Sermaye Borsası Logo
TR
SERMAYE BORSASI

GDPR Compliance & Personal Data Statement

As Sermaye Borsasi, we attach the highest importance to the protection, processing, and security of your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection legislations. This GDPR Compliance Statement is prepared to inform you about the methods of collecting your personal data, processing purposes, legal bases, third parties your data may be transferred to, and your rights as a data subject when you visit our website (www.sermayeborsasi.com) or interact with our Telegram bots.

1. Data Controller Identity

The data controller under the scope of GDPR is the administration team of Sermaye Borsasi. You can contact us for any query or to exercise your data protection rights at our official email address: info@sermayeborsasi.com.

2. Processed Personal Data and Methods of Collection

During your visit to our website or when you interact with our Telegram bot, technical and behavioral data are collected automatically or semi-automatically through your browser and device, and saved in our logs or localStorage:

  • Identity & Contact Details: Your name, surname, and email address, provided that you fill out the contact form.
  • Technical & Security Data: Your IP address (queried through secure third-party APIs to determine country location and prevent bots), web browser identifier (User Agent), operating system, screen resolution, and preferred browser language.
  • Visitor Analytics & Cookies: Pages visited, duration of stay, clicked Telegram links, and user preferences (such as language and theme settings) stored locally in the browser's storage area.

3. Legal Bases and Purposes of Processing

Your personal data is processed based on the following legal bases defined under GDPR Article 6:

  • Legitimate Interests (Art. 6/1-f): Processing technical data to ensure the cybersecurity of our site, prevent malicious activities, optimize server resource allocations, analyze site speed, and improve the overall visitor experience.
  • Performance of Contract (Art. 6/1-b): Answering your inquiries sent via the contact form and delivering the stock depth analysis data you requested through our Telegram bot system.
  • Legal Obligation (Art. 6/1-c): Storing system access logs to comply with legal requests from law enforcement or adduce evidence in judicial proceedings in accordance with applicable laws.

4. Transfer of Personal Data

Your personal data is strictly not shared, sold, rented, or disclosed to advertising agencies, data marketing companies, or other commercial third parties. Your data is only shared with:

  • Hosting providers and server analytics providers that support our technical infrastructure (strictly within technical storage limits),
  • Courts, law enforcement, or competent public authorities in case of formal legal request or adducing evidence in ad-hoc legal processes within legal limits.

5. Rights of the Data Subject (GDPR Chapter III)

Under the GDPR, you have the following fundamental rights regarding your personal data:

  • Right of Access (Art. 15): The right to obtain confirmation as to whether your personal data is being processed, and to access that data.
  • Right to Rectification (Art. 16): The right to obtain the correction of inaccurate or incomplete personal data.
  • Right to Erasure (Art. 17): The right to request the deletion of your personal data ('right to be forgotten') when it is no longer needed or if you withdraw consent.
  • Right to Restriction of Processing (Art. 18): The right to restrict processing under certain conditions (e.g., if you contest the accuracy of the data).
  • Right to Data Portability (Art. 20): The right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21): The right to object to the processing of your data based on legitimate interests or direct marketing.
  • Right to Lodge a Complaint (Art. 77): The right to lodge a complaint with a supervisory authority if you believe the processing of your data violates the GDPR.

6. How to Exercise Your Rights

To exercise any of your rights under GDPR, or to request the deletion of your visitor logs stored in the local browser cache, you can send an email to info@sermayeborsasi.com. Your request will be reviewed and responded to free of charge within 30 days, following a secure identity verification process.