As METATIME TECHNOLOGY INCORPORATED COMPANY (“Metatime” or “Company”), we attach great importance to ensuring the security of all your personal data that you have transmitted to us both when using our website, by filling out the relevant application forms, or by other means within the framework of the relevant legislation, especially The European Union General Data Protection Regulation (“GDPR”).

1. Data Controller; Under the GDPR Art 4. Definitions, it is defined as the natural or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system, and Metatime is the data controller for the data regarding our valuable investors/potential investors.

1. The Purpose of Processing Your Personal Data; Information obtained from the name-surname, date of birth, place of birth, mother’s name, father’s name, mobile phone number, e-mail address, identity number(s), other identification information, photo, bank account numbers, address, occupation information, device type and identity, tracking information about usage, IP address and WLAN (Wireless Local Area Network) belonging to our valued investors, personal data in the form of transaction history, access date and time, browser type and version, location information will be processed by Metatime which is the data controller, in accordance with all legal legislations for the following purposes at all stages, including the conclusion, fulfillment and termination of the agreements you will make;
1. Providing our services and in this context, verifying your investor identity,
2. Protection of investor accounts and archives,
3. In order to comply with legal and administrative measures,
4. To be used in the products and services you have bought/will receive, to be able to forward new product and service offers to you,
5. Keeping investor satisfaction at the highest level by measuring the performance of our systems,
6. Planning of commercial/business strategies,
7. Ensuring the security of our website, mobile applications, other online applications and products,
8. Modelling, reporting, scoring, risk monitoring, intelligence, existing or new product studies and potential investor identification,
9. Arrangement of information and documents that will be the basis for the work and transactions to be carried out,
10.  Complying with the information retention, reporting and disclosure obligations stipulated by all judicial and administrative authorities in accordance with the relevant legislation, ensuring that request or decisions from these authorities are fulfilled,
11. Notifying these authorities for the purpose of investigating, detecting and preventing breach of contract and violation of the law,
12.  Resolving existing and future legal disputes,
13.  Ensuring system security with investor account security; fulfilling our legitimate interests, such as fulfilling obligations under money laundering legislation and preventing fraud and crime,
14.  Ensuring that our systems, services and interface are accessible to investors using all platforms (IOS, Android).

As a data controller, your personal data may be stored and processed by our Company for purposes such as performing membership transactions, resolution of your problems and complaints, sending news, information and updates about our services, offers and other marketing items that may be of interest to you, if you have given your consent for commercial electronic messages and understanding the needs of our investors, responding to their requests more quickly and providing better service by improving our communication with our investors, informing you about our products and services, receiving your opinions on our products and services, developing and diversifying our products and services in line with your requests and needs, and carrying out our necessary quality and standard audits as stipulated by the relevant legislation or fulfilling our reporting and other obligations stipulated within the scope of the relevant legislation. This service can be obtained from third parties.

1. Transferring Your Personal Data; Your personal data in Metatime is stored safely and is not transferred to third parties except in the following cases. Your personal data may be transferred by Metatime to its business partners, consultants, authorized courts and/or institutions and public institutions and organizations within the scope of legal and financial audits in Turkey, The EU countries, The UK and The USA in accordance with GDPR and law of places which are specified in this text. In addition, your personal data may be transferred directly or indirectly by Metatime to any third party, authorized institutions and organizations that receive or intend to receive consultancy, support or other services within the framework of certain personal data processing conditions and purposes.

Metatime may transfer, process and store your personal data to the specified persons, especially in the following cases;

• Persons, institutions and/or organizations required/permitted by law and other legislation provisions,
• All kinds of public legal entities, authorities that have the authority to receive personal data,
• Metatime Technology’s companies, company groups,
• Third parties from whom support, consultancy and services are received in areas such as law, tax etc. to carry out our activities,
• Program partner institutions, organizations, domestic/foreign banks, funds, and institutions with which we cooperate,
• Domestic/foreign/international organizations that receive service/support/consultancy or become a project/program/financing partner and organizations that receive independent audit and support services,
• We can transfer your personal data to other electronic media such as storage, archiving, servers with information technology support, hosting companies, programs, cloud computing, etc. in Turkey or abroad, mainly EU countries, England, OECD countries; process and store provided that necessary security measures are taken. For more detailed information about the transfer of personal data abroad, please review the Clarification text for the processing of personal data.

1. Collection Method and Legal Reason of Your Personal Data; They are collected through various methods, including all contracts/information forms and other documents, through notifications you will make, through our website, mobile applications, other online applications and products, conversations with our call center or call center from which we receive service, through channels such as KPS, SMS, e-mail, third-party service providers, verbally, in writing or in electronic form, including our domestic/foreign subsidiaries that are fully or partially automated or not as part of any data recording system, program partner institutions and organizations we cooperate with, official institutions, domestic/foreign and other third parties and stored within the periods determined within the framework of the legislation. Personal data collected for these legitimate reasons may be processed and transferred by Metatime in accordance with the basic principles stipulated in the GDPR and the personal data processing conditions and purposes specified in GDPR Art.6 and other related articles Law for the purposes specified here.

Purpose of Processing of Personal Data;

Your personal data; the negotiation, establishment and performance of the Terms of Use is processed provided that it does not harm the fundamental rights and freedoms of the person concerned and processed based on legal reasons that data processing is mandatory for the legitimate interests of Metatime Technology. In addition, data processing activity in the form of transferring data abroad will be carried out with the “explicit consent of the person concerned”.

Metatime Technology will not process personal data contrary to the purposes of collection within the framework of this Clarification Text and the Law, and will delete, destroy or anonymize, if requested by the person concerned or ex officio or upon the disappearance of the purpose of data processing.

• Your Rights in Accordance with the GDPR, Chapter 3 Rights of the Data Subject (Art. 12- Art.23)

1. Learning whether personal data is processed or not,
2. If personal data has been processed, requesting information about it,
3. Learning the purpose of processing personal data and whether it is used in accordance with its purpose,
4. Knowing the third parties to whom personal data is transferred at home or abroad,
5. Requesting correction of personal data in case of incomplete or incorrect processing,
6. Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in Article 17,
7. Requesting notification of the transactions made pursuant to subparagraphs (5.5) and (5.6) to third parties to whom personal data has been transferred,
8. Objecting to the emergence of a result against you by analyzing the processed data exclusively through automated systems,
9. You have the right to demand the compensation of the damage in case of loss due to unlawful processing of personal data.

• Data Controller You Can Apply; In accordance with GDPR, you shall submit your request to our Company in writing to exercise your above-mentioned rights. You can forward your request, including the necessary information identifying your identity in order to use your above-mentioned rights, and your explanations regarding your right that you request to exercise from the rights specified in Article 12 of the GDPR to [email protected] address. You can learn all your other rights by reviewing our Company’s Clarification text for the Processing of Personal Data

1. . Within the scope of the relevant law, you can forward all your information requests to our Company at [email protected] address. You can access the relevant Application Form from the link or areas specified on the site. Your applications will be finalized within 30 (thirty) days at the latest, in line with the periods specified in the Law, after your identity has been verified by our Company.

In your applications that you will make with the above-mentioned method;

1. Your name, date and signature if the application is written
2. If you are T.R. citizen, 11-digit T.R. identification number
3. If you are not T.R. citizen, your residence permit and ID number
4. Your residential or workplace address based on notification
5. As a basis for notification, your telephone number, if any, and e-mail address 
6. Subject of the request must be stated absolutely, and all kinds of information and documents related to the subject of your request must be legibly attached to your application. 

Your applications will be accepted after the identity verification by Metatime Technology, and will be answered in writing or electronically within the legal period. It is crucial to state that in written applications, the date on which the document reaches Metatime Technology; and in applications made by other methods, the application reaches Metatime Technology will be considered as the application date. Responding to your applications is essentially a free process, and if the response process requires a cost, the fee in the tariff determined/to be determined within the scope of the legislation or administratively will be reflected to you.

This policy has been prepared in Turkish and English, and if there is a difference between the two versions, the Turkish version will be taken as the basis.