Istanbul-Taksim
Gümüşsuyu Mah. İnönü Cad. 47A, Beyoğlu/İstanbul
Istanbul-Grand Bazaar
Molla Fenari Mah. Vezirhan Cad. No:20 Fatih/İstanbul
Antalya
Gençlik, Fevzi Çakmak Cd. No:27A, Muratpaşa/Antalya
Alanya
Şekerhane, 1100 Sok, 07400 Alanya/Antalya
Bursa
Kayhan, İnönü Cad. No:16, 16230 Osmangazi/Bursa
Ankara
Kavaklıdere Mah. Atatürk Bulv. No:175A, Çankaya/Ankara
Istanbul
Cash Delivery Service Istanbul
Antalya
Cash Delivery Service Antalya
Bursa
Cash Delivery Service Bursa
Support
+905303874520
Istanbul-Taksim
+905305825025
Istanbul-Grand Bazaar
+905304697350
Antalya
+905065886807
Alanya
+905065879507
Bursa
+905062131216
Ankara
+905395474520

Introduction

The data confidentiality is considerably important for the company titled Sayısal Devir Sistemi Yazılım Danışmanlık Bilgi Teknolojileri Ticaret Anonim Şirketi (Numerical Transfer System Software Consultancy Information Technologies Commerce Incorporated Company) and its registered trademark Nakitcoins (hereinafter referred to “Nakitcoins”) and we attach a special importance to make our process of processing your personal data clear and transparent as well.

Because of this reason, we explain how to process and protect your personal data by means of this Personal Data Processing and Protection Policy (hereinafter referred to the “Policy”). This content is very important and because of this reason, please read it carefully and make sure that you have already check your own confidentiality.

1. Responsibility of the Personal Data

The data responsible in processing the data is the company titled Sayısal Devir Sistemi Yazılım Danışmanlık Bilgi Teknolojileri Ticaret Anonim Şirketi (Numerical Transfer System Software Consultancy Information Technologies Commerce Incorporated Company) with the Mersis Number 0756041152300001. The contact information of our company is specified as follows;

  • Mail Address: Gümüşsuyu Mah. İnönü Cad. Hamit Bey Apt. No:47 / A Beyoğlu - İstanbul (Turkey)
  • Telephone Number: 0850 242 45 21
  • Website: Nakitcoins.com

2. Purpose

This Personal Data Processing and Protection Policy regulates the principles and rules which are adopted in order to ensure the compliance with the related written regulations, in processing and protection of the personal data which are regulated and protected in the coverage of the Law of Protection of the Personal Data issue numbered 6698 for Nakitcoins.

The protection of the personal data is proven to be quite sensitive for Nakitcoins and it is considered among the priorities of our company.

The text of the policy of processing the personal data is considered also an integrated component of the buying and selling contract which is arranged between our company and our real person customers who visit our Nakitcoins offices.

3. Scope

This Policy covers all of the personal data which are processed by means of the non-automatic methods on the condition of being a part of any data recording system or through the automatic methods with regard to our Company, its customers, its potential customers, their employees, the interns and employees of our Company, the intern and employee candidates, their shareholders, authorized officers, shareholders and employees authorized officers of the corporations with commercial relationships, its physical and virtual guests. In addition to this, the principles and rules which are adopted by means of this Policy are applied to all of the employees, employee candidates, the employees of the subcontractors, their present and potential business partners, the employees of the subsidiaries of the Company and their authorized officers who process the personal data which are processed by our Company and who have access to the personal data, who provide personal data to the Company or who take data from the Company.

4. Definitions

Express Consent: It means the consent which is disclosed by means of the free will and which is based on the information, concerning a certain subject.

Processing the Personal Data: It means all kinds of transactions which are carried out and performed on the data such as obtaining, recording, storing, maintaining, modifying, rearranging, disclosing, transferring, taking over, making obtainable, classifying or preventing the usage of the personal data either in full or in part by means of the automatic method or by means of the non-automatic methods on the condition of being a part of any data recording system.

Personal Data Owner: It means the real person (including the authorize officers of the legal entities) whose data are being processed.

