Privacy Conditions and Protection of Personal Data

This text has been prepared by T. Vakıflar Bankası T.A.O. ('VakıfBank') in its capacity as the data controller, in accordance with Article 10 of Law No. 6698 on the Protection of Personal Data ('Law'), the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Inform ('Communiqué'), and the Guide on Cookie Practices ('Guide').
What is a Cookie?
A cookie is a type of identification file given to the visitors' computers or mobile devices by websites, in the form of small-sized data files. It enables the recognition of computers when the website is visited again. Websites, by reading these data files created by users when they first connect, gain the ability to work more efficiently, quickly recognize the users, and load user settings such as site language in a fast manner during subsequent visits. The use of these technologies is conducted in compliance with the legislation to which we are subject, primarily Law No. 6698 on the Protection of Personal Data ('PDPL').

Cookies help the website remember information about your visit (e.g., your preferred language and other settings). They can provide convenience on your next visit and make the site more practical and faster for you.

Through this Cookie Policy, we aim to provide information to members/visitors ('Data Subjects') on the purposes for which we use cookies during the administration of VakıfBank's websites and the types of cookies used, as well as how you can manage these cookies concerning the processing of personal data obtained during the use of cookies.

For detailed information on the processing of your personal data, you can read Clarification Text On The Protection And Processing Of Personal Data Of Turkiye Vakiflar Bankasi Turk Anonim Ortakligi

What Are the Types of Cookies?
Cookies are categorized into temporary and permanent cookies based on their validity periods. Temporary cookies are data files that are generated during a user's visit to a website, storing the user's preferences during that visit and automatically deleting when the visit ends and the user leaves the site. Temporary cookies are data files that are generated during a user's visit to a website, storing the user's preferences during that visit and automatically deleting when the visit ends and the user leaves the site. The user preferences stored in this data file are read from it quickly during the user's next connection and are loaded, enabling the user to have a faster and more efficient website experience.

In VakıfBank websites and mobile applications, both temporary and persistent cookies can be used for the following purposes:

Ensuring site security management; for instance, avoiding the need for logged-in users to re-enter their passwords when visiting different pages on the site during the same session.
Ensuring the functions of the site or application work as intended; for example, remembering the user's username or search queries on their next visit to the site.
Monitoring and maintaining the performance of the site or application at a high level; these are cookies that collect information about page visit intervals, potential error messages, and the total time users spend on the respective pages, in addition to user behavior on the site, to enhance the performance of the bank's website.
Saving time for users by remembering their preferences; for instance, displaying pages or icons related to visitors' areas of interest based on the pages and products they have viewed.

Are Cookies Mandatory?
Internet browsers on computers or mobile devices allow cookies by default. These cookie settings enable websites to utilize this feature to enhance the user's experience. Users can adjust their cookie settings or completely block cookie usage through methods that differ according to the type of internet browser on their devices. The method for changing the selection of cookie usage varies depending on the type of browser and can be learned from the respective service provider when requested.

Similar to cookies used on other websites, users of VakıfBank have the option to selectively or entirely block the use of cookies when they so choose. However, the majority of our cookies are designed to ensure the proper functioning of the website or application, and blocking them may lead to the disruption of certain functions. Therefore, it is not recommended.

Cookies Used on Our Website
The types of cookies used on our website are as follows.
Essential Cookies
The use of a certain type of cookies is required for the proper functioning of our site. For example, the identity verification cookies that come into play when you log in to our website ensure that your session remains active as you navigate from one page to another on our site.

Other Cookies
Functionality and Preference Cookies
These cookies enhance the personalization of services provided on our site for you by recalling your preferences and selections.
Performance and Analysis Cookies
Through these cookies, we can analyze your use of our site and its performance, enabling us to improve the services we provide to you.
Targeting or Advertising Cookies
We do not use cookies for product and service promotion or marketing activities on our website.
Do VakıfBank Cookies Store My Confidential Information?
VakıfBank does not store users' confidential information through cookies. Cookies solely contain information pertaining to your browsing history and do not access files stored on your computer or mobile device.
How can cookie preferences be controlled?
Cookie use is predefined in many browsers. Users can change this selection status in the browser settings. Therefore, the user can also delete existing cookies and refuse the storage of future cookie uses. So, if cookie use is canceled, it may not be possible to benefit from some features in the Bank's systems.

