PRIVACY POLICY
At TurkishBank Joint Stock Company (“TurkishBank”), we consider the privacy and security of our valued customers’ personal data as one of our most important responsibilities. We place great importance on protecting your data within the framework of the Personal Data Protection Law No. 6698 and related regulations, showing the utmost care and diligence in this regard.
1. The website www.turkishbank.com and/or the TurkishBank Mobile Application, operated by TurkishBank Joint Stock Company, may use personal information transmitted electronically by users within the purposes and scopes specified by law. The term “users” includes individuals and entities visiting, signing up for, filling out forms on, or entering into a legal relationship through the www.turkishbank.com website and/or the TurkishBank Mobile Application.
2. The relevant data collected through the www.turkishbank.com website and/or the TurkishBank mobile application are used for the creation of an account assigned to you at TurkishBank, acceptance of deposits, creation of customer account records, reconciliation of accounts, monitoring customer account transactions, executing customer account instructions, making payments, processing investment orders, completing transfers, applying the interest rates determined by the Central Bank of the Republic of Turkey and/or TurkishBank in accordance with the customer’s deposit account, carrying out taxation activities, taking legal actions, claims, and debt collection when necessary, monitoring and controlling risks by TurkishBank, conducting risk management activities suitable for the scope and structure of its operations and changing conditions, analyzing and reporting potential risks in the opening of customer accounts/monitoring of account activities, combating money laundering and the financing of terrorism, sending codes to ensure transaction security and identity verification by TurkishBank, communication with you, resolving requests and complaints, receiving instructions related to customer account activities and providing support, resolving issues with programs offered by TurkishBank to customers and ensuring smooth operation of these programs, making payments in case of automatic payment instructions, processing pension payments in case of pension instructions, opening a checking account if you wish to open a checking account at TurkishBank, sending communications for commercial purposes with your consent, in accordance with the Law No. 6563 on the Regulation of Electronic Commerce and its secondary regulations, and for the execution of all services provided within the scope of banking services. This data is used and stored solely on the www.turkishbank.com website and the TurkishBank Mobile Application. Additionally, for the purpose of providing services, the data may be transferred to organizations within the TurkishBank Group through the www.turkishbank.com website and the TurkishBank Mobile Application, in compliance with the provisions of the Personal Data Protection Law No. 6698, provided that the necessary consents are obtained or if there is a legal reason that does not require consent. We recommend reviewing the information on our website’s KVKK page regarding the processing and protection of your personal data.
3) This data is used and stored solely within the www.turkishbank.com website and TurkishBank Mobile Application for the execution of banking services. Furthermore, for service fulfillment purposes, such data may be shared with entities within the TurkishBank Group through the www.turkishbank.com website and TurkishBank Mobile Application, provided the necessary permissions are obtained in accordance with Law No. 6698 on the Protection of Personal Data or in cases where a legal basis does not require such permissions.
We recommend reviewing the informational texts provided on the KVKK (Personal Data Protection Law) page of our website for further details on the processing and protection of your personal data.
4) The www.turkishbank.com website and/or TurkishBank Mobile Application may, when necessary, log users’ IP addresses for purposes including service delivery, identifying problems on the website, resolving technical issues, and addressing unauthorized system access or other problems promptly. These logs are retained within the timeframes specified by the Law No. 5651 and other relevant legal regulations.
5) Within the purposes and scope specified in the Membership Agreement of the www.turkishbank.com website and/or TurkishBank Mobile Application:
- Users who are not tradesmen or merchants may be informed about new products and discounts through electronic communication channels with their prior consent.
- For users who are tradesmen or merchants, no consent is required for the same purposes.
6) Personal information such as name, surname, email address, and phone number may be recorded in the site’s database when users fill out various forms or enter data into designated fields on the www.turkishbank.com website and/or TurkishBank Mobile Application.
7) Under the purposes defined in previously executed or future agreements with you, or with your consent, TurkishBank may send informational messages via SMS or email for advertising, marketing, promotion, or notification purposes.
