forwarder, excluding the cases in which ARKAS LOJISTIK fails to exercise due diligence while electing, instructing and accompanying the third parties,
- Not limited to those stated in this clause, decisions and transactions of public authorities, ship owners, airline companies, actual transporters, and agencies; state of war, military or civil commotion, riot, strike, work stoppage due to dispute between employee and employer, negative changes in the weather conditions, changes in economic and market conditions which gave rise to the suspension of the Services, closing, agglomeration, deceleration of international trade route, acts of god such as earthquake, flood, fire, etc., any other situation unpredictable, uncontrollable, unpreventable, and the consequents of which are inevitable to ARKAS LOJISTIK and those which may be deemed force majeure.

4) LOGISTICS SERVICES FEES AND PAYMENT METHOD

4.1) Unless otherwise expressly agreed by the Parties in writing, the logistics service agreement fee shall be paid in cash and in single sum, not exceeding the content and payment due dates of the notifications received by the Client through the Shipeedy Portal, and after the relevant amount is paid to ARKAS LOJISTIK’s accounts fully and completely through an intermediary payment institution, the invoice to be issued by ARKAS LOJISTIK shall be delivered to the Client. Since SHİPEEDY carries out the issuance and sending of invoices over e-invoice/e-archive system and there is a pre-payment (in advance) rule before the relevant Logistics Service in accordance with the Shipeedy application principles, the Client cannot avoid to make the payment by stating that he has not received the invoice, or in the event that he does not make a payment or that the intermediary payment institution does not and/or cannot transfer the relevant amounts to the accounts of the company in a process outside the control of ARKAS LOJISTIK on the grounds arising from inconvenient transactions pertaining to the Client and/or the transaction itself as specified in Article 4.8 below, the Client accepts in advance that he shall be deemed to have given up on receiving the relevant Logistics Service and that he may not make any claims or demand arising from this.

4.2) The amount of the remuneration has been determined in accordance with the information that the Client has notified to SHİPEEDY or based on the assumption that the agreed services to be provided shall be provided under normal circumstances. ARKAS LOJISTIK is entitled to the right to assume that the quantity and quality of the Cargo, which is entrusted or given to the responsibility of ARKAS LOJISTIK for it to transport and/or perform other forwarding services, are common and prevailing quantities and qualities.

The differences in the quality or quantity of the Cargo subject to the Logistics Services requested by the Client or the changes in the common conditions may change the agreed remuneration.

4.3) The amount and contents of the invoices that are not objected or returned within 8 days of receipt shall be deemed to have been accepted by the Client without any dispute and shall be paid by the Client as is without any deduction, and it shall be deducted from the prepayments made by the Client through the Shipeedy channel or any other means with regards to the Logistics Service.

4.4) Unless explicitly agreed otherwise in writing between the Parties, the invoices to be issued by SHİPEEDY shall be fulfilled pursuant to the currency stated in the invoice. In the event of the payment of a foreign currency invoice in Turkish Lira, the invoice amount shall be converted to TL in accordance with İş Bankası selling rate of exchange on the day of payment.

If the payment of a foreign currency invoice is to be paid in another foreign currency (except TL or the foreign currency on the invoice), the invoice amount is to be converted to the concerning currency in accordance with the then current foreign exchange parity of the TCMB (the Central Bank of the Republic of Turkey).

4.5) If the Client fails to pay the invoices issued by ARKAS LOJISTIK on the mutually agreed due date or on the invoice date if there is not such an agreement, the Client shall be deemed to have gone into default without the need for any additional notice or warning, and a monthly interest of default at the rate of 3% or the TCMB advance interest rate, whichever is higher, shall be charged from the due date to the payment date.

The Client shall pay the invoices to be issued in regards with the mentioned amount (interest of default/delay interest, etc.) without any objection, and any warning or notice to be made by ARKAS LOJISTIK.

4.6) In case of occurrence of the followings, SHİPEEDY shall update the Remuneration and other fees previously agreed by SHİPEEDY and the Client, and issue the invoice accordingly:

- Additional fees, tax burdens, expenses, etc. which may ensue from the changes in any public rulemaking and/or legislation,
- Security, fuel, etc. price increases which may ensue from the changes the actual carrier may exercise and are not at SHİPEEDY’ discretion,,
- Additional expenditures which may arise from the incomplete and/or inaccurate and/or inadequate communication by the Client and/or the changes in the quality, quantity, or Customs Tariff Statistics Position (GTIP) number and/or route and/or recipient/sender address and credentials as related to the goods subject to the Logistics Service, other additional expenses, expenditures, fees caused by such errors and changes, and financial sanction amounts like additional taxes, fees and fines to be caused by such errors and changes before public authorities,
- Additional fees and expenses that might be caused by all kinds of new instructions, service method changes and additional service requests demanded and forwarded by the Client after the execution of the agreement,
- Tax burdens, charges, duties, expenses, etc. which may ensue from the decrees and practices of the government and/or public authorities,
- Emergency expenses which may ensue from emergencies which are impossible to be foreseen by SHİPEEDY,
- In addition to the remuneration, any demurrage, warehousing, groundage, container damage and replacement, etc. expenses which may arise from the Client’s and/or his recipient’s and/or his representative’s failure to collect, late collection, late loading, late unloading, late delivery of the container or failure to deliver it at all and/or the container’s delivery in a damaged state,
- In container transportations where the container is provided by SHİPEEDY, demurrage fees which may ensue from the failure of the Client, or his representatives or suppliers to deliver the container empty, wholly, damage-free on the agreed date and/or in the commonly accepted period during the loading and/or unloading operations, as well as those which may arise until the container’s empty and damage-free delivery to SHİPEEDY and/or the real or legal entity from whom SHİPEEDY procures the container, including the extra lay time prescribed in the law,
- Any additional fees, fines, tax burdens, charges, duties and any other loss which may ensue from the Client’s inaccurate declaration of the Cargo’s mass to SHİPEEDY or the third parties appointed by SHİPEEDY and/or the Client’s breach of his liabilities set forth in Article 2.24 of this STC,

Any of the aforementioned costs, which shall be also reflected to the previously agreed remuneration, shall be paid to ARKAS LOJISTIK in full and cash and on the invoice date unless mutually agreed otherwise by the Parties.

In the event of the unlikeliness of the Client’s immediate payment of these amounts, ARKAS LOJISTIK, at its own discretion, may pay these amounts on the Client’s account and demand it to be reimbursed later. This, however, may under no circumstances be construed as an obligation for ARKAS LOJISTIK to pay these amounts on the Client’s account. ARKAS LOJISTIK shall not be held liable for any disruption and/or eventual incompletion of the Logistics Services which may occur due to the Client’s failure to pay these amounts immediately. In such cases, ARKAS LOJISTIK shall be deemed to have completed its Logistics Services subject to the STC and entitled to full remuneration.

4.7) The Client and the third parties, who may have undertaken the remuneration, freight or freight fixtures, extra lay time, demurrage and additional expenses and costs, shall be jointly and severally liable for the payment of these amounts to be accrued as being subject to Logistics Services to SHİPEEDY, even if the Client’s name, as a contractual party, is officially listed neither as the ‘shipper’ nor ‘consignee’ on the bill of landing / way bill, etc., and/or the third parties have fully or partially undertaken the payment of these amounts as per the service they provide.

4.8) Due to the inconveniences that the Client may experience with intermediary payment institutions or banks in terms of payment method, or due to a record or systemic failure present in the systems of the relevant intermediary payment institutions or banks, they may suspend the transfer related to any transaction made by the Client; in cases where they have a reasonable doubt that the relevant transaction may be fraudulent or involve another type of criminal activity, they may resort to the postponement, suspension, cancellation or withholding of the payments pertaining to such transactions. In case of such a situation outside the control of ARKAS LOJISTIK, since the payment for Logistics Services would not have been transferred to ARKAS LOJISTIK’s accounts at the time, ARKAS LOJISTIK shall not have any responsibility towards the Client, and ARKAS LOJISTIK, depending on its own initiative, shall be entitled to suspend or cancel the Logistics Services. ARKAS LOJISTIK reserves the right to resort to any legal and penal procedures against the relevant Client or the website users representing them.

4.9) CHARGEBACK: In cases where a payment for a Logistics Service is withdrawn both by the cancellation of the Logistics Service and by the request submitted by the Client or the actual payer (“Charge Back”), all costs, damages and losses that ARKAS LOJISTIK will have to bear before the relevant banks or intermediary payment institutions shall be collected from the Client in a decisive manner and independently of the provisions of this Agreement.

