1. Introduction
This Privacy & Personal Data Policy aims to provide information about personal data collected, stored, processed, shared and transferred by FinMaks. All persons who visit FinMaks website and use any FinMaks service are within the scope of this Privacy & Personal Data Policy. Throughout the Privacy & Personal Data Policy, expressions such as “we” or “our company” may be used when referring to FinMaks. The official title and contact information of FinMaks companies are at the end of this policy. The terms “personal data”, “personal information” and “your information” are used interchangeably and include all information relating to an identified or identifiable natural person.
We are aware of the importance of personal data for our customers and end users, and we will make every effort to ensure that everyone within FinMaks complies with this policy and to ensure the security of your personal data in any case.

2. Purpose of Privacy Personal Data Policy:
• To explain our purpose and way of using the data we collect in the clearest and most understandable way possible;
• Explain what information we obtain with your consent and for what purposes and how this information is processed;
• To inform you about your legal rights regarding your personal data;
• Explaining our responsibility to protect your rights and privacy.
This policy is valid only for the use of FinMaks website, products and services. The types of your personal data processed by FinMaks may vary depending on which services you use and how you use them.

3. Scope
We collect various personal data about you when you visit our website or use our services. When you enter our website and start viewing a bank account via FinMaks; We collect the information necessary to provide the services you request in an effective and safe manner. This information may include:
• Your personal information (eg your name, e-mail address, phone number).
• If you want to become a customer who benefits from FinMaks services, information that helps determine the type and identity of your workplace, contact information, introductory and explanatory information and documents related to the business, records regarding your use of FinMaks products and services (IP address, server information, etc.) will be obtained. .
• FinMaks collects additional information you provide to us, such as when you use optional services offered by FinMaks or contact FinMaks.
• Information obtained through cookies, beacons and other tracking mechanisms (eg details about your device, geographic location and usage). Please read Section 4 below for more detailed information on the use of cookies and other tracking technologies we use to provide our services and for your interest-oriented marketing activities.

4. Use of Personal Data by FinMaks and Legal Basis
We use the personal data we hold for various purposes permitted by the Law on the Protection of Personal Data No. 6698 of Turkey (“KVKK”) and the General Data Protection Regulation in the European Union (“GDPR”). we use for. Our purposes for using your personal data are explained below with examples. The legal compliance criteria we rely on when processing this personal data; performance of our contractual obligations, we may have legitimate interests and legal obligations.
• To be able to present our portal and services to you:
We need to use your personal information in order to show you your bank account activities and balances, and to provide you with detailed information and analysis.
• To improve our services and manage our requirements for your business:
We improve our performance by monitoring the use of our portal and services and analyzing usage data.
• To contact you when necessary:
We use your contact information to inform you about application usage and innovations. We may also use your contact information to contact you and resolve the issue if a problem arises with your app account. Those who contact you on behalf of FinMaks may be Finmaks employees directly, as well as different business partners from whom we receive services, in which case your personal data must be shared with these business partners.
• To fulfill our legal obligations or resolve disputes:
Some regulations in the places where we operate may require that we use and store your information in certain ways. As a provider of bank account information, we are obliged to fulfill our data retention obligations for all information we collect from banks. We may also use your information for other purposes for which you have consented. We may obtain your consent for other processing activities, such as sending you marketing messages, receiving feedback from you. In such cases, you can always withdraw your consent, for this you can contact us from the contact information at the end of the document. When contacting us, you should also include information that will help us know you in your message. Your notice of withdrawal of consent is prospectively effective, so processing that we have carried out in the past based on your consent will not become unlawful, but we will stop processing the relevant information after we receive your notice.

5. Use of Cookies and Other Tracking Technologies
During the use of FinMaks website and services, access data such as the name of your internet service provider, IP addresses and the pages you browse are collected. This information can be used for the purpose of providing the infrastructure of the website to which FinMaks is subject and entering the website, making statistical analyzes and directing the promotions about FinMaks to more accurate targets. In addition, cookies (small size files) and beacons belonging to FinMaks or other service providers are used to collect information about your usage and to use this information for portal functions, managing portal infrastructure and marketing purposes. This site is Google Inc. It uses Google Analytics, a web analysis service provided by (“Google”). Google Analytics uses “cookies” and other identifiers to help the website owner analyze how users use the site and to enable Google to continue its services. The information generated about your use of the website (including your IP address) will be transmitted to Google’s servers located in different countries and processed by Google there. Google will use this information to evaluate your use of the website, to compile reports on website activity for website owners and to provide other services related to website activity and internet usage (for example, to create categories of users). Google may transmit this information to third parties for legal obligations or when third parties process this information on behalf of Google. For more detailed information about Google Analytics, you can visit this page: https://www.google.com/policies/privacy/partners/ If you do not want your information to be used for Google Analytics Services, you can request to opt out of Google Analytics by following the instructions in the link below:https://tools.google.com/dlpage/gaoptout/