Changing the cookie use selection method varies depending on the browser type, and the methods for some service providers are as follows.

Google Chrome	By clicking on the "lock sign" in the address section of your browser, you can allow or block cookies from the "cookies" tab.
Internet Explorer	By clicking on the security tab in the "Tools" section at the top right of your browser, you can manage cookies as "allow" or "do not allow".
Mozilla Firefox	Click on the "open menu" tab in the upper right corner of your browser. By clicking on the "Options" image, you can manage cookies using the "Privacy and Security" button.
Opera	By selecting "Advanced" in the "Preferences" section of your browser, you can manage cookies in the "cookies" section.
Safari	Select the "Safari" tab from the "Settings" section of your mobile phone and you can manage all your cookies from the "Privacy and Security" section.

What are the Rights of the Data Subject?
Pursuant to Article 11 of PDP Law, you may make requests regarding the following issues regarding your personal data by applying to our Bank:

a. To learn whether personal data is being processed,
b. If personal data has been processed, to request information about it,
c. To learn the purpose of processing personal data and whether it is being used for that purpose,
d. To learn the third parties to whom personal data is transferred, whether domestically or abroad,
e. To request the correction of personal data if it is incomplete or incorrect and, in this context, to request the notification of this correction to the third parties to whom personal data has been transferred,
f. To request the deletion, destruction, or anonymization of personal data if the reasons requiring processing have ceased and, in this context, to request the notification of this process to the third parties to whom personal data has been transferred,
g. To object to an adverse result arising from the analysis of processed data exclusively through automated systems,
h. To request compensation for the damages you incur as a result of the unlawful processing of your personal data.

You may convey your requests pertaining to the aforementioned rights through the 'Personal Data Subject Application Form,' accompanied by identity verification documents. These can be submitted either in person at our branches or through a notary. Alternatively, you can send them securely with an electronic signature to the address 'Finanskent Mahallesi Finans Caddesi No:40/1 Ümraniye/İstanbul' or to the email address vakifbank@hs01.kep.tr. Our Bank will finalize your application requests free of charge within 30 (thirty) days at the latest, depending on the nature of the request, in compliance with Article 13 of the PPD Law. In case the request is rejected, the reason(s) for the rejection shall be notified to you in writing or electronically.
Application address :
Türkiye Vakıflar Bankası T.A.O.
Finanskent Mahallesi Finans Caddesi No:40/1 Ümraniye/İstanbul
Phone: +90 216 724 10 00
Fax: +90 216 724 39 09
Bank's Registered Electronic Mail (KEP) address: vakifbank@hs01.kep.tr

In light of the increasing complexity and variability that comes with digital transformation, our bank is committed to continually strengthening its security systems to ensure information security and, particularly, to maintain the highest level of defense against cyber threats.

To ensure more effective management of information security across the bank in line with international standards, we have completed the certification process in previous years and are currently auditing our compliance with the ISO 27001 Information Security Management System.

We are informing our customers in compliance with the Personal Data Protection Law, providing clear consent options, and facilitating the creation of a personal data inventory. Additionally, at specified intervals, we proactively inform our customers through SMS and email about data security, fraud prevention methods, and the protection of customer data.

In order to enhance our technological infrastructure and foster an effective and efficient security culture, we regularly conduct vulnerability scanning tests and Information Technology Risk Analysis within the scope of our behavior-based Advanced Persistent Threat (APT) prevention system and zero-day malware detection systems, which were implemented in previous years.

Clarification Text On The Protection And Processing Of Personal Data

1. Purpose

Türkiye Vakıflar Bankası Türk Anonim Ortaklığı ("VakıfBank" or "the Bank") aims to process your personal data in compliance with the provisions of Law No. 6698 on the Personal Data Protection Law ("PDPL") and other relevant regulations.

