LETTER OF ELUCIDATION PURSUANT TO THE PRIVACY ACT
This elucidating is made in accordance with the article 10 of “the Law on Protection of Personal Data” (LPPD in short) No. 6698 and due to statutory obligation.
In LPPD, all kinds of information about an identified or identifiable real person is defined as personal data and our Bank carries out personal data processing activities by taking necessary security measures in order to protect fundamental rights and freedoms, especially the right of privacy. Our aim is to inform you about your personal data collection methods, processing purposes, legal reasons, transfer to third parties where the legislation permits and your rights in line with your satisfaction.
a) The Identity of the Date Controller and his Representative (if any):
The data controller is Albaraka Türk Participation Bank Inc.
b) For which Purposes the personal data will be Processed:
Your personal data can be processed for the purposes of;
- Participation fund acceptance; cash, non-cash lending transactions in all types and forms; all kinds of payment and collection transactions including payment in cash and in deposit money and fund transfer transactions, use of correspondent banking or cheque accounts; custody services; issuance of payment means such as credit cards, debit cards and traveler's checks and execution of related activities; foreign exchange transactions, including effective; buying and selling money market instruments; trading of precious metals and stones or placing them in custody; purchase, sale and brokerage transactions of forward agreements, option agreements based on economic and financial indicators, capital market instruments, commodities, precious metals and foreign currency, option contracts, simple or complex financial instruments containing more than one derivative instruments; purchase and sale of capital market instruments and repurchase or resale commitment transactions; intermediation transactions for the sale of capital market instruments through issuance or public offering; transactions for trading of previously issued capital market instruments for intermediary purposes; guarantee transactions such as undertaking collaterals, guarantees and other obligations in favor of others; financial leasing transactions; carrying out the sales processes and after-sales support services of insurance agency and private pension brokerage products/services, execution of service production and operational processes,
- Carrying out the evaluation processes of requests made for the products/services offered; determining the owner, authority and addressees of the business and transactions to ensure the security of operations; conducting investment processes, arranging all records and documents that will be the basis for transactions to be carried out in electronic or paper environment; conducting communication activities by transmitting important information required to be shared with you through your contact information; conducting the processes of intelligence, monitoring, analysis, credit history, determination of creditworthiness, credit assessment, loan allocation, collateral and collection transactions for credit transactions; follow-up of overdue loans and bank receivables, commissions and expenses; sale of movable properties and immovable properties taken over as a set-off against receivables; follow-up of requests and complaints by keeping notifications such as complaints, objections, requests, suggestions, satisfaction, etc., in our notification management system to provide you with a better service; carrying out management activities,
- Carrying out risk management processes in compliance with risk monitoring and information obligations; fulfillment of the control/investigation intelligence activities stipulated by the legislation, in particular the obligations related to internal systems, and, when necessary, sharing with the relevant authorities; maintaining bank internal system and application management operations, conducting/planning, auditing and implementing information security processes; recording of camera images in our Bank’s service units and ATMs due to security practices in the workplace; quality standards, security, fraud prevention, resolution of disputes, recording and auditing of correspondence, communication and transactions; notifying you of our nearest branch/ATM to your location if your permit/request, ensuring transaction security in transaction made without card with QR code,
- Executing the contracts, which have been/will be made, and relations, which have been/will be established, with the Bank; for the organization and execution of all kinds of legal and commercial between the bank and the customer; following the cases and executive proceedings to which our Bank is a party,
- Planning, execution, supervision and security of business activities, operational processes and purchasing operations; conducting financial and accounting transactions, preparation of consolidated financial statements,
- Increasing the product and service quality, carrying out the promotion and marketing processes, product studies, identifying products and services that appeal to the customer, conducting activities for customer satisfaction, increasing efficiency and profitability, information research, modeling, obtaining appreciation and evaluation with questionnaires and other ways, their measurement, analysis, reporting and evaluation, conducting customer satisfaction/loyalty studies, publication, promotion and commercial electronic message submission, R&D activities, strategy formulation, carrying out the planning and statistical activities required by our Bank, execution of customer relationship management processes, organization and event management, conducting sponsorship activities, conducting advertisement/campaign/promotion processes,
- Fulfilling the information storage, reporting and informing obligations envisaged by authorized persons, institutions and organizations,
- Conducting activities in accordance with the legislation, obtaining and evaluating suggestions for improving business processes, carrying out storage and archive activities, and carrying out strategic planning activities.
The Purpose of Processing of Personal Data of the Same Risk Group:
Even if you are not our customer, your personal data may be processed  in order to identify, monitor, report and control of the risk group that you will be included in to determine the credit limits that will be provided to a risk group according to the banking legislation.
