Banks are among the institutions that process data most intensively. KVKK + Banking + MASAK regulations are applied together.
Processed Data
- Identity information (TC, birth, parents)
- Contact (address, telephone, e-mail)
- Financial data (income, credit score)
- Transaction history
- Biometric data (fingerprint, face recognition - optional)
- Transaction within the scope of MASAK analysis
Legal Basis
- Contract (account opening, loan)
- Banking Law No. 5411
- Prevention of Laundering Proceeds of Crime (MASAK) No. 5549
- BRSA regulations
- Private Pension Savings and Investment System Law
KKB (Credit Registration) Bureau)
- Credit/card information center in all banks
- Credit score calculation
- Customer can object (incorrect record)
- Correction request
FINDEKS
- Individual credit score system
- Access via e-Government
- Correction request via KKB
Customer's Rights
- Seeing your data
- Requesting correction
- Deletion if it is in the wrong registry
- Rejection for use for marketing purposes
KVKK Board Decision
KVKK Board gives the highest penalties for bank data leaks. Millions of TL fines have been imposed, especially in "high volume customer data leak" files.
Practical Recommendations
- Read the bank disclosure text
- Close marketing permissions (unless you want)
- Do regular FINDEX checks
- In case of suspicious transaction, immediately bank + prosecutor's office
KVKK and banking lawyer recommended.