Personal Data Protection

Personal Data Protection Application Form

Misyon Investment Bank Information Text on Processing of Personal Data

As Misyon Investment Bank (“Our Bank”), we respect the personal data, we process and the relevant persons in our banking activities and operations, and we show maximum sensitivity regarding the security of personal data within the framework of current legislation and universal values and international standards. In this regard, our Bank aims to inform you about the personal data processing activities carried out by our Bank in accordance with the Personal Data Protection Law (“Law”, “PDPL”) and other relevant legislation with this clarification text. Details of the bank’s personal data processing policy are available on our corporate website under the heading “Protection of Personal Data”.

1. IDENTITY OF THE DATA CONTROLLER

Article 10/1-a of the PDPL titled ‘Information Obligation of the Data Controller’ brings the obligation to provide information about the identity of the data controller. In subparagraph (i) of paragraph 1 of Article 3 of PDPL, data controller is defined as ‘Real or legal persons who determine the purposes and means of processing personal data and are responsible for the establishment and management of the data recording system’. Our Bank will be the ‘data controller’ in terms of the implementation of PDPL. In this context, the ‘identity of the data controller’ means Misyon Investment Bank, located at Esentepe Mahallesi Kır Gülü Sokak Metrocity İş Merkezi D Blok No:4 İç Kapı No:29 Şişli/İSTANBUL, which was established to operate as an “investment bank” in the banking sector in accordance with the laws of the Republic of Turkey.

Data Controller Information

Company Title: MISYON INVESTMENT BANK

Chamber of Commerce: Istanbul Chamber of Commerce and Industry

Trade Registry No: 345674-5

Central Registration System Number: 465126837100001

Location of Headquarters: Esentepe Mahallesi Kır Gülü Sokak Metrocity İş Merkezi D Blok No:4 İç Kapı No:29 Şişli/İstanbul

Contact Us: kisiselveri@misyon.com

Phone: 0090 850 724 68 36

Registered E-Mail (REM) Address: misyon@hs01.kep.tr

2. PROCESSED PERSONAL DATA

In accordance with the provisions of the Personal Data Protection Law No. 6698, any information that makes your identity specific or identifiable is defined as personal data.

Personal data of special nature is data regarding race, ethnic origin, political opinion, philosophical belief, religious, sectarian or other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures in PDPL. It is defined as biometric and genetic data. “Processing your Personal Data”; It refers to all kinds of operations performed on data such as obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of these data.

Our Bank, in its capacity as Data Controller in accordance with the provisions of PDPL, may process your Personal Data in the data categories listed below, including your special personal data if necessary, within the scope specified below, for the aforementioned legal reasons and purposes. Our basic principle is to use your personal data for your banking transactions, to protect the privacy of your private life and your fundamental rights and freedoms.

The category of personal data processed by our bank and the content of personal data are available at https://verbis.kvkk.gov.tr/. As Misyon Investment Bank, your processed data, primarily for the purposes of fulfilling our obligations and providing you with better services in this context, for our banking products and services that we will offer for the purpose of providing you with better and more reliable service without interruption and also , the information you share on our website with the extension www.misyon.com or collected through cookies* (For detailed information about our use of cookies, you can review our Bank’s Cookie Usage Information Text) is always kept safely and is not disclosed to third parties outside the legal framework. Any data you share with our bank is confidential and will not be disclosed.

3. PURPOSE AND LEGAL REASON FOR PROCESSING PERSONAL DATA

Your personal data will be processed by our bank under the following conditions and circumstances, for the reasons explained;

Based on the explicit consent you give to our bank regarding the subject, in order to provide banking services in the best way and to ensure customer satisfaction, Based on the legal reason that it is necessary to process personal data of the parties to the contract, provided that it is directly related to the establishment or execution of a contract; For the purposes of fulfilling the requirements of the said contracts and its annexes, including the Banking Transactions Contract, Credit Contract or contracts for the products you have applied for, and to provide you with banking products and services,

– Based on the legal reasons that it is mandatory for our Bank to fulfill its legal obligations arising from the relevant legislation to which our Bank is subject within the scope of banking activities, especially the Banking Law No. 5411, and that it is clearly foreseen in the laws; Carrying out identification and confirmation procedures of our customers, carrying out information security processes, carrying out audit / ethics activities, carrying out internal audit / investigation / intelligence activities, carrying out risk management processes, ensuring physical space security, monitoring and carrying out legal affairs, carrying out activities for customer satisfaction, carrying out storage and archiving activities, tracking requests / complaints, carrying out product / service sales and after-sales processes, carrying out finance and accounting affairs, fulfilling risk monitoring and reporting obligations to regulatory and supervisory authorities, international card issuing organizations and organizations that have merchant agreements. for the purposes of carrying out bank and credit card activities, carrying out chargeback processes, and carrying out credit disbursement activities,

