As the Q Investment Bank family, we are always by your side to guarantee your satisfaction in all conditions and conditions.
You can always contact our bank quickly and easily through any channel you want. In all our communication channels, we work diligently to quickly resolve and respond to all your requests and feedback.
Your ideas are valuable to us; We act with the desire to bring our product and service quality to perfection in line with your demands and notifications. In this context, we would like to state that we carefully examine and evaluate all kinds of requests and notifications from you, our valued customers, and we will get back to you as soon as possible.
We attach great importance to information privacy and carefully protect your personal data. In this direction, we work to take every precaution to protect confidentiality within the scope of our principles and legal regulations.
1. Data Controller
Q Investment Bank A.Ş. (Q Investment Bank or the Company) attaches importance to the security of personal data. The activities subject to the processing of personal data are carried out in accordance with the Personal Data Protection Law No. 6698 (KVKK or the Law), secondary regulations and Personal Data Protection Board Decisions.
This Clarification Text has been issued by Q Investment Bank, as the Data Controller, to fulfill the disclosure obligation described in Article 10 of the Law and to inform the real persons whose data are processed, of their rights listed in Article 11 of the Law.
2. Purposes of Processing Your Personal Data
Personal data obtained by the company can be processed for the purposes listed below within the scope of the personal data processing conditions specified in Articles 5 and 6 of the Law;
Within the scope of the legal conditions of clause 5/2(a) of the Law "Explicitly stipulated in the laws" and clause 5/2(ç) of the Law "It is mandatory for the data controller to fulfill its legal obligation";
- Fulfilling obligations under all other legislation and secondary regulations, in particular the Banking Law No. 5411,
- Execution of legal processes to which our bank is a party,
- Providing necessary information in line with the requests and inspections of regulatory and supervisory institutions and other official authorities,
- Creation of audit and inspection reports,
- Performance of obligations within the framework of the know your customer principle,
- Planning information security processes,
- Planning and execution of operational and systemic infrastructure processes,
- Planning and management of our financial security and risk management processes,
- Execution of finance and accounting works.
Within the scope of the legal requirement of subparagraph 5/2(c) of the Law "It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract";
- Fulfilling the obligations arising from the contracts to which our bank is a party,
- Planning and execution of loan processes,
- Execution of collateral transactions,
- Execution of customer relationship management processes,
- Management of relations with business partners, suppliers and affiliates.
Within the scope of the legal condition of "Data processing is mandatory for the establishment, exercise or protection of a right", clause 5/2(e) of the Law;
- Informing customers,
- Conducting communication activities,
- Follow-up of Requests / Complaints
Within the scope of the legal requirement of paragraph 5/2(f) of the Law, "It is mandatory to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject";
- Protecting the legitimate interests of our bank,
- Intelligence gathering and evaluation for customers and potential customers
- Execution of our strategic planning activities
- Planning and execution of our corporate governance and sustainability activities
3. Recipient Groups To Which Your Personal Data Can Be Transferred And For What Purpose
Personal data obtained in accordance with the data processing purposes in accordance with the terms of transferring personal data specified in Articles 8 and 9 of the Law;
- In order to fulfill the legal obligations, the Banking Regulation and Supervision Agency, the Capital Markets Board, the Central Bank of the Republic of Turkey, the Financial Crimes Investigation Board, the Banks Association of Turkey Risk Center, T.R. Ministry of Finance, Revenue Administration, T.R. Ministry of Treasury and Finance, Social Security Institution, Credit Registration Office, Credit Guarantee Fund and other legally authorized public institutions and organizations and legally authorized private legal persons,
- Accounting, law etc. real persons and legal entities of private law (such as Independent accountant financial advisor, Chartered accountant, Law Office) in order to receive service support in matters of law,
- Independent Audit Firm for the purpose of carrying out risk management and internal audit activities,
- To business partners, shareholders, affiliates, suppliers, in order to carry out commercial activities,
- Companies that receive information technology support
4. Collection Method and Legal Justification of Your Personal Data
Personal data is completely and completely limited by our Company's business units, including contracts, application forms, our website, telephones, verbal communication, computers, registered e-mail, e-mail, electronic notification, fax, short message, limited, measured and in connection with Data Processing Purposes. or partially automatically or non-automatically, by written, verbal, electronic or other means and within the scope of the following subparagraphs of the second paragraph of the fifth article of the Law;
- 5/2 (a): expressly stipulated in laws
- 5/2 (c): It is necessary to process the personal data of the parties to the contract, provided that it is directly related to the establishment or performance of a contract
- 5/2 (ç): Obligatory for the data controller to fulfill its legal obligation
- 5/2 (e): Data processing is mandatory for the establishment, exercise or protection of a right
- 5/2(f): Data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.