Personal Data: It means all kinds of information concerning the real person with the identified or identifiable identity.

Personal Data with Special Nature: It means the data relating to the race, ethnical roots, political thought, philosophical belief, religion, sect or other beliefs, dressings, association, foundation or union membership, health, sexual life, criminal sentence, and security measures and also the biometric and genetic data as the special-nature data.

Data Responsible: It means the data responsible who specifies personal data processing purposes and tools and who manages the place in which the data are kept in a systematic manner (data recording system).

Data Processor: It means the real person and legal entity who processes the personal data based on the power which is granted by the data responsible.

Data Recording System: It means the recording system in which the personal data are structured and processed according to the certain criteria.

Law: It means the Personal Data Protection Law issue numbered 6698.

Anonymization: It means the anonymization of the data which are previously associated with a person in the manner not to be associated with any real person with the identified or identifiable identity in any manner even by means of matching them with the other data.

PRINCIPLES REGARDING PROCESSING THE PERSONAL DATA

Our company acts in full compliance with the following principles which are specified and adopted in compliance with the Constitution and the Laws in particular and with all of the related written regulations and laws in processing the personal data.

5. What are the types of the personal data which are collected by Nakitcoins?

We are using the personal data which we collect from you in several different types and our purpose of processing the data which we collect varies based on the related data in question. This matter is fully explained in the following tables and the types and collection purposes of the personal data which we collect are also shown in these tables.

Identity Information and Contact Information: For example, name, date of birth, place of birth, identity number, identity information, mother’s name, father’s name, identity serial number, identity expiry date, nationality, signature, identity photograph, gender, e-mail address, mail address, residence address, telephone number and other personal data.

Customer Transaction Information: For example, crypto asset wallet address of the customer, the account movements which are carried out on the crypto asset valet, past information, etc.

Marketing Information: For example, the conversations and correspondences which are carried out through the telephone and e-mail between the Company and the customer, communication history, information which is obtained by means of the campaign studies, etc.

Risk Management Information: The information which is processed for the purpose of processing the commercial, technical, and administrative risks, etc.

Transaction Security Information For example, instant photograph of the customer, video recording image, transaction receipts, residence address, registry of births records specimen certificate, WhatsApp or the communication histories of the application which is being used by the Company at that time and its records.

 

6. For which purposes your personal data are processed by Nakitcoins?

Nakitcoins processes your personal information in order to perform the obligations arising from, based on and in compliance with particularly the Turkish Criminal Code issue numbered 5237, Criminal Judgments Code issue numbered 5271, Law about the prevention of the laundering of the offence revenues issue numbered 5549, Labor Code issue numbered 4857 and the Turkish Commercial Code issue numbered 6102 and all of the related written national / international laws and regulations and the secondary regulations which are published based on them by the national / international competent authorities and also all of the contracts in which they are parties and also for the below-specified purposes and depending on the below-stated legal grounds:

Tools of processing your Personal Data:

Performing the feasibility and quality analysis in the mobile application development services and/or website development studies in case it will be necessary in the future, for the purposes of updating the identity and contact information, performing the requests for updating the contact information, performing the requests or applications which you sent, resolving your questions and complaints, developing our products and services, also performing the data analytics and carrying out the market researches, requesting information / document from the customer in order to ensure the transaction safety, performing the PDPL (Personal Data Protection Law) legal and technical services and the work health and safety information management system services.

Legal Grounds for Data Processing:

Checking the updated information relating to the performance of a contract and our products and services, our legitimate benefit concerning the evaluation with our customers / potential customers of the applications and requests relating to the products and services, our legitimate benefit concerning sharing the updated information relating to our products and services with our customers / potential customers, ensuring the commercial, technical, administrative and legal security, our legitimate benefit for knowing our customers more closely and developing our products and services accordingly, and also for ensuring the transaction security, establishing the contracts concerning all kinds of products and services requested and arranging all of the other records and documents (in paper or electronic environment) and keeping the information and documents in the company records, presenting the mentioned products and services continuing the same without any interruption as required and in this coverage, carrying out the necessary operational activities of Nakitcoins and its affiliates, its dominant company and the third party companies collaborated, ensuring the legal and commercial safety, ensuring the safety of all of the locations belonging to our company, carrying out the human resources policies of Nakitcoins, ensuring the security of the services presented in compliance with the conditions of the contract which is made and entered between the relevant parties, ensuring the legal obligations and legal and commercial safety arising from the related written regulations and also similar other legal purposes.