8) In limited circumstances outlined below or in the disclosure statements provided under Article 10 of Law No. 6698 on the www.turkishbank.com website and/or TurkishBank Mobile Application, user information may be disclosed to third parties outside the provisions of this privacy policy:
a) When compliance with a rule prescribed by the Constitution, laws, decrees, regulations, communiqués, circulars, or other legislation is required.
b) When duly authorized administrative or judicial authorities request information as part of a formal investigation or prosecution.
c) When suppliers, audit firms, correspondent banks, domestic affiliates, or other third-party business partners or service providers request information to fulfill banking services in compliance with the principles of Article 4 of Law No. 6698.
d) When providing account instructions involving the relevant individuals.
9) Except for the mandatory exceptions listed above, the www.turkishbank.com website and TurkishBank Mobile Application commit to keeping users’ personal information strictly private and confidential. TurkishBank views this as a duty of confidentiality and undertakes to take all necessary precautions (e.g., signing confidentiality agreements and standard contracts for cross-border data transfers) to ensure and maintain confidentiality. Furthermore, TurkishBank pledges to prevent unauthorized access, use, or disclosure of private information and to implement necessary care to protect such data. The security of personal information is safeguarded with systems and internet infrastructure adhering to the highest security standards, and all necessary measures are applied diligently.
10) During payment processes, if online payment channels are used, sensitive personal data such as card details are automatically transferred to the relevant bank’s designated unit through SSL-certified secure servers. These details are never shared with any employee or third party and are not stored in any form.
11- Monitoring/Changes to Privacy and Security Conditions
TurkishBank Group reserves the right to make changes to privacy and security conditions or impose additional conditions at any time without prior notice. Any changes regarding the nature of the collected information, its usage, the circumstances under which it may be shared with third parties, and all necessary privacy conditions will be published on this page for your information. As TurkishBank Group retains the right to make changes to the privacy conditions, it is essential to regularly review and read the privacy and security conditions. Continued use of this site after such changes implies acceptance of the changes to the privacy and security conditions.
12- Open System
Users acknowledge and accept that the internet is not a secure environment, that communication over the internet carries risks, and that all information, including personal details and passwords, may be exposed to unlawful acts by third parties. TurkishBank Group provides no guarantees regarding security or protection against malicious acts.
13- User Information
The User is responsible for any content and personal information (any information representing the individual) placed, transmitted, or sent via the www.turkishbank.com website and/or the TurkishBank Mobile Application. Users declare and guarantee that all information transmitted/sent to the www.turkishbank.com website and/or TurkishBank Mobile Application is reliable, accurate, does not violate third-party rights, and complies with the law. TurkishBank Group reserves the right to partially or entirely remove or restrict access to content it deems harmful to other users or third parties, or that violates the law, from the www.turkishbank.com website and/or TurkishBank Mobile Application. However, TurkishBank Group is not obligated to do so.
14- Username and Password
The User is responsible for any content and personal information (any information representing the relevant person) placed, transmitted, or sent through the www.turkishbank.com website and/or the TurkishBank Mobile Application. Users hereby declare and guarantee that all information they transmit/send to the www.turkishbank.com website and/or the TurkishBank Mobile Application is reliable, accurate, does not violate the rights of third parties, and is not in violation of the law. TurkishBank Group reserves the right to remove or block access to any content placed on the www.turkishbank.com website and/or TurkishBank Mobile Application by Users that it believes causes harm or burden to other Users or third parties or violates applicable laws, either partially or entirely. However, there is no obligation for TurkishBank Group to undertake such actions.
15- Third-Party Websites
This site may contain links or information leading to sub-sites and external sites not operated or controlled by TurkishBank Group but by third parties. TurkishBank Group does not provide any guarantee or commitment regarding the content, security, privacy policies, or continuity of communication on these linked sites. Responsibility is subject to the terms and conditions specified on third-party sites. Before conducting any transactions, users should review the security and privacy conditions of the respective sites. TurkishBank Group is not liable for personal data shared with these sites, content or services accessed, or the privacy policies and practices of these sites.
16- Site Utilities
Certain sections of the site may require the use of utility programs for access. Data related to the mode and scope of access to these sections may be recorded in the site database.