We hereby inform you that your personal data that you have notified/will notify and/or obtained by our Bank externally through any means due to your utilization of the services offered by our Bank shall be;

within the framework of the purpose that requires the processing of your personal data and in connection with this purpose, in a limited and measured manner,
by maintaining the accuracy and the most up-to-date version of the personal data you have notified or as notified to our Bank,
recorded, stored, retained, reorganized, shared with the institutions authorized by law to request such personal data, transferred to domestic or foreign third parties under the conditions stipulated by the PPD Law, transferred, classified, and processed in other ways listed in the PPD Law and may be subject to other transactions listed in the PPD Law by our Bank in the capacity of "Data Supervisor".

2. Collection and Procedure of Personal Data

Our bank will process your personal data for the purposes stated in this Information Notice. Any change in the purpose of processing your personal data will also require your consent. The personal data collected and used by our Bank are specifically as follows:

Content of Personal Data

Identity Data	Documents such as driver's license, copy of identity card and passport containing information such as name-surname, Turkish ID number, tax ID number, nationality, mother's name-father's name, place of birth, date of birth, gender, and signature/ initials.
Communication Data	Data for communication such as telephone number, street address, e-mail address, residence address, workplace address, account statement sending address, etc.
Financial Data	Financial Data: Financial and salary details, monthly income information, debt information, account balance details, payrolls, housing status, interest rates, total asset value, family income information, EFT/Wire transfer details, foreign exchange transaction information, investment amount, tax office details, term/demand deposit account details, interest information, loan/credit card limit and balance information, and other financial data.
Sensitive Personal Data	Biometric Data: (fingerprint, retina, face, voice, etc.) Health report, blood type, Devices and prostheses used on the driver's license (photocopy of driver's license) Disability, invalidity and handicap status Blood group and religion on the identity card
Legal Action Data	Personal data processed within the scope of determination and follow-up of legal receivables and rights and fulfillment of debts and compliance with legal obligations and our Bank's policies, and file and debt information related to enforcement proceedings (information contained in documents such as court and administrative authority decisions).
Transaction Security Data	Personal data processed to ensure our technical, administrative, legal, and commercial security, as well as your security, while conducting commercial activities (information associated with transactions related to the individual and demonstrating the individual's authorization to carry out that transaction, such as a password, voice signature, IMEI number, authentication method, authentication code, browser type, username, fraud method, and any other data that may be collected based on fraud scenarios).
Location Data	Address information, transaction location information.
Professional Experience Data	Institution, duration of employment, type of insurance, sector of employment, title, level of education, total working time of the person concerned.
Personal Data	All kinds of personal data processed for obtaining information that will be the basis for the formation of the personal rights of real persons who are in a service relationship with our Bank (Identity information entered in the personal file, job application form, passport size photograph, education information, graduation information, diploma sample, profession, place of previous employment, resume information, private pension information).
Physical Space Safety Data	Personal data related to records and documents taken at the entrance to the physical space, during the stay in the physical space; camera recordings and records taken at the security point.
Customer Transaction Data	Account information, bank information, receiving bank information, affiliated regional directorate, cheque information, annual fee information, statement details, account transactions, EFT/transfer information, transaction details, card details and transactions, collection information, payment information, cash instructions, internet transaction information, branch information, interest usage details, loan usage details, policy information, swift transaction details, virtual pos information, collateral information.
Audio and Video Recording Data	Photographs and video recordings (excluding recordings covered by Physical Space Security Information), audio recordings (e.g. audio recordings of telephone conversations).
Other Data	Parents' names, information on military service, institution of employment, years of employment, education information, foreign language information, tax number and other tax details, intelligence and financial details, mortgage information, prohibited transactions, appraisal details, real estate office information, residence information, customer limit, sector, employee and representative information.

Your personal data is collected both before and after the establishment of the service relationship and throughout the continuation of the service relationship, through all kinds of information, documents and papers you have submitted to our Bank and obtained from third parties, the Bank's information processing system, camera records kept in all locations of the Bank.

Special Conditions for Processing Biometric Data for Remote Identity Verification Methods:

In accordance with Article 6 of the Banking Regulation on the Use of Remote Identity Verification Methods by Banks and Article 6 of the Personal Data Protection Law ("PDPL"), our bank may process your personal data, including biometric data, with your consent for the purpose of remote identity verification, which includes video calls, facial recognition, voice signatures, and other identity verification methods in telephone banking and various digital channels. This information, encompassing personal data, biometric data, and special categories of personal data, may be utilized by the bank for identity verification, marketing activities related to products and services, offering specialized products and services, and the formulation and management of bank strategies. It may also be shared with the bank's partners, subsidiaries, joint ventures, all affiliated entities, suppliers, business partners, and third parties, whether located domestically or internationally.

