As Destekbank, we attach importance to the security of your personal data and take the necessary measures within the framework of the relevant legislation to protect all your personal data, especially your sensitive data.
Our Bank processes different personal data on the basis of different categories of persons within the scope of its activities. You can find detailed information about our Bank's personal data processing activities below. You can benefit from this information text to learn which of your data is processed according to your connection with our Bank, the purposes of data processing and their legal basis, the methods of data collection, transfer to third parties and your rights regarding our personal data processing activities.
As explained in this clarification text and in accordance with the KVKK legislation, your personal data may be recorded, archived, updated, transferred and classified by our Bank.
1. This information aims to inform natural persons about the personal data processing activities carried out by Destekbank in accordance with the Law on the Protection of Personal Data (Law) and other relevant legislation. The details of the Bank's personal data processing policy can be found under the heading 'Protection of Personal Data'.
2. Destek Yatırım Bankası A.Ş.
3. Mersis Number: 293101607500001
4. Personal data refers to any information belonging to an identified or identifiable natural person.
5. Pursuant to the Law No. 6698 on the Protection of Personal Data ("Law") published in the Official Gazette dated April 7, 2016 and numbered 29677 in order to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, and to determine the obligations of real and legal persons who process personal data, personal data may be processed without consent in the cases listed in the Law, and by obtaining the consent of individuals outside of these cases.
6. In the presence of any of the following situations, consent is not required for the processing of personal data.
• Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
Within the framework of the regulations made by the KVKK, personal data are categorized and classified within certain specific frameworks. These data categories have also been taken into consideration in terms of the personal data specified in the continuation of this clarification text. The data categories specified below as special categories of data are processed by the Bank without your consent within the framework of the principles and rules listed in the Law, if there is a valid legal basis in accordance with the Law.
Identity Information: Information that serves to identify a natural person, such as the person's name, surname, mother's and father's name, place and date of birth, marital status, information on the identity document.
Contact Information: Information about the person's home, work and other addresses, e-mail address, registered electronic mail address (REM), telephone number, fax number, contact preference, etc. that can be used to communicate with real persons.
Personnel Information: This refers to information such as payroll information, disciplinary investigation, employment records, property declaration information, CV information, performance evaluation reports.
Legal Transaction Information: Correspondence made by our Bank with judicial authorities, information kept in lawsuit/investigation files (including mediation procedures), information contained in prosecution/investigation/investigation letters sent to our Bank by official institutions.
Customer Transaction Information: Includes information such as call center records, invoice, promissory note, check information, information on transaction receipts, information on applications and requests for products and services offered by the Bank; evaluation results of these applications and requests, account and all other transaction records.
Physical Space Security Information: Entry and exit registration information of employees and visitors, security camera records, etc.
Transaction Security Information: Data intended to ensure the transaction security of the Bank and its customers in the products and services offered by the Bank, such as IP address information, website login and exit information, password and password information.
Risk Management Information: Data processed for the purpose of managing the risks faced by the Bank (such as technical risks, commercial risks, risks specific to banking activities).
Finance Information: Balance sheet information, financial performance information, credit and risk information, asset information, creditworthiness information, legal and administrative follow-up status.
Professional Experience Information: Diploma information, educational status, courses attended, on-the-job training information, certificates, transcript information, work experience information and information on previous organizations and title levels, areas of specialization, foreign language knowledge, etc.
Audio and Visual Recordings: Information on audio-visual recordings of phone calls, video calls or meetings between the Bank and data subjects.
Health Information: Information on disability status, blood type information, personal health information, device and prosthesis information, etc. It is sensitive personal data and can only be processed with your explicit consent.
Criminal Conviction and Security Measures: Information on criminal conviction, criminal record, information on security measures, etc. It is a special category of personal data and can only be processed with your explicit consent, except for the cases listed in the laws.
Biometric Data: Data that enables us to recognize the person based on biometric elements such as palm information, fingerprint information, retinal scan information, facial recognition information. It is a special category of personal data and can only be processed with your explicit consent, except for the cases listed in the laws.
7. The purposes of processing personal data processed by our Bank, the legal grounds for processing within the framework of these purposes and the issues regarding the transfer of data to third parties are explained on the basis of categories of persons in the continuation of the clarification text. You can access more detailed information from the relevant heading of the disclosure text by determining which category of person you fall into according to the content of your relationship with our Bank.
8. On the other hand, if persons who wish to benefit from the rights provided to disabled persons in the products and services offered by our Bank notify their status to our Bank, their disability status must be recorded due to legal regulations. Therefore, in such a case, regardless of the category of the person, health information regarding the disability status is processed by obtaining consent in order to determine the disability status.
9. Pursuant to the Banking Law No. 5411, partnerships in which you, your spouse, your children and the aforementioned persons are members of the board of directors or general managers, or in which they or a legal entity jointly or individually, directly or indirectly control or participate in with unlimited liability, as well as qualified shareholders, members of the board of directors and general manager, deputy general managers and managers who hold positions equivalent to or higher than them in terms of authority and duties, even if they are employed under other titles, and their spouses and children, Real persons and legal entities that they control directly or indirectly, jointly or individually, directly or indirectly, or in which they are partners with unlimited liability, or in which they are members of the board of directors or general managers, and real persons and legal entities that have bail, guarantee or similar relationships to the extent that the insolvency of one of them will result in the insolvency of one or more of the others constitute a risk group. In addition to these, other real and legal persons and entities to be included in the risk group are determined by the Turkish Banking Regulation and Supervision Agency. In this respect, even if you are not our customer, your personal data may be processed by our Bank in order to determine, monitor, report and control the risk group that you will be included in order to determine the credit limits to be extended to a risk group in order to comply with our legal obligations in accordance with the banking legislation (Law No. 6698, Art. 5/2/ç) and to fulfill the requirements of the banking service contract we are a party to (Law No. 6698, Art. 5/2/c).
10. Except for the data processing purposes detailed separately on the basis of person categories, our Bank may process personal data within the scope of the Banking Law No. 5411 and Capital Markets Law No. 6362, as well as the secondary legislation and other relevant legislation related to these laws,
to determine the identity of the transaction owner or the real persons who are parties to the subject matter; to prepare all records and documents that will be the basis of the transaction in electronic channels or paper media; to comply with the information retention, reporting and information obligations stipulated by the legislation, BRSA, CMB, CBRT and other authorities for applicants, customers of the bank, guarantors, partners, real beneficiaries or authorized/representatives, visitors of the bank, visitors of the websites offered by the bank and other real persons; to be able to offer the requested / other products, services and campaigns of our bank; to conduct customer, product, service and marketing analyses; to finalize the applications made regarding the products and services of our bank, to ensure that services are received from support service organizations or service providers and to fulfill the requirements of the contracts to be concluded. In the marketing and promotion of products and services, the rules listed in the legislation on sending commercial electronic messages are taken as basis. The data of natural persons who have consented to sending commercial electronic messages within the framework of the said legislation are also processed for marketing and promotion purposes, regardless of the category of person. Persons who have given their consent for sending commercial electronic messages can withdraw their consent at any time.
11. The Bank may collect personal data from different sources, as explained separately for each group of individuals. Some of the data is obtained directly from the data subjects through forms, verbal interviews or documents, while some information is obtained from public institutions or other third parties:
• Public Institutions and Organizations (Address Sharing System and Identity Sharing System etc.)
• Other Institutions from which Information is Obtained within the Scope of Legislation (Information made available to banks by institutions such as the Credit Bureau and the Risk Center of the Banks Association of Turkey in line with legal regulations) - Business partners of the Bank: Third parties from which the Bank receives services under a contract or with which the Bank has a business partnership while conducting its activities, especially the organizations that provide support services to the Bank
This group of persons refers to those who have established a permanent business relationship with the Bank through accounts, loans, checkbooks or similar means. The personal data of the Bank's customers, the legal grounds and purposes of data processing are as follows:
Processed Personal Data: Identity, communication, legal transaction, customer transaction, transaction security, risk management, finance, professional experience, audio and visual records, biometric data
This group of persons refers to real persons who apply to benefit from the products and services offered by the Bank or real persons whose data the Bank processes for marketing purposes.
It refers to the officials, representatives and, if any, proxies of the companies in the status of potential customer, customer, guarantor, guarantor whose data are processed by the Bank.
Processed Personal Data: Identity, communication, legal proceedings, risk management, financial, audio and visual records
This group of persons refers to the shareholders of the firms, persons who have control over these firms, real beneficiaries of client accounts other than natural persons or natural persons, or persons of similar nature.
This group of persons refers to real persons who act as guarantors for the loans extended by the Bank or who pledge an asset they own as collateral.
This group of persons refers to persons who are authorized as parents, guardians or proxy of natural persons.
Processed Personal Data: Identity, communication, legal transaction, customer transaction, risk management, finance, audio-visual records
This group of persons includes the employees and officials of the companies that are suppliers of the Bank or real persons from whom goods or services are directly purchased.
Processed Personal Data: Identity, communication, legal transaction, transaction security, risk management, finance, professional experience, visual and audio records
This group of persons includes persons who endorse negotiable instruments submitted to the Bank as collateral for credit transactions or similar transactions.
Personal Data Processed: Identity, risk management
This group of persons refers to the spouses and other family members of the shareholders/control holders or real beneficiaries of legal entities who wish to benefit from the Bank's products and services, or real persons whose data are processed by the Bank, or real persons of a similar nature.
Personal Data Processed: Identity, risk management
This group of persons refers to those who send their CV information to the Bank for the purpose of working at the Bank, and those who transfer their information by applying to job advertisements published by the Bank or by persons or organizations providing services to the Bank.
Processed Personal Data: Identity, contact, personal, professional experience
This group of people includes people who visit our Bank's service buildings. When you visit our Bank, you can read our clarification text on the subject in the entrance area.
Processed Personal Data: Identity, visual and audio recordings, physical space security
12. Banks are subject to strict rules and controls under the Banking Law on the protection of customer confidentiality. Your personal data is shared only with the persons or organizations permitted by the Banking Law within the framework of the contracts signed. In this context, your personal data can only be shared within the framework of the third and fourth paragraphs of Article 73 of the Banking Law No. 5411, with financial institutions and other third parties listed in the said article; public legal entities such as BRSA, CMB, CBRT; our shareholders, our direct / indirect domestic / foreign affiliates; organizations from which we receive services to carry out our banking activities, organizations that provide valuation, rating and independent audit services to our Bank. Except for the authorizations given in the Banking Law and other relevant laws, sharing your personal data with third parties is only possible with your explicit consent.
13. The purposes of data transfer are explained below on the basis of recipient groups:
Authorities authorized by law to request bank and customer confidential information: Fulfillment of the bank's legal obligations
Shareholders of the Bank: Preparation of consolidated financial statements, risk management and internal audit activities
Independent Audit Firm of the Bank: Maintaining the Bank's independent audit activities within the scope of the BRSA's regulations on independent audit
Persons and Organizations Providing Services to the Bank within the Scope of Contractual Relationship: Providing products and services to the Bank's existing and potential customers within the framework permitted by the legislation, fulfillment of the Bank's legal or contractual obligations through third parties
Valuation and Rating Institutions: Valuation of the Bank's assets, loans and other receivables within the framework of BRSA regulations and other relevant regulations; Providing data for rating the Bank
Other banks and financial institutions, risk centers or companies to be established by at least five banks/financial institutions: Fulfillment of obligations regarding data sharing with the Risk Center, intelligence sharing
By applying to our Bank within the scope of KVKK, your personal data may be collected by our Bank
a) Find out whether it is being processed,
b) Request information if processed,
c) To learn the purpose of processing and whether they are used in accordance with their purpose,
d) Knowing the 3rd parties to whom it is transferred domestically / abroad,
e) To request correction in case of incomplete or incorrect processing,
f) To request its erasure or destruction under the conditions stipulated in Article 7 of the Law,
g) To request notification of the transactions carried out in accordance with paragraphs (d) and (e) above to the third parties to whom it is transferred,
h) Object to the occurrence of a result to your detriment due to analysis exclusively by automated systems,
i) If you suffer damage due to unlawful processing, you have the right to demand compensation for the damage.
To exercise these rights, simply fill out the application form on the link below and send it to the address indicated on the form.