GDPR

PERSONAL DATA PROTECTION AND PROCESSING

GENERAL DISCLOSURE TEXT

As Magicpay Teknoloji A. Ş. (“Magicpay” or “Company”), we show maximum sensitivity regarding the security of your personal data. With this awareness, we attach great importance to the processing and storage of personal data related to natural persons with whom the Company interacts in accordance with the Personal Data Protection Law No. 6698 (“Law”), secondary regulations (regulations, communiqués, circulars) enacted or to be enacted under the Law, and decisions taken or to be taken by the Personal Data Protection Board. In full awareness of this responsibility, as the “Data Controller” as defined in the Law, we process your personal data in the manner described below and within the boundaries mandated by legislation in relation to account opening procedures.

1. Information Regarding the Data Controller

In accordance with the Law, Magicpay Teknoloji A. Ş., registered with the ISTANBUL Trade Registry Directorate under registration number …….. and tax identification number …….., with its address at “Ahmet Yesevi, Kerem Sk. No:9, 34903 Pendik/Istanbul, Turkey” is the Data Controller.

2. Purposes of Personal Data Processing

Your personal data is processed by the Company for the purposes of ensuring the Company’s commercial activities are carried out in accordance with legislation and Company policies, conducting necessary activities by the Company’s business units, determining, planning, and implementing the Company’s commercial policies in the short, medium, and long term, designing and managing human resources activities, fulfilling the Company’s legal obligations, managing customer relations and corporate communication processes, and ensuring the commercial and legal security of individuals and legal entities with whom the Company has a business relationship, within the limits specified in the Law, in a lawful, fair, and proportional manner, always related to these purposes.

3. Transfer of Personal Data

Your personal data, for the purposes mentioned above, may be transferred to public institutions authorized by law, judicial and administrative authorities, other private legal and natural persons permitted by other legislation, institutions authorized to audit the Company, payment service providers contracted for the settlement of payments and financial obligations, business partners and service providers the Company collaborates with for the execution and development of activities, and suppliers of the Company only when necessary, in accordance with the data security measures specified in the Law.

4. Method and Legal Reason for Collecting Personal Data

Your personal data is collected by the Company’s authorized departments and employees using both automated and non-automated methods, orally, in writing, or electronically. In this context, personal data related to identity, contact, location, personal status, legal transaction, customer transaction, physical security, transaction security, risk management, finance, professional experience, marketing, and audiovisual records are processed based on the following legal grounds: processing of personal data directly related to the establishment or performance of a contract as specified in the second paragraph of Article 5 of the Law, processing of data is necessary for the data controller to fulfill a legal obligation, the data has been made public by the individual, and processing is necessary for the legitimate interests of the Company, provided it does not infringe upon the fundamental rights and freedoms of the individual.

5. Rights of Data Subjects Under the Law

You may apply to MagicPay at any time to:

  • Learn whether your personal data is being processed,
  • If your personal data has been processed, request information about it,
  • Learn the purpose of processing your personal data and whether it is used in accordance with that purpose,
  • Learn the third parties to whom your personal data has been transferred, domestically or abroad,
  • If your personal data is incomplete or incorrect, request its correction,
  • Request the deletion or destruction of your personal data under the conditions stipulated in Article 7 of the Law,
  • Request that third parties to whom your personal data has been transferred be informed of the correction, deletion, or destruction as per Article 11(d) and (e) of the Law,
  • Object to a result that may arise against you by solely automated analysis of your processed data,
  • Request compensation for any damages you have suffered due to unlawful processing of your personal data,

You can request to exercise your rights. To make a request regarding your rights or the application of the Law, please fill out the application form available at magicpay.ai and submit it with a wet signature to “Ahmet Yesevi, Kerem Sk. No:9, 34903 Pendik/Istanbul, Turkey” via notary, registered mail with return receipt, personal delivery, or electronically after signing the form with your mobile signature or secure electronic signature, and send it to hello@magicpay.ai using your KEP address or the e-mail address already registered in the Company’s data registration system. Magicpay will respond in writing to requests within this scope free of charge for the first ten pages; for each additional page above ten, a fee of 1 Turkish Lira per page will be charged. If the response is provided in a recorded format, such as CD or flash memory, the Company may charge the cost of the storage medium, which will not exceed the actual cost.

In your application to use the rights stated above, the request must be clear and understandable. If you are acting on behalf of someone else, you must submit a notarized power of attorney. Your application must include your full name, signature, T.C. identity number, residence or workplace address, e-mail address, phone and fax numbers, and the subject of your request. Applications without these details will be rejected by Magicpay in accordance with the “Notification on the Procedures and Principles for the Application to the Data Controller.”