Your personal data are processed in the frame of the processing conditions which are arranged in the 5th and 6th articles in compliance with the principles which are stated in the 4th article of the Law in the frame of our above-listed services.

7. General Principles in processing the Personal Data:

Nakitcoins processes and protects the data in the coverage and in compliance with the Constitution of the Republic of Turkey, Personal Data Protection Law and the GDPR (General Data Protection Regulation) in the frame of the compliance with the regulations of the European Union.

In this coverage, it is acted in accordance with the following principles and in compliance with the 4th Article of the Law by Nakitcoins:

7.1. Compliance with the Law and the Good Faith

Nakitcoins acts in compliance with the principles which are brought with the legal regulations and with the general confidence and good faith rule in processing the personal data as a prudent trader.

7.2. Ensuring the Personal Data Correct and Current whenever required

Nakitcoins ensures the personal data processed to be correct and current by means of taking into consideration the fundamental rights of the personal data owners and its own legitimate benefits in the coverage of the other laws which it should observe in the coverage of its activity and the Personal Data Protection Law.

7.3. Processing with Certain, Clear and Legitimate Purposes

Nakitcoins specifies its legitimate and lawful purpose of processing the personal data in a clear and definite manner. In this coverage, the personal data are presented, or it is processed with limitation with the services to be presented and the legal obligations. The purpose of processing the personal data is put forward before starting the personal data processing activity.

7.4. Being connected with the purpose of processing, being limited and measured

Nakitcoins processes the personal data in a suitable manner for realizing its purposes specified and it avoids processing the personal data which are not related with the realization of the purpose or not needed. In this regard, the data processing is limited with the activities and the legal obligations.

7.5. Maintaining them for a period which is stipulated in the related written regulations, or which is considered necessary for the purpose of processing

Nakitcoins specifies the intended purposes and duration of processing the personal data before starting the processing and then maintains the personal data for the period which is stated in the related written regulations for which it is obliged to observe or for a period of time which is considered necessary for the purpose of processing.

 

 

In addition to this, it determines the periods which are stipulated in the related written regulations in order to save the personal data or it determines the maximum period according to the purpose of processing in case there is not any certain period which is stipulated in the related written regulations and deletes, destroys or anonymizes the mentioned personal data following these periods.

If the reasonable requirements are in question or in case it is considered necessary in order to satisfy the legal or regulatory requirements, to solve the conflicts, to prevent the smuggling and abuses or to execute and fulfill the Usage Contracts and the other policies, then Nakitcoins may continue maintaining the necessary information about you and against the possibility that we may not need such information any longer in order to provide the services.

8. Conditions of Processing the Personal Data

8.1. Having Express Consent of the Personal Data Owner

One of the conditions of processing the personal data is to obtain the express consent of its owner. The express consent of the personal data owner concerning a certain subject in question, based on the information and with free will.

8.2 Conditions in which the personal data could be processed without looking for the express consent

8.2.1. Stipulating by the Laws clearly

The personal data of the data owner could be processed in compliance with the law even without obtaining the express consent of the personal data owner in case it is clearly stipulated in the law. (For instance, Article 5 of the Regulation about the measures regarding prevention of the terrorism financing and laundering the offence revenues.

8.2.2. Failure in obtaining the Express Consent of the relevant person because of the actual impossibility

The personal data of the data owner could be processed in case it is necessary to protect the personal data in order to protect the life or bodily integrity of the person who could not recognize the validity of the consent or another person or in case it is impossible to express the consent because of the actual impossibility. (For instance, hospitalizing one of our guests who gets sick inside our company and losing his/her contact information).

8.2.3. Establishing the contract or being related with its performance directly

On the condition of establishing a contract or being directly related with its performance, it is possible to process the personal data in case it is considered necessary to process the personal data belonging to the relevant parties of the contract (For instance, obtaining the invoice information of a person who takes a service from our company).

8.2.4. Legal Obligation

Nakitcoins shall be able to process the personal data of the data owner in case it is considered necessary to process the same in order to perform its legal obligations (For instance, giving answers to the questions which are asked by the public authorities such as MASAK, BTK, BDDK and sending the documents requested as well).

 

8.2.5. Making the Personal Data Public by the Personal Data Owner

It is possible to process the personal data in case the personal data are made public by the persona data owner himself (For instance, calling a person who makes a job application to our company).

8.2.6. Making the Data Processing Compulsory in order to establish or protect a right

In case it is necessary to process the data in order to establish, use or protect a right, then the personal data of the data could be processed (For instance, taking their information in order to answer the questions of the persons who are not the customers of our company and who call our company).

8.2.7. Being necessary to protect the data for the legitimate benefit of Nakitcoins

It is possible to process the personal data of the personal data owner in case it is necessary to process such data for the legitimate benefits of Nakitcoins on the condition of not damaging the fundamental rights and freedoms of the personal data owner.

PROCESSING THE PERSONAL DATA WITH SPECIAL NATURE

Nakitcoins acts in compliance with the regulations which are stipulated in the Personal Data Protection Law with care in processing the personal data which are specified and identified as “with special nature” in accordance with the Personal Data Protection Law.

According to the 6th article of the Personal Data Protection Law, the data which are specified as “with nature” are the data relating to the race, ethnical roots, political thought, philosophical belief, religion, sect or other beliefs, dressings, association, foundation or union membership, health, sexual life, criminal sentence, and security measures.

In compliance with the Personal Data Protection Law, it is possible to process the personal data with special nature by Nakitcoins with the express consent of the personal data owner and in the circumstances which are stipulated in the laws if there is no express consent of the personal data owner, on the condition of taking the sufficient measures to be specified by the Personal Data Protection Committee.

DELETION, REMOVAL OR ANONYMIZATION OF THE PERSONAL DATA

In case the reasons which require processing such data disappear in spite of processing the data in compliance with the Personal Data Protection Law and the other related written law provisions, then the personal data are deleted, removed or anonymized by the data responsible either by decision or upon the request of the relevant person.

Nakitcoins reserves the right not to fulfill the request of the data owner in cases in which it has obligation and/or in order to maintain the personal data in accordance with the related provisions of the related written regulations.

Nakitcoins deletes by means of using one or several techniques which best fit the work process and activities or continues to use the personal data processed by means of anonymization by means of using the methods of deletion and anonymization which are stated in the guide concerning the deletion, removal or anonymization of the personal data as published by the Personal Data Protection Committee in the period of time which is stipulated for the periodical destruction whenever the maintenance periods which are required by its purpose of processing or stipulated in the related written regulations are over.

 

With regard to the processes of deletion, removal and anonymization of the personal data, the following measures are taken;

-Determining the data which are in violation of the laws to keep them or which are considered unnecessary from among the data which are present in the records of our company and determining who can access to such data and with which methods and also closing such channels,

-In case the services are taken from a third-party service provider such as the cloud storage service providers, then deleting the data which are kept in the records of such service provider by means of checking whether this service provider has the power (technical capability) to retrieve such data or not,

-Storing the data which are kept in the movable data recording devices with passwords and ensuring that they are removable,

-Cutting the personal data in paper environment in the possible situations and drawing/painting/blackening by erasure by means of using the fixed ink in an illegible manner with some technological solutions and in irreversible manner in cases it is not possible,

-Deleting the office files which take part in the central server by means of the deletion command in the operating system or removing the access rights of the related user on the on the file or on the folder which contains the file,

-Deleting the related lines which include the personal data in the databases by means of the database commands (Delete, etc.),

-Ensuring that only the removal from the records is not sufficient with regard to destruction, dividing into non-understandable pieces, destroying the copies of the encoding keys, performing the processes of deactivation by means of the methods such as demagnetization, physical deformation or overriding also in the recording environments,

-Removing the data or dismantling the saving environment in which the data are processed,

-Making the data not associated with the relevant person by means of removing from the identifiers or modifying them either directly and/or indirectly with regard to anonymization, and in this regard, using the anonymization methods which do not ensure the value irregularity (removal of the variables/records, regional monitoring, generalization, sub and upper limit encoding, sampling)  according to the concrete situation or which ensure the same (micro-joining, data exchange, noise addition) or the statistical methods (K-anonymization, L-diversity, T-proximity).

TRANSFER OF THE PERSONAL DATA

In accordance with the provisions which take part in the coverage of not only the Constitution but also the Personal Data Protection Law, Nakitcoins takes the maximum care and attention on the subject of sharing the personal data with domestic and/or abroad resources and it continues its activities in compliance with the existing regulations in this coverage. Nakitcoins not only could transfer the personal data to the third person sin Turkey but also could transfer them to the abroad as long as otherwise it not stipulated in the contract which is signed in electronic environment with the data owner person and in the related written regulations, by means of taking all of the security measures which are stated in the related written regulations and in compliance with the conditions which are  stipulated in the Law and in the other related written regulations as stated above including the outsource usage, either by means of processing in Turkey or to be maintained after processing outside Turkey.

 

It could be also transferred to the administrative and official organizations which are required to transfer the data legally, to the third parties as the outsourcers, to the collaboration partners, program partner organizations, corporations and the other third partis which we take support such as the call centers in our collaboration and in the frame of the legal limitations and because of the legal obligations.

In order to carry out our activities in the frame of the collaborations which will be established as required by the services presented with the campaigns which are carried out and which could be carried out together with the third parties by our company at present and for the purpose of taking healthier services, your information as “name, surname, city of living, date of birth, e-mail address, telephone number” could be shared with the domestic/abroad corporations with which we have / we shall have contractual relationships, the domestic / abroad / international corporations which are project/program partners or from whom the services / support / consultancy shall be obtained, the companies which provide security, SMS and mail sending services, the companies which provide the social media services, poll takers and subcontractors, corporations from which the independent audit and assistance services are taken, the service and infrastructure providers and the business partners and by means of ensuring the safety of the electronic and physical environments and/or by means of ensuring the legal and commercial safety of the third parties.

Such data could be also transferred as required by the work to the third parties from which the services are taken in order to establish the electronic systems (websites) with the required technical and administrative infrastructure, to develop the same, to provide maintenance, to maintain the customer data and to manage the call center processes.

9. Transferring the Personal Data Domestically

According to the definitions article of the Law, the transfer of the personal data is also an activity of “processing the personal data”. In this regard, in transferring the personal data, it should be acted in compliance with the related provisions of the articles 8 and 9 of the Law.

In the coverage of the data types and purposes which are stated in this policy, our company performs the transfer to the third parties (to the subsidiaries, business partners, employees, subcontractor or suppliers of the company titled Sayısal Devir Sistemi Yazılım Danışmanlık Bilgi Teknolojileri Ticaret Anonim Şirketi, to the public organizations and to the legally authorized private persons or corporations) on the condition of taking the necessary security measures and in compliance with the intended purpose of processing the data. In this regard, the personal data transfers realized are carried out through the secure environments and channels which are presented by the related third parties.

The mobile telephone number and/or the e-mail address belonging to the Member Customer are shared with the commercial electronic mail service provider for the purpose of presenting benefits and opportunities and making advertisements and publicity in accordance with its account and based on the commercial electronic mail approval.

10. Transferring the Personal Data to Abroad

The transfers to the abroad are performed in compliance with the intended purpose of processing the data and on the condition of taking the necessary security measures. Our company obtains approval from the data owner in the Express Consent Text separately on the subject of the data transfer to abroad. Your personal data will be shared with our business partners at abroad for the purpose of carrying out the customer relationships and ensuring the statistical and technical services and ensuring the business development services. Your personal data will be transferred by means of taking the necessary security measures to the electronic environments such as the servers, hosting companies, programs and cloud informatics from which the informatics technology support and assistance are obtained at abroad for the archiving and storage purposes and then will be subject to the processing and stored there.

The above-stated personal data which are subject to the domestic and abroad transfers are also protected legally thanks to the related provisions which are compatible with the Personal Data Protection Law which is specified in our contracts by means of taking into consideration the status of the opposite party as the data responsible or the data processor concerning the legal relationship, in addition to the technical measures which will ensure their safety.

As it is stated above, while transferring the personal information to the countries out of Turkey during sharing the information, the data transfer should be made in compliance with this policy and as permitted by the applicable laws concerning the data protection issues.

OBLIGATION OF CLARIFICATION

Nakitcoins makes clarification to the personal data owners while obtaining such personal data relating to the rights which are owned in the coverage of the 11th article of the Personal Data Protection Law by the personal data owner because of its legal reason and the method of collecting the personal data and its legal reason, regarding the identity of Nakitcoins, the intended purpose of processing the personal data, whom and for which purposes the personal data processed will be transferred, in compliance with the 10th article of the Personal Data Protection Law. Nakitcoins informs the customer properly by means of the Clarification Text which it presents to the customer in written form in the counter window through which the crypto asset buying-selling transaction is performed and also each person who accepts the transaction contract which is presented to him/her and who performs transaction in the Nakitcoins branches will be considered accepted that such clarification has been already made to him/her as well.

In addition to this, in the situations in which the express consents of the relevant persons are required in order to process the personal data, the comprehensive clarifications are also made in order to obtain their consents of the data owns which are disclosed with free will and concerning a certain subject.

Besides, Nakitcoins announces to the public opinion by means of the public documents and with this Policy document in particular to the personal data owners and the relevant persons that it performs the personal data processing activity in compliance with the “law and good faith” with priority and on all of the matters which are stated in the Personal Data Protection Law and it also ensures the necessary information and transparency for the relevant persons in its personal data processing activities.

ENSURING THE SECURITY OF THE PERSONAL DATA

Our company takes the technical, administrative, and physical measures to be taken concerning the data security for the purpose of preventing processing the personal data in violation of the laws and also the illegal access to the personal data and maintaining the personal data properly.

11. Technical Measures Concerning the Data Security

-In the coverage of the Information Security Management System, it carries out the systematic activities with the established rules, well-planned, manageable, sustainable, documented, accepted by the management and in which the international security standards are taken as basis in order to ensure the confidentiality, integrity and uninterrupted accessibility of the information.

-In order to ensure the cyber security, the measures are taken such as including but not limited to taking the security wall (firewall) and network gateway measures, preventing the access of the employees to the threatening website addresses or the online services, deleting the software and services which are not in use and ensuring that the software and the hardware to be in the most current version against the security gaps.

 

-In order to ensure the follow-up of the personal data security; the measures are taken such as checking which software and services are operating in the information networks, determining whether there is any leakage or undesired action or not in the information networks, keeping the records of all of the users and preventing capturing and copying the data in case of performing the maintenance and reparation works by the third parties for any device on the data are processed.

-In order to ensure the security of the environments which include the personal data; the necessary measures are taken in order to minimize the damages in case of realization of such risks as well as stipulating the risks such as stealing, losing, damaging the devices or printed documents on which the personal data are saved and takin the required measures in order to prevent such risks.

-In case of storage of the personal data in cloud; the data security measures of the related cloud storage systems and providers are examined and the measures are taken such as encoding the personal data to be sent (uploaded) to the data storage service providers by means of some cryptographic methods, taking them to the cloud environments with passwords, limiting the persons, places and internet networks to get access to the data storage service providers and inspecting them all properly.

-In the coverage of the supply, development and maintenance of the information technology systems; the measures are taken such as establishing the control mechanisms inside the applications in order to prevent the deformation of the correctly entered information during the transaction and checking the correct data entry by the present systems, preventing the errors which may cause the data losses, avoiding sending the pieces which store data whenever there is need for sending the data storage devices to the third party companies in case of hardware errors or taking the necessary measures accordingly.

12. Administrative Measures concerning the Data Security

Our company provides the awareness trainings to its employees in order to protect the personal data and informs its employees to ensure that they shall not disclose the personal data learned to the others in violation of the Law provisions and shall not use them out of the intended purpose and this obligation shall also survive following their dismissals and further obtains the necessary undertakings from them on this subject. The necessary updates are made by means of following the changes in the regulations, in case of making personal data transfer, then the special provisions are added in order to protect the data of the personal data owners in the contracts which are made with the persons that the data are transferred, and the periodical inspections are performed and similar other administrative measures are taken as well.

13. Physical Measures concerning the Data Security

Our company takes the security measures in the buildings which belong to our Company in order to protect the personal data, it performs the authorizations in the environments such as archives in which the personal data are kept, and it also takes measures relating to the security of the electronic equipment in which the personal data are kept.

14. Measures to be taken in case of obtaining the personal data by the others by means of illegal ways

In case the personal data are obtained by the others by means of some illegal ways and methods, then our company implements the measures which will terminate the access of the third party who obtains or who attempts to obtain them to the system immediately whenever this situation is realized by the data responsible. If the identity of the third party is determined, then it is notified to the security forces. If the identity is not determined, then the access is notified to the relevant person and to the Committee properly and the legal ways are applied in order to determine and punish the third party accordingly.

 

SUPERVISING THE RIGHTS OF THE DATA OWNER

In case the personal data owners convey their requests concerning the below-stated rights to Nakitcoins, then the requests are concluded free of charge as soon as possible and not later than thirty (30) days period of time according to the nature of those requests. However, in case the transaction requires any additional cost, then the price which is stated in the pricelist by the Personal Data Protection Committee or by the other authorities shall be charged by Nakitcoins.

In this coverage, in accordance with the 11th article of the Law, the persons whose personal data are processed by our Company are able to make an application nto our Company and they shall be entitled;

- To learn whether their personal data are processed or not,

- If their personal data are processed, then to request information concerning them,

- To learn the intended purpose of the personal data and whether they are used in compliance with the intended purpose or not,

- To know about the third parties to whom the personal data are transferred either inside or outside the country,

- In case the personal data are processed incompletely or incorrectly, then to request their corrections properly and in this coverage to request notifying the transaction which is carried out to the third parties where the personal data are transferred,

- To request the deletion or destruction of the personal data in the frame of the conditions which are stipulated in the 7th article of the law (the condition of removal of the reasons which require processing the personal data, in spite of having processed them in compliance with the law and the other related law provisions) and in this coverage to request notifying the transaction which is carried out to the third parties where the personal data are transferred,

- To raise objection against the occurrence of a disadvantageous result by means of analyzing the data processed through the automatic system exclusively,

- In case of suffering from any damage because of processing the personal data in violation of the laws, then to request the compensation of such damages and losses incurred. The exceptional circumstances which are stipulated in the 28th article of the Law are reserved.

In this coverage, the data owners shall be able to convey their requests to Nakitcoins in written form.

You can make your notifications through the ways of communication as stated in the A1 article.

HOW TO CHANGE THE POSITIVE OR NEGATIVE PREFERENCES BY THE DATA OWNER ON THE SUBJECT OF RECEIVING ELECTRONIC COMMERCIAL NOTIFICATIONS

You can change or update your positive or negative preferences on the subject of receiving commercial electronic notifications which you already submitted to Nakitcoins branches at any time and by means of making notification in compliance with your own preference on the “Consent Text” forms at our branches.

On account of the fact that Nakitcoins has a complex software which includes lots of services, please remember that making influence of your updated preferences may last for several days and because of this reason, you may continue taking messages from us while processing your request.

The termination of the transactions which you caried out at our company does not mean and imply taking back the approval which you already gave on the subject of taking commercial electronic notifications. Because of this reason, make sure that you have completed all of the transactions concerning taking back the approval you have already given.

EXECUTION AND VALIDITY

The matters which are regulated in this Policy are subject to the Law and to the secondary regulations and in case of any conflict between the Policy and the regulatory provisions, then the regulatory provisions will be applied. This policy comes into force beginning from the date of publication and announcement in our website and in printed format in the branches of our company.

Nakitcoins could make changes or updates in accordance with the legal regulations and the Company Policy as well. The new policy text which reflects all of these changes and updates are immediately announced in our branches and also published through our website address.