• Du er her:
  • Inicio
  • Política de privacidad

Política de privacidad

The future is global, be part of Global Exchange

PRIVACY POLICY

I – OWNERSHIP

In compliance with the provisions of the Data Protection Code No. 6698 (“DP Code”), the regulations, communiques, principal decisions and guidelines published by the Turkish Data Protection Authority (“DPA”) (collectively referred as “DPL”), we hereby inform you that the personal data communicated will be incorporated into a database owned and operated by GLOBAL EXCHANGE DÖVIZ TICARET YETKILI MÜESSESE A. Ş. (hereinafter “Global Exchange”), as a data controller under the DPL. Identification: GLOBAL EXCHANGE DÖVIZ TICARET YETKILI MÜESSESE A. Ş. with Turkish Tax ID: 3961009648; postal address: YENİGÖL MAH. SERİK CAD. DIŞ HATLAR 2 NOLU TERMİNALİ 100 /4, MURATPAŞA/ ANTALYA; telephone: +(90) 242 330 4011; e-mail: arco@globalexchange.com.tr

II - CONTACT

For any matter related to the processing of personal data by Global Exchange, you may make your request in relation to your rights listed under Article 11 of DP Code to Global Exchange in writing or by other means as set forth by the Personal Data Protection Board. You may convey your requests in relation to your rights by sending an e-mail to arco@globalexchange.com.tr . The application must be in Turkish. The applicant should provide the following information so that we can reply to your request or complaint and to communicate with you in this respect:

  • Name-surname;
  • Turkish ID number for Turkish citizens, passport number for foreign nationals;
  • Residential or business address;
  • Phone and fax numbers;
  • Request subject.

Within thirty days as of the receipt of your request, we will respond to you either in writing or electronically and either bring a conclusion to the request or explain why the request was rejected.

III – DEFINITIONS

Personal data means any information relating to an identified or identifiable natural person
Processing of personal data means any operation performed upon personal data, such as collection, recording, storage, maintenance, alteration, rearrangement, disclosure, transfer, acquisition, dissemination or otherwise making available, classification or blocking of personal data wholly or partially, by automatic means or non-automatic means, where it is part of a recording system
Data Controller means natural or legal persons who determine the purposes and means of the processing of personal data, and is responsible for the establishment and management of the filing system
Data processor means natural or legal persons who process personal data based on the authority granted by and on behalf of the data controller
Data Subject means natural person whose personal data are processed
DP Code Means the Personal Data Protection Code No. 6698 published in the Official Gazette dated 7 April 2016 and numbered 29677
DPL Means DP Code and its secondary legislation.
AWS Amazon Web Services

IV -PERSONAL DATA

Global Exchange may collect the following data:

1. EXCHANGE OF CURRENCY AND SERVICES: Data provided for the provision of Global Exchange services. The services will be identified at the time of data collection and registration.

    Data collected: Name, surname, ID no. and type, birthplace and date, nationality, contact address, address, e-mail address, contact telephone, signature specimen, information related to his/her business and profession, mother and father name (if the data subject is Turkish).

    Purpose: the registration of data subjects for the provision of currency exchange services.

    Legitimation: the existing legal or contractual relationship necessary for the provision of the service, fulfilling our requirements under the Communiqué numbered 2018-32/45 regarding the Decision numbered 32 on Protection of the Value of Turkish Currency (“Communiqué”) and anti-money laundering legislation of the Republic of Turkey.

    Storage periods: the data will be kept for a maximum of ten (10) years.

2. SALES CONTACT: in response to inquiries and contact requests received by any means, Global Exchange services, as well as the maintenance of business relationships:

    Data collected: Name, telephone, e-mail and inquiry.

    Purpose: Respond to requests for information that the data subject has made by any means with regards to Global Exchange products and services, and establish and maintain business relationships.

    Legitimation: Prior your explicit consent, Global Exchange is entitled to process the data of the data subject provided through the contact request, and in accordance with the legitimate interest for the development and maintenance of commercial relations.

    Storage periods: the data will be kept for 1 year or until the moment in which the data subject requests the cancellation or deletion of his data.

3. CV: sending of CVs through the website or through any means to Global Exchange.

    Data collected: professional area, name, surname, telephone, e-mail, CV, cover letter and any other personal data associated with the CV or professional profile..

    Purpose: to manage the data subject's candidacy for the published selection processes or for other vacant positions according to his/her professional profile that may arise in the future within the activities of Global Exchange.

    Storage periods: the data will be kept until the data subject is allocated a job or until he/she asks us to delete them. It will, therefore, be kept for the time necessary for the purpose of the processing..

    Addressees: the data provided and derived from the selection process may be transferred to third companies identified by the data subject for the request of references that may be necessary for the selection of the candidate.

PROMOTIONAL MATERIAL or NEWSLETTERS: the sending of information, news, notices, reminders and promotions that could be of interest to the data subject, relating to the activities of Global Exchange.

    Data collected: e-mail address, name and surname..

    Purpose: the registration of data subjects for the submission of information, news and promotions, and to establish and maintain business relationships..

    Legitimation: provision of the data subject's consent to Global Exchange for registration in promotional services, and legitimate interest for the development of commercial relations.

    Storage periods: the data will be kept for ten (10) years or until the moment in which the data subject requests the cancellation or deletion of their data and/or revokes the consent they provided for commercial electronic communications.

5. SUPPLIERS: Professional personal data provided by Suppliers for the provision of services and management of the legal or contractual relationship.

    Data collected: Name, surname, ID no., professional contact address, e-mail address, contact telephone no.

    Purpose: the management of the contractual relationship of the service.

    Legitimation: the existing legal or contractual relationship necessary for the provision of the service.

    Storage periods: the data will be kept for a maximum period of Ten (10) years.