6. Storage and Deletion of Personal Data
The period that FinMaks will keep your personal data in a way that allows you to be identified is the shortest time required to meet our legal obligations and your business requirements. When the storage period of your personal data expires, we delete or anonymize your personal data in accordance with our internal procedures aimed at ensuring the security of your data, so that it cannot be associated with you. When you close your account or request the deletion of your personal data, we delete or anonymize the data that we have to keep even if you close your account according to legal regulations, or that we reject your deletion request. The cookies we use have a certain validity period and if you do not use our website or services during this period, they will be automatically disabled and the stored data will be deleted. You can also delete these cookies using your internet browser settings.

7. Transfer of Personal Data to Third Parties
While providing our services, we sometimes share your personal data with third parties for the purposes described below. We use the services of other companies where necessary and we may need to share your personal data with some of them. For example, in the transfer of your account activities to your ERP (by transferring them to our relevant business partners, we ensure that your ERP integration is carried out. Law enforcement and other authorized institutions may request your personal data from us. We share this information only when we are legally required or necessary for the prevention or investigation of a crime. Operational purposes include company audits, corporate governance and various activities such as exercising our legal rights.While making these shares, we always act in accordance with legal regulations.

8. Transfer of Personal Data to Third Countries
All of our information technology infrastructure is located in Turkey, data is not transferred outside of Turkey.

9. Your Choices
You can make some choices regarding your privacy issues. You can always refuse to provide your personal data requested by FinMaks. However, if the information you refuse to provide is necessary for us to provide our services, you will not be able to use our services. As we explained in Chapter 4, we also use cookies to better deliver our services. You can use your internet browser’s settings to refuse these cookies, but if you refuse these cookies, you may not be able to use our portal and services.
You can see your personal data we have in the settings section after logging into FinMaks portal application. If you want to exercise the rights you have over these or other personal data, you can contact us via the contact information at the end of the document. We will contact you from time to time. This communication may be for marketing purposes or related to transactions you are a party to. You can refuse to receive all marketing-related messages, by following the instructions at the bottom of the messages sent to you. You cannot refuse to receive notifications about transactions, but you may be able to change the methods and addresses they are sent to.

10. Your Rights
We would like to state that you have the following rights in accordance with the legal regulations:
(a) To learn whether your personal data is processed, the processed personal data, the sources from which the personal data is obtained, the third parties to which it is transferred at home and abroad, the criteria used to determine the period or period of storage of the data;
(b) Accessing your personal data and requesting that the personal data it has provided be given to it in a structured, commonly used and machine-readable format or transferred to another data controller,
(c) To learn the purpose of processing your personal data and whether they are used in accordance with the purpose,
(d) Object to the processing of your personal data or request restriction,
(e) Requesting correction of your personal data if it is incomplete or incorrectly processed,
(f) Requesting the deletion or destruction of your personal data in the event that the reasons for its processing disappear,
(g) Request notification of transactions such as rectification and deletion to third parties to whom your personal data has been transferred,
(h) Objecting to the emergence of an unfavorable result by analyzing the processed data through automated systems,
(i) To request the compensation of the damage in case of damage due to unlawful processing of personal data.
You can exercise your rights regarding your personal data mentioned above by contacting us via the contact information at the end of the document. In order for us to be able to identify you when making this application, you must provide the full information you provided when registering or using our services, and you must include a copy of your official ID.

11. Protection of Personal Data
All personal data obtained by FinMaks are transmitted and stored subject to reasonable security conditions accepted in the industry. While we take all reasonable precautions to protect your personal information, it is your responsibility to keep your password and account information secure.

12. Other Information
Our services and our portal are not intended for use by children (all persons who are not legally adults). We do not collect personal data from children and persons who cannot legally benefit from our services. When we realize that we have obtained personal data of a child, we will delete it immediately unless we are legally required to keep this data. If you believe that we have obtained personal data of a child as a result of mistake or negligence, please contact us immediately using the contact information below. We may make changes to this privacy policy. Changes made will be effective from the date of publication of the new privacy policy. Users and our customers are obliged to follow possible updates and inform FinMaks’ data processing activities and this privacy policy before transferring the information of the persons they transact with or the persons who transact with them to FinMaks.

13. Contact Information
Company: FinMaks Finansal Teknolojiler A.Ş.
MERSİS Number: 0772111251900001
Address: Teknopark İstanbul 2C Blok Ofis:2012 Pendik/İstanbul
E-Mail: info@finmaks.com
Phone: +90 850 532 54 89