17- In accordance with Article 11 of the Personal Data Protection Law No. 6698, you can exercise your rights over your personal data and the rights specified in the TurkishBank A.Ş. and its Subsidiaries Personal Data Protection Policy by submitting your requests with information and documents that will identify your identity. You can do so through the communication channels on the www.turkishbank.com website and/or the TurkishBank Mobile Application, or through TurkishBank’s turkishbank.muhaberat@hs03.kep.tr Kep address, or Turkish Securities Inc.’s turkishyatirim.muhaberat@hs02.kep.tr Kep address, or other methods specified by the Personal Data Protection Board or foreseen in the Personal Data Protection Law and its secondary regulations, by contacting TurkishBank and/or Turkish Securities.
You have the right to:
- Obtain detailed information about the protection of your personal data,
- Learn whether your personal data is being processed,
- Request information if your personal data has been processed,
- Learn the purpose of processing your personal data and whether it is being used in line with that purpose,
- Learn whether your personal data has been transferred and, if so, the third parties to whom it has been transferred,
- Request correction of your personal data if it has been processed incompletely or inaccurately,
- Request the deletion of your personal data under the conditions specified in the legislation,
- Request notification of the correction or deletion of your personal data to third parties to whom it has been transferred,
- Request compensation if you incur damages due to unlawful processing of your personal data.
If you submit your requests regarding the rights mentioned above to TurkishBank and/or Turkish Securities Inc. using the methods provided below, TurkishBank and/or Turkish Securities Inc. will respond to your request within thirty days free of charge, depending on the nature of the request. However, if the process requires an additional cost, TurkishBank and/or Turkish Securities Inc. may charge a fee according to the tariff set by the Personal Data Protection Authority.
In your application, the following information is required:
- If the application is made on your behalf, your name, surname, and signature (if the application is written),
- For Turkish citizens, your Turkish ID number; for foreigners, your nationality, passport number, or if available, your identification number,
- Your residential or business address for notification purposes,
- If available, your email address, phone number, and fax number for notification purposes,
- The subject of your request, and if applicable, any relevant information and documents should also be attached to the application.
Personal data owners can submit their requests related to the rights mentioned above by filling out and signing the “Data Subject Personal Information Form” and sending it to TurkishBank and/or Turkish Securities Inc. with the necessary identity verification information and documents. If a third party is applying on behalf of the data subject, a special power of attorney issued by a notary for the person making the application must be provided.
- As TurkishBank Group, we take the necessary technical and administrative measures to protect personal data against unauthorized access, loss, misuse, disclosure, alteration, or destruction. Our company is committed to maintaining the confidentiality of your personal data, taking all necessary technical and administrative measures to ensure its confidentiality and security, and exercising due diligence in this regard.
- Although TurkishBank and Turkish Securities Inc. (TurkishBank Group) take the necessary information security precautions, in the event of attacks on the www.turkishbank.com website and the TurkishBank Mobile Application that result in personal data being damaged or falling into the hands of third parties, we will immediately notify you and the Personal Data Protection Authority.
- Your personal data will not be kept for longer than the period required for the purposes of processing. The classification of records containing personal data and the retention periods for them are determined in accordance with TurkishBank A.Ş. and its subsidiaries’ Retention and Destruction Procedure. Personal data that has reached the end of its required retention period or has been requested to be deleted by the data subject will be anonymized, deleted, or destroyed in accordance with the TurkishBank A.Ş. and its subsidiaries’ Retention and Destruction Procedure, to the extent that the data subject can no longer be identified. For more detailed information, you can review our Personal Data Protection Policy on the www.turkishbank.com website and/or TurkishBank Mobile Application.
- Cookie (Cookies) Information & Cookie Disclosure Text:
21.1. General Information
As TurkishBank Inc. (hereinafter referred to as “TurkishBank”), in accordance with the Law on the Protection of Personal Data No. 6698 (“KVKK”) and the Communique on Procedures and Principles for Fulfillment of the Obligation to Inform, published in the Official Gazette No. 30356 on 10.03.2018, this “Information” document is prepared by us as the Data Controller, in order to inform you, within the scope of Article 10 titled “Obligation of the Data Controller to Inform”, Article 11 titled “Rights of the Data Subject” of the KVKK, and Articles 4 and 5 of the Communique on Procedures and Principles for Fulfillment of the Obligation to Inform, about: the purpose for which your personal data will be processed, who your processed personal data may be transferred to and for what purpose, the method and legal basis for collecting your personal data, and other rights you have under Article 11 of the KVKK.
With this document, it is aimed to inform you about the processing of personal data obtained automatically through cookies placed on your device when using our website, the purposes for which we use these cookies, and how you can manage these cookies.
21.2. In Which Areas Do We Provide Information?
- General Information About Cookies and the Cookies Used on the Website
- Which of your data is collected
- The purpose for which your data is processed
- With whom your data is shared
- The legal basis for collecting your data
- The destruction of your data
- Your rights under the KVKK (Personal Data Protection Law)
21.3. General Information About Cookies and Types of Cookies That Can Be Used on the Website
- What Are Cookies and Why Are They Used?
Cookies are small text files stored on your device or network server through browsers by the websites you visit. For more detailed information about cookies, you can visit: http://www.aboutcookies.org.
The main purposes of using cookies on our website are as follows:
- To improve the services provided to you by enhancing the functionality and performance of the site,
- To improve the site, offer new features through the site, and personalize the offered features according to your preferences,
- To ensure the legal security of both the site and our company.
- Cookie Types Based on Duration: (The following types of cookies are used on the Site.)
Session Cookies | Session cookies are temporary cookies used during visitors’ visits to the Site, which are deleted after the browser is closed. The main purpose of using these types of cookies is to ensure the proper functioning of the Site during your visit. For example, they allow you to fill out online forms that consist of multiple pages. |
Persistent Cookies | Persistent cookies are types of cookies used to enhance the functionality of the Site and provide faster and better service to our visitors. These cookies are used to remember your preferences and are stored on your device through browsers. Some types of persistent cookies may be used to provide personalized suggestions based on factors such as your intended use of the Site. Thanks to persistent cookies, when you revisit the Site using the same device, it checks whether a cookie created by the Site exists on your device. If it does, it understands that you have visited the Site before, and the content delivered to you will be tailored accordingly, providing you with a better service. |
Types of Cookies Based on Their Purpose: (The following types of cookies are used on the Site)
| Necessary Cookies | |
Technical Cookies | Technical cookies ensure the functionality of the Site and help identify non-functioning pages and areas. These cookies are necessary for the operation of the website. They are used to fulfill a user’s request for an information society service (such as logging in, filling out forms, remembering privacy preferences, etc.). Generally, these cookies can be classified as types that are used based on processing conditions other than explicit consent. |
Authentication Cookies | If visitors log into the Site using their password, such cookies will identify the visitor as a user of the Site on each page they visit, preventing the user from having to re-enter their password on every page. |
| Flash Cookies | These are types of cookies used to activate image or audio content on the Site. |
Functional Cookies
| These are cookies used to remember users’ preferences when visiting different pages of various websites. For example, remembering the language preference you selected. These cookies are used for personalization and remembering preferences on websites or applications (including desktop, mobile, or IoT device applications). They are used to enable functionality beyond essential cookies. In cases where it is not clear that the individual has explicitly requested the information society service, explicit consent will be required. |
Performance Cookies /Analytical Cookies | Analytical cookies are cookies that enable the generation of analytical results, such as the number of visitors to the Site, identification of the pages viewed on the Site, visit times, and scrolling movements on the Site pages. |
| Advertising/Marketing Cookies | Advertising and marketing cookies aim to track users’ online activities in the internet environment to identify their personal interests and display advertisements to users based on these interests. |
- Additional Information Regarding Cookies Requiring Explicit Consent
| Social Plugin Tracking Cookies | Many social networks offer social plugin modules that website owners can integrate into their sites to provide certain services that could be considered “explicitly requested” by their members. However, these modules can also be used for additional purposes such as behavioral advertising, analytics, or market research, and may track both members and non-members through third-party cookies. Therefore, they are subject to explicit consent. |
| Online Behavioral Advertising Cookies | Cookies used for behavioral advertising require explicit consent. In this case, the requirement for explicit consent applies to cookies used for advertising purposes, including but not limited to those used for display frequency, financial record keeping, advertising partnerships, click fraud detection, research and market analysis, product development, and debugging. This is because none of these purposes fall under a service or functionality explicitly requested by the user, as required by Criterion B, in relation to information society services. |
