Yapı Kredi Mobile Privacy Policy & Application Permission
We, as Yapı ve Kredi Bankası Anonim Şirketi ( “Yapı Kredi” or “the Bank”), would like to inform you on how we process your personal and other types of data, while you use our Yapı Kredi Mobile application (“the Application”), in order to improve your experiences and provide you a simpler usage of the Application by some functions of the Application, as well as on permissions we collect via the Application.
Usage of our Application is being conducted in compliance with all the legislations that the Bank is subject to, especially with the Law on Protection of Personal Data No.6698 (“the PPDL”). You may reach detailed information regarding the purposes of processing of your personal data by our Bank by clicking on Yapı ve Kredi Bankası A.Ş. Policy on Protection and Processing of Personal Data.
Method and Legal Reason of Collecting Personal Data
Your personal data are collected by our Bank upon your usage of the Application via a variety of functions of the Application, based on the legal grounds of our Bank’s legitimate interest, execution or performance of a contract or your explicit consent, if available. Your personal data which are collected as per the said legal reasons, may also be processed within the scope of personal data processing conditions and purposes set forth in articles 5 and 6 of the PPDL for the purposes specified herein this Privacy Policy.
For What Purposes And To Whom Shall Your Personal Data Be Transferred?
As Yapı Kredi, we may transfer your personal data to our shareholders within or outside Turkey, our subsidiaries, legally authorized public/private institutions and corporations, our business partners and our suppliers, as per the scope of the purposes mentioned above and in compliance with the relevant legislations.
For What Purposes Shall Your Personal Data Be Processed?
As Yapı Kredi, we collect permissions for several purposes via different variety of functions based on different operating systems and we process your personal data via such functions. The main permissions and personal data that are collected are as following:
| Required Permission |
Access Owner |
Collected Personal & Sensitive Data |
Usage |
Sharing With |
| Notifications |
Bank only |
Device Identifier on app login |
We will send push notifications to your mobile phone about your transactions. |
None |
| Photo |
Bank only |
Photo from gallery on profile photo upload |
It is required for Profile Photo Upload - Choose From Library Function. |
None |
| Camera |
Bank only |
Current Shot from camera while using the services described in Usage section |
It is required for Withdraw / Deposit Cash via QR Code, Payment with Barcode and Take a Profile Photo functions. |
None |
| Location |
Bank only |
GPS Coordinates while app usage |
To show nearest Yapı Kredi needs to know your location to operate. |
None |
| Microphone |
Bank only |
Sounds coming through microphone on birthday celebration only. |
It is required for interactive Birthday Celebration function. |
None |
| Contacts |
Bank only |
From contacts app only request to Cash-to-Mobile function. |
To integrate Cash-to-Mobile with your phone contact list. |
None |
| STEP Count |
Bank only |
From Health App |
To win STEP (Yapı Kredi Sustainable Preference Program) Points by step count. |
None |
| Required Permission |
Access Owner |
Collected Personal & Sensitive Data |
Usage |
Sharing With |
| Device ID and Call Information |
Bank only |
Device Identifier on app login |
We will send push notifications to your mobile phone about your transactions. |
None |
| Photo / Media / File |
Bank only |
Photo from gallery on profile photo upload |
It is required for Profile Photo Upload - Choose From Library Function. |
None |
| Camera |
Bank only |
Current Shot from camera while using the services described in Usage section |
It is required for Withdraw / Deposit Cash via QR Code, Payment with Barcode and Take a Profile Photo functions. |
None |
| Location |
Bank only |
GPS Coordinates while app usage |
To show nearest Yapı Kredi needs to know your location to operate. |
None |
| Microphone |
Bank only |
Sounds coming through microphone on birthday celebration only. |
It is required for interactive Birthday Celebration function. |
None |
| Contacts |
Bank only |
From contacts app only request to Cash-to-Mobile function. |
To integrate Cash-to-Mobile with your phone contact list. |
None |
| STEP Count |
Bank only |
From Health Connect |
To win STEP (Yapı Kredi Sustainable Preference Program) Points by step count. |
None |
| WiFi Access Information |
Bank only |
Access Information while app usage |
To show nearest Yapı Kredi more accurately. |
None |
The use of information received from Health Connect will adhere to the Health Connect Permissions policy, including the Limited Use requirements.
*Geofencing means, using GPS and RFID (radio frequency identification) in order to indicate a specific geographical area.
What Are Your Rights As A Data Subject?
If you, as the data subject, send your demands regarding your rights to our Bank via methods mentioned in the Yapı ve Kredi Bankası A.Ş. Policy on Protection and Processing of Personal Data; the Bank shall conclude such demands, free of any charge, within shortest period or within thirty (30) days the latest, depending on the nature of relevant demand. However, if the transaction requires any cost separately, the Bank shall charge fee at the rate specified in the tariff determined by the Personal Data Protection Board. In this context, owners of personal data have following rights:
- to find out whether their personal data has been processed,
- to request information if their personal data has been processed,
- to find out the purpose for processing of their personal data and whether they have been used in accordance with this purpose,
- to be informed of the domestic or international third parties to which the personal data has been transferred,
- request for the correction of personal data if they are incomplete or incorrectly processed and ask that the process carried out in this context be notified to the third parties to whom personal data have been transmitted,
- Request for the deletion or destruction of personal data if the reasons for processing the same have ceased to exist although they have been processed in accordance with the Law and other relevant laws, and ask that the process carried out in this context be notified to the third parties to whom personal data have been transmitted,
- to object to any unfavourable result suffered due to analysis of processed data exclusively by means of automatic systems and
- to demand indemnification of losses suffered due to personal data being processed in breach of the law
To be able to view PDF documents you must have Adobe Acrobat Reader installed.
Click here to install Adobe Acrobat Reader.