4.10) This Agreement has the force of “current account agreement” in accordance with the Turkish Code of Commerce Article 89 and so on. In case the Client fails to make in due time the payments arising from the principal performances imposed on him in all transport services and commercial relations established or to be established between the Parties, especially in this Agreement, or if the other party uses their right of recourse or set-off by making the said payments for and on behalf of him, the Client irrevocably accepts, represents and undertakes that he will pay an annual interest of 30% to ARKAS LOJISTIK (for the default period during which the principal performance debtor is in default) and that, if the annual declared commercial default interest rate is higher, the interest to be applied may be increased accordingly. For the provisions not included in this Agreement, the provisions of the Turkish Code of Commerce regarding Current Accounts shall apply.

5) MISCELLANEOUS PROVISIONS

5.1) Any nullity, annullability, or impracticability, or contrariety to law of any clause, sentence or word of the provisions or conditions of this STC can shake the binding nature of the rest of the provisions and annexes.

Unless explicitly agreed otherwise by the Parties in writing, the provisions of bills of landing, or land or air transportation way bills issued by ARKAS LOJISTIK are used for the construal of this STC and other matters which are not regulated within this STC; in the event of a contradiction among the provisions of this STC, bills of landing, land or air transportation way bills, the provisions in favor of ARKAS LOJISTIK shall be practiced first, on the condition that their practice is not a violation of the provisions of compulsory legal rules.

5.2) SHİPEEDY shall be entitled to practice pledge, confinement and retainment on the Cargo in its responsibility and the documents accompanying the Cargo as security for the remunerations (including the expenses incurred due to the collection of the remunerations) and any current account receivables arisen from the performance of the services.

5.3) Following the initiation of the Parties’ negotiation for the drawing up of a forwarding services agreement, any commercial and economic information and documents which are disclosed to the Parties pursuant to the contractual and legal relationship established or to be established between the Parties shall be deemed a “commercial secret and confidential information”. The confidentiality liability which enters into effect following the initiation of the negotiations between the Parties and obliges the Parties to keep confidential and not to disclose to any real and/or legal third parties and the public any information or document which they learn or know of about one another shall remain effective indefinitely regardless of whether or not the STC is signed and entered into force.

Moreover, each Party acknowledge and undertake that they shall be responsible for the compliance to this clause of confidentiality of their employees and/or laborers, personnel and other people serving to them under various titles, to whom these secrets are disclosed or need to be disclosed pursuant to their duties, and each Party are responsible for the consequences which may arise from their personnel’s incompliance.

The Parties shall conform to the requirements of ISO 27001 Information Security Management System and the attached Commitment of Conformity with the Information Security Management System. Information security means the protection of the confidentiality, integrity and applicability of any information and data assets of ARKAS LOJISTIK against any large scaled risks. In this respect, the Parties shall take measures to prevent unauthorized access to information assets, ensure the accuracy and integrity of information assets and provide access when requested to be used within the authority shall be taken. The Parties acknowledge, agree and undertake that business continuity measures required to enable the accessibility of information and documents concerning the service in the event of an extraordinary situation which may occur during the term of the STC are taken.

5.4) Any tax burden, charge and duty, as well as the stamp tax, which may arise due to the execution of this STC and all business and transactions subject to Logistics Services between the Parties shall be borne by the Client.

5.5) Any dispute which may ensue from the construal and practice of the STC between the Parties shall be governed by the Turkish Law, and the Izmir (Central) Courthouse and Enforcement Offices shall be authorized for the settlement of such disputes.

5.6) The provisions and conditions set forth in this STC determine the general conditions of the Logistics Services to be provided by SHİPEEDY; and SHİPEEDY shall be entitled to determine special terms and conditions provided that their determination is not a violation of the compulsory rules of national and international STCs.

5.7) As an integral part of the offer terms in the Membership Agreement and Offer Form sent to the Client, this STC, which has been made available to the Client on the Shipeedy website and has also been sent to the Client by fax/e-mail or communication channels used over the Shipeedy session, shall be deemed to have been accepted by the Client by clicking the “accept” button on the online Shipeedy system or by giving the Offer Form acceptance approval and, in any case, if it is not expressly rejected within 24 hours by the Client regardless of the acceptance approval has been given or not, then a valid and binding contract shall be deemed to have been executed between the Parties according to Article 6 of the Turkish Code of Obligations.


We have obtained these logistics service fulfilment terms and conditions in advance, and we have been informed about the issues that require expertise, and we have agreed on all the terms and conditions.

CLIENT SIGNATURE / SEAL






ANNEX-1: COMMITMENT OF CONFORMITY WITH THE INFORMATION SECURITY MANAGEMENT SYSTEM

1) AIM:

This letter of undertaking has been prepared to inform ARKAS LOJISTIK’s compliance requirement with ISO 27001 Information Security Management System standard and the requirements of the standard and ARKAS LOJISTIK’s Information Security policy to the employees, customers, business partners, contractors and suppliers, and to ensure the information security awareness which is under the responsibility of the said individuals.

By acting in compliance with the issues in the letter of undertaking, many risks arising from the insecurity of information, especially direct financial losses, unjust suffering on the part of customers, consumption of resources, slowdown or stopping of business, loss of corporate image and responsibility for attacks against third parties, shall be minimised and managed.

2) ARKAS LOJISTIK INFORMATION SECURITY POLICY:

Information is the processed data; which is an important asset for the organization like other assets owned by it, and therefore it must be protected in the best way possible.

Information security ensures the protection of information from wide-ranging risks in order to ensure the continuity of the business in the institution, to reduce the disruptions that may occur in the business and to increase the benefit from the investments.

With the awareness that all confidential and sensitive information belonging to ARKAS LOJISTIK; the information and processes that ensure the functionality of the company; the name and reliability of the company and its commercial reputation; all information entrusted by third parties; commercial, technological, and judicial information; and the business continuity are all vulnerable to damage, ARKAS LOJISTIK and its employees know that information security risks related to the confidentiality, integrity, and usability of the company information assets in printed and/or written form, electronic files, databases, verbal environments, fax messages and on desks and in cabinets, communication lines and, most importantly, in the minds of the company employees and third parties (business partners, customers, contractors and suppliers, etc.) must be managed effectively.

To this end, we perform certain activities for the purposes of

  • complying with all legal regulations and contracts with third parties (business partners, customers, contractors and suppliers, etc.) regarding information security;
  • documenting, certifying and continuously improving our information security management system in line with the requirements of the ISO 27001 Information Security Management System Standard;
  • ensuring the continuity of our operational, management-related and supportive business processes;
  • ensuring the continuity and protection of the commercial reputation and brand value of “ARKAS LOJISTIK” in the eyes of our employees, customers, business partners, contractors and suppliers, as well as third persons

and we manage all these activities in integration with our other management systems to become one of the global brands of our country with the strength we take from our company’s mission, vision and values.

3) ARKAS LOJISTIK INFORMATION SECURITY MANAGEMENT SYSTEM REQUIREMENTS:

3.1) To provide guidance and support of the management as per business requirements, relevant laws and regulations for information security; the parties:

- Shall define a set of policies for information security, they shall be approved by management, published and communicated to employees and relevant external parties.

- Shall review the policies for information security at planned intervals or if significant changes occur to ensure their continuing suitability, adequacy and effectiveness.

3.2) To establish a management framework to initiate and control the implementation and operation information security within their organization; the parties:

- Shall define and allocate all information security responsibilities.

- Shall segregate conflicting duties and areas of responsibility to reduce opportunities for unauthorized or unintentional modification or misuse of the organization’s assets.

- Shall address information security in project management, regardless of the type of the project.

- Shall maintain appropriate contacts with relevant authorities.

- Shall establish appropriate communication with special interest groups or other specialist security forums and professional associations.

3.3) To ensure the security of remote working and use of mobile devices; the parties:

- Shall implement a policy and supporting security measures to protect the information accessed, processed and stored in the remote working areas.

- Shall adopt a policy and supporting security measures about the use of mobile devices.

3.4) To ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered; the parties:

- Shall demand from their employees and contractors to implement the information security according to established policy and procedures of the organization.

- Shall ensure that all employees of the organization and, where relevant, contractors receive appropriate awareness education and training and their regular updates in corporate policies and procedures relevant to their job function.

3.5) Shall ensure that a formal and communicated disciplinary process is in place to take action against employees who have committed an information security breach.

3.6) To protect the organization’s interests as part of the process of terminating employment, information security responsibilities and duties that remain valid after termination of employment shall be defined, communicated to the employee or contractor and enforced by the parties.

3.7) To identify organizational assets and define appropriate protection responsibilities; the parties:

- Shall identify assets associated with information and information processing facilities, and an inventory of these assets shall be drawn up and maintained.

