Personal Data Protection Disclosure Text
As METX DİJİTAL BİLİŞİM TEKNOLOJİ ANONİM ŞİRKETİ ("CoinTR" or the "Company"), we take great care to ensure that your personal data is processed and protected in accordance with the Personal Data Protection Law No. 6698 and its secondary regulations ("KVK Law").
The purpose of this CoinTR PCP disclosure text is to inform you, as an individual ("Data Subject"), of the terms and conditions regarding the processing of your personal data that you have provided and own under the User Agreement available on the website www.cointr.com ("Website") managed by CoinTR.
1. Your Processed Personal Data
CoinTR may collect your identity information (name, surname, Turkish ID number/tax ID number, signature, parents' name, date of birth), contact information (address, residence, e-mail, telephone), financial information (bank/investment institution/payment institutions account information, invoice, IBAN, tax office information), title information, legal information if necessary (correspondence with judicial authorities and case/execution file information), transaction security information (device information, operating system IP address information), log records), your user transaction information (user ID information, cryptocurrency-asset virtual wallet information), your visual and / or audio records (selfie / selfie image, passport photo, online / offline audio or non-audio video image via digital applications), your marketing information and other information (professional information, registered professional association registration number, education information and authorisation information) It is processed in accordance with the KVK legislation.
2. Purposes and Methods of Processing Your Personal Data
Your personal data that you share with our Company in accordance with all the activities you carry out on our website within the scope of the User Agreement may be processed, recorded, stored and maintained in accordance with the KVKK, in a manner stipulated by law and good faith, in connection with the purposes of processing, limited and measured, accurate and up-to-date, for certain clear and legitimate purposes; may be transferred to business partners, suppliers, subcontractors, performance assistants, relevant supervisory authorities, official institutions, relevant third parties (real/legal) at home and abroad; may be stored, updated, periodically checked and classified there. If you give Commercial Electronic Communication Consent, our Company may send you marketing and promotional e-mails and/or SMS, make phone calls, contact you via other means of communication that you have authorised, or this service may be performed by third parties in the capacity of data processor.
CoinTR processes your personal data specified above for the purposes of fulfilling legal obligations arising from laws; managing your accounts/fulfilling your instructions/payment/transactions within the scope of the establishment and execution of the contract if you are a CoinTR User; providing CoinTR products and services, general information about these products and services; conducting user acquisition, user satisfaction, and/or user retention efforts if you are not a CoinTR User; improving our service quality; fulfilling user relationship management or communication processes; evaluating your complaints or requests; ensuring confirmation and approval of your transactions; providing services included in commercial activities if you are a CoinTR User; maintaining CoinTR operations and policies while respecting your fundamental rights and freedoms; detecting and auditing suspicious transactions, financing of terrorism, and money laundering activities; preventing crimes such as fraud, theft, money laundering, financing of terrorism targeting CoinTR’s and/or users’ assets/personal information and/or detecting whether suspected individuals and current or potential users are the same and tracking fraud/fraud processes; conducting internal audit/internal control/investigation audits ex officio or upon complaint; sharing information with authorized persons and organizations arising from legislation; conducting compliance processes; fulfilling information obligations; complying with the information and document retention obligations arising from legal regulations; fulfilling CoinTR's legal and commercial obligations arising from contracts or joint activities with third real or legal persons in a business relationship with CoinTR; investigating, preventing, and reporting breaches of contract and law to the authorities; contacting you through our contracted service providers and business partners for communication purposes and conducting marketing activities. Your personal data is processed in a related, limited, and measured manner in electronic and/or physical environment, in written form, using automated or non-automated methods, in accordance with KVK legislation.
In addition to the above, your personal data may be transferred abroad due to the systems and infrastructures used by CoinTR, provided that you have given your explicit consent.
CoinTR undertakes not to process your personal data for purposes other than those mentioned above, without obtaining your explicit consent or without the occurrence of the conditions specified in the Personal Data Protection Law.
3. Method of Collecting Your Personal Data and Legal Reasons for Processing
Your personal data is collected through the website, mobile or digital applications, user communications via phone/mobile/internet channels, written and digital applications to CoinTR, and by electronic, verbal, or physical means in accordance with KVK legislation. Your personal data is processed based on your explicit consent or, if you are a CoinTR user, for the purposes of entering into a contract; establishing your rights arising from the contract; exercising and protecting these rights by you; fulfilling CoinTR’s obligations arising from relevant legal regulations; ensuring the legal, technical, and commercial-business security of CoinTR and the related persons with whom CoinTR has a business relationship; or to act in accordance with CoinTR’s legitimate interests provided that it does not harm your fundamental rights and freedoms.
4. Sharing Your Personal Data with Third Parties
Third parties with whom we share your personal data are obligated to process and protect your personal data for the purposes of sharing, as specified within the scope of our contractual relationship, unless otherwise stipulated by KVK legislation. These activities are carried out under the supervision of CoinTR.
4.1. Domestic Sharing
Your personal data listed in this KVK Disclosure Text may be shared with relevant official institutions, organizations, judicial authorities, and relevant audit firms to fulfill legal obligations. If you are a CoinTR user, your personal data may be shared with call centers or user communication centers we receive services from, for the purposes of improving our service quality, conducting user satisfaction and/or user acquisition efforts, fulfilling user relationship management or communication processes, evaluating your complaints or requests, and ensuring the confirmation and approval of your transactions. Additionally, your data may be shared with relevant banks, investment firms, private financial institutions, payment system organizations, card organizations, electronic money institutions, other financial institutions, and the tax office with whom we cooperate for the execution of CoinTR activities. Your personal data may also be shared with external service providers and other contracted organizations that are our solution partners, for the purpose of carrying out CoinTR's commercial activities, in accordance with KVK legislation.
4.2. International Sharing
Additionally, your personal data mentioned above may be shared with our international external service providers, with whom we collaborate, within the scope of the operation of the infrastructure and systems used by CoinTR, provided that you give your explicit consent.
5. Personal Data Retention Period
CoinTR will act in accordance with the Law No. 6698, the Regulation on the Deletion, Destruction, or Anonymization of Personal Data (“Regulation”), and the periods stipulated by authorized public institutions, organizations, and judicial authorities, as well as the relevant provisions of the Financial Crimes Investigation Board (“MASAK”), only to the extent required and limited by law. CoinTR will fulfill its obligations arising from Article 12 of the Regulation in response to applicants who request the destruction of their personal data pursuant to Article 13 of the KVK Law.
6. Your Rights as a Data Subject
Pursuant to Article 11 of Law No. 6698, we would like to remind you of your rights as a data subject. In this context, you can exercise your rights listed below together with the procedures and methods specified.
The data subject has the following rights regarding his/her personal data by applying to CoinTR by the methods specified below;
1) To learn whether it is processed or not,
2) Requesting Information if processed,
3) To learn the purpose of processing and whether it is used for its intended purpose,
4) Knowing the Third Parties to whom it is Transferred Domestically / Abroad,
5) Requesting Correction if Incomplete / Incorrectly Processed,
6) To Request Deletion / Destruction within the Framework of the Conditions Stipulated in Article 7 of KVKK,
7) To request notification of the transactions carried out in accordance with Paragraphs (5) and (6) above to the third parties to whom it is transferred,
8) Objecting to the Occurrence of a Result in Favour of the User Due to Being Analysed Exclusively by Automated Systems,
9) Requesting the Elimination of Damage in Case of Damage Due to Unlawful Processing,
7. Methods of Application for Data Subjects
The Personal Data Protection Law No. 6698 (“KVK Law”) grants personal data subjects, defined as the relevant person, certain rights to make requests regarding the processing of their personal data under Article 11.
Pursuant to the first paragraph of Article 13 of the KVK Law, applications to be made to CoinTR as the data controller regarding these rights must be submitted in writing and through the following methods determined by the Personal Data Protection Board (“Board”).
In this context, applications to CoinTR made in writing must be submitted by taking a printout of this Data Subject Application Form; applications in Turkish will be considered.
You can submit your application to CoinTR using one of the following methods:
-
By personally submitting it,
-
Through a notary,
-
Via registered mail with return receipt,
-
By sending it to CoinTR’s registered electronic mail address, signed with a "secure electronic signature" defined in the Electronic Signature Law No. 5070.
As a data subject, you can send your requests regarding your rights by personally filling out the Data Subject Application Form and sending it to the correspondence address, via an email verified with a secure electronic signature, or by submitting it in writing with a wet signature to the address below.
Your requests will be processed free of charge and concluded as soon as possible, but no later than 30 days, depending on the nature of your request.
However, if the process requires an additional cost, a fee may be charged according to the tariff determined by the Personal Data Protection Board.
If your request is made on behalf of someone else, you must include a power of attorney and other documents verifying your identity with your application.
If it is necessary to provide you with a response containing personal data or to take action regarding the processed personal data based on your application, and if the application was not submitted personally, through a notary, or via registered electronic mail (KEP), CoinTR may request you to verify your identity to prevent the delivery of data to the wrong persons or actions by malicious individuals other than the actual data subject.