On behalf of our company Kobaküs Information and Technology Joint Stock Company, we would like to inform you about the “Personal Data Protection Law No. 6698”, which contains data security principles serving the protection of basic rights and freedoms of our valued customers, rights of relevant persons, and principles and procedures for processing personal data.

Processing of Personal Data

The data of our customers, who are considered personal data in accordance with the “Personal Data Protection Law No. 6698” published in the Official Gazette dated 07.04.2016 and numbered 29677 (“PDPL”), will be processed by our company within the scope of the execution of our services; as the Data Controller, in compliance with the general principles stated in Article 4 of the PDPL and only within the framework of the conditions for processing personal data stated in the PDPL; by obtaining, recording, storing, updating, reorganizing, disclosing to third parties in cases and to the extent permitted by the legislation, transferring, sharing, and processing in other ways specified by the law.

The purposes and legal reasons for this processing are primarily related to the provision of all kinds of products and services and their uninterrupted continuation; recording the identity, address, and other necessary information of the account holder for the determination of the customer’s information; preparing all records and documents that will constitute the basis for processing, whether electronic or paper-based; complying with information storage, reporting, and notification obligations envisaged by local and international legislation and all authorities, transmitting important information that we need to share with you via your contact information; planning and implementing special product, service, offer activities for you, and are connected to legal obligations or service provision.

Methods of Collecting Personal Data

Your personal data can be collected by our company through written, verbal, or electronic means, automatically or non-automatically, directly from the relevant person to our company, or through acquisition from business partners.

Transfer of Personal Data

Personal data of our customers may be shared with persons, institutions, and organizations permitted by the Law and legislation and not limited to them (such as BRSA, CMB, CBRT, MASAK, TBB, Undersecretariat of Treasury), our partners, and domestic or international subsidiaries, as well as consultants and institutions with whom we cooperate directly or indirectly to carry out all our activities, but will not be transferred to external third parties without the consent of the Customer. Necessary technical and legal measures are taken to prevent rights violations during the data transfer to third parties. However, our company is not responsible for breaches occurring in the risk area of the third party due to the data protection policies of the third party to whom personal data is transferred.

Protection of Personal Data

As stated in our security policies, our company is obliged to take all kinds of technical and administrative measures to ensure an adequate level of security while carrying out data processing activities in order to prevent the unlawful processing and access of personal data and to ensure the preservation of personal data. In this context, our company acknowledges, declares, and undertakes that it has taken the necessary technical and administrative measures to ensure the privacy, integrity, accessibility, and security of your data.

Your Rights Arising from the Personal Data Protection Law

Subject to the exceptions stated in Article 28 of the PDPL, you can apply to our company in accordance with Article 11 of the PDPL and:

Learn whether your personal data is processed, the purpose of processing, and whether they are used for their purpose,
Request information if your personal data has been processed,
If you think your personal data is incomplete or inaccurate, request correction,
Request deletion or destruction of your personal data within the framework of the conditions specified in Article 7 of the PDPL,
Request notification of the correction or deletion of your personal data to third parties to whom your data has been transferred and request that the same transactions be performed by them,
Object to the emergence of a result against you by analyzing your personal data through automated systems or object to your personal data being used unlawfully or unlawfully and demand compensation if you suffer damage due to this reason,
We would like to inform you of your rights.

It is possible to use your rights from the effective date of the regulation, and our company reserves the right to request the expenses to be incurred by the Company for the fulfillment of Customer requests in accordance with Article 13 of the PDPL.

Questions and Requests Regarding Personal Data

You can send your requests and questions regarding the processing of your personal data by sending them to via registered electronic mail address defined in the Electronic Signature Law No. 5070 or by post to İTÜ Arı Teknokent No:4 Inner Door No:1101 Maslak, Istanbul address.


Trade Registry No: 15284474

Email address: