Version Number: 1.0
USER – a private person without the status of a legal entity using an online service through a mobile application;
PERSONAL DATA – any information relating to the identified private person or person that needs to be identified;
- General information
2.1. The Azer-Turk Bank may receive information about users and the nature of their operations in the following way:
2.1.1. through information and data voluntarily provided in the registration form in the Mobile application;
2.1.2. through cookies stored on User’s devices;
2.1.3. by collecting information from server logs;
2.2. The Azer-Turk Bank makes every effort to ensure the protection of users’ privacy, applying the minimization policy, providing and processing data about Users, as well as transferring them for processing to third parties.
- Registration form and data collection
3.1. TheAzer-Turk Bank, using the registration form, collects and processes only the information voluntarily provided by the User and his/her personal data, including his/her name, phone number and email address.
3.2. Use of the Service also provides the ability to collect connection parameters (recording time and IP address).
3.4. When providing data in the Mobile Application (including user data for logging in and initiating a transfer), theft and interception protection is provided using SSL encryption with a certificate. The whole process from logging in to leaving the account is encrypted (there is a so-called end-to-end encryption).
- Logs and crash reports
4.1 Error and status logs: When you send a support request from within, a series of text files may be attached automatically to the email. These files contain information on the current state of Atb pos App. This data also contains your device model, your software version and your network status at the time of the error.
4.2 Crash reports: In case of a crash, Atb pos will submit a crash report. This report contains information about your device (model, software version, etc.) and the state of Atb pos app at the time of the crash. No personal data will be transmitted.
- Principles of data processing and protection
5.1. Personal data are processed by the Azer-Turk Bank only for the purposes for which they were collected, are subject to proper protection and are provided to external companies only to the extent permitted by law.
5.2. The Azer-Turk Bank LLC is the Administrator of users’ personal data.
5.3. During all activities related to the processing of personal data, the Azer-Turk Bank assures that personal data:
5.3.1. processed in accordance with the law, fairly and transparently for the data subject;
5.3.2. adequately, relevantly and limited to the amount necessary for the purposes of the processing;
5.3.3. all data are correct and up-to-date;
5.3.4. are stored for a period allowing identification of a person no longer than necessary for the purposes of the processing;
5.3.5. are processed in compliance with all security measures.
5.4. Personal data are processed by the Azer-Turk Bank only for the following legally permitted purposes:
5.5. Recipients of personal data may be:
5.5.1. entities entrusted by the Azer-Turk Bank with the processing of personal data, for example, entities providing accounting, legal, IT or marketing services at the request of theAzer-Turk Bank , including personalization services for contact with the User;
5.5.2. entities and bodies authorized in accordance with the law;
5.5.3. entities cooperating with theAzer-Turk Bank , for example, Azer-Turk Bank of electronic payment systems or business partners.
6.6. The Azer-Turk Bank grants all persons whose data are processed the right to:
6.6.1. access to their data and obtaining a copy thereof;
6.6.2. correction of their data;
6.6.3. data deletion, data processing restrictions;
6.6.4. objections to data processing;
6.6.5. data transfer;
6.6.6. filing a complaint to the supervisory authority about the Azer-Turk Bank’s actions regarding data processing.
6.7. In relation to data processing based on consent, the Azer-Turk Bank informs that the consent is completely voluntary each time, and regardless of the time of submission of such consent, there is always the right to withdraw it. The withdrawal of consent does not affect the legality of the processing that has been carried out so far.
6.8. The Azer-Turk Bank informs that the processing of personal data does not provide for automated decision-making, including profiling of Users.
7. Data retention and deletion
7.1Azer-Turk Bank retains user’s personal data only for as long as is necessary to fulfil the purposes for which it was collected. Azer-Turk Bank is required by law to store some of your personal and transactional data beyond the closure of your account with us. Azer-Turk Bank accesses user’s data internally on a need-to-know basis, and we’ll only access or process it if absolutely necessary.
7.2 Azer-Turk Bank always deletes data that is no longer required by a relevant law or jurisdiction in which it operates. It is done automatically, so the user doesn’t need to contact us to ask us to delete your data. Deletion methods include shredding, destruction and secure disposal of hardware and hard-copy records, and deletion or over-writing of digital data.
7.3 User’s personal data will be processed for the following period:
- data processed in order to provide user with the functionality and maintain the connection – for the duration of the connection;
- data processed in order for Azer-Turk Bank to perform Our obligations under an Agreement for the provision of Services – for the period necessary for the conclusion and performance of the Agreement concluded with User.
- data processed for the purpose of establishing, investigating or defending claims – for the period relevant to the limitation period of the claim;
- data processed for accounting and taxation purposes – for a period of no less than 5 years, with specific periods defined by law, e.g. tax legislation;
- data processed on the basis of the pursuit of Azer-Turk Bank legitimate interests – until the fulfilment of the legitimate interests giving rise to that processing or until User objects to such processing.
In the situation of processing on the basis of consent, the processing will take place no longer than until you withdraw your consent, or until the purpose of the processing is completely fulfilled (where possible).
- Final provisions