Based on the legal reason that data processing is mandatory for the legitimate interests of our Bank, provided that it does not harm the fundamental rights and freedoms of the person concerned; Within the scope of evaluating credit card and/or loan requests, the head office aims to evaluate the credit history and credibility of the owners, partners and managers of the real person customer and/or commercial customers, to carry out risk management activities in this context and to prevent fraud activities, and to ensure the physical security of the work areas. For the purposes of recording camera footage of our building, tracking records of visits to our campuses, and carrying out information security, financial security management and emergency management processes,

Based on the legal reason that data processing is necessary for the establishment, exercise or protection of a right; For the purposes of managing processes before judicial and/or administrative authorities, especially complaint management and all legal follow-up and litigation processes,

When our bank’s personal data processing purposes change, the obligation to inform for this purpose will be fulfilled separately before the data processing activity.

4. TRANSFER OF PERSONAL DATA

Your personal data at our bank is kept securely and is not disclosed to third parties outside the legal framework. Based on the above-mentioned legal reasons, our Bank provides services to persons, institutions and/or organizations required/permitted by the Banking Law No. 5411 and other Laws and other legislative provisions, as well as financial institutions listed in the 4th paragraph of Article 73 of the Banking Law No. 5411, as well as BRSA, CMB, CBRT, TRA, SSI, FCIB, ICC, Ministry of Treasury and Finance, Credit Registration Bureau, Turkish Banks Association Risk Center, Central Registry Agency Inc. To public legal entities, judicial authorities, authorities, our main shareholder and its subsidiaries, our affiliates who are authorized to receive personal data, such as; Companies that operate in the capacity of brokerage/agency, third parties from whom services are received to carry out our banking activities, program partner institutions, organizations, domestic/foreign banks, funds, cooperating organizations, from whom service/support/consultancy is received or project/program/financing. It can only be transferred within the framework of legal restrictions due to legal obligations to domestic/foreign/international organizations of which we are partners and organizations from which independent audit and support services are received.

5. PERSONAL DATA COLLECTION METHOD

Your personal data may be processed by our Bank through our Bank’s call center, short message (SMS), business partner stakeholders, our website, identity sharing systems, address sharing systems, Head Office computers and cameras, or in any fully or partially automated or any other way, verbally, in writing or electronically. It is collected by non-automatic means as part of a data recording system, from PTT General Directorate (Turkish Postal Service), Turkish Banking Association Risk Center and other legally relevant channels.

Your personal data is collected and processed for the purposes and legal reasons stated above and in accordance with the relationship you will establish with our Bank.

6. RIGHTS

Kişisel Verileri Koruma Kanunu’nun 11. maddesi uyarınca, ilgili kişiler Bankamıza başvurarak aşağıda sayılan haklarını kullanmayı talep edebilir;

– Learning whether it is processed or not,

– Requesting information if processed,

– Learning the purpose of processing and whether they are used for their intended purpose,

– Yurt içinde / yurt dışında aktarıldığı 3. kişileri bilme,

– Requesting correction if it has been processed incompletely or incorrectly,

– Kanunun 7. maddesinde öngörülen şartlar çerçevesinde silinmesini veya yok edilmesini isteme,

– Aktarıldığı 3. kişilere yukarıda sayılan (d) ve (e) bentleri uyarınca yapılan işlemlerin bildirilmesini isteme,

– Objecting to a result that is unfavorable to you due to being analyzed exclusively by automatic systems,

– Request compensation for the damage if you suffer damage due to illegal processing,

Kişisel Veri Sahibi/ İlgili Kişi olarak Kanunun 11. maddesinde belirtilen, yukarıda yer verilen haklarınız kapsamında taleplerinizi,

– You can submit it to our Bank by using the Application Form that you will obtain from our Bank’s website or by applying in person, in writing, along with documents proving your identity (identity card, driver’s license, passport, etc.),

– You can send the Application Form by post to the address of our Bank’s Headquarters, “Esentepe Mahallesi Kır Gülü Sokak Metrocity İş Merkezi D Blok No:4 İç Kapı No:29 Şişli/İSTANBUL”.

– Via secure electronic signature, mobile signature or your e-mail address previously notified to our bank and registered in our bank’s system, to the Registered Electronic Mail (REM) address of Misyon Investment Bank (misyon@hs01.kep.tr) or (kisiselveri@misyon.com) e-mail address.

In applications;

– Name, surname and signature of the Personal Data Owner/Relevant Person if the application is written,

– Turkish Identity Number for citizens of the Republic of Türkiye; nationality, passport number or identification number for foreigners (if available),

– Residence or workplace address subject to declaration,

– E-mail address, telephone and fax number for declaration (if available),

– Subject of the Demand

must be specified, and relevant information and documents must be added to the application. Applications will be accepted following identity verification by our Bank, and will be responded to in writing or electronically within the legal period. For written applications, the date on which the document is notified to our Bank is the application date. For applications made through other methods; The date the application reaches our Bank is the application date.