5. Retention Periods of Personal Data
Personal data is kept safely by taking the necessary precautions for the physical or electronic environment in which the data is stored, in accordance with the nature of the data and the periods stipulated in the relevant laws. At the end of these periods, personal data will be deleted, destroyed or anonymized ex officio or upon the request of the data owner in accordance with Article 7 of the KVKK.
6. Your Rights
- Learning whether your personal data is processed,
- If your personal data has been processed, requesting information about it,
- To learn the purpose of processing your personal data and whether they are used in accordance with the purpose,
- Knowing the third parties to whom your personal data is transferred, in the country or abroad,
- Requesting correction of your personal data in case of incomplete or incorrect processing and requesting notification of the transaction made within this scope to the third parties to whom your personal data has been transferred,
- Requesting the deletion or destruction of personal data in the event that the reasons requiring its processing cease to exist despite the fact that it has been processed in accordance with the Law and other relevant law provisions, and requesting that the process carried out within this scope be notified to the third parties to whom your personal data has been transferred,
- Objecting to this if a result arises against you by analyzing the processed data exclusively through automated systems,
- Requesting the compensation of the damage in case you suffer damage due to the unlawful processing of your personal data
You can submit your applications and requests regarding your rights listed above by filling out the Data Owner Application Forum published on our website and sending a wet-signed copy to Bayraklı Tower Mansuroğlu Mah. Ankara Cad. No:81/152 Kat:22 Bayraklı/İzmir in person or via a notary public or to our registered e-mail (kep) address.
Purpose and Scope
General Information About the Processing of Information
Two basic information is collected through our corporate website. These are personal data used to identify natural persons and cookies collected for the better functioning of our website. Cookies are a feature of web browser software that allow web servers to temporarily store information in your browser. We collect information through cookies to see how our website visitors access our site. During this process, no personal information (which can identify you) is collected.
General Information About the Processing of Personal Data
Personal data refers to any information relating to an identified or identifiable natural person. Our bank shows maximum sensitivity to the security of personal data. Personal data processed by our Bank within the scope of Personal Data Processing conditions specified in Articles 5 and 6 of the Personal Data Protection Law are protected by taking necessary security measures in accordance with the nature of personal data within the scope of the Banking Law.
You can visit our website, get information about our products and services, and review the reports and announcements without providing any personal information. However, in some cases, we may need your personal information. For example, you may want to provide your personal information such as name, surname, phone number, e-mail address, which may be necessary to be informed about new developments, to contact you or to provide you with a membership.
For detailed information about personal data and to learn about your rights as a data owner, you can review the Personal Data Protection Policy on our website.
General Information About Cookies
Ensuring the Security of Information
Personal data is protected from unauthorized use, disclosure, destruction and alteration, through physical, technical and organizational security measures, as required by risks such as accidental data loss or damage to data or unauthorized access that may arise as a result of data processing. The security of this website is based on Secure Sockets Layer (“SSL”) technology and allows your browser to encrypt your data before you send it to us. In accordance with Article 12 of the Banking Law and the Law on the Protection of Personal Data, our Bank takes all necessary administrative and technical measures and cyber security measures according to the nature of personal data.
Transfer of Information
Our Bank's employees show the necessary sensitivity and care is taken to protect all information from unauthorized access, misuse, changes, corruption and destruction.
The information obtained by our bank will not be shared with a third party or company without the consent of the owner of the information or unless there is a legal obligation.
Third Party Services
In case our Bank receives support services from different companies, these companies are informed about our Bank's confidentiality standards. We would like to emphasize that you should not share your membership password with anyone in order to ensure your information security.
You have the right to obtain information regarding the processing and transfer of your personal data. You also have the right to request that your personal information be deleted and that you no longer be contacted. As a personal data owner, you can access detailed information about these and all similar rights from the Personal Data Protection Policy, and submit your requests by filling out the Data Owner Application Form. Q Investment Bank A.Ş. will respond to your applications and requests free of charge as soon as possible and within 30 days at the latest.
Contact informationTitle: Q Yatırım Bankası A.Ş.
Address: Bayraklı Tower Mansuroğlu Mah. Ankara Cad. No:81/152 Floor:22 Bayraklı/İzmir
Phone: 0 850 723 65 00
Fax: 0 850 723 65 01
KEP Address: email@example.com
Our bank; By managing information security, it aims to ensure that business processes operate with the least impact against information security risks. The Board of Directors establishes an information security management system covering the entire bank, by showing the necessary determination to bring the security measures related to information systems to a sufficient level.