- Types of Cookies by Party:
| Third-Party Cookies | Whether a cookie is a first-party or third-party cookie depends on which website or domain places the cookie. First-party cookies are placed directly by the website that the user visits, i.e., by the URL displayed in the browser’s address bar (example.com.tr). Third-party cookies, on the other hand, are placed by a third party different from the website or domain the user is visiting. |
- Information Regarding Cookies That Do Not Require Explicit Consent
| User Input Cookies | These cookies are session cookies that track the user’s inputs and transmit them to the service provider. Typically, they are first-party cookies tied to a unique session ID value, and their usage is expected to end once the session concludes. First-party user input session cookies typically track the user while they fill out an online form or shopping cart on a webpage, recording the products the user selects by clicking a button or the information entered in the form. |
| Authentication Cookies | Authentication cookies are used to identify a user when they log into a website (for example, an online banking site). These cookies are required to access the website or its content (such as viewing bank accounts, making transfers, etc.). Typically, these cookies are session cookies, but in some cases, they may also function as persistent cookies. |
| User-Centric Security Cookies | These cookies are used to enhance security for services explicitly requested by the user for information society services that are strictly necessary for service provision. This applies to cookies used to detect repeated failed login attempts on a website or to protect the login system from misuse. |
| Multimedia Player Session Cookies | These cookies are used to store the technical data needed for video playback or audio content (e.g., image quality, network connection speed, buffer parameters). Multimedia player session cookies are also known as “flash cookies.” These cookies expire when the session ends. |
| Load Balancing Session Cookies | Load balancing is a technique that allows web server requests to be distributed across a pool of machines rather than a single machine. Web requests from users are redirected to a load balancing gateway, which then forwards the request to an available server in the pool. The redirection needs to remain consistent throughout the session, ensuring that all requests from a specific user are directed to the same server to maintain transaction consistency. These are session cookies, and the information stored in them is solely for identifying communication endpoints (one of the servers in the pool). |
| User Interface Personalization Cookies | These cookies are used to store user preferences for a specific service on web pages, but they are not linked to persistent identifiers like a username. They can only be placed with the user’s explicit request to remember a specific piece of information (e.g., clicking a button or checking a box). These cookies may be valid for the duration of the session or may remain valid for weeks or months, depending on their purpose. |
| Social Plugin Content Sharing (like, share, comment) Cookies | These cookies must be session cookies (since persistent authentication cookies do not fall under the above criteria) and should expire when the user logs out from the social network platform or (in the case where the “remember me” feature is not used) when the browser is closed. |
| Cookies Used for Explicit Consent Management Platform | These cookies are used to remember preferences for obtaining explicit consent for cookies that require consent, on the webpages visited by the relevant persons. |
| First-Party Analytical Cookies | These cookies are necessary for the proper functioning of a website or application by using traffic and/or performance statistics. They are used for measuring the website or application’s audience, performance measurement, detecting navigation issues, optimizing technical performance, or estimating server capacity, all of which are related to the requested service for the site’s or application’s operation and daily management. |
| Cookies Used for Website Security | Cookies used for website security are essential for ensuring that the website operates properly and the user can access the requested services. They are necessary due to the potential risks posed by security vulnerabilities that could prevent the site from providing services or the user from accessing the service they requested. |
21.4. What Data Do We Process?
For cookies used on our website, except for mandatory cookies, users’ explicit consent is obtained, and they are provided with the option to change their consent at any time. Users can view the types of cookies used on our website through the cookie management panel and can set their preferences for all cookies other than Mandatory Cookies by choosing the “on” or “off” options. Users can also change their preferences at any time through this panel.
Upon logging into the website, Mandatory Cookies are used.
| Transaction Security | Personal data processed for the operation of such cookies, such as browser information, IP address, and access logs. |
If you give your explicit consent, Performance Cookies will be used to:
| Transaction Security | Personal data processed for the operation of such cookies include browser information, IP address, access logs, most visited pages, issues encountered during navigation, visited pages, clicked links, search terms, other texts used and entered, such as writings. |
If you give your explicit consent, Advertising and Targeting Cookies will be used through third-party cookies placed by our advertising partners.)
| Transaction Security | Personal data processed for the operation of such cookies include browser information, IP address, access logs, your interests, and your profile. |
If you give your explicit consent, Functional Cookies will be used to:
| Transaction Security | Personal data processed for the operation of such cookies include browser information, IP address, access logs, preferences such as language, region, theme, and information previously entered into text fields in form areas on the site. |
21.5. Who Do We Share Your Personal Data With and For What Purpose?
In the presence of legal obligations or the conditions specified in Articles 8/2 and 9/2 of the Personal Data Protection Law (KVKK), your personal data is shared with our company’s lawyer, judicial and administrative authorities requesting information, and third parties with whom our company will receive services in order to fulfill its declared purposes, or with public institutions or organizations authorized to request such data due to a legal obligation. This sharing is done in compliance with the law and the principle of good faith, ensuring that the data is accurate, up-to-date, and limited to specific, clear, and legitimate purposes. It is also shared for purposes such as using our right to legal defense in the event of a potential legal dispute, investigation, judicial or administrative inspection, and responding to official or legal information and document requests. Additionally, cookies used based on your explicit consent are shared with our suppliers in accordance with the purpose of the respective cookie type.
21.6. How Do We Collect and Process Your Personal Data?
We collect your personal data automatically through the completion of various forms mentioned in Section 3 and through cookies during your site visits. We process this data by digitally recording it in our information system, storing it on physical or cloud servers, and creating databases, lists, filling out documents, writing petitions, completing forms, etc., either automatically or manually, depending on the nature of the data and the personal data required to be processed.
21.7. What Are the Purposes and Legal Grounds for Processing Your Personal Data?
Upon entering the website, through Essential Cookies:
| Personal Data Category | Purposes of Processing | Legal Grounds |
| Transaction Security | To fulfill a requested information society service (such as logging in, filling out forms, keeping your session active during page navigation, displaying multimedia, video, audio, and photos), tracking and managing legal processes, ensuring compliance with regulations in activities, providing information to authorized persons, institutions, and organizations, managing information security processes, ensuring the security of the data controller’s operations, and managing access rights. |
|
If you give your explicit consent, Performance Cookies will be used to:
| Personal Data Category | Purposes of Processing | Legal Grounds |
| Transaction Security | By using Performance Cookies with your explicit consent, we ensure the production of analytical results such as the number of site visitors, identification of pages viewed on the site, site visit times, and scroll movements on the site, measuring traffic and counting visitors on our website. This helps in measuring and improving the site’s performance, generating and analyzing statistics regarding how the site is used, which pages are visited, or which links are clicked. It also aids in conducting marketing analysis, managing legal processes, ensuring compliance with regulations, providing information to authorized persons, institutions, and organizations, managing information security processes, ensuring the security of data controller operations, and managing access rights. This way, we can measure and improve the performance of our site. Only anonymous statistics are generated, and they are not used for cross-tracking individuals’ internet browsing across different websites or applications. | The “explicit consent of the data subject” regulated in Article 5/1 of Law No. 6698. |
If you give your explicit consent, Advertising and Targeting Cookies will be used to:
| Personal Data Category | Purposes of Processing | Legal Grounds |
| Transaction Security | Through third-party cookies placed by our advertising partners, we analyze your site usage, interests, and behaviors, create profiles, conduct targeting analysis, carry out product/service targeting efforts, prepare personalized ads, perform behavioral advertising and marketing analysis, manage legal processes, ensure compliance with regulations, provide information to authorized persons, institutions, and organizations, manage information security processes, ensure the security of data controller operations, and manage access rights. These cookies are placed and used on the website by our partners to create a profile based on your interests and to show you relevant ads. | The “explicit consent of the data subject” regulated in Article 5/1 of Law No. 6698. |
If you give your explicit consent, Functional Cookies will be used to:
| Personal Data Category | Purposes of Processing | Legal Grounds |
| İşlem Güvenliği | To make our website more functional and personalized (ensuring that your preferences, excluding privacy preferences, are remembered when you return to the site) and to remember your preferences, enable automatic form filling, manage legal processes, ensure compliance with regulations, provide information to authorized persons, institutions, and organizations, manage information security processes, ensure the security of data controller operations, and manage access rights. | The “explicit consent of the data subject” regulated in Article 5/1 of Law No. 6698. |
21.8. Your Rights Under the Personal Data Protection Law (KVKK)
By applying to our company, you have the right to:
a) Learn whether your personal data is being processed,
b) If processed, request information,
c) Learn the purpose of processing and whether it is used in accordance with its purpose,
ç) Know the third parties to whom it has been transferred, both domestically and abroad,
d) Request correction if it is processed incorrectly or incompletely,
e) Request deletion or destruction within the framework of the conditions stipulated in Article 7 of the KVKK,
f) Request that the transactions made in accordance with (ç) and (d) above be notified to the third parties to whom the data has been transferred,
g) Object to any result arising against you as a result of exclusively automated processing,
ğ) Request compensation for damages in case of harm caused by unlawful processing.
Cookie Settings via Browser Settings
You can change your cookie preferences at any time by clicking on the “Customize Your Cookie Settings (Cookie Management)” tab in the pop-up that appears when you first visit our website. In the cookie management panel, adjust the buttons to your preference (on or off) and click the “Save Settings” button.
Additionally, partial control can be achieved through browser settings. You can access information about cookie management for commonly used browsers via the following links:
– Google Chrome (https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDe
sktop&hl=en)
– Mozilla Firefox (https://support.mozilla.org/en-US/kb/enhanced-trackingprotection-firefox-desktop?redirectslug=enable-and-disable-cookies-websitepreferences&redirectlocale=en-US)
– Microsoft Internet Explorer (https://support.microsoft.com/en-gb/windows/deleteand-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d)
– Safari (https://help.apple.com/safari/mac/9.0/#/sfri40732)
– Opera (https://help.opera.com/en/latest/web-preferences/)
21.9. Measures for the Protection of Your Personal Data
The protection of personal data is an important issue for our company. We take the necessary technical and administrative measures to protect personal data from unauthorized access, loss, misuse, disclosure, alteration, or destruction. Our company is committed to keeping your personal data confidential and taking all necessary technical and administrative measures to ensure privacy and security, while exercising the necessary diligence.
Despite our company’s necessary information security measures, in the event of an attack on the website and system resulting in personal data being compromised or falling into the hands of third parties, we will immediately notify both you and the Personal Data Protection Authority.
21.10. Ensuring the Accuracy and Currency of Your Personal Data
Individuals who share their personal data with our company are aware that it is important for both their rights under the Law No. 6698 on the Protection of Personal Data and in relation to other applicable regulations that this information remains accurate and up-to-date. They also acknowledge and declare that they bear full responsibility for any consequences arising from providing inaccurate information.
You can notify us of any changes or updates to your personal data via the KEP address below, through physical mail to our company’s address, or via the communication channels on our website at https://www.turkishbank.com/.
21.11. Deletion, Destruction, or Anonymization of Your Personal Data
Personal data processed for the purposes stated in this Privacy Notice will be deleted, destroyed, or anonymized upon expiration of the purpose for processing, as specified in Article 7/f.1 of the KVKK, and in accordance with our company’s Personal Data Retention and Destruction Policy. This will be done ex officio or upon your request.
- Detailed Information on Cookies Used on the Site Based on Duration:
| Type | Name | Duration |
| Functional Cookie | Not in Use | |
| Performance Cookie | _ga, _gidi _gat | _ga: 2 years, _gid: 24 hours, _gat: 1 minute |
| Advertising and Targeting Cookie | Not in use |
21.12. Identity of the Data Controller
TurkishBank Joint Stock Company
Mersis No: [0871003631728905]
Address: Valikonağı Cad. No. 1 Şişli/Istanbul