Disclosure Text on
Processing of Personal Data
DISCLOSURE TEXT ON PROCESSING OF PERSONAL DATA
We, Akbank T.A.Ş. (the "Bank"), act as the Data Controller during the protection, processing and transfer of your personal data and the principle of privacy and personal life and protection of individuals' fundamental rights and liberties, and we take necessary measures.
We have prepared our Public Disclosure Text on Processing of Personal Data ("Disclosure Text") in order to inform the data subject about the processing, storage and transfer of your personal data within the framework of the Law on Personal Data Protection (LPPD) and legal regulations. On this page, as the data controller, you can access our information, the purpose for which personal data is to be processed, to whom and for what purpose, the method and legal reason for collecting personal data, and any information about your rights in the LPPD.
If necessary, we can make changes in the Disclosure Text. Changes to be made shall become effective upon publication.
OUR PURPOSE OF PROCESSING YOUR PERSONAL DATA AND THE REASONS FOR LEGAL COMPLIANCE
As Akbank, we have separated our processing purposes regarding the processing, storage and transfer of your personal data within the framework of our activities in the scope of the Banking Law No. 5411, and we have listed them in the tables below.
You can obtain information about the personal data we process, our purposes and the reasons for compliance with the law by selecting the relevant section according to the business relationship between us and our Bank.
This section has been prepared to inform you about the personal data we process if you have established a permanent relationship with our bank or if you use our bank's products and services such as money transfer and bill payment for a single time.
| Personal Data Category | Purposes of Processing | Reason for Compliance with Law |
|---|---|---|
| Finance, Contact, Identity, Transaction Security, Customer Transaction, Risk Management | Fulfilling our obligations and responsibilities regarding our products and services that we provide within the scope of our Bank's activity, Providing payment services including initiating payment order, providing account information service Conducting our contract processes, Ensuring that all products and services are maintained by our subsidiaries and business partners based on your request, |
When it is directly related to the execution or performance of the contract When it is mandatory for us to fulfill our legal obligation |
| Finance, Contact, Identity, Audio and Visual Recordings, Transaction Security, Professional Experience, Customer Transaction, Risk Management, | To identify and confirm your identity and address details, To verify and update customer information, Proving the conversations you have made with our customer communication representatives, Storing and reporting the information as requested by the BRSA, CBRT, MASAK, Revenue Administration, CMB and the Banks Association of Turkey Risk Center and similar public institutions that we are obliged to provide information, and meeting the information document requests of such institutions, |
When it is clearly stipulated in laws When it is directly related to the execution or performance of a contract When it is mandatory for it to fulfill our legal obligation |
| Finance, Audio and Visual Recordings, Legal Action, Contact, Transaction Security, Identity, Professional Experience, Customer Transaction, Risk Management, | Performing risk analysis, To carry out risk management and information security processes, Carrying out Internal Audit / Investigation / Intelligence activities |
When it is clearly stipulated in laws When it is mandatory to fulfill its legal obligation, |
| Finance, Identity, Contact, Professional Experience, Customer Transaction | Carrying out storage and archiving activities Fulfillment of budget and financial reporting processes |
When it is clearly stipulated in laws When it is mandatory to fulfill its legal obligation, |
| Finance, Contact, Identity, Audio-Visual Records, Legal Action, Professional Experience, Customer Transaction, | Follow-up of the legal affairs, Follow-up of claims and complaints, |
When data processing is mandatory for the establishment, exercise or protection of any right, |
| Finance, Contact, Identity, Customer Transaction Audio and Visual Recordings, | Obtaining and assessing the recommendations of the improving the business processes, Increasing the quality of products and services we offer to our customers, Carrying out customer satisfaction studies for our Bank's processes, |
When it is mandatory for the data controller to fulfill her/his legal obligation, When it is mandatory to process your personal data for our legitimate interests, provided that your fundamental rights and liberties are not prejudiced |
| Finance, Contact, Identity, Professional Experience, Customer Transaction, Marketing, | Analyzing during the execution of strategy studies in order to meet the expectations of our customers and improve our services, Carrying out segment studies for the management of customers' accounts, |
When it is mandatory to process your personal data for our legitimate interests, provided that your fundamental rights and liberties are not prejudiced |
| Product sales, sending newsletter and notification, Management of customer relations processes, Transmitting general offers about the products and services you are using, | Provided that it is directly related to the performance of the contract | |
| Conducting marketing analysis and modeling studies in order to offer all of our products and services offered and mediated by our bank specifically to our customers, | When your explicit consent is available | |
