PRIVACY POLICY - PROTECTION AND PROCESSING OF PERSONAL DATA

 

The protection and processing of personal data are regulated in addition to the Terms of Use.

The Bursa Taxi mobile application (Application) is provided by Abidos Bilişim Teknolojileri A.Ş. (Company) for its members to access services.

The use of the Application implies that the policy on the protection and processing of personal data specified below has been read electronically and accepted.

With this information, the Company fulfills the obligation to inform about what is done in the processing of personal data obtained and/or received from third parties during the use of the Application, as required by Article 10 of the Law No. 6698 on the Protection of Personal Data (Personal Data Protection Law). Furthermore, it is to inform the Users transparently about the methods of collecting personal data that the Users have entered into the Application through their positive actions or collected by the Company regarding the use of the Application, the purposes of processing, legal reasons, and their rights.

The Company continually renews itself to provide better service to its Users with the product and service Applications it develops in the field of the internet, works to provide the best service, and takes the highest level of security measures to ensure the lawful collection, storage, and sharing of personal data and to protect its confidentiality. To achieve this goal, Users' personal data are processed within the scope and conditions described below in detail.

The Company can update and change the provisions of this information at any time by publishing it through the Application. Updates and changes made by the Company will be valid from the date of publication in the Application.

Data Controller

In accordance with the Personal Data Protection Law, your personal data will be collected and processed by the Company as the data controller within the scope described below.

 

Collected Personal Data

The Company collects various fixed and variable data from Users using the methods specified below. The data collected by the Company depend on the services and features used by the Users.

Unless explicitly stated otherwise, the terms "personal data" and "sensitive personal data" within the scope of the provisions and conditions offered include the following information:

Name and Contact Information: Name, surname, mobile phone, taxi calling and drop-off address, and email address.

Authentication Information: Membership information of Users, passwords used for email and phone verification and access to the account, username, and preferred language data.

 

Usage Data and Favorites: Data collected from your devices through various software and technological tools, reasons for calling the Company or Call Center, voice recordings, date and time when the product is used, data specified in modules such as surveys, banner campaign redirections for directing users to the related product through the survey or banner, usage habits for improving and customizing services to you, errors and similar problems occurring during service use.

Location Data: Includes sensitive or approximate location data of Users. Location data derived from GPS data and location derived from IP and port addresses are used when the User uses the Application to search for taxis near their current location, provided the user gives permission.

Content Data: Membership information, notification description, solution description, satisfaction, notification reason, Member comment, Member rating, reason for membership rejection, feedback, reason for document submission, error content specified during the use of the Service, interim information status, interim information, reason for calling, and similar data.

Survey Responses: Responses given to surveys organized within the Application by the Company and responses given to surveys conducted by real and legal entities with whom the Company cooperates.

Messages in the Application with Content Contrary to Terms of Use: Messages detected to have content contrary to the terms of use based on complaints/notifications from messages sent by users to each other within the Application for secure communication between users.

Where Are Personal Data Stored and Processed?

The personal data we obtain may be stored and processed in another country where the Company or its affiliates, subsidiaries, or service providers with whom it cooperates have facilities, both domestically and abroad, for the purposes stated under this heading and in proportion to these purposes. The personal data collected in this context will be processed within the provisions here and under the legislation in force in the country where the data are stored and processed, including the anticipated security measures.

For What Purpose Are Personal Data Processed

With this information, your personal data will be processed in accordance with the purposes stated in the Membership Agreement and Terms of Use, Principles and Processing Conditions regulated by the Personal Data Protection Law No. 6698, and for the purposes specified in detail below:

Name and Contact Information: Internal evaluation within the Company, communication, User registration, obtaining potential customer information, developing post-service processes, business development, collection, customer portfolio management, promotions, analysis, complaint management, managing customer satisfaction processes, marketing, advertising, research, billing, event information, conducting operational activities, measuring service quality, development, audit, control, optimization, customer verification, marketing, advertising, post-trip services, detection and prevention of fraud;

Authentication Information: User registration, error/problem reporting, control, development of operational activities, execution, development of post-service processes, business development, collection, internal evaluation within the Company, customer portfolio management, measurement of service quality, communication, optimization, modernization, audit, risk management, audit, customer verification, detection and prevention of fraud;

Demographic Data: Promotions, internal evaluation within the Company, analysis, communication, development of post-service processes, business development, collection, usage data and interests, favorites, marketing, advertising, audit and control, risk management, development of post-service processes, business development, collection, internal evaluation within the Company, customer portfolio management, post-trip services, measurement and development of service quality, communication, management of complaint processes, execution of operational activities and development, registration, error/problem reporting;

Usage Data and Favorites: User registration, error/problem reporting, control, inquiry, execution and development of operational activities, development of post-service and after-sales processes, business development, collection, internal evaluation within the Company, online behavioral advertising and marketing, customer portfolio management, measurement and development of service quality, communication, optimization, audit, risk management and control, promotions, analysis, determining interests, scoring, profiling, marketing, advertising, communication, management of complaint processes, registration, error/problem reporting;

Location Data: Provision of Application functions related to or associated with location, audit and control, risk management;

Content: Business development, optimization, customer portfolio management, audit, control, development of operational activities, business development, promotions, internal evaluation within the Company, customer management, analysis, scoring, profiling, development of after-sales processes, collection, post-trip services, communication, measurement of service quality, development, management of complaint processes;

Survey and Test Responses: Information requested from Users who respond to periodic surveys or tests organized within the Application by the Company, cooperation of the Company with real and/or legal entities for the provision of Application functions and the realization of these functions by the Company in accordance with the purposes of use of the Application, as specified above, direct marketing to these users by third real and legal entities with whom the Company cooperates within the scope of all processing activities, statistical analysis, improvement of processes, and database creation;

Messages in the Application with Content Contrary to Terms of Use: The messaging service is provided for our Users to inform each other. In the context of these messages, based on the legitimate interest specified in Article 5 of the Law, messages in the Application with content contrary to the terms of use, containing insults, contrary to general morality, fraudulent, likely to cause unfair competition, violating personality rights, intellectual and industrial property rights, and otherwise containing illegality, are examined and blocked.

Duration of Storing Personal Data

The Company will retain the personal data obtained for as long as necessary for the purposes for which they are processed, within the framework of the conditions specified in this information and the Terms of Use, in order to enable Users to benefit from the service in the best way.

In addition, in case of any dispute arising from the Terms of Use, the Company will retain personal data for a limited period of time for the purpose of conducting administrative or judicial processes related to the dispute, and for the statute of limitations periods determined by the relevant legislation.

To Whom and For What Purpose Can the Processed Personal Data Be Transferred

The Company shares the personal data of the User and the new data obtained by using this personal data or the personal information entered by the Users into the Application through their positive actions, primarily to fulfill the requirements of the Membership Agreement and Terms of Use and to perform the Services, improve and personalize the User experience, ensure the security of Users, detect and prevent fraud, develop services, conduct inquiry activities of importance for the services, operational evaluation research, fix errors, verify User identities, improve system performance, with external service providers, business partners, suppliers, corporate members to the extent necessary for the transfer during service provision, law firms, research companies, call centers, complaint management and security software companies, agencies, consultancy firms, social media platforms, certification bodies, and with authorized institutions, organizations, authorities, administrative and judicial bodies within the scope of legal obligations.

Additionally, the User's Name and Contact Information will be shared with payment institutions in accordance with the payment institution framework agreement to be approved during the payment stage and the Regulation on Measures Regarding the Prevention of Laundering Proceeds of Crime and Financing of Terrorism published in the Official Gazette dated 9 January 2008 and numbered 26751 for the purpose of identity verification.

The Company may transfer personal data domestically to third parties as well as abroad within the categories and purposes specified above, limited and proportionate to these purposes.

Method and Legal Reason for Collecting Personal Data

The Company collects your personal data to work more effectively and provide you with the best experience. The Company collects your personal data directly from the data subject, through agents acting on your behalf and/or persons authorized to act, using the following methods:

Data Provided Directly to the Company: Refers to personal data provided by Users to the Company at their own initiative before or during the use of the Application for the performance of the service. These personal data include all personal data provided directly by Users to the Company as a result of their positive actions. This includes name, contact information, identity information, responses to surveys, demographic data, and content information.

Data We Obtain When You Use Our Application: Includes personal data related to Users' usage habits obtained during the provision of the service through certain software or technological tools. For example, location data, address addition, commenting, rating, creating favorites, interests, and usage data fall into this category.

 

Our Measures and Commitments Regarding Data Security

The Company commits to securely protecting personal data. It implements technical and administrative measures aimed at ensuring an appropriate level of security to prevent the unlawful processing of and access to personal data and to ensure the preservation of personal data, using various methods and security technologies.

The Company will not disclose the personal data obtained to anyone contrary to the provisions of this Information and the Personal Data Protection Law No. 6698 and will not use it for purposes other than processing. In case personal data of Users are shared with external service providers according to this information, the Company declares that it will perform the necessary warning and auditing activities to ensure that these external suppliers adhere to the commitments under this article.

The Company does not bear any responsibility for the privacy policies and contents of other websites and applications linked through the Application.

The User undertakes that the information subject to this information is complete, accurate, and up-to-date, and that they will update this information through their account on the Application in case of any changes. The Company will not be responsible if the User fails to provide current information.

Rights of the Personal Data Owner Under Article 11 of Law No. 6698

As personal data owners, if you submit your requests regarding your rights to the Company using the methods regulated below, the Company will conclude the request as soon as possible and within 30 (thirty) days at the latest. A transaction fee of 2.50 Turkish Liras will be charged for each page of the response. The response will not be given on a recording medium such as a CD or flash drive.

In this context, personal data owners have the right to:

·        Learn whether their personal data are processed,

·        Request information if their personal data have been processed,

·        Know the purpose of processing personal data and whether they are used in accordance with their purpose,

·        Know the third parties to whom personal data are transferred domestically or abroad,

·        Request correction of personal data if they have been processed incompletely or inaccurately and to request notification of the correction to third parties to whom personal data have been transferred,

·        Request deletion or destruction of personal data in case the reasons necessitating their processing cease to exist despite being processed in accordance with Law No. 6698 and other relevant legal provisions, and to request notification of the action taken to third parties to whom personal data have been transferred,

·        Object to the emergence of a result against the person himself through analysis of the processed data exclusively by automated systems,

·        Demand compensation for the damages in case of loss due to unlawful processing of personal data.

 

Exercising Your Rights Regarding Your Personal Data

 

Article 11 of the Personal Data Protection Law regarding the rights of the relevant persons, such as requesting the correction of your personal data and learning to whom we have transferred your data, regulates certain rights you have. You can use the following methods to submit your requests related to this article to BURSA TAXI:

 

You can send your request related to exercising your rights mentioned above in Turkish, as the data controller, to the address of Abidos Information Technologies Inc., ITU Ayazaga Campus, Katar Street, ITU Teknokent ARI-6 No: 2/49 D: 208 34467 Sarıyer/Istanbul/Turkey, in writing with identity verification documents, or by email to info@abidos.com.tr, through a notary or other methods determined by the Personal Data Protection Authority.

 

The Company reserves the right to verify your identity before responding.

 

In your application, you must include:

 

1.     Your name, surname, and if the application is written, your signature,

2.     For Turkish citizens, your Turkish Republic identity number, if you are a foreigner, your nationality, passport number, or if available, your identity number,

3.     Your residential or workplace address for notification,

4.     If available, your email address, telephone, and fax number based on the notification,

5.     Your request subject, and it is mandatory to include information and documents related to the subject, if any, in the application.