Partnerships in which you, your spouse and children are member of the board or general manager or which are controlled by them or by a legal entity severally or jointly, directly or indirectly or participated by the same persons with unlimited liability, and qualified shareholders, and members of the board and general manager of a bank, and partnerships in which they have control jointly or severally, directly and indirectly or partnership with unlimited liability or they are member of the board or general manager, and natural and legal persons, who have surety, warranty and similar relations to the extent that in case one of them have got difficulty in repayment will result one or a few of them to have difficulty in repayment, constitute a risk group. In addition, other natural and legal persons to be included in the scope of the risk group are determined by the Banking Regulation and Supervision Agency.
c) To whom and for what purpose the Personal Data can be transferred:
Within the framework of Article 8 of LPPD No. 6698 on the transfer of personal data and Article 9 on the transfer of personal data abroad, your personal data held by our Bank may be transferred to persons/institutions located at home and abroad for the following purposes;
- In order to fulfill our legal obligations to legally authorized persons, institutions and/or organizations such as Banking Regulation and Supervision Agency, Capital Markets Board, the Central Bank of the Republic of Turkey, Revenue Administration, Financial Crimes Investigation Board, Credit Bureau, Interbank Card Center, Small and Medium Industry Development and Support Administration, Social Security Institution, the Association of Financial Institutions,
- To third parties, support service organizations which the service is received from, cooperating organizations, consultants, program partners, within the limits/obligations set forth by the Banking Law and other laws and regulations and to the extent required by the business processes, in order to carry out our banking activities;
- To the persons, institutions and/or organizations whose activities we conduct in the capacity of intermediary/agency in order to fulfill the obligations arising from the intermediary/agency law;
- To courts, enforcement and bankruptcy offices, judicial authority such as prosecution office and alternative dispute resolution bodies such as mediation, arbitral tribunal, arbitration, conciliator, law offices, asset management companies, for the purpose of monitoring and execution of legal affairs,
- To independent audit company in order to audit that activities are carried out in accordance with the legislation,
- To correspondent banks, domestic/foreign financial institutions in order to fulfill the obligations regarding the recognition of the persons who are parties to the transaction due to the nature of the transaction,
- To payment systems organizations, card institutions including Europay Int. SA, Western Union, Mastercard Int. INC, Visa INC, JCB Int. Co., Maestro, Electron; domestic/foreign member merchants in order to execute credit cards and money transfer processes, due to the nature of the transaction;
- To other third parties in case of and within your express consent;
d) Method and Legal Reason for Collecting Personal Data:
Based on the legal reasons of;
- Explicit stipulation in law,
- The requirement of processing of personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract,
- The fact that it is mandatory for our Bank to fulfill its legal obligation.
- The fact that it is mandatory for the establishment, use or protection of a right,
- The fact that it is mandatory for the legitimate interests of the data controller Bank, provided that it does not harm the fundamental rights and freedoms of the person concerned,
- Your explicit consent
your personal data are processed for the purposes stated in articles (b) and (c) above, by collecting them in written, verbal, electronic or other means, either fully or partially automatic or non-automatic means through the following;
- The information you provide through the Bank’s Headquarters, Units, Regional Directorates, Branches,
- Real and legal persons that the Bank cooperates with/receives service from and provides services to, such as its affiliates, support service organizations, companies whose activities we conduct in the capacity of intermediary/agency, correspondent banks, contracted dealers, customer interviews, applications made directly to sales teams, member merchants and their POS devices, market intelligence, screening forensic records, SSI records, PTT,
- National and international authorities/institutions,
- Identity Sharing System, Address Sharing System, Trade Registry Gazette, Land Registry and Cadastre Information System, Risk Center, Credit Bureau, Electronic Pledge systems, that are made available to our Bank by public institutions and organizations,
- ATM, kiosk, means of payment, websites, media, social media, internet banking, mobile banking, telephone banking, call center, mobile applications,
- Telephones, computers and cameras of the Headquarters, units, regional directorates, branches,
- Cameras on the ATM,
- Registered electronic mail, electronic notification, electronic mail, mail, fax, short message and swift,
- All kinds of notifications, applications to the Bank and interviews
e) Customer’s Other Rights:
Without prejudice to all relevant exceptions, in particular the cases provided for in Article 28 of the LPPD, you may submit your requests under Article 11 of the LPPD “regulating the rights of the person concerned”, to REM address of firstname.lastname@example.org of our bank in accordance with the “Communiqué on Procedures and Principles of the Application to Data Controller” or to the address Saray Mahallesi Dr. Adnan Büyükdeniz Cad. No:6 Ümraniye/İSTANBUL in writing and signed through notary public or to the e-mail address email@example.com by using secure electronic signature or mobile signature or your e-mail address registered in our Bank.
In exercising your aforementioned rights, our Bank reserves the right to charge fees/expense in the amounts allowed by the legislation.
For more information, you can access to Personal Data Protection and Processing Policy here.