Albaraka Mobil
Mobil Bankacılık

Protection of Personal Data

INFORMATION ON PERSONAL DATA

This information is made pursuant to Article 10 of “the Law on the Protection of Personal Data” NUMBER 6698 (briefly KVKK) and due to statutory obligation.

All kinds of information on a real person whose identity is determined or may be determined are defined as personal data in KVKK and our Bank performs all personal data processing activities by taking required security measures to protect fundamental rights and freedoms, primarily the confidentiality of private life. Our purpose is informing you on methods of obtaining your personal data, processing purposes, legal grounds, transmitting to third parties in case legislation allows and your rights in accordance with your satisfaction.        

Identity of the Data Controller: The data controller is Albaraka Türk Participation Bank Inc.

Purposes of Personal Data Processing:

Kişisel verileriniz;

llRelying on the legal reason of Data Processing being Stipulated Explicitly in Laws;

  • Conducting auditing and ethical activities,
  • Conducting transfer and assignment activities of receivables,
  • Conducting activities on determining credibility,
  • Conducting activities in compliance with legislation,
  • Conducting internal auditing, investigation and intelligence activities,
  • Conducting manufacturing and operation processes of products/services,
  • Conducting Risk Management processes,
  • Conducting storing and archiving activities,
  • Informing authorized persons, institutions and organizations,
  • Conducting management activities,
  • Ensuring transaction security in transactions carried out with QR Code,
  • Tracking requests and complaints,
  • Conducting auditing processes on compliance with Participation Banking Principles,
  • Ensuring ATM security,
  • Conducting Incoming-Outgoing documents recording procedures,
  • Identification over Call Center,
  • Conducting Financing Product services at the Dealer,
  • Participating in Property and Real Estate execution sales,
  • Conducting Warning processes,
  • Even if you are not our customer, being able to determine, monitoring, reporting and controlling the risk group you’ll be included for determining the limits of the loan to be provided to a risk group[1] according to banking legislation

Relying on the legal reason of Data Processing Being Mandatory for the Bank to Fulfill Its Legal Liability;

  • Conducting information security processes,
  • Conducting finance and accounting processes,
  • Conducting and auditing business activities,
  • Conducting occupational health and safety activities,
  • Conducting product/service sales processes,
  • Conducting strategic planning activities,
  • Tracking requests and complaints,
  • Ensuring security of data controller operations,

Relying on the legal reason of Processing Personal Data of the Parties of the Relevant Agreement Being Mandatory Provided that it shall be Directly Relevant to Establishment and Execution of an Agreement;

  • Conducting and auditing business activities,
  • Receiving and evaluating suggestions on improvement of work processes,
  • Conducting communication activities,
  • Conducting product/service purchasing processes,
  • Conducting after sale support services of products/services,
  • Conducting sales processes of products/services,
  • Conducting manufacturing and operation processes of products/services,
  • Conducting activities on customer satisfaction,
  • Conducting risk management processes,
  • Conducting sponsorship activities,
  • Ensuring security of data controller operations,
  • Conducting investment processes,
  • Conducting objection processes for credit card overseas expenditures,
  • Conducting objection processes for credit card domestic expenditures,
  • Conducting Financing Product services at the Dealer,

Relying on the legal reason of Data Processing Being Mandatory for Establishment, Using or Protecting a Right;

  • Ensuring physical location security,
  • Follow-up and conducting legal affairs,
  • Conducting investment processes,
  • Having execution proceedings and litigation to be performed by lawyers out of the bank,

Relying on the legal reason of Data Processing Being Mandatory for Legitimate Interest of the Data Controller Provided That No Damage shall be Given to the Relevant Person’s Fundamental Rights and Freedoms;

  • Organization and event management,
  • Conducting marketing analysis studies,
  • Conducting marketing studies of products/services,
  • Conducting activities on customer satisfaction,

 In Case of Existence of Explicit Consent;

  • Conducting information request processes on overseas correspondent bank,
  • Conducting processes on entrance to mobile branch by biometric data,
  • Conducting sales processes of products/services,
  • Conducting manufacturing and operation processes of products/services,
  • Conducting activities on customer satisfaction,
  • Conducting advertisement/campaign/promotion processes.

To Whom and For Which Purpose the Processed Personal Data may be Transferred:

Within the framework of Article 8 on transmitting personal data and Article 9 on transmitting personal data abroad of KVKK number 6698, your personal data at our Bank may be transmitted to the persons/institutions within the country and abroad for the purposes specified below;

  • To Banking Regulation And Supervision Agency, Capital Markets Board, Central Bank of the Turkish Republic, Revenue Administration, Financial Crimes Investigation Board, Credit Bureau, Interbank Card Center, Small And Medium Industry Development Organization, Social Security Institution, Financial Institutions Association and such legally authorized persons, institutions and/or organizations to fulfill our legal obligations,
  • To third parties, support services institutions, institutions affiliated with, consultants, program partners from which service is received within the limits/liabilities specified by primarily the Banking Law and provisions of other laws and legislation and to the extent work processes require to carry out our Banking activities;
  • To persons, institutions and/or organizations we carry out their activities in the capacity of the mediator/agency to fulfill liabilities arising from mediation/agency law;
  • To courts, enforcement and bankruptcy offices, prosecution offices and such jurisdiction and mediation, arbitration board, arbitration, conciliatory, etc. alternative conflict resolution authorities, law offices and asset management companies for follow up and conducting of legal affairs,
  • To independent auditing companies for auditing activities to be conducted in compliance with legislation,
  • To correspondent banks and financial institutions within the country or abroad to fulfill liabilities on recognition of persons who are the party of the transaction pursuant to the nature of the transaction,
  • To payment system institutions including Europay Int.SA, Western Union, Mastercard Int. INC, Visa INC, JCB Int. Co., Maestro, Electron, card institutions, merchants within the country or abroad to perform credit cards and money transfer processes pursuant to the nature of the transaction;
  • Other third parties if you have explicit consent and within the scope of your explicit consent.

 Method and Legal Reason of Personal Data Collection:

 Your personal data are processed by collecting them through;

  • Information you give through General Directorate, Departments, Regional Directorates and Branches of the Bank,
  • Also, subsidiaries of the Bank, support service institutions, real and legal persons the Bank is in collaboration with/receiving and rendering service from and is within business relationship, companies we conduct the activities of in the capacity of mediator/agency, correspondent/ drawee banks, contracted dealers, customer meetings, applications made directly to sales teams, merchants and POS, market intelligence, tracing judicial records, SSI records, PTT,
  • National and international authorities/resorts/institutions,
  • Identity Sharing System, Address Sharing System, Trade Registry Gazette, Turkish Land Registry And Cadastre Information System, Risk Center, Credit Bureau, Electronic Pledge systems open to usage of our Bank by Public Institutions and Organizations,
  • ATM, kiosk, payment instruments, internet sites, media, social media, internet banking, mobile banking, telephone banking, call center, mobile applications,
  • Phones, computers and cameras of the General Directorate, departments, regional directorates and branches,
  • Cameras on ATMs,
  • Registered electronic mail, electronic notification, electronic mail, post, fax, short message and swift,
  • All notifications, applications and discussions made to the Bank

completely or partially, automatically or manually, in writing, verbally or electronically. Information on which of the processing conditions specified in Articles 5 and 6 of the Law your personal data collected by the above methods rely on for processing are given in the table below.

PERSONAL DATA PROCESSING CONDITIONS

PROCESSED PERSONAL DATA

PROCESSED SENSITIVE PERSONAL DATA

To be Stipulated Explicitly in Laws

Identity, Contact, Location, Personnel, Legal Transaction, Customer Transaction, Physical Location Security, Process Security, Risk Management, Finance, Professional Experience, Audio-Visual Records.

Criminal Conviction and Security Measures

Processing personal data of the parties of an agreement being mandatory provided that it is directly related to establishment and execution of an agreement

Identity, Contact, Personnel, Customer Transaction, Process Security, Finance, Professional Experience, Marketing, Audio-Visual Records.

Being mandatory for our data controller Bank to fulfill its legal liability

Identity, Contact, Location, Personnel, Customer Transaction, Process Security, Finance, Professional Experience, Marketing.

Data Processing Being Mandatory for Legitimate Interest of the Data Controller Bank Provided That No Damage shall be Given to the Relevant Person’s Fundamental Rights and Freedoms,

Identity, Contact, Customer Transaction, Finance, Professional Experience, Marketing.

Being Mandatory for establishment, using or protecting a right

Identity, Contact, Personnel, Customer Transaction, Legal Transaction, Finance.

Explicit Consent

Identity, Contact, Customer Transaction, Finance, Audio-Visual Records, Professional Experience, Marketing.

Biometric Data, Health Information.

You may reach the information on which of your personal data are processed for which of the personal data processing purposes from “Record Query” page at https://verbis.kvkk.gov.tr of Personal Data Protection Agency.

Other Rights of the Customer:

Without prejudice to all the relevant exceptions, and in particular the cases provided for in Article 28 of the KVKK, you may submit your requests within the framework of Article 11 of the KVKK, which "regulates the rights of the person concerned"

  • In writing and signed, via the KEP address of our Bank (albarakaturk@hs03.kep.tr ) or via our branches, in accordance with the "Communiqué on the procedures and principles of application to the data controller",
  • By notary public to our address which is İnkılap Mahallesi Dr. Adnan Büyükdeniz Cad. No:6 Ümraniye/ISTANBUL,
  • By sending an e-mail to kvkk@albarakaturk.com.tr using your e-mail address registered with our Bank.

Your application must include the following: 

  • Your name, surname and signature if the application is in writing,
  • If you are a citizen of the Republic of Turkey, your Turkish ID number; if you are not a citizen of the Republic of Turkey, your nationality, passport number or ID number, if any,
  • Your home or work address for notification purposes,
  • Your registered and confirmed e-mail address for the notification, which you have previously notified to our Bank, telephone and fax numbers
  • The subject of your request.

While using your abovementioned rights, our Bank’s right to claim fee/expense in the amounts allowed by legislation is reserved.

[1] Partnerships which you, your spouse, children is a member of the board of directors or a general manager or partnerships which they control together, alone or with a legal entity, directly or indirectly or participate in with limitless responsibility or partnerships which qualified shareholders, members of the board of directors or general manager of a bank control together, alone, directly or indirectly or a partner of with limitless responsibility or a member of the board of directors or a general manager of and real or legal persons who have surety, guarantee or such relations which one of them being in insolvency shall cause the result of all being in insolvency constitute a risk group. In addition to these, other real or legal persons who shall be within the scope of a risk group are determined by T.R. Banking Regulation And Supervision Agency.