Special Circumstance Regarding the Identification and Assessment of Risk Groups:

The individuals and legal entities mentioned below create a 'risk group,' including but not limited to you, your spouse, your children, members of the board of directors or general managers of a legal entity controlled directly or indirectly, individually or jointly, with unlimited liability, as well as partnerships in which they hold significant stakes, members of the board of directors or general managers of partnerships controlled directly or indirectly, individually or jointly, with unlimited liability, and partnerships in which the financial difficulties of one party may lead to financial difficulties for others due to significant guarantees or similar relationships. It is determined by the Banking Regulation and Supervision Agency and even if you are not our customer, your personal data may be processed by our Bank for the purpose of determining, monitoring, reporting and controlling the risk group to which you will be included in order to determine the credit limits to be extended to a risk group according to the banking legislation.

3. Purposes and Legal Reasons For Processing Personal Data
Your Personal Data may be processed by our Bank for, but not limited to, the following purposes.

Your Personal Data (Religious information, health data, and visual data, which are considered sensitive personal data but are included in identity documents, may come indirectly from the photocopy of identity card and/or driver's license photocopy) is processed in accordance with the Law on Protection of Personal Data, Banking Law, Turkish Code of Obligations, Law on Prevention of Laundering Proceeds of Crime, Law on Debit Cards and Credit Cards, Capital Markets Law, Turkish Commercial Code, Law on Attorneys, Turkish Civil Code, Law on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions, Enforcement, and Bankruptcy Law and Central Bank of the Republic of Turkey Law and for the purpose of fulfilling legal obligations and service contract requirements, including but not limited to the aforementioned legislation;

Printing of regular mail,
Execution of ATM operations,
Checking fraud activities in banking transactions carried out,
Execution of bank insurance transactions,
Reporting to the Banking Regulation and Supervision Board,
Reporting the incoming calls to the Customer Contact Center supported by our Bank, recording and evaluating them in our Bank's data system,
Checking the accuracy of transactions with other banks,
Receiving E-Invoice / E-Archive / E-Ledger usage commitments, preparation of E-Archive Special Integrator, E-Ledger Storage, E-Ledger Software, E-Invoice Special Integrator, E-Invoice Storage service customer protocols,
Execution of EFT and remittance transactions, preventing possible fraud incidents in EFT and remittance transactions,
Execution of bank statement printing processes,
Execution of cheque transactions,
Realization of chargeback transactions with business partners,
Legal follow-up, legal reporting, auditing, preparation of notices regarding overdue debts, reminders regarding unpaid debts, legal proceedings regarding lawsuits,
Execution of debt structuring processes,
Assignment of authorized employees for member workplaces, installation of POS devices, entry of applications, printing of statements, notification of registrations and turnovers, and execution of identification procedures,
Execution of letter of guarantee processes,
Registration of real persons with commercial activities in the system,
Notification to the Central Bank of the Republic of Turkey and the Risk Center of the Banks Association of Turkey,
Identification, filing and realization of letter of credit transactions,
Conducting sales and information transactions of products or services offered together with business partners,
Execution of deposits and withdrawals,
Providing information on customer-specific offers and opportunities and sharing them with business partners and affiliates of our Bank in order to offer banking, insurance services and financial products,
Suspicious transaction notifications,
Execution of printing, money loading and other processes of prepaid cards,
Carrying out sales and information transactions of products or services offered together with business partners,
Management of customer gold accounts, defining check integration, performing check request transactions, creating account information, performing intelligence/scoring studies, identifying discounts and exemptions, making bank profitability calculations based on customer transaction rate, conducting efficiency analysis and marketing studies,
Execution of mortgage and loan application processes,
Preparing the credit card application form, conducting the credit card application process, performing credit card debt payment transactions, preparing the credit card preliminary information form, preparing the credit card contract, making the credit card offer, performing credit card limit increase and decrease transactions and conducting credit card additional card application processes,
Carrying out mandatory notifications to the Financial Crimes Investigation Board, Revenue Administration and Ministry of Finance,
Execution of intelligence processes and customer evaluations for customers who will use loans,
Performing banking transactions via internet and mobile branches,
Performing the institution's collection processes and defining them in the system,
Realization of banking transactions within the scope of the process carried out together with business partners,
Execution of blacklist and banned customer transactions,
Execution and follow up of courier processes,
Carrying out the salary payment processes of the collaborating companies,
Performing remote identity verification and authentication processes through digital channels, including voice signature identification and verification processes in Telephone Banking.

Your personal data will be retained for a reasonable period of time as determined in the relevant legislation or until the purpose of processing is eliminated, and in any case until the statutory statute of limitations.

4. Transfer of Personal Data to Third Parties
4.1 Transfer of Your Personal Data to Domestic Third Parties;

In order to fulfill legal obligations and service contract requirements, not limited to the laws including the Banking Law, Credit Card Law, Capital Markets Law, Social Security and General Health Insurance Law, Turkish Code of Obligations, Law on Prevention of Laundering of Crime Revenues, Turkish Commercial Code, Enforcement and Bankruptcy Law, Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions Law, Occupational Health and Safety Law, and the Personal Data Protection Law, among others; your personal data may be transferred to: Istanbul Stock Exchange, the Customer Contact Center providing support, the Small and Medium Industry Development and Support Administration Presidency, the Banking Regulation and Supervision Agency, the Central Bank of the Republic of Turkey, the Revenue Administration, the Ministry of Treasury and Finance, relevant land registry offices, tax offices, enforcement offices, the Banking Association of Turkey, domestic and international business partners, the Social Security Institution, the Capital Markets Board, the Interbank Card Center, authorized judicial authorities, the General Directorate of Agricultural Enterprises, the Court of Accounts of the Republic of Turkey, the Ministry of Environment and Urbanization, and the Ministry of Treasury and Finance, İstanbul Altın Rafinerisi A.Ş., Central Registry Agency, Savings Deposit Insurance Fund, Türkiye Hayat Emeklilik A.Ş., Vakıf Pazarlama Sanayi ve Ticaret A.Ş., Vakıf Finansal Kiralama A.Ş., Vakıf Faktoring A.Ş., Türkiye İhracat Kredi Bankası A.Ş., İstanbul Takas ve Saklama Bankası A.Ş., Türkiye Sigorta A.Ş., service procurement suppliers, Türkiye Vakıflar Bankası Türk Anonim Ortaklığı Pension and Health Benefits Fund Foundation, Vakıf Yatırım Menkul Değerler A.Ş., Vakıf Gayrimenkul Değerleme A.Ş., Private Social Security Services Foundation, VakıfBank International A.Ş., Vakıf Portföy Yönetimi A.Ş., Vakıf Gayrimenkul Yatırım Ortaklığı A.Ş., Vakıf Menkul Kıymet Yatırım Ortaklığı A.Ş., Vakıf Enerji ve Madencilik A.Ş., Taksim Otelcilik A.Ş., and their respective suppliers and business partners.

In order to fulfill legal obligations, in particular;

It can be transferred to the relevant public institutions for the purposes of reporting of banking transaction records,
Execution of EFT, remittance and Swift transactions,
Prevention of fraud incidents in EFT and remittance transactions,
Notification of incoming and outgoing EFT, remittance and Swift transfers,
Completing mandatory notifications to the relevant public institutions,
Carrying out mandatory reporting processes.

For the purpose of establishing and running a joint venture, in particular;

It can be transferred to the relevant business partners for the execution of the Bank's product and service sales, promotion and marketing activities,
Informing the business partner banks,
Carrying out joint commercial activities with the banks with which business partnership is made,
Recording the collection information in the system.

In order for our Bank to obtain the goods or services required to carry out its commercial activities from suppliers, in particular;

It can be transferred to the relevant suppliers for obtaining consultancy services on issues requiring expertise,
Receiving support in product sales processes,
Execution of campaign processes by the supported companies,
Obtaining goods and services in order to carry out the Bank's internal and external processes.

In order to carry out commercial activities in which the Bank's subsidiaries and affiliates are required to be involved, in particular;

It can be transferred to our Bank's subsidiaries and affiliates for obtaining the necessary information from the bank subsidiary,
Enabling the customer to trade on specific platforms,
Enabling the customer to benefit from the services offered by the Bank's subsidiaries and affiliates,
Sharing customer assessments.

4.2 Transfer of Your Personal Data to Third Parties Abroad:

Your personal data may be transferred to third parties, business partners, and authorized institutions abroad for the purpose of conducting banking activities.

5. Rights of the Data Subject
Pursuant to Article 11 of the PDP Law, you may apply to Türkiye Vakıflar Bankası T.A.O and make requests regarding the following issues regarding your personal data:
a. To learn whether personal data is being processed,
b. If personal data has been processed, to request information about it,
c. To learn the purpose of processing personal data and whether it is being used for that purpose,
d. To learn the third parties to whom personal data is transferred, whether domestically or abroad,
e. To request the correction of personal data if it is incomplete or incorrect and, in this context, to request the notification of this correction to the third parties to whom personal data has been transferred,
f. To request the deletion, destruction, or anonymization of personal data if the reasons requiring processing have ceased and, in this context, to request the notification of this process to the third parties to whom personal data has been transferred,
g. To object to an adverse result arising from the analysis of processed data exclusively through automated systems,
h. To Request compensation for the damages you incur as a result of the unlawful processing of your personal data.

Türkiye Vakıflar Bankası T.A.O will fulfill your requests arising from the PPD Law through the "Personal Data Subject Application Form". Personal Data Subject Application Form can be submitted in person to our branches with identity verification documents, or sent by notary to the address: “Finanskent Mahallesi Finans Caddesi No:40/1 Ümraniye/İstanbul” or securely with an electronic signature to vakifbank@hs01.kep.tr. Türkiye Vakıflar Bankası T.A.O will finalize your application requests free of charge within 30 (thirty) days at the latest, depending on the nature of the request, in compliance with Article 13 of the PPD Law. In case the request is rejected, the reason(s) for the rejection shall be notified to you in writing or electronically.

This Clarification Text may be revised by Türkiye Vakıflar Bankası T.A.O when deemed necessary. In case of revision, you will be informed about this issue. You can access the most up-to-date version of the Privacy Notice at https://www.vakifbank.com.tr/

T. Vakıflar Bankası T.A.O. (“VakıfBank”), prioritizing contemporary and innovative banking practices, customer satisfaction, and security, facilitates its customers' access to various banking services offered through various electronic platforms. These electronic platforms encompass remote access to all types of banking services conducted through electronic and/or telecommunication devices, including the website located at www.vakifbank.com.tr, internet/mobile banking branches, ATMs, and the Customer Communication Center, both currently active and those that will be activated in the future in line with technological advancements.

VakıfBank is committed to preserving the confidentiality of information acquired about its customers, including that obtained during the use of these electronic platforms, in a manner respectful of their personal rights and within the framework of this 'Privacy Policy'.

VakıfBank takes the necessary security measures on its information systems to prevent any unauthorized access, which includes preventing these details from being viewed or altered by other service beneficiaries.

VakıfBank conducts all actions related to the acquisition, usage, storage, and sharing of customer information in accordance with the provisions of Law No. 5411 on Banking, Law No. 6698 on Personal Data Protection, and related regulations.

Within this scope, all information concerning customers is acquired, used, stored, and shared with third parties when necessary to provide services, for the purpose of delivering a better banking experience to our customers, and to fulfill obligations clearly defined in the law. Except in cases of sharing made under the relevant legal provisions and situations where customers have specific requests and instructions, customer information is not shared with third parties. VakıfBank commits to ensuring that the information security policies and standards of third parties, with whom information is shared either as a mandatory step of the service to be provided to the customer or at the explicit request and instruction of the customer, are at least at the same level as its own.

In addition to these principles, in the case of personal information of individual customers, the information is only processed for the purpose of providing the service requested by the customer. In the absence of explicit consent from the customer, it is not used for marketing or product promotion activities that extend beyond the scope of the service request. VakıfBank will inform the relevant customers in accordance with the provisions of Law No. 6698 in cases where personal data is maliciously and unlawfully obtained by unauthorized individuals.

You can access detailed information on how VakıfBank processes the personal information of individual customers under the heading 'Information on the Processing of Personal Data' in our 'Personal Data Processing Disclosure'.