- Shall assign owners for the assets maintained in the inventory.

- Shall identify, document and implement rules for the acceptable use of information and of assets associated with information and information processing facilities.

- Shall ensure that all employees and external party users return all of the organizational assets in their possession upon termination of their employment, agreement(s).

3.8) To ensure that information receives an appropriate level of protection in accordance with its importance to the organization; the parties:

- Shall classify information in terms of legal requirements, value, criticality and sensitivity to unauthorised disclosure or modification.

- Shall develop and implement an appropriate set of procedures for information labelling in accordance with the information classification scheme adopted by the organization.

- Shall develop and implement procedures for handling assets in accordance with the information classification scheme adopted by the organization.

3.9) To prevent unauthorized disclosure, modification, removal or destruction of information stored on media storing and hosting information; the parties:

- Shall implement procedures for the management of removable media in accordance with the classification scheme adopted by the organization.

- Shall ensure that media is disposed of securely when no longer required.

- Shall protect the media containing information against unauthorized access during transfer, misuse or deterioration.

3.10) To limit access to information and information processing facilities, the parties:

- Shall establish, document and review an access control policy based on business and information security requirements.

- Shall provide access to users for only network and network services for which they are specifically authorized to use.

3.11) To ensure authorized user access and to prevent unauthorized access to systems and services; the parties:

- Shall implement a formal user registration and de-registration process to enable assignment of access rights.

- Shall implement a formal user access permission process to assign or revoke access rights for all user types to all systems and services.

- Shall restrict and check the allocation and use of privileged access rights.

- Shall control the allocation of secret authentication information through a formal management process.

- Shall ensure that asset owners review users’ access rights at regular intervals.

- Shall remove the access rights of all employees and external party users to information and information processing facilities upon termination of their employment and agreement(s) or upon the modification of their employment and agreement(s) shall adjust the said rights accordingly.

3.12) To make users accountable for safeguarding their authentication information, parties shall require users to follow the organization’s practices in the use of secret authentication information (password, etc.).

3.13) To prevent unauthorized access to systems and applications; the parties:

- Shall restrict access to information and application system functions in accordance with the access control policy.

- Shall control access to systems and applications through a secure log-on procedure where required by the access control policy.

- Shall ensure that password management systems are interactive and provide passwords of adequate security level.

- Shall restrict and tightly control the use of utility programs that might be capable of overriding system and application controls.

- Shall restrict the access to program source code.

3.14) To ensure proper and effective use of cryptography to protect the confidentiality, authenticity and/or integrity of information; the parties:

- Shall develop and implement a policy on the use of cryptographic controls for protection of information.

- Shall develop a policy on the use, protection and lifetime of cryptographic keys and implement throughout their whole lifecycle.

3.15) To prevent unauthorized physical access, damage and interference to the organization’s information and information processing facilities; the parties:

- Shall define and use secure domains of which security limits are determined to protect domains that contain sensitive or critical information and information processing facilities.

- Shall protect secure areas by appropriate entry controls to ensure that only authorized personnel are allowed access.

- Shall design and apply physical security for offices, rooms and facilities.

- Shall design and apply physical protection against natural disasters, malicious attacks or accidents.

- Shall design and apply procedures for working in secure areas.

- Shall control access points such as delivery and loading areas and other points where unauthorized persons could enter the premises and, if possible, isolate them from information processing facilities to preventunauthorized access.

3.16) To prevent loss, damage, theft or capture of assets and interruption to the organization’s operations; the parties:

- Shall site and protect the information processing equipment to reduce risks from environmental threats and hazards, and opportunities for unauthorized access.

- Shall protect the information processing equipment from power failures and other disruptions caused by failures in supporting infrastructure services.

- Shall protect power and telecommunications cabling carrying data or supporting information services from eavesdropping, interference or damage.

- Shall correctly maintain the information processing equipment to ensure its continued availability and integrity.

- Shall prevent taking the information processing equipment, information, or software outside the organization without prior authorization.

- Shall apply security to the assets outside the organization taking into account the different risks of working outside the organization’s premises.

- Shall verify all items of equipment containing storage media to ensure that all sensitive data and licensed software has been removed or securely overwritten prior to disposal or re-use.

- Shall ensure that users apply appropriate protection for unattended equipment.

- Shall adopt a clear desk policy for papers and removable storage media and a clear screen policy for information processing facilities.

3.17) To ensure correct and secure operations of information processing facilities; the parties:

- Shall document operating procedures and provide to all users who need them.

- Shall control changes to the organization, business processes, information processing facilities and systems that affect information security.

- Shall monitor and adjust the use of resources and make projections of future capacity requirements to ensure the required system performance.

- Shall separate development, testing and operational environments to reduce the risks of unauthorized access or changes to the operational environment.

3.18) To ensure that information and information processing facilities are protected against malware, the parties shall implement detection, prevention and recovery controls against malware combined with appropriate user awareness.

3.19) To ensure protection against loss of data, the parties shall take and backup copies of information, software and system images and test them regularly in accordance with an agreed backup policy.

3.20) To record information system events and generate evidence; the parties:

- Shall produce, keep and regularly review event logs recording user activities, exceptions, errors and information security events.

- Shall protect logging facilities and log information against tampering and unauthorized access.

- Shall log system administrator and system operator activities and protect and regularly review logs.

- Shall synchronise the clocks of all relevant information processing systems within an organization or security domain to a single reference time source.

3.21) To prevent exploitation of technical vulnerabilities; the parties:

- Shall obtain information about technical vulnerabilities of information systems being used in a timely fashion, evaluate the organization’s exposure to such vulnerabilities and take appropriate measures to address the associated risk.

- Shall establish and implement rules governing the installation of software by users.

3.22) To minimise the impact of audit activities on operational systems, the parties shall carefully plan and agree upon the audit requirements and activities involving verification of operational systems to minimise disruptions to business processes.

3.23) To ensure the protection of the information and supporting information processing facilities in the networks; the parties:

- Shall manage and control networks to protect information in systems and applications.

- Shall identify security mechanisms, service levels and management requirements of all network services and include networks services in agreements, whether these services are provided in-house or outsourced.

- Shall segregate groups of information services, users and information systems on networks.

3.24) To maintain the security of information transferred within an organization and with any external entity; the parties:

- Shall ensure the presence of formal transfer policies, procedures and controls to protect the transfer of information through the use of all types of communication facilities.

- Shall ensure that agreements address the secure transfer of business information between the organization and external parties.

- Shall appropriately protect information included in electronic messaging.

- Shall identify, regularly review and document the requirements for confidentiality or non-disclosure agreements reflecting the organization’s needs for the protection of information.

3.25) To ensure that information security is an integral part of information systems across the entire lifecycle; the parties:

- Shall include the information security-related requirements in the requirements for new information systems or enhancements to existing information systems.

- Shall protect information involved in application services passing over public networks from fraudulent activity, contract dispute and unauthorized disclosure and modification.

- Shall protect information involved in application service transactions to prevent incomplete transmission, mis-routing, unauthorized message alteration, unauthorized disclosure, unauthorized message duplication or message reproduction.

3.26) To ensure that information security is designed and implemented within the lifecycle of development of information systems; the parties:

- Shall establish rules for the development of software and systems and apply to developments within the organization.

- Shall control the changes to systems within the development lifecycle through the use of formal change control procedures.

- Shall review and test applications critical for business to ensure there is no adverse impact on organizational operations or security when operating platforms are changed.

- Shall prevent modifications to software packages, except for required ones and strictly control all changes.

- Shall establish and document secure systems engineering principles and apply them to all information system implementation efforts.

- Shall establish and appropriately protect secure development environments for system development and integration efforts that cover the entire system development lifecycle.

- Shall supervise and monitor the activity of outsourced system development.

- Shall carry out testing of security functionality throughout development.

- Shall establish acceptance testing programs and related criteria for new information systems, upgrades and new versions.

3.27) To ensure the protection of data used for testing, the parties shall carefully select, protect and control the test data.

3.28) To ensure protection of the assets that is accessible by employees, suppliers, sub-contractors and/or partners of the organization; the parties:

- Shall decide the information security requirements with employees, suppliers, customers, subcontractors and/or business partners to mitigate the risks associated with supplier’s access to the organization’s assets and document these.

- Shall establish all relevant information security requirements and agree with employees, suppliers, subcontractors, customers and/or business partners that may access, process, store, communicate or provide IT infrastructure components for the organization’s information.

- Shall ensure that agreements with suppliers, sub-contractors, customers and/or business partners include requirements referring to information security risks associated with information and communications technology services and product supply chain.

3.29) To maintain an agreed level of information security and service delivery in line with agreements by employees, suppliers, sub-contractors, customers and/or business partners; the parties:

- Shall regularly monitor, review and audit service delivery by suppliers, sub-contractors, customers and/or business partners.

- Shall manage changes to the provision of services by suppliers, sub-contractors and/or business partners including maintaining and improving existing information security policies, procedures and controls, taking into account the criticality of business information, systems and processes involved and re-assessment of risks.

3.30) To ensure the implementation of a consistent and effective approach to the management of information security breach incidents, containing its connection with security incidents and vulnerabilities; the parties:

- Shall establish management responsibilities and procedures to ensure a quick, effective and regular response to information security breach incidents.

- Shall report information security events through appropriate management channels as quickly as possible.

- Shall require employees and contractors using the organization’s information systems and services to note and report any observed or suspected information security weaknesses in systems or services.

- Shall assess information security events and decide if they are to be classified as information security breach incidents.

- Shall respond to information security breach incidents in accordance with the documented procedures.

- Shall use the knowledge gained from analysing and resolving information security breach incidents to reduce the likelihood or impact of future breach incidents.

- Shall define and apply procedures for the identification, collection, acquisition and preservation of information which can serve as evidence.

3.31) To embed information security continuity in the organization’s business continuity management systems; the parties:

- Shall determine the requirements for information security and information security management continuity in adverse situations, e.g. during a crisis or disaster.

- Shall establish, document, implement and maintain processes, procedures and controls to ensure the required level of continuity for information security during an adverse situation.

- Shall verify the established and implemented information security continuity controls at regular intervals in order to ensure that they are valid and effective during adverse situations.

3.32) To ensure the availability of information processing facilities, the parties shall provide information processing facilities on the basis of adequate redundancy.

3.33) To avoid breaches of legal, statutory, regulatory or contractual obligations related to information security and of any security requirements; the parties:

- Shall explicitly identify, document and keep up-to-date all relevant legal statute, regulations, contractual requirements and the organization’s approach to meet these requirements for each information system and organization.

- Shall implement appropriate procedures to ensure compliance with requirements legislative, regulatory and contractual requirements related to intellectual property rights and use of proprietary software products.

- Shall protect records from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with regulatory, contractual and business requirements.

- Shall ensure privacy and protection of authentication information (personal information) in accordance with the applicable law and regulations.

- Shall use cryptographic controls in compliance with all relevant agreements, legislation and regulations.

3.34) To ensure that information security is realized and conducted in accordance with the organizational policies and procedures; the parties:

- Shall review the organization’s approach to information security and its implementation (i.e. control objectives, controls, policies, processes and procedures for information security) independently at planned intervals or when significant changes occur.

- Shall ensure that managers regularly review the compliance of information processing facilities and procedures within their area of responsibility with the appropriate security policies, standards and any other security requirements.

- Shall ensure that information systems are regularly reviewed for compliance with the organization’s information security policies and standards.

4) AUDIT AND SANCTION PRINCIPLES:

ARKAS LOJISTIK shall have the right to carry out audits without prior notice to make sure that the foregoing information security requirements and those set out in national-international legislations which were highlighted decisively in line with its mission and vision are understood, acknowledged and implemented by all its employees, customers, business partners, contractors, and suppliers and other third parties with which it has commercial relations. Within this scope:

4.1) ARKAS LOJISTIK may exercise the said audit power through its own personnel and/or another real or legal person to be assigned.

4.2) Supplier shall timely and adequately provide the organization, information and document support required by ARKAS LOJISTIK in its audit works and information requests, to real and/or legal persons assigned by ARKAS LOJISTIK.

4.3) In the event that ARKAS LOJISTIK detects a transaction performed by the supplier which is not compliant with the letter of undertaking during commercial exchange, first, a written statement/defence and corrective and improving action is requested from the other party then, a penal sanction may be exercised. Upon such request, all nonconformities specified by ARKAS LOJISTIK shall be removed and all requirements shall be literally and duly fulfilled.

4.4) The Parties shall be responsible for announcing the foregoing information security requirements and those set out in the legislation to all employees and subcontractors who take part in goods/service purchase, and controlling if the principles are complied with and ensuring strict compliance in this regard.


All the rules stated in this letter of undertaking have been read, understood, accepted and signed on .../.../20... as part of the annex of the service/supply/business agreement to which I/we am/are a party with ARKAS LOJISTIK A.S.

Company / Supplier / Contractor / Customer / Employee: