Privacy Policy

Privacy Policy

Ege Money Disclosure Text

Last update: 04.09.2024

 

As Ege Money Investment Yazılım Anonim Şirketi (‘Data Controller’, ‘Our Company’ or ‘EgeMoney’), we attach great importance to the processing and protection of your personal data, which we obtain as data controller on the platform provided by EgeMoney and on the website www.egemoney.com (‘Platform’) used to access the platform, in accordance with the Personal Data Protection Law No. 6698 (‘KVKK’) and the relevant legislation. 

 

This Clarification Text has been prepared to inform you about the collection, processing and transfer of your personal data in accordance with the KVKK and your rights under the KVKK.

 

In the interpretation of the expressions not defined in the Disclosure Text, the definitions in the EgeMoney User Agreement published on the Platform and the Customer Recognition Policy and Principles for the Prevention of Laundering Proceeds of Crime and Financing of Terrorism (in other words, AML Policy) should be taken into consideration, especially the KVKK and the relevant legislation. 

 

You may feel safe while using the Platform. However, please remember that no system is completely secure. Even if we take all necessary steps to protect your data, there is always a possibility that you may be left out of security. For this reason, we would like to remind you to be very careful when processing your personal data. We strongly warn that you should not share your voice, images and other personal data not requested by our Company via e-mail, message or any other communication channel.

 

Regarding Cookies 

 

Our Company will be able to obtain information about users' use of the Platform by using cookies, which are a technical communication file, process the data in this context and transmit it to third parties for processing within the scope of the analysis services offered by third parties, only for use to the extent required by these analysis services. The aforementioned technical communication files are small text files that the Platform sends to the Users' browser to be stored in the main memory.

 

You can access more detailed information about cookies through the Cookie Policy.

 

Identity of the Data Controller

 

The data controller for the processing of personal data is Ege Money Investment Yazılım Anonim Şirketi, whose Mersis Number is 0325107235900001. EgeMoney contact information is as follows:

 

 

Our Methods of Collecting Your Personal Data

Your personal data may be processed during your registration to the Platform or as part of the Know Your Customer (‘Know Your Customer’, ‘KYC’) process, through notifications you will make with your electronic consent and/or signature, through call centers, websites, mobile applications, internet transactions, social media and other public channels, by automatic and non-automatic methods, limited to the purposes specified below.

 

Personal Data We Process, Purposes and Legal Reasons

 

a. Information Received During Membership and Identity Verification: 

 

  • Your identity information including name, surname, Turkish Identity Number, wallet serial number, parents' name, place of birth, date of birth, gender, nationality, Turkish identity card, Turkish driver's license or passport for Turkish citizens and identity documents with Turkish identity number on them and clearly stated in special laws to have the status of official identity cards and passports for non-Turkish citizens or photographs of the front and back sides of identity documents deemed appropriate by the Ministry of Interior;

 

  • Your contact information including mobile phone, e-mail address, province, district, postal code, open address;

 

  • Your professional experience information including occupation, education level, sector of employment;

 

  • Your financial information including bank account details, IBAN, tax identification number;

 

  • Your suitability test information including planned investment period, planned investment amount, risk and return preferences, investment source;

 

  • Your customer transaction information including username, password, account settings and commercial electronic communication preferences;

  • Your biometric data, including your visual and auditory information, biometric photograph taken during self-photography (selfie);

 

  • Your other identity verification information, including proof of residence, residence information and, if necessary, an invoice for a service requiring a subscription, issued within three months prior to the transaction date;

 

  • Your health information, including your religion and blood type, if you present your old identity cards;

 

  • Your member number, user ID and reference information.

 

a.1. Purposes of Processing: 

 

  • Ensuring that our users register on the Platform,

 

  • To be able to communicate with our users regarding the products and services they receive or will receive from our Company,

 

  • Enabling our users to benefit from the Platform and execution of contract processes,

 

  • Fulfillment of commercial and legal obligations arising from the nature of the services provided by our Company,

 

  • Sending electronic messages, newsletters, messages and other messages to our users in order to carry out our advertising and marketing processes,

 

  • Providing a better user experience by customizing the Platform for our users,

 

  • Execution of reference processes,

 

  • Informing our users about updates on the Platform,

 

  • Preventing our users from transferring money for illegal purposes,

 

  • Execution of processes related to suspicious transaction notification,

 

  • Carrying out identity verification procedures,

 

  • Raising the account level of our users,

  • Carrying out communication activities,

 

  • Checking whether our users are on the banned lists,

 

  • Providing information to authorized public institutions and organizations upon request or ex officio,

 

  • Fulfillment of our obligations arising from other applicable legislation, in particular the legislation on the prevention of laundering proceeds of crime and terrorist financing, and our obligations arising from the Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed through These Publications and its secondary regulations,

 

  • Protecting, defending and establishing the rights of EgeMoney, our users and other third parties in relation to an existing or possible future legal dispute.

 

a.2 Legal Reason: Your explicit consent as stated in Article 5/1 of the KVKK; processing is explicitly stipulated in the laws as stated in Article 5/2(a) of the KVKK; processing is necessary for the establishment or performance of a contract as stated in Article 5/2(c) of the KVKK; processing is mandatory for the fulfillment of our legal obligation as stated in Article 5/2(ç) of the KVKK; data processing is mandatory for the establishment, exercise and protection of a right as stated in Article 5/2(e) of the KVKK; obtaining explicit consent for special categories of personal data as per Article 6(2) of the KVKK.

 

b. Information on Transactions:

 

  • Your identity information including name, surname, signature;

 

  • Your contact details including your e-mail address;

 

  • Your location information, including the location where the transaction took place and the location of the location;

 

  • Your customer transaction information, including the customer's account movements on the cryptocurrency wallet, contact history information, user ID;

 

  • Your financial information including payment card information, bank account number, IBAN number, receipt information, account information, monthly income and source of funds;

  • Your transaction security information including IP Address, device type, operating system and browser information.

 

b.1. Our Processing Purposes:

 

  • Realization of all transactions of our users, including purchase and sale transactions on the Platform,

 

  • Creating reports on the daily/monthly transaction amounts of our users,

 

  • Matching of wallet addresses,

 

  • Execution of risk acceptance agreement processes through the User Identification Form and Risk Analysis Form,

 

  • Verification of financial transactions related to the transactions of our users,

 

  • Anonymised review of wallet transaction history,

 

  • Checking the accuracy of data flow between systems,

 

  • Execution of financial processes,

 

  • Ensuring the technical infrastructure of the service provided,

 

  • Fulfillment of our obligations arising from the Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed through These Publications and secondary regulations,

 

  • Detection of suspicious transactions and execution of processes related to suspicious transaction reporting,

 

  • Preventing any third party other than our users from unfairly benefiting from the services offered on the Platform,

 

  • Ensuring the security of our user's accounts,

 

  • Providing information to authorized public institutions and organizations upon request or ex officio,

 

  • Protecting, defending and establishing the rights of EgeMoney, our users and other third parties in relation to an existing or possible future legal dispute.

 

b.2. Legal Reason: Your explicit consent as stated in Article 5/1 of the KVKK; explicitly stipulated in the laws as stated in Article 5/2(a) of the KVKK; processing is necessary for the establishment or performance of a contract as stated in Article 5/2(c) of the KVKK; processing is mandatory for the fulfillment of our legal obligation as stated in Article 5/2(ç) of the KVKK; data processing is mandatory for the establishment, exercise and protection of a right as stated in Article 5/2(e) of the KVKK.

 

c. Your Request and Complaint Information:

 

  • Your identity information including name, surname, Turkish ID number, country;

 

  • Your contact information including e-mail address, telephone number, social media account information;

 

  • Your customer transaction information including ticket information;

 

  • Your visual and audio information including voice recordings;

 

  • Your requests, feedback, complaints and suggestions.

 

c.1. Our Processing Purposes:

 

  • Providing and improving the services subject to the Platform,

 

  • Development of the Platform and our services,

 

  • Providing a better user experience by customizing the Platform for our users,

 

  • Carrying out reporting and information processes,

 

  • Execution, supervision and development of business activities,

 

  • Ensuring the coordination between the units of our Company for the continuity of the services offered on the Platform,

c.2. Legal Reason: Processing is necessary for the legitimate interest of our Company specified in Article 5/2(f) of the KVKK; processing is necessary for the establishment or performance of a contract specified in Article 5/2(c) of the KVKK; data processing is mandatory for the establishment, exercise and protection of a right specified in Article 5/2(e) of the KVKK.

 

d. Information Collected During the Event, Competition and/or Campaign Processes:

 

  • Your identity information including name, surname;

 

  • Your contact information including e-mail address, delivery address, social media username;

 

  • Your customer transaction information including your User ID;

 

  • Your other competition information, including the codes you benefit from during the campaign participation, your compliance with the conditions of participation in the competition.

 

d.1. Our Processing Purposes:

 

  • To enable our users to participate in the competitions, events and/or campaigns we organize,

 

  • Assessment of eligibility for participation,

 

  • Execution of loyalty programmes,

 

  • Informing you about the competitions, events and/or campaigns we organize,

 

  • Announcement of the list of winners,

 

  • To be able to deliver the prizes to our award-winning users.

 

d.2. Legal Reason: Your explicit consent specified in Article 5/1 of the KVKK; processing is necessary for the establishment or performance of a contract specified in Article 5/2(c) of the KVKK; data processing is mandatory for the establishment, exercise and protection of a right specified in Article 5/2(e) of the KVKK; legitimate interest of the data controller specified in Article 5/2(f) of the Law.

 

e. Information Collected During EgeMoney Shop:

  • Your identity information including name, surname, Turkish ID number;

 

  • Your contact details including e-mail address, delivery address, telephone number;

 

  • Your financial information including payment information, payment amount, bank account information, payment method, invoice information, tax identification number;

 

  • Your legal transaction information including distance sales contract, preliminary information form.

 

e.1. Our Processing Purposes:

 

  • To be able to deliver the products you have purchased to you,

 

  • Execution of payment transactions and invoice processes,

 

  • Execution of procurement processes,

 

  • Fulfilment of our tax and other legal obligations.

 

e.2. Legal Reason: Processing is necessary for the establishment or performance of a contract specified in Article 5/2(c) of KVKK; Processing is mandatory for the fulfilment of our legal obligation specified in Article 5/2(ç) of KVKK; Data processing is mandatory for the establishment, exercise and protection of a right specified in Article 5/2(e) of KVKK.

 

f. Information Collected Through Cookies: You can access detailed information about your information collected through cookies through the Cookie Policy. You hereby undertake that your personal data provided to our Company and subject to this Clarification Text are complete, accurate and up-to-date, and that you will update them immediately in case of any changes in this information. Our Company shall not be liable for any situation arising from the outdated information that you provide to us and which does not need to be verified within the scope of Know Your Customer.

 

Transfer of Your Personal Data

 

Your personal data may be transferred to our domestic and foreign suppliers, business partners, authorized public institutions and organizations and legally authorized persons for the purposes described in Article 3 of this Clarification Text and in accordance with the rules regarding the transfer of personal data specified in Articles 8 and 9 of the KVKK and within the scope of the data processing conditions set out in Article 5 of the KVKK.

For example, your personal data may be transferred to third parties in the following processes:

 

  • Your personal data may be transferred to our hosting service provider suppliers in order to keep your data securely.

 

  • Your personal data may be transferred to our suppliers from whom support is received during identity verification processes.

 

  • Your personal data may be transferred to our suppliers to check whether the conditions for participation in the competitions organized are met.

 

  • Your personal data may be transferred to our suppliers in order to send commercial electronic messages to you within the scope of carrying out marketing activities.

 

  • Your personal data may be transferred to our business partners and suppliers in order to provide healthier service to our users and within the scope of the campaigns that our Company currently conducts and may conduct with third parties and within the cooperation to be established as required by the services provided.

 

  • Your personal data may be transferred to servers and cloud computing providers that receive information technology support abroad for archiving and storage purposes.

 

  • Your personal data may be transferred to authorized public institutions and organizations in order to fulfill the obligations arising from the law or in case of a justified request of the authorized institution.

 

Storage and Destruction of Your Personal Data

 

Your personal data shall be deleted, destroyed or anonymised by our Company in the event that the period stipulated in the relevant legal regulation or required for the purpose for which it was processed expires and the reasons requiring the processing of your personal data disappear.

 

Ensuring the Security of Personal Data

 

Our Company takes necessary technical, administrative and physical measures regarding data security in accordance with KVKK in order to prevent unlawful processing of personal data and unlawful access to personal data and to ensure the protection of personal data.

 

6.1 Technical Measures Regarding Data Security

  • Within the scope of the Information Security Management System, in order to ensure the confidentiality, integrity and uninterrupted availability (accessibility) of information, it carries out systematic, prescribed, planned, manageable, sustainable, documented, management-accepted activities based on international security standards.

 

  • In order to ensure cyber security, it takes measures such as, but not limited to, taking firewall and gateway measures; preventing employees from accessing threatening websites or online services; deleting unused software and services from computers; ensuring that software and hardware are in the most up-to-date version against security vulnerabilities.

 

  • In order to monitor personal data security; measures such as checking which software and services are running on information networks, determining whether there is an infiltration or a movement that should not be in information networks, keeping log records of all users, preventing the copying and acquisition of data in case of maintenance and repair of any device where data is processed by third parties.

 

  • In order to ensure the security of environments containing personal data; necessary measures are taken to anticipate risks such as theft, loss or damage to the devices or printed documents where personal data are stored and to take measures to prevent these risks and to minimize damages in case these risks occur.

 

  • In case personal data is stored in the cloud; data security measures of the relevant cloud storage systems and providers are examined, measures such as encryption of personal data to be transmitted (uploaded) to data storage service providers by cryptographic methods, encryption of personal data to cloud environments, limitation and control of persons, places, internet networks that can access data storage service providers are taken.

 

  • Within the scope of procurement, development and maintenance of information technology systems; measures such as establishing control mechanisms within the applications to ensure that the existing systems control the correct data entry and ensure that the correctly entered information is not corrupted during the process, preventing errors that may cause data loss, avoiding the sending of data storage parts or taking necessary measures when it is necessary to send the devices to third party companies in case of hardware errors.

 

  • In order to ensure the security of personal data, security measures are taken in the buildings of our Company, authorisations are made in environments such as archives where personal data are kept, and measures are taken for the security of electronic devices where personal data are kept.

 

6.2 Administrative Measures Regarding Data Security

 

In order to protect personal data, our company provides awareness training to its employees, informs its employees that they cannot disclose the personal data they have learnt to others in violation of the provisions of the KVKK and cannot use them for purposes other than processing, and that this obligation will continue after they leave their duties and obtains the necessary commitments from them in this direction.

 

Our Company follows the changes in the KVKK and related legislation and makes the necessary updates, in case of personal data transfer, special provisions are added to the contracts made with the persons to whom data is transferred in order to protect the data of personal data owners, periodic audits are carried out to identify risks, endeavor to keep personal data as little as possible and take other administrative measures.

 

6.3 Measures to be taken in case personal data is obtained by others illegally

 

In the event that personal data is obtained by others illegally, our Company, as the data controller, notifies the Personal Data Protection Board (‘Board’) as soon as possible or within 72 hours at the latest from the date of realization

.

Reporting Security Vulnerability

 

As EgeMoney, we do not accept any risk regarding security. Please let us know if you notice any technology issues.

 

You can send an e-mail to [email protected], including your contact details and name, explaining the details of the security vulnerability and what we need to do to fully recognise or verify the vulnerability.

 

If you click on links to other applications through the Platform, you are subject to the privacy policies of the relevant third-party applications. Our Company shall not bear any responsibility for the privacy policies and contents of third party applications.

 

Commercial Electronic Message Consent 

 

Your personal data, for which we have obtained your consent with us with the explicit consent text and commercial electronic message permission, may be processed in order to provide you with various advantages and to make all kinds of electronic communication and to send other communication messages for the purpose of providing you with various advantages and to provide you with special advertising, sales, marketing, surveys, reservation privileges and similar purposes. Remember that you can always withdraw your explicit consent.

 

You can always withdraw your consent and preference for commercial electronic messages (e-mail or text message) via the Platform, by clicking on the ‘Unsubscribe’ phrase in the e-mails we send you, or by sending an e-mail to [email protected]

 

Age Limit 

 

Our Company will not intentionally collect and record the data of persons under the age of 18. If you are under 18 years of age, we hereby inform you that you should not use the Platform and the services offered herein and that you should not share any of your personal data with our Company. In this regard, our Company shall have the right to terminate/suspend the relevant user accounts without notice if at any time it reaches the level of reasonable suspicion or determines that the user account holder or the person who makes transactions with the account belonging to the user is under the age of 18. Our company will take reasonable steps to delete the data immediately upon learning that the data of a person under the age of 18 has been collected.

 

Your Right to Obtain Information Regarding Your Personal Data

 

You can send your requests regarding your rights under Article 11 of the KVKK to Yalı Mah. 6523 sok. No:32 B/601 Karşıyaka/İZMİR or [email protected].

 

Your application will be answered free of charge. However, if the requested transaction requires an additional cost, the fees in the tariff determined by the Personal Data Protection Board will be requested.

 

Amendments Regarding the Disclosure Text

 

This Disclosure Text shall be published on our Company's website (https://www.egemoney.com) and shall enter into force on the date indicated above.

 

This text may be amended and updated from time to time at EgeMoney's discretion.