Privacy Policy

Privacy Policy

1. Introduction and Scope

This Privacy Policy is meant to provide information on the personal data processed by iyzico Odeme Hizmetleri A.S., a corporation incorporated under the laws of the Republic of Turkey, methods of those processing and the rights that may be exercised in relation with these.

We are aware that personal data is important for our merchants as well as end users and we endeavor to undertake all necessary measures to ensure this policy is complied with by everyone within iyzico and that your personal data is kept safe.

This policy applies to products and services of iyzico only. On websites and mediums that do not belong to iyzico, the policies and rules of the respective person/organization shall apply.

The type of personal data processed by iyzico depends on whether you are a merchant (subscriber) or a user that makes a purchase from those merchants.

2. Personal Data Processed by iyzico

When you make a payment to an iyzico merchant, information related to that payment (information on the credit card you use, your membership and transaction information held by the merchant, IP address of the system you utilized to make the transaction, etc.) are transferred to iyzico. This information is used by iyzico to execute payments and enable transactions, as wel as to prevent fraudulent payments and facilitate other services as may be requested by the merchant (e.g. storing of your credit card in a safe vault for your future transactions from the same merchant). Some of this information is transferred to banks and other financial institutions that facilitate credit card transactions. Besides, if it is necessary for rendering of the services you requested and upon the merchants’ request, your information may be transferred to other service providers (e.g. customs brokerage service providers in case of cross-border transactions). In some cases, in particular when the credit card is issued by a foreign bank or the delivery address is located abroad, some of the parties to whom these information is transferred may be located in countries other than Turkey, which guarantee an adequate level of for protection of your personal data. If the country in question does not provide an adequate level of protection, then it will be ensured that the party to whom personal data is transferred provides necessary safeguards for protection of your personal data.

When you apply to register with iyzico and become a merchant, the following information shall be collected from you: information that helps to determine the category and name of your business, information and documents that help us identify and describe the business and tax issues, bank information that is necessary for transfer of payments and records relating to use of iyzico services (IP address, your web infrastructure, etc.). This information may partially or completely consist of personal data, and you, as the business, declare that you are authorized to share this information with iyzico. Most of this information is mandatory for completing your registration and your utilization of iyzico products and services. When you do not provide the non-mandatory information, this may cause you to not benefit from all aspects of products and services and cause interruptions thereof. This collected information may be used for the rendering of the services, the recommendation of new and value-added services as well as for the promotion of iyzico (e.g. references). If you are a seller that operates under a marketplace merchant, the marketplace transfers your identifying information as well as contact and bank information to iyzico. This information is subjected to the same rules as merchant information.

Apart from those reasons, in case you let iyzico collect your personal data in any other way (e.g. subscribing to mailing lists or filling out contact forms), you consent to iyzico’s processing of said personal data in accordance with the purpose of your sharing.

When you use the iyzico website, access information related to you, such as your ISP’s (Internet Sevice Provider) name, the website you visited before iyzico, your IP Address and your browsing information may be collected by iyzico. This information is used for improvement of iyzico’s infrastructure, statistical evaluations, and better targeting of iyzico promotional material. Cookies may also be placed on your computer for collecting information on your usage to enable the website’s functionalities, managing website infrastructure and promotion of iyzico. In case you do not wish to accept those cookies, you may do so by applying the relevant settings to your web browser, and you may also delete those cookies at any time. However, not accepting or deleting cookies may cause deficiencies in the functioning of the website or its services.

This website uses a web analytics tool named Google Analytics developed by Google, Inc. (“Google”). Google Analytics utilizes cookies and other identifiers to help website owners analyze the use of their website by their visitors and for rendering of the services provided by Google. Information related to your use of the website may be transferred to Google’s servers located in various countries and be processed by Google at those locations. Google shall use this information for analyzing your use of the web, drafting reports on the usage of website for website owners and providing other services related to internet use (e.g. creating user segmentations). Google may transfer this information to third parties upon legal obligation and when third parties process this information on behalf of Google. If you do not wish your information to be used by Google Analytics, you may use the following link to opt out:

This website utilizes a service provided by Hotjar Ltd. (“Hotjar”) that identifies users’ experiences on a website and evaluates the ease of use of the website and receives anonymous feedback from users. Cookies are placed on your computer for the provision of this service.

This website utilizes a service provided by Optimizely Inc. (“Optimizely”) that helps find out which version of the website is more suitable for use by showing different versions to different users. Cookies are placed on your computer for the provision of this service.

This website and iyzico merchant control panel utilizes a service provided by Sosyo Plus Bilgi Bil. Tekn. Dan. Hiz. Tic. A.Ş. (“Insider”) that helps merchants to find out the features which they did not able to use before. Cookies are placed on your computer for the provision of this service.

This website utilizes a service provided by Doğan İnternet Yayıncılığı ve Yatırım A.Ş. (“Medyanet”) that analyses the user behaviours. Cookies are placed on your computer for the provision of this service.

You may reject the use of cookies by applying the relevant settings to your web browser. However, please do not forget that this may cause you to be unable to use all of the functions of the website. You consent to processing of your personal data, as explained above, by Google, Hotjar, Optimizely, Insider and Medyanet.

3. Security and Other Conditions

All personal data collected by iyzico is transmitted and stored in compliance with reasonable security standards as adopted by the industry. The security of payment data is ensured with our PCI DSS Level 1 Compliant infrastructure and all connections where personal data is transmitted are protected with encryption.

Your personal data is retained for a reasonable period during which it is necessary for the provision of services or the meeting of legal obligations. After that period, your personal data shall be deleted or anonymized in a way that does not enable personal identification.

iyzico undertakes not to sell your personal data to third parties that may use your personal data for purposes such as marketing. Your personal data may be transferred to law enforcement agents, other public officials or third parties, only when there is a legal obligation to do so and such transfers shall be in compliance with the regulations in force.

This Privacy Policy may be updated unilaterally by iyzico. Merchants are obliged to follow any possible updates and inform their users on iyzico’s data-processing activities before they transfer their users’ information to iyzico. Updates to the Privacy Policy shall come into effect immediately for any information of merchants and sub-merchants upon their continuing of use of iyzico’s services. For users making transactions with merchants, the then-current version of the Privacy Policy shall apply for each transaction.

4. Your Rights

You may contact iyzico via the following contact information to exercise the following rights with respect to your personal data: to be informed on what personal data is being processed, whether they are used in accordance with the purpose they were collected for and the identity of the third parties located in Turkey or abroad to whom your data has been transferred, to request rectification and updates in case the collected personal data is missing or wrong or has changed since collection, the erasure or anonymization in line with the purpose of processing and legal obligations, notification of such operations to third parties to whom personal data has been disclosed to, and to object to any negative consequences arising from automatic processing of your personal data and demand compensation for any unlawful processing of your personal data. Merchants may update their information by logging into their account on the iyzico website.

iyzico Ödeme Hizmetleri A.S.

Address: Nidakule Göztepe İş Merkezi, Merdivenköy Mah. Bora Sok. No:1 Kat:19 Kadıköy 34732

E-mail: [email protected]

Tel.: +90 216 599 01 00