" Last Updated - 01.02.2019
PERSONAL INFORMATION WE COLLECT
Information you provide
We collect or request personal information from you when you:
• Contact us by email, telephone, mail or other means;
• Request a quotation, support, downloads or information;
• Purchase a product, service or solution;
• Create or manage an account;
• Register or activate a device (e.g., payment terminal);
• Apply for financing or commercial credit;
• Register for events, webinars or services;
• Subscribe to newsletters, event notices or information materials;
• Participate in surveys, contests or other promotional activities.
The types of personal information we may request will generally be apparent to you at the time you provide it, and may include:
• Contact details (e.g., physical address, email address, telephone number);
• Work information (e.g., job title)
• Login credentials (e.g., user name);
• Financial details (e.g., credit or payment card number, bank account number, billing address);
If you choose to participate in one of our online surveys, which we conduct to better understand the needs of our customers, we may request additional categories of personal information from you.
Information we collect automatically
Information we collect from third parties
From time to time, we may receive personal information about you from third party sources (including resellers, distributors and other third parties that sell or service Verifone products or solutions), but only where these third parties are legally permitted or required to disclose your personal information to us. The types of information we may collect from third parties include contact details, billing information and delivery details. We use the information we receive from these third parties to provide the requested product, service or solution.
HOW WE USE THE INFORMATION
In particular, we will use your information to:
• Provide the products, services or solutions you purchase, to carry out the terms of our agreements with you and to manage our business relationship;
• Activate, register or update products you have purchased from us (e.g., payment terminal);
• Send important notices regarding our terms, conditions and policies;
• Operate, evaluate and improve our business (including developing new products and services; enhancing and improving our services; analyzing our products);
• Conduct credit reference checks and other financial due diligence;
• Perform accounting, auditing, billing reconciliation and collection and other internal business functions;
• Perform data analysis and processing (including market and consumer research, customer satisfaction research, trend analysis, financial analysis); • Protect against fraud and other unlawful activity, claims and other liabilities, establishing, exercising and defending legal rights, and to comply with our legal and regulatory obligations under applicable law;
• Maintain the physical security of our premises (e.g., visitor logs) and electronic security;
• Inform you of upcoming events, updates, news and the latest product, service, solution and other offerings where this is in accordance with your communications preferences;
• Operate and manage our websites.
We may also use your information in an aggregated manner that does not enable identification of any individual customer to evaluate and improve our offerings.
LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION
For the Republic of Turkey, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific purpose for which we collected or requested it.
However, we will normally collect personal information from you only where:
• we have your consent to do so; • we need the personal information to provide a service or to perform a contract or agreement with you; or
• where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If you have questions about or need further information concerning the legal basis on which we collect or use your personal information, please contact us using the contact details provided under the “Changes and Contact” heading below.
INFORMATION WE SHARE
We may disclose your personal information to the following categories of recipients:
• to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
• to any other person with your consent to the disclosure.
HOW WE PROTECT PERSONAL INFORMATION
We take data protection and privacy seriously. We maintain appropriate organizational, technical and physical safeguards designed to protect the personal information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Because submissions of information over the Internet are never entirely secure, we cannot guarantee the security of information you submit via the Internet and such submissions are made at your own risk.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service or solution or to comply with applicable legal, tax or accounting requirements)
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
YOUR RIGHTS AND CHOICES
Pursuant to the Law on Personal Data Protection numbered 6698 (the “PDPL”), you may request:
• information on whether your personal data have been processed, if yes, to request further information on the processing activity;
• information on the purpose of processing and whether your data is used in accordance with such purposes;
• information on the third parties in Turkey or abroad, whom your personal data have been transferred to;
• rectification, in case your personal data is processed incompletely or inaccurately;
• deletion or destruction of your personal data within the scope of the conditions set forth under Article 7 of the PDPL;
• notification of the rectification, deletion and/or destruction operations to third parties to whom personal data have been transferred to;
• to object to occurrence of any result that is to your detriment by means of analysis of personal data exclusively through automated systems; or
• compensation for the damages, in case you incur damages due to unlawful processing of your personal data.
You also have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.
Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
To exercise these rights, you may apply to Panaroma Bilişim Teknolojileri Sanayi ve Ticaret Anonim Şirketi in writing from the address Altunizade Mh. Prof. K. Gökay Cd. Denizcilik İşm. A. Bl. N.18/1/2-6, or by sending an e-mail to our registered e-mail address: firstname.lastname@example.org, or our privacy e-mail address : email@example.com. In the event that your application requires any costs, the fees set out by the Data Protection Authority may be charged to you.
LINKS TO OTHER WEBSITES
Our sites may contain links to third-party sites. We are not responsible for the content or the privacy practices employed by other sites.
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).
Specifically, our website servers are located in the United States and our third party service providers and affiliates operate around the world. This means that when we collect your personal information we may process it in any of these countries.
However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. Where we transfer your personal information to other countries, we rely on:
• the adequacy list announced by the Data Protection Board (the ‘Board’) which sets out the foreign countries with adequate protection level;
• the Board’s approval on the transfer upon Verifone’s and the transferee’s written commitment to provide an adequate level of protection, in case the recipient is not established in a country deemed having an adequate protection level by the Board.
Further details can be provided upon request. Please see contact information below. .
CHANGES AND CONTACT
If you are a cardholder that has used one of our terminals at a point of sale and would like information on payment processing, please contact the merchant/retailer directly.
Verifone Elektronik ve Danışmanlık Limited Şirketi (the data controller)
Attn: Legal Department
Reşitpaşa Mahallesi Katar Caddesi No: 4 Tekno kent arı 3 İç Kapı No: 1002/1004
You may also contact our Data Protection Officer at firstname.lastname@example.org