FINTR Clarification Text

As the Financial Innovation and Technology Association (“Association”), we attach importance to the confidentiality and protection of your personal data and therefore act carefully by taking all necessary precautions in accordance with the 10th article of the Personal Data Protection Law No.6698 (the “Law”), which was published in the Official Gazette dated April 7, 2016 and numbered 29677, titled “Obligation of the Data Supervisor” and the Official Gazette No. 30356 dated March 10, 2018.

a) Identity of the Data Controller

The Association has the title of “Data Controller” within the scope of the Law and related regulations, and you can reach us through the contact information provided below.

Address: Altıntepe Mah. İstasyon Yolu Sk. No: 3/1 Maltepe, İstanbul

E-mail address: [email protected]

b) Personal Data Processed
Within the scope of your relationship with the association, the following personal data are processed;

Identity Information: T.C. identification number, name, surname, date of birth, family identification information

Contact Information: e-mail address, phone number, address information, social media accounts

Personal Information: background information

Physical Space Security Information: visitor entrance and exit information, camera records

Transaction Security Information: IP address information, log records, password and password information

Financial Information: bank account information, dues debt information, income status information, credit card information, information about the person’s business

Event Information: event registration and participation information, e-mail address, telephone number, information about the workplace and institution where he worked or studied, job position and professional qualification

Professional Experience Information: occupational information, educational information

Audiovisual Recordings: video and sound recordings, photographs

Association Membership: Association membership information

c) Purposes and Legal Reasons for Processing Personal Data

Your personal data obtained within the scope of your relationship with the Association are processed by us for the following purposes within the framework of the legal reasons specified in Articles 5 and 6 of the Law:

1. Within the scope of your membership relations, your identity information, contact information, bank account and dues and debt information, professional and educational information, and visual and audio records are processed by the association  based on the legal reasons that it is “obligatory for the legitimate interest of the data controller”, “clearly stipulated in the law”, and “obligatory for the data controller to fulfill his legal obligation, provided that the fundamental rights and freedoms of the data subject are not harmed”

for the following purposes:

a. Carrying out the activities of the association in accordance with the legislation,

b. Implementation and monitoring of the enrollment process,

c. Monitoring and the collection of membership dues,

d. Planning and conducting communication activities with members,

e. Carrying out the activities that can be done in order to realize the purpose of the Association specified within the scope of the 2nd article of our association’s charter in this direction and within the scope of the 3rd article,

f. Sharing of videos and photos taken within the scope of Association activities, events and organizations (physical and online) on the Association’s social media accounts and via e-mail,

g. Informing the members about the activities of the Association, events, organizations as well as news and developments regarding the Association, financial technologies and innovation,

h. Informing members about news and developments regarding other members, ensuring communication between members,

I. Within the scope of the activities of the Association, making videos especially for the channels and social media accounts of the association and sharing these records on social media accounts and via email, and

j. Providing Association services and products for members

2. Within the scope of your membership relations, your identity information, contact information, transaction security information and credit card information are processed by the association  based on the legal reasons that it is “necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or execution of a contract” and “mandatory for the data controller to fulfill its legal obligation” for the following purposes:

a. Following the information updates and membership processes of the members,

b. Providing services and products within the scope of the Association’s activities over the website and mobile platforms, and

c. Ensuring process security

3.Your identity information, contact information, transaction security information, event information and your audio-visual recordings are processed by the Association on the basis of “the necessity of processing personal data belonging to the parties of the contract, provided that it is directly related to the establishment or execution of a contract”, “being obligatory to fulfill the legal obligation of the data controller” and “obtaining explicit consent” for the following reasons: 

a. Informing registered or participating persons about the activities of the Association, events, organizations as well as news and developments regarding the Association, financial technologies and innovation,

b. Sharing the videos and photos taken within the scope of the activities, events and organizations of the Association on the social media accounts of the Association and via e-mail,

c. Informing registered people about the activities of the Association, events, organizations as well as news and developments regarding the Association, financial technologies,

D. Informing registered people about the Association and related news and developments,

to. Within the scope of the activities of the association, making videos especially for the channels and social media accounts of the association and sharing these records on social media accounts and via e-mail, and

f. Providing Association services and products for members

4. Within the scope of your supplier and business partner relations, your identity information, contact information and financial information are processed by the Association based on the legal reasons that “It is necessary to process personal data belonging to the parties of the contract, provided that it is directly related to the establishment or performance of a contract” and “it is obligatory for the data controller to fulfill its legal obligation” for the following reasons:

a. Execution of goods / service purchasing processes,

b. Execution of contract processes

5. Within the scope of your job and job application relationship, your identity information, contact information, personal information, financial information, professional experience information and physical space security information are given in areas such as business organizations, fairs, etc., are processed based on legal grounds that “it is necessary for the data controller to fulfill its legal obligation” and “it is mandatory for the legitimate interest of the data controller, provided that it does not harm the fundamental rights and freedoms of the relevant person” for the following reasons:

a. Fulfillment of obligations arising from employment contracts and legislation for employees,

b. Carrying out finance and accounting affairs,

c. Execution of assignment processes, and

D. Ensuring physical space security

6. Your identity information, visitor entry and exit records and video and telephone voice recordings are processed for the purpose of ensuring the security and communication security of the Association’s offices based on the legal reason “it is obligatory for the legitimate interest of the data controller, provided that the fundamental rights and freedoms of the data subject are not harmed”;

7. Your association membership information is processed for the purposes of keeping the records of the association based on the legal reasons “clearly stipulated in the laws” and reporting to the relevant official institutions and organizations via the Associations Information System (DERBIS) or other means in accordance with the legislation;

d) Transfer of Personal Data

In accordance with the provisions of the Law regarding the transfer of personal data, your personal data can be shared with authorized public institutions and organizations, courts and enforcement offices, suppliers and other businesses that provide services such as information technology support, travel services, event management and announcement.

Your videos and photos taken within the scope of Association activities, events and organizations and the news you want to share with other people can be shared with other Association members and third parties through the Association’s social media accounts and other platforms based on your express consent.

e) Collection Methods of Personal Data

The Association collects your personal data from you and other association members during the establishment of your relationship with the Association and during the continuation of the relationship, via internet, telephone, e-mail, social media and physical, written, verbal and electronic channels for processing within the scope of the above-mentioned purposes.

f) Rights of the Data Subject whose Personal Data is Processed

By applying to us in accordance with Article 11 of the Law regulating the rights of the person concerned you have the rights;

– to learn whether it has been processed,

– to request information regarding this if it has been processed,

– to learn the purpose of processing and whether they are used for their intended purpose,

– To know the third parties to whom it is transferred domestically or abroad,

– To request correction in case of incomplete or incorrect processing,

– To request their deletion or destruction within the framework of the conditions stipulated in the Law,

– to request the third parties to be notified of the correction, deletion or destruction transactions,

– to object to the emergence of a result against you by analyzing it exclusively through automated systems,

– To demand the compensation of the damage in case you suffer damage due to unlawful processing

g) Application to Data Controller

You can submit your requests regarding the rights you have within the scope of the Law within the framework of the “Communiqué on Application Procedures and Principles to the Data Officer” to our address given above by proving your identity by hand or through a notary public. In addition, you can send it to [email protected] using the e-mail address you previously notified and registered with the Association.

Applications to be made within this scope will be accepted following the identity verification to be made by us, and your requests will be concluded as soon as possible and within 30 days at the latest, depending on the nature of the request in accordance with the Law.

h) Changes

The Association may update this Clarification Text on the Processing of Personal Data at any time in case of any change in the processes. You can access the updated version of the Clarification Text Regarding the Processing of Personal Data on the website of the Association.