6. ACCESS CONTROL AND SECURITY: Data collected by video surveillance cameras:

    Data collected: Images.

    Purpose: to control access to and management of the internal security of Global Exchange facilities.

    Legitimation: Fulfilling our legal obligations under the Communiqué and the relevant anti-money laundering legislation, legitimate interest in guaranteeing the security of the facilities on the part of the owner, justifying the fact that the images are necessarily captured when accessing these facilities.

    Storage periods: The data will be kept for a period of six months from the date of recording.

V –TRANSFERS OR COMMUNICATIONS OF DATA

Your personal data will not be transferred to any third party without a legal basis that legitimates this transfer as per the DPL (e.g. your explicit consent, legal relationship, court or administrative order, etc.).

Your personal data may be transferred internationally to service providers, primarily iCloud service providers (e.g. AWS), for data storage. These providers will have their servers located in the EU

However, in the event that the servers are located in countries outside Turkey, Global Exchange will ensure that personal data are processed with the same level of protection as would have been the case had they remained in Turkey, ensuring that standard clauses adopted by the Turkish Data Protection Authority have been signed with the recipient entity and prior approval of the Turkish Data Protection Authority is obtained in case the transferee’s country is not one of the countries considered to provide adequate level of protection by the Turkish Data Protection Authority.

There are data communications to third parties for the provision of services by third parties such as processors with whom Global Exchange has signed the corresponding Data Processor contracts and verified that they meet sufficient guarantees to implement appropriate technical and organisational measures, so that the processing is carried out in accordance with the requirements of the DPL, ensuring the protection of the rights of the data subject.

VI - EXERCISE OF RIGHTS

The data subject has the following rights as per Article 11 of the DP Code:

(a) To learn whether their personal data is being processed,

(b) If their personal data is being processed, to request information in this respect,

(c) To be informed of the purposes of the processing of their personal data and on whether such personal data is used in line with such purposes,

(d) To be informed of the third parties in and outside of the Republic of Turkey to whom their personal data is transferred,

(e) To request that their personal data be corrected if processed falsely or deficiently,

(f) To request the deletion or destruction of their personal data,

(g) To request that the correction, deletion or destruction of their personal data be notified to the third parties to whom such personal data is transferred,

(h) To oppose to any result of analysis by automated systems that analyze their personal data, and

(i) To claim damages in the event of any damage caused by illegal processing of personal data.

Even though it is not specifically listed among the rights under the DP Code, in case a data subject’s personal data is processed based on his/her explicit consent, he/she is protected by the right to withdraw his/her consent to the processing by Global Exchange at any.

At any time, the data subject may exercise his/her above-listed rights by sending an e-mail to arco@globalexchange.com.tr . The application must be in Turkish. The applicant should provide the following information so that we can reply to your request or complaint and to communicate with you in this respect:

  • Name-surname;
  • Turkish ID number for Turkish citizens, passport number for foreign nationals;
  • Residential or business address;
  • Phone and fax numbers;
  • Request subject.

Within thirty days as of the receipt of your request, we will respond to you either in writing or electronically and either bring a conclusion to the request or explain why the request was rejected.

Global Exchange is obliged to comply with the regulations on the prevention of money laundering and the financing of terrorism. Compliance with this policy may result in the application of certain restrictions on the exercise of your rights.

VII - TECHNICAL AND ORGANISATIONAL SECURITY MEASURES.

As per Article 138 of the Turkish Penal Code and Article 7 of DP Code, even if personal data is processed as per the terms of the relevant law, if the reason for processing the data no longer exists, the personal data is deleted, disposed of or anonymised upon a decision by Global Exchange. or the request of the personal data owner. In this scope, the Global Exchange Policy for Storage and Disposal of Personal Data was prepared. Global Exchange reserves the right to reject the data owner’s request in cases where Global Exchange has the right/is obliged to keep the data as per the terms of relevant legislation.

In compliance with current regulations, Global Exchange has adopted the necessary technical and organisational measures to maintain the level of security required for the personal data processed. It is also equipped with the necessary mechanisms at its disposal to prevent, as far as possible, unauthorised access.

For example:

  • We work to protect the security of your personal information during transmission by using Secure Sockets Layer (SSL) software, which encrypts the information you enter.
  • We have physical, electronic, and procedural security systems in place for the collection, storage, and disclosure of customer personal information. Our security procedures mean that we may occasionally ask you for proof of identity before providing you with confidential information.

VIII - DATA PROVIDED

The data collected through the different means are strictly necessary to meet your request, which the Data Subject voluntarily communicates. The refusal to provide data qualified as mandatory will result in the failure to provide or the impossibility of accessing the service for which they were requested. Data may also be provided on a voluntary basis in order to ensure that services can be provided in an optimal manner.

The Data Subject undertakes to communicate as soon as possible to Global Exchange any modification and rectification of their personal data in order for the information contained in the Global Exchange Activity Records to be updated at all times

For our business partners, based on the legitimate interest of Global Exchange, the personal data of the data subject may be used for the establishment or maintenance of commercial relations by any means, including electronic means, regarding information of interest in relation to Global Exchange products and services. For our customers, the personal data may also be used for the establishment or maintenance of commercial relations by any means, including electronic means, regarding information of interest in relation to Global Exchange products and services, provided that a separate consent for sending electronic commercial communications is obtained in advance. In both cases, the data subject may at any time oppose to receiving such messages and such processing for commercial purposes by contacting with Global Exchange through means explained under the relevant commercial electronic message.

På Global Exchange er vi specialiseret i valutavekslingstjenester:

  •   310 kontorer i mere end 23 lande
  •   Mere end 2.500 ansatte
  •   Over 7 millioner kunder hvert år
  •   Mere end 15000 transaktioner om dagen
  •   Åben 24/7/365