It ensures that all information within the Bank is stored, backed up and used in a safe and secure manner in the country, allowing access at any time. The operation of the information systems put into practice, their compliance with the strategic objectives, the effectiveness and adequacy of the controls are regularly monitored by taking into account the developments in information technologies.
The bank takes the necessary precautions against cyber attacks from outside and has a penetration test every year. Only users, parties and systems with the necessary authorization are allowed to access the system, service and data.
In ensuring information security and accessing our Bank's information systems, techniques including identity verification and authorization mechanisms, non-repudiation and assignment of responsibility are used. Our bank ensures compliance with the security requirements arising from laws, regulations and contracts regarding personal data security, intellectual property rights and license agreements.
Our bank ensures the confidentiality, integrity and accessibility of information assets and all assets related to this data, preventing accidental or deliberate damage, alteration, disclosure or loss. For this, information systems create an asset inventory, evaluate and classify assets. Our bank; ensures that the information is used in accordance with this classification. The work to identify, level, process and review the risks that may arise in relation to information assets are carried out in accordance with the Information Systems Risk Management Procedure.
Appropriate authorization and access control is established for access to databases, applications and systems. Considering the duties and responsibilities, it is essential to grant the most restricted authorization and access right.
With the information security risk assessment approach, the methods by which the information security risks of our Bank will be determined, how the risk levels will be calculated and how the risks will be evaluated are determined. The studies for defining, determining the levels, processing and reviewing the risks that may occur related to the information assets are carried out in accordance with the determined risk assessment approach.
It ensures that the systems, databases and applications used by our Bank to carry out its activities are backed up and periodic backup tests are performed. All authorized employees report all security vulnerabilities, risks and cases that they notice or suspect within the scope of business processes, a case record is created and an investigation is provided.
Our Bank prepares an information systems continuity plan to ensure the continuity of information systems services that support its activities, and ensures the protection of business processes against interruptions and risks caused by natural disasters and technical problems. The information systems continuity plan is kept up to date; Information systems are revised and updated every year or after events or changes that will affect their continuity.
What is a Cookie?
Cookies are small text files that are stored on your device or network server via browsers by the websites you visit.
How Are Cookies Collected?
Data is collected through your devices from which you access browsers. This collected information is device specific. It can be deleted by the user at any time and access to information can be closed.
Why Are Cookies Used?
- To improve the services offered to you by increasing the functionality and performance of the website,
- To improve the website, to offer new features on the website and to customize the features offered according to your preferences,
- To ensure the legal and commercial security of the website, you and the company.
What Types of Data Do We Process With Cookies?
Cookies generally collect data regarding your browsing and usage preferences on the device from which you access the website, depending on their types. This data includes the pages you visit and the services and products you review, location (as city information), browser and device information, date and time of your visit, and information about your browsing on the website.
Legal Ground for Data Processing
Mandatory cookies Article of the Law on the Protection of Personal Data No. 6698. Pursuant to the provision of 5/2 (f), it can be processed for legal reasons, provided that it does not harm your fundamental rights and freedoms, that data processing is mandatory for the legitimate interest of the data controller.
Your Rights Regarding Cookies
You can reach your rights and requests regarding your data processed through cookies from the Data Owner Application Form on our website, and you can apply to our Company through this form and the methods set out in the form.
What are the Types of Cookies and Their Purposes of Use?
Cookies by Duration
Session Cookies: Session cookies are cookies that are valid during your use of the website and remain valid until the web browser is closed.
Persistent Cookies: Persistent cookies are used to remember your preferences on the website and remain on your desktop or mobile device even after you close your browser or restart your computer.
Cookies by Purpose of Use
Compulsory Cookies: These are the cookies that are mandatory for the website to function properly and for you to benefit from the features of the site and the services offered.
Functionality and Analytical Cookies: These are cookies that contain data about how you use the site and are used for purposes such as remembering your preferences, using the website effectively, optimizing the site to respond to your requests. Due to their nature, these types of cookies may contain your personal data. For example, cookies that save your site's display language preferences are functional cookies.
Cookies by Party
Tracking Cookies: Tracking cookies are primary and third party cookies created during your visit to our website and third party domain names. These cookies make it possible to track your click and visit history in the domains where they were created, and to match these records between different domains. These types of cookies are used for the purpose of recognizing and profiling users, targeting advertising and marketing activities and customizing the content. These cookies will not be used to identify you and make personal decisions.
How to Manage Cookie Preferences?
You can find guides on how to control cookies in browsers below.