| Execution of advertising, campaign and promotion processes and contacting you for these purposes, Contacting you to get your views on our brand, products and services, and banking services |
||
| Location | In order to ensure the information systems and security of the devices you use mobile / internet banking | When it is clearly stipulated in laws, When it is mandatory to fulfill its legal obligation, |
| Presenting campaigns that you can benefit from in your location, Conducting marketing analysis studies, (If you use your mobile applications, your location information is obtained according to the permission preference in your operating system (iOS, Android, etc.).) | When your explicit consent is available |
| Sensitive Personal Data Category | Purpose of Processing | Reasons for Compliance with Law |
|---|---|---|
| Biometric Data | If you request to be our new customer with remote identification method or if you request to transact with remote identification method | When your explicit consent is available |
| Criminal Conviction, | If you want to open a checking account, checking for the impermissibility | When it is clearly stipulated in laws, Fulfillment of our legal obligation, |
| Criminal Conviction, Association, Foundation | During the follow-up of legal affairs, Performing the controls, storing and reporting the information as requested by the BRSA, CBRT, MASAK, Revenue Administration, CMB and the Banks Association of Turkey Risk Center and similar public institutions that we are obliged to provide information, and meeting the information document requests of such institutions, | Establishment, exercise and protection of a right When it is clearly stipulated in laws, Fulfillment of legal obligation, |
| Health | To carry out social responsibility and non-governmental activities, In order to manage the processes of storage, archiving, data recording system | When your explicit consent is available |
This section has been prepared in order to inform you about the data of the people we process in order to manage your loan applications (any "personal/retail loan" such as consumer, vehicle, housing etc., or "commercial loan" in case you are a real person trader) for your needs.
| Personal Data Category | Purposes of Processing | Reasons for Compliance with Law |
|---|---|---|
| Identity, Contact, Risk Management Information, Customer Transaction Information, Customer Contact Center Records, Professional Experience | Receiving and evaluating the credit/loan application request | When it is clearly stipulated in laws When it is directly related to the execution or performance of a contract When it is mandatory for it to fulfill our legal obligation |
| Identity, Contact, Risk Management, Customer Transaction Information, Visual Records (photo), Professional Experience | Extension and collection of loans | |
| Identity Information, Contact Information | Carrying out information processes regarding the product | |
| Identity, Risk Information, Contact, Customer Transaction Information, | Managing Legal Actions for Outstanding Debts, carrying out control activities | When data processing is mandatory for the establishment, exercise or protection of any right, |
| Identity, Contact, Customer Transaction Information, Risk Management | To offer offers in direct connection with the credit/loan products you have at our bank | When it is mandatory to process your personal data for our legitimate interests, provided that your fundamental rights and liberties are not prejudiced |
This section is regulated to inform you about your personal data that we, as Akbank, process in order to evaluate the additional credit card application you have made to our bank or the original credit card holder has made for you, and to manage the contract processes.
| Personal Data Category | Purposes of Processing | Reasons for Compliance with Law |
|---|---|---|
| Identity, Contact, Risk Management Information, Customer Transaction Information, Customer Contact Center Records, Professional Experience | Receiving and evaluation of credit card application request | When it is clearly stipulated in laws When it is directly related to the execution or performance of a contract When it is mandatory for it to fulfill our legal obligation |
| Identity, Contact, Risk Management, Customer Transaction Information, Visual Records (photo), Professional Experience | Loan allocation and disbursement | |
| Identity, Contact, Customer Transaction Information | Providing credit card service / transferring credit card | |
| Risk Management Information | Receiving credit card limit increase requests | |
| Identity, Contact, Customer Transaction Information, Audio and Visual Recordings (call center audio recordings) | Credit card cancellations/offer processes Reactivation of credit cards |
|
| Identity, Risk Information, Contact, Customer Transaction Information, | Managing legal actions for outstanding debts, Carrying out control activities | When data processing is mandatory for the establishment, exercise or protection of any right |
| Customer Transaction Information, Identity Information, Contact Information | Management and reporting processes of credit cards | When it is clearly stipulated in laws When it is mandatory for it to fulfill our legal obligation |
| Identity, Contact, Customer Transaction Information, Risk Management | To offer offers in direct connection with the credit card products you have at our bank | When it is mandatory to process your personal data for our legitimate interests, provided that your fundamental rights and liberties are not prejudiced |
As Akbank, we also provide intermediary activities for the insurance products or services offered by Aksigorta and Agesa, of which we are agents. Your personal data that we process within the scope of our intermediary activities are listed below.
Insurance companies are responsible for data in insurance transactions such as risk and premium calculation and payment of compensation in relation to your insurance contract. In this context, you can obtain information about the processes of processing your personal data by insurance companies from their own disclosure texts.
| Personal Data Category | Purposes of Processing | Reasons for Compliance with Law |
|---|---|---|
| Identity Contact Health Customer Transaction Finance | Fulfilling your insurance policy applications, Fulfilling sales and after-sales transactions regarding life and non-life private pension products and services that we can offer as an agency, Intermediation in the calculation of insurance premiums, For the purposes of mediating the transmission of claim for damages within the scope of the insurance policy to the insurance company and their payment. Conducting operational processes, Compliance with internal systems, risk monitoring and information obligations, |
When it is directly related to the execution or performance of a contract When it is mandatory for it to fulfill our legal obligation |
In order to provide you with the investment products and services you have requested, we process your personal data for the fulfillment of your transactions by Akyatırım A.Ş, acting as an intermediary for the current order transmission we receive from the CMB.
| Personal Data Category | Purposes of Processing | Reasons for Compliance with Law |
|---|---|---|
| Identity, Contact, Customer Transaction, Risk Management | Opening an Investment Account, Managing the processes for capital market products as an intermediary for order transmission, |
When it is directly related to the execution or performance of a contract |
| Fulfilling risk monitoring and reporting obligations | When it is mandatory for it to fulfill our legal obligation |
We can record your visual and audio data in order to ensure security in case you visit our branches or general directorates. Your personal data that we process as a visitor may not be limited to what is written here. If there is any other data we process, we also inform you where you are.
| Personal Data Category | Purpose of Processing | Reason for Compliance with Law |
|---|---|---|
| Audio and Visual Recordings | We record your images in our branches and general directorates in order to ensure security and detect criminal actions. As part of preventing card duplication or fraud * There is a security camera at an appropriate angle that cannot see keyboard movements in places where ATM devices are located. |
When it is mandatory to process your personal data for our legitimate interests, provided that your fundamental rights and liberties are not prejudiced When it is clearly stipulated in laws* |
Partnerships in which you, your spouse, children and such persons are members of the board of directors or general managers, or in which they or a legal entity jointly or individually, directly or indirectly control or participate with unlimited liability as well as partnerships in which qualified shareholders, members of the board of directors and the general manager of a bank, they jointly or individually, directly or indirectly control or are partners with unlimited liability or in which they are members of the board of directors or general manager and any real and legal persons with surety, guarantee or similar relationships that may result in the insolvency of one or more of the others constitute a risk group.
In addition to these, other real and legal persons to be included in the risk group are determined by the Banking Regulation and Supervision Agency of the Republic of Turkey.
Even if you are not a customer within the scope of our explanations above, your personal data may be processed by our Bank in order to determine, monitor, report and control the risk group to which you will be involved in order to determine the credit limits to be extended to a risk group, primarily within the scope of the Banking Law No. 5411 and other relevant legislation.
DATA CONTROLLER AND DATA PROCESSOR
Data Controller
The data controller is any natural or legal person who determines the purposes and means of the processing of personal data, and who is responsible for establishing and managing the data registry system. At this point, our Bank is the Data Controller for the data of our customers, visitors and employees.
You can learn about our Bank, which acts as a Data Controller, below.
| Title | AKBANK T.A.Ş. |
|---|---|
| Address | Akbank Head Office Sabancı Center 4.Levent 34330 Istanbul |
| Mersis (Central Registration System) /Registration Number | 0015001526400497/ 90418 |
Our Affiliates/Subsidiaries included in the Disclosure Text are listed below.
- Aköde Elektronik Para ve Ödeme Hizmetleri A.Ş.
- Ak Yatırım Menkul Değerler A.Ş.
- Ak Portföy Yönetimi A.Ş
- Ak Finansal Kiralama A.Ş
- The insurance companies that we serve as an agency are;
- AgeSA Emeklilik ve Hayat A.Ş.
- Aksigorta A.Ş.
- Stablex Bilişim Teknoloji A.Ş.
Data Processor
Data processors are natural or legal persons who process data on behalf of the data controller. These persons may also be a separate natural or legal person authorized by the data controller to process personal data.
As Akbank, we may authorize third parties as data processors to fulfill the obligation to enlighten in our cooperations. The notifications made by data processing companies reflect the processes of our Bank.
YOUR PERSONAL DATA AND METHODS OF COLLECTION
The table below shows the personal data processed by our bank in groups. Thus, you may familiarize yourself with the data processed by us.
Your Personal Data
| Personal Data Category | Personal Data |
|---|---|
| Identity details | E.g.: Name Surname, TR ID No, gender, nationality, place of birth, date of birth, marital status. |
| Contact details | E.g. email address, home/work address, phone number. |
| Risk management information | E.g.: Salary information, asset-income information, education information, demographic information, opinion information created by our relevant branch, working style, working hours, data obtained from Identity Information Sharing System and Address Sharing System, Credit Bureau, Banks Association of Turkey Risk Center Data |
| Customer transaction details | E.g. credit information, deposit information, overdraft account information, credit card limit and balance information, deposit account transactions, loan payment transactions, customer information bank ("MBB") information. |
| Risk monitoring and follow-up information | debt information, delay and delay information, maturity information, information on related persons, assets (vehicle and title deed) information. |
| Audio and Visual Recordings | Your visual and audio data, especially call center audio recordings, camera recordings, photographs |
| Legal Action | Any information in correspondence with judicial authorities, information in the case file, etc. |
| Location | It is the location information where you are. |
| Marketing | Cookie records, pages viewed through bank applications, Shopping history information, Survey, information obtained through campaign work, etc. |
| Professional Experience | Diploma information, courses attended, vocational training information, Certificates, Transcript information, workplace working style and duration, etc. |
| Other | Demographic information, income information, asset information, reporting data |
Your Sensitive Personal Data
Personal data included in this section consist of any data relating to the individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other belief, clothing, membership to associations, foundations or trade unions, health, sexual life, convictions and security measures, and biometric and genetic data included in article 6 of the LPPD.
| Personal Data Category | Personal Data |
|---|---|
| Health Data | Blood group information, Personal health information, etc. |
| Association, Foundation, | Association, foundation membership information |
| Criminal Conviction | Judicial decisions about the prohibition of issuing checks and opening a checking account |
| Biometric Data | Palm information, Fingerprint information, Retina scan information, Face recognition information etc. |
Our Collection Methods
As AKBANK, we collect your personal data in written, verbal and visual format by electronic and physical methods, automatically, partially automatically or non-automatically.
Your personal data that we obtain through non-automatic or partially automated methods,
- • With the information and documentation you provide to our bank during your physical (branch, etc.) product/service/campaign applications,
- • Indirectly from your representatives (e.g. attorney, parent, guardian, etc.),
- • Your workplace consists of data provided (e.g., to confirm income information).
We can obtain information about you with automatic methods and technical support;
- • Through your applications from digital (mobile banking, website, customer contact center, IVR, AT, etc.) environments,
- • With the remote identification method (e.g. biometric face data) we perform through mobile banking channels,
- • Databases of public institutions and other organizations where your identity and address information are registered (e.g. Identity Sharing System ("KPS"), Address Sharing System ("APS"),
- • Official institutions and organizations with credit score information (e.g. Credit Bureau ("KKB"), Banks Association of Turkey Risk Center ("TBB Risk Center"),
- • Organizations from which we receive support services such as stores, dealers, electronic commerce sites that mediate the establishment of a contractual relationship with our Bank,
- • From other Payment Account Providers through the mobile banking application in order to provide you with Open Banking Payment Services by our Bank,
- • Organizations with whom we cooperate in advertising and marketing for referral purposes, such as comparison websites,
- • Social networks and other technology providers (e.g., when you contact us through our ads),
- • From companies that provide data services, from which we receive reporting services in order to better understand our customers and evaluate general trends.
- • As a result of monitoring your online behavioral movements with the integration of different servers on which our Bank works on mobile applications and websites,
- • We collect the data we obtain through the expenditures you have made with your mobile phone or card (your location information).
TRANSFERRED RECIPIENTS
Your personal data may be transferred in a limited and measured manner in connection with the fulfillment of the processing purposes stated below, in accordance with our obligations regarding the provisions of the Law of Banking and the legislation to which we are subject, in order to carry out Banking activities, including but not limited to following reasons.
In this section, we list the organizational structures we transfer and our transfer purposes.
| Organizations | Our Objectives |
|---|---|
| Institutions and organizations that are legally authorized to receive information (e.g. BRSA, CMB, CBRT, MASAK, SSI, Message Management System, Credit Bureau, Interbank Card Center, Banks Association of Turkey), | In order to carry out risk management, risk monitoring activities and legal reporting, to carry out regulation and audit activities, to operate complaints and legal processes, |
| International or domestic card payment systems institutions and organizations, including payment processing service providers and other financial institutions that are members of the payment program (Mastercard INT. INC., Visa INC., JCB CO., LTD., Maestro, Electron), | In order to perform your payment transactions and to offer the products and services you have purchased from us |
| To our domestic and/or foreign branches and units and our shareholder(s), Our main shareholder (Hacı Ömer Sabancı Holding) and our subsidiaries, | In order to establish, conduct and termination a service relationship with the customer, In order to carry out credit evaluation, preparation of consolidated financial statements, risk management and internal audit activities, |
| To our business partners (e.g. program partner organisations, banks, financial institutions, fintechs), | In order to provide the banking products and services and payment services you request, |
| To the suppliers, independent audit companies, and law firms from which we receive external services | In order to provide support and consultancy services to the Bank, |
| With asset management companies, sales of bank receivables and prospective buyers | In order to carry out valuation studies in the sale of bank shares, but not limited to these, data is transferred to real and legal persons whose data transfer is mandatory within the scope of legal compliance reasons. |
| To the companies we are agency of | In order to carry out insurance transactions, |
RIGHTS OF THE RELEVANT PERSON
Your rights listed in Article 11 of the LPPD
Pursuant to the provisions of the LPPD, you can use the following rights by applying to AKBANK T.A.Ş.:
- • To learn whether the personal data are processed or not,
- • To request information if the personal data are processed,
- • To learn the purpose of personal data processing and whether this data is used for intended purposes,
- • To know the third parties to whom your personal data is transferred at home or abroad,
- • To request the rectification of the incomplete or inaccurate personal data, if any,
- • To request the erasure or destruction of personal data,
- • To request that the third parties to whom personal data have been transferred be notified of the actions regarding the correction, erasure or destruction of personal data,
- • To object to any unfavorable result that they suffer due to analysis of processed data only by means of automatic systems;
- • To request compensation for the damage arising from the unlawful processing of your personal data.
The requests submitted in this framework shall be concluded by AKBANK T.A.Ş. free of charge within thirty days at the latest. However, where the Personal Data Protection Board prescribes a fee, our Bank may charge the fee set forth in the tariff.
Meeting Your Demands
The LPPD gives the relevant persons the right to make a request regarding which personal data are processed in which processes and the current status of such data.
Pursuant to Article 13 of the LPPD, which regulates the "Application to the Data Controller", the relevant person / data subject must submit their requests regarding the implementation of the Law to the data controller in writing. Therefore, in order for your request to be evaluated, you must submit your application in writing.
As a bank, requests from data owners are replied within 30 days. In this context, we would like to remind you that your written applications to be made in relation to this matter may be accepted following the verification of your identity by us.
If you wish to contact us for your requests, you can convey your related applications and requests, by using the Data Subject Request Formunder the Information and request forms on our website;
- • You can send it to our branches, Sabancı Center 34330 4.Levent/Beşiktaş-Istanbul address together with your identity documents and petition containing your request, and send it through a notary public,
- • You can send it to akbank@akbank.hs03.kep.tr with a secure electronic signature.
- • You may send your applications in writing through our direct channels.
If you wish to withdraw your Explicit Consent you have given to our Bank;
- • You can cancel your preference from the "personal data processing and campaign information" section on all digital channels, especially Akbank Mobile Banking,
- • You can forward your request to our branches and Customer Communication Center.
LAW ON PROTECTION OF PERSONAL DATA
As Akbank T.A.Ş, we continue to carry out our work with regard to the Protection of Personal Data, which we attach great importance to since the day we were founded, with an approach in line with the LPPD. In this context, we provide information about both some terms expressed in the law and our data processing processes in order to fulfill our obligations.
What is LPPD (Law on Protection of Personal Data)?
The LPPD was adopted by the Turkish Grand National Assembly on 24.03.2016 and entered into force by being published in the Official Gazette dated 07.04.2016 and numbered 29677.
The Law is based on the compatibility of all data processing persons and institutions within the framework of basic purposes such as ensuring the confidentiality of personal data, protecting it and preventing its unauthorized use. Our Bank, like all institutions, is obliged to comply with this Law and personal data processed in all processes of our Bank are within this scope.
What is Personal Data?
All data or datasets that make a person identifiable directly or indirectly are considered personal data. Descriptive information such as name, surname, place/date of birth, phone number, CV, photo, voice recording directly belonging to the person or created on behalf of the person can be given as an example. Data that identifies the person, such as customer number and card number, produced for banking transactions are also considered as Personal Data.
What is Data Processing?
Any transaction performed on the data within the scope of the LPPD is considered as “personal data processing". Thus, archiving, storing, changing, rearranging, disclosing, transferring, analyzing and classifying data falls within the scope of data processing.
All data controllers have the right to process data only when the reasons for compliance with the law set out in paragraph 2 of Article 5 of the LPPD below exist or when the data subject gives express consent.
In the presence of one of the following conditions, it is possible to process the personal data without explicit consent of the relevant person:
- • When it is clearly stipulated in the Laws pursuant to article 5/2 (a) of the LPPD.
- • Article 5/2 (b) of the LPPD When a person is unable to disclose her/his consent due to actual impossibilities or when the consent of a person whose consent is not legally valid is mandatory for protection or body integrity of her/him or another person,
- • Article 5/2 (c) of the LPPD When it is required to process personal data pertaining to the parties of a contract to the extent personal data are directly related to the conclusion or execution of the contract.
- • Article 5/2 (ç) of the LPPD When it is mandatory for the data controller to fulfill its legal obligation.
- • Article 5/2 (d) of the LPPD When the data is made available to the public by the data subject himself/herself,
- • Article 5/2 (e) of the LPPD When data processing is necessary for the establishment, exercise or protection of any right,
- • Article 5/2 (f) of the LPPD When it is mandatory to process data for legitimate interests of the data controller, provided that fundamental rights and freedoms of the relevant person are not prejudiced.
What is Relevant Person / Data Subject?
One of the terms frequently used in the law and in our corporate policies is "relevant person" or "data subject". It refers to the natural persons, whose personal data are processed; All of our current and potential customers, the natural person who makes any transaction with our Bank, are the relevant person / data subject.
A real person who is not our customer, who has been or will be a party to any collateral transaction at our bank (bailsman, guarantor, pledge/assignment debtor, spouse in cases where consent is sought in accordance with the legislation), a natural person visiting our bank, a shareholder, ultimate beneficiary, member of the board of directors or representative/deputy of any company that is our customer can also be a relevant person.
POLICIES
Cookie Policy
We would like to inform you about the types of cookies used on our website, the purposes for which cookies are used and the settings, management and deletion of these cookies.
You can visit our website without giving any personal information, and you can meet your needs by getting information about our products and services. Some cookies are used to collect information about the use of the site during visits. Our aim here is to provide convenience to the user visiting our website and to improve the operation.
What is a Cookie?
A cookie is a small text file that is saved on your computer or mobile device via your browser when you visit a site. Cookies allow a site to work more efficiently, as well as to provide personalized pages to provide a more convenient and faster visit experience for your personal needs. Cookies only contain information about your visit history on the internet and do not collect any information about the files stored on your computer or mobile device.
Types and Intended Uses of Cookies
There are two types of cookies, Persistent Cookie and Temporary Cookie, according to their validity periods. Temporary cookies are created while visiting the website and are only valid until you close your browser. Persistent cookies are created when you visit the website and remain until you delete them or expire. Persistent cookies are used for operations such as providing a personalized experience compatible with your settings.
Types of cookies and their intended use are described below.
| Compulsory Cookies | It is essential for the correct functioning of our website. For example, mandatory cookies are used for purposes such as authentication and not losing information about your current session. These cookies are used for purposes such as security and authentication and are not used for any marketing purposes. |
| Cookies Required for Functionality | These are cookies that allow users who visit our website to remember their preferences. For example, it allows the visitor's language preference or text font size selection to be remembered. Not allowing the use of such cookies may result in not using a special feature for you and prevent it from remembering your preferences. |
| Cookies Required for Performance and Analysis | These are cookies that help improve our website. These types of cookies collect information about visitors' use of the site, are used to control whether the site is working properly and to detect errors received. |
| Targeting or Advertising Cookies | These cookies are used to promote products and services on our website or in channels other than our website, to show you relevant and personalized advertisements with our partners, and to measure the effectiveness of advertising campaigns. |
How Are Cookies Collected?
Data is collected through your devices from which you access browsers. This collected information is device specific. It can be deleted by the user at any time and access to information can be closed.
Our Privacy Policy
Your privacy is important to us, and your privacy and security rights are our basic principle. In this context, you can reach our Disclosure Text on the protection of personal data here.
How can you control cookies?
You can delete the cookies already on your computer and prevent the saving/placement of cookies on your internet browser.
Internet browsers are predefined to automatically accept cookies. Since managing cookies differs from browser to browser, you can refer to the help menu of the browser or application for detailed information.
For example;
You can manage it with the option through "Google Chrome -> Settings -> Advanced -> Privacy and Security -> Site Settings -> Cookies and Site Data -> Allow sites to save and read cookie data".
You can manage it from the menu through "Internet Explorer -> Settings -> Internet Options -> Privacy -> Advanced settings".
Most Internet browsers allow you to:
- • View and delete saved cookies
- • Block third-party cookies
- • Block cookies from certain sites
- • Block all cookies
- • Delete all cookies when you close the browser
If you choose to delete cookies, your preferences on the relevant website shall be deleted. In addition, if you choose to block cookies completely, many websites and digital platforms, including Akbank's websites, may not work properly.
To control cookies on your mobile device;
On Apple Devices;
- • You can clear your browsing history and cookies with the steps through "Settings -> Safari -> Clear History and Website Data".
- • To delete cookies and keep your history, you can follow the steps of "Settings -> Safari -> Advanced -> Website Data -> Delete All Website Data".
If you do not want historical data to be kept while visiting the sites;
- • You can activate private browsing by following the steps through "Safari -> icon -> Private -> Done".
- • You can block cookies with the steps through "Settings -> Safari -> Block All Cookies". However, some websites and features may not work properly when you block cookies.
On Android Devices;
- • You can clear your cookies with the option through "Chrome app -> Settings -> Privacy -> Clear browsing data -> Cookies, media licenses and site data -> Clear Data".
- • You can allow or block cookies with the option through "Chrome Application -> Settings -> Site Settings -> Cookies".
Akbank Personal Data Protection Policy
The purpose of this policy is to inform the Relevant Persons about the Personal Data Processing activities and related systems that Akbank T.A.Ş. carries out in accordance with the law as the LPPD Data Controller, and thus to provide transparency regarding Personal Data. In this context, the Bank has explained its Personal Data processing activities within the scope of the LPPD, and the rights of Relevant Persons subject to Processing Personal Data in detail in this Policy.
Regular control and follow-up transactions regarding the issues within the scope of the policy shall be carried out according to the performance follow-up and monitoring criteria to be established by the Bank.
The Bank adopts the following principles regarding the processing of Personal Data, pursuant to paragraph 2 of Article 4 of the LPPD and within the scope of the purposes specified in the "Purposes of Processing Personal Data" section of this Policy;
- • Compliance with the law and rules of good faith,
- • Being accurate and up-to-date when necessary,
- • Processing for specific, clear and legitimate purposes,
- • Relevance to purpose of processing, being limited and moderate
- • Storage of data for a period stipulated by the respective legislation, or the purpose of processing.
DATA PROCESSED BY THE BANK
Personal Data is processed through the Explicit Consent obtained from Relevant Persons within the Bank or in the light of activities that do not require Explicit Consent in accordance with Articles 5 and 6 of the LPPD, and these data are processed only within the framework of the purposes specified in the "Purposes of Processing Personal Data" section of this Policy. The categories of Personal Data that vary and differ depending on the type and nature of the relationship between the Bank and the Relevant Person, the communication channel used and the purpose of Processing Personal Data, and processed in accordance with the principles in this Policy, are generally as follows:
- • Other descriptive information specific to the products owned by the person,
- • Data contained in identification documents,
- • Personal identification information created by our Bank,
- • Information on asset status,
- • Personal data stored for identity authentication purposes,
- • Hardware digital data obtained for customer identification purposes,
- • Contact details and records,
- • Real person information in documents for legal entities,
- • Descriptive and definitive information produced by the Bank regarding candidates and employees,
- • Detailed financial data on transactions carried out in bank channels. These data are defined on VERBIS through the Personal Data Inventory.
PURPOSES OF PROCESSING PERSONAL DATA
Personal Data can be processed by the Bank within the scope of the purposes exemplified below and can be stored as long as these purposes and the relevant legal periods stipulate;
- • Carrying on banking activities completely,
- • Carrying out activities within the scope of legal and administrative obligations,
- • Negotiation, creation and performance of contracts,
- • Providing support to the Relevant Person within the scope of requests and questions,
- • Conducting promotional and marketing activities,
- • Receiving the opinions of Relevant Persons through surveys and voting and ensuring customer satisfaction,
- • Determination of product groups that appeal to the customer,
- • Risk analysis studies carried out in accordance with the Bank's risk criteria,
- • To be able to make improvements for Customer and Banking needs,
- • Conducting candidate evaluation and recruitment processes
- • Conducting the bank human resources management,
- • Planning and performance of corporate sustainability operations
- • Carrying out commercial activities for the purpose of conducting business partnerships of the Bank and its subsidiaries,
These purposes are detailed on VERBIS through the Personal Data Inventory.
TRANSFER OF PERSONAL DATA
The Bank transfers data to its subsidiaries, suppliers and business partners within the framework of the purposes exemplified in the "Purposes of Processing Personal Data" section of this Policy and in accordance with Articles 8 and 9 of the LPPD, and Personal Data can be processed and stored in the servers and electronic media used in this context.
COLLECTION OF PERSONAL DATA
In order to meet the purposes exemplified by the Bank in the "Purposes of Processing Personal Data" section of this Policy, as Personal Data can be obtained from those who work directly within the framework of the conditions stipulated in Articles 5 and 6 of the LPPD, and from customers, suppliers, business partners, affiliates, call center, live help channel, branches, e-branches, official institutions, ATMs and e-tolls and other physical environments, it can also collect Personal Data through websites, mobile applications, social media and other public channels or through trainings, organizations and similar events.
RETENTION PERIOD OF PERSONAL DATA
Personal Data are kept within the Bank for the duration of the relevant legal retention periods or for the period necessary for the realization of the activities related to this data and the purposes stated in this Policy. Personal Data whose purpose of use has expired or whose legal storage period has expired is destroyed in accordance with the Data Retention and Destruction Policy.
RIGHTS OF THE RELEVANT PERSON IN AKBANK
Our Bank regulates the rights of real persons whose Personal Data are processed in parallel with Article 11 of the LPPD and in accordance with this article, Relevant Persons have the following rights in our Bank:
- • To learn whether the Personal Data are processed or not,
- • To request information if the Personal Data are processed,
- • To learn the purpose of Personal Data processing and whether this data is used for intended purposes,
- • To know the third parties to whom your Personal Data is transferred at home or abroad,
- • To request for rectification of the Personal Data if it has been processed incompletely or inaccurately,
- • If the reasons requiring the processing of Personal Data disappear, requesting their deletion or destruction,
- • To request that third parties to whom Personal Data have been transferred be notified of the correction and deletion procedures,
- • To object to any unfavorable result that they suffer due to analysis of processed data only by means of automatic systems;
- • To demand indemnification of loss if you suffer loss due to your Personal Data being processed in breach of the law.
Requests from Relevant Persons for the use of one of the above rights shall be met by the Bank within 30 days at the latest. These requests can be submitted through the methods specified through the Data Subject Request Form on the page
SECURITY OF PERSONAL DATA
The Bank attaches importance to protecting the confidentiality and security of Personal Data. In this framework, necessary technical and administrative security measures are taken to protect Personal Data against unauthorized access, damage, loss or disclosure. Accordingly, necessary systemic access controls, data access controls, secure transfer controls, business continuity controls and other necessary corporate controls are implemented.