• Homepage
  • Information Notice on The Protection And Processing Of Personal Data

Information Notice on The Protection And Processing Of Personal Data

 

As Limassol Turkish Cooperative Bank Ltd. (Limassol Bank), acting in the capacity of “Data Controller,” we would like to inform you accurately and transparently, within the framework of the provisions of the Personal Data Protection Law No. 89/2007 (PDPL), which was prepared for the purposes of protecting individuals’ fundamental rights and freedoms, primarily the privacy of private life, in the processing of personal data, and determining the obligations of natural and/or legal persons who process personal data, about our activities regarding the processing and protection of personal data and your legal rights under the PDPL.

1. Identity of the Data Controller/Controller

Pursuant to the applicable legal legislation regarding the Protection of Personal Data, your personal data are collected by Limassol Turkish Cooperative Bank Ltd. (“Limassol Bank” or “Our Bank”), as the data controller/controller, for the purposes and by the methods specified below, and are processed in line with the legal purposes set out below. Our Bank processes such data in accordance with the applicable legislation, in line with the purposes for which the data are processed, and in a “limited and proportionate” manner as prescribed by the legislation.

2. Processing of Personal Data and Purpose of Processing

Your personal data may be processed and shared within the scope of the personal data processing conditions and purposes specified in the Personal Data Protection Law (PDPL), primarily for the purposes of fulfilling legal obligations, within the framework of contracts concluded or activities carried out jointly with third natural or legal persons who have a business relationship with our Bank, for the fulfillment of our Bank’s legal and commercial obligations arising from contracts, establishment of rights, protection of rights, commercial and legal evaluation processes, legal and commercial risk analyses, and execution of financial affairs.

3. Persons to Whom Processed Personal Data May Be Transferred and the Purpose of Transfer

Your personal data may be shared with official public institutions and organizations and other authorized administrative authorities due to our Bank’s legal obligations, and may be subject to reporting for the purposes of fulfilling the requirements of legal legislation. In this context, your personal data, in accordance with the provisions of the legislation; may be transferred, recorded, stored, preserved, modified, reorganized, disclosed, transferred, taken over, classified, processed, and data use may be prevented, within the framework of the personal data processing conditions and purposes specified in the provisions of the Personal Data Protection Law No. 89/2007 (PDPL), to Public Institutions and Organizations authorized to request customer information from banks, to natural and/or legal persons, and to authorities authorized to request such data under the provisions of the legislation. Your personal data are shared, to the extent required by our institutional practices and within the framework of legal legislation, for the purpose of performance of the contract/contracts you have signed with our Bank, with third parties from whom we receive services to carry out our banking activities, collaborating organizations, affiliates and subsidiaries, and authorized official institutions and/or organizations under the legislation.

4. Transfer of Data Abroad

In line with the provisions/principles regarding data transfer of the Personal Data Protection Law No. 89/2007 (PDPL), personal data may be transferred to persons/institutions/organizations resident abroad by obtaining an “Explicit Consent Declaration,” and/or, in the presence of the conditions stipulated by the legislation, without obtaining an “Explicit Consent Declaration,” provided that the regulatory provisions are complied with, taking into account the conditions set out below and/or in the presence of the requested conditions.

5. Collection of Personal Data and Legal Basis

Your personal data are collected through physical channels, call channels, digital channels, and social media channels. Your personal data are collected by taking into consideration legal grounds such as being within the scope of an “Explicit Consent Declaration,” being required by legal legislation, being necessary for the performance of a contract, ensuring compliance with legal obligations within the scope of statutory legislation, being mandatory for the establishment, use, or protection of a right, and being necessary for the establishment of a legitimate interest on the part of our Bank.

6. Rights of the Relevant Natural and/or Legal Person(s) Whose Personal Data Are Processed Within the Scope of the PDPL (Right of Access, Objection, and Compensation)

As personal data owners, under the Personal Data Protection Law No. 89/2007, you have the right to obtain information, ask questions, and receive answers regarding the following matters;

  • Requesting information as to whether your personal data are being processed
  • All your personal data that have been processed and at the same time their source
  • If information has previously been provided, requesting information on the progress recorded in data processing since that information
  • Requesting information about the recipients or categories of recipients of the data
  • Requesting the correction and/or deletion and/or blocking of the data, especially with respect to processing that has not been carried out in accordance with the PDPL
  • Requesting that any correction, deletion, and blocking carried out within this scope be notified to third parties to whom the personal data have been transferred, provided that it is not impossible and does not require disproportionate effort
  • Being able to exercise the right of access to your personal data with the assistance of an expert
  • At any time, objecting to the processing of data that have been processed, are being processed, or are planned to be processed, belonging to the data subject, on legitimate grounds relating to his/her particular situation
  • Requesting compensation for damages in the event that you suffer damage due to the unlawful processing of your personal data

In order to exercise your rights stated above; by performing identity verification through our branches and/or by carrying out identity authentication via our digital channels or Call Center, by written notification to your branch, or by using the electronic mail address registered in our Bank’s system, you may submit your requests to our Bank.

By exercising your right of access, you may access the data you request within the above framework in return for the fee regulated under the PDPL provisions and prescribed by the Authority. If our Bank does not respond within 30 (thirty) days from the submission of an application made in the prescribed manner, or if the response is not satisfactory, you have the right to apply to the Authority. In cases where the Bank or the Authority finds the applicant’s request for correction and/or deletion of the data to be justified, the applicant’s request shall be concluded without delay and free of charge.