Furthermore, certain electronic service channels within our network may periodically offer connections to external electronic platforms, including third-party websites, not directly associated with VakıfBank. The commitments and principles detailed in VakıfBank's Privacy Policy are specific to VakıfBank's electronic service channels and do not encompass other third-party environments. The use of other electronic platforms reachable through the link may come with different and unique privacy assurances and usage terms, which might equate to a lower level of security than what VakıfBank provides."

Consequently, T. Vakıflar Bankası T.A.O. shall not be held responsible for the information usage, ethical standards, privacy principles, quality, or any material/psychological damages and losses that may arise within these third-party electronic platforms accessed for advertising, banners, content, or any other purpose through our electronic service channels. Every customer utilizing VakıfBank's electronic service channels is considered to have committed to and accepted the terms specified above.

VakıfBank customers can obtain information about account deletion procedures from the Customer Communication Center and branches, and if they submit their requests through a branch, they can complete the account deletion procedures.

Device Authorizations
For your protection, we request authorizations to prevent the VakıfBank Mobile Banking application from being used in fraudulent transactions and to ensure that the application can only be accessed with your device. The Authorizations granted by you will not be used to access your phone book or other personal information and documents. Detailed information on authorizations can be found below.

Phone authorizations: You can call VakıfBank Customer Contact Center through the application,
Location Authorization: You can authorize us to access your location information for the purpose of displaying the nearest branches and ATMs on the 'Nearest VakıfBank' screen, as well as to keep you informed about location-based opportunities, offers, discounts, and campaigns. You have the option to disable location sharing authorization from your phone settings at any time. Even when you are not using VakıfBank Mobil, we obtain the location sharing authorization necessary to deliver location-based opportunities to you. This permission can be granted and confirmed when you access VakıfBank Mobil, and it can be deactivated at any time through VakıfBank Mobil as well.
Authorization to access Google services: Showing the nearest branches and ATMs on Google Maps,
Network connections and WiFi connection authorizations: You can use the app by connecting to the internet,
SMS reading authorization: Automatic entry and verification of the passwords we send via SMS,
Photo/Media content authorization: Ability to store images within the app on the phone to improve app performance,
Identity authorization: Required to access Google services and to receive Pocket Signature notifications.

For detailed information on the processing of your personal data, you can read Clarification Text On The Protection And Processing Of Personal Data Of Turkiye Vakiflar Bankasi Turk Anonim Ortakligi

In VakıfBank websites and mobile applications, both temporary and persistent cookies can be used for the following purposes:

Ensuring site security management; for instance, avoiding the need for logged-in users to re-enter their passwords when visiting different pages on the site during the same session.
Ensuring the functions of the site or application work as intended; for example, remembering the user's username or search queries on their next visit to the site.
Monitoring and maintaining the performance of the site or application at a high level; these are cookies that collect information about page visit intervals, potential error messages, and the total time users spend on the respective pages, in addition to user behavior on the site, to enhance the performance of the bank's website.
Saving time for users by remembering their preferences; for instance, displaying pages or icons related to visitors' areas of interest based on the pages and products they have viewed.

Changing the cookie use selection method varies depending on the browser type, and the methods for some service providers are as follows.

Google Chrome	By clicking on the "lock sign" in the address section of your browser, you can allow or block cookies from the "cookies" tab.
Internet Explorer	By clicking on the security tab in the "Tools" section at the top right of your browser, you can manage cookies as "allow" or "do not allow".
Mozilla Firefox	Click on the "open menu" tab in the upper right corner of your browser. By clicking on the "Options" image, you can manage cookies using the "Privacy and Security" button.
Opera	By selecting "Advanced" in the "Preferences" section of your browser, you can manage cookies in the "cookies" section.
Safari	Select the "Safari" tab from the "Settings" section of your mobile phone and you can manage all your cookies from the "Privacy and Security" section.

What are the Rights of the Data Subject?
Pursuant to Article 11 of PDP Law, you may make requests regarding the following issues regarding your personal data by applying to our Bank:

Information On The Protection Of Personal Data Law (23.01.2024)

Download the Document

Information On The Protection Of Personal Data Law (15.04.2020)

Download the Document