Privacy Policy

This Policy (Privacy Policy) applies to personal information held by İNİNAL ÖDEME VE ELEKTRONİK PARA HİZMETLERİ A.Ş. (herein after referred to "We" or "Ininal") as described below.

With Inınal Card, Mobile Apps, Ininal APi services and Co-Branded Cards etc. Ininal provides the comfort of managing your money, making your payments, following your transactions, checking your balance with a single click. Thus this Policy covers any personal/corporate products or services you have with us, including aformentioned payment transactions. We hereby kindly keep you informed about some definitions before giving details.


  • The Company, or, the Data Controller 

The Company means İNİNAL ÖDEME VE ELEKTRONİK PARA HİZMETLERİ A.Ş. (herein after referred to "We" or "Ininal") 

Contact Details: 

A close up of a sign

        Description automatically generated 

Mecidiyeköy Yolu Caddesi No:12 |  Trump Towers 2. Kule | Kat:9 N:448|  Şişli/İstanbul  

A close up of a sign
        Description automatically generated 

A picture containing drawing

        Description automatically generated 


  • Data Controller 

Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. 

  • Data Processor 

Data Processor means any natural or legal person who processes the data on behalf of the Data Controller. 

  • Data Subject 

Data Subject is any living individual who is using our Service and is the subject of Personal Data. 

  • Personal Data 

Means any information relating to an identified or identifiable natural person 

  • GDPR 

EU General Data Protection Regulation (No.2016/679) 

  • PDPL 

Personal Data Protection Law (No. 6698) of the Republic of Turkey 

  • The Law No.6493 

Law On Payment And Securities Settlement Systems, Payment Services And Electronic Money Institutions 

  • The Regulation 

Regulation On Operations Of Payment And Securities Settlement Systems 

1.Principles for processing personal data

As the Data Controller, Our principles for processing personal data are:

  • Fairness and lawfulness. When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.

  • Restricted to a specific purpose. The personal data of Data Subject must be processed only for specific purposes.

  • Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.

2.What personal data we collect and process

We’ll only collect your information in line with relevant regulations and especially the Law No:6493. We may collect information about you when you interact with us, e.g. visit our websites or mobile channels, call us or ask about any of our products and services.

The information we collect may include:

  1. Information that you provide to us, e.g.:

    • personal details, e.g. name, gender, date and place of birth;
    • contact details, e.g. address, email address, landline and mobile numbers;
    • information concerning your identity e.g. photo ID, passport information, National ID card and nationality;
    • market research, e.g. information and opinions expressed when participating in market research;
    • user login and subscription data, e.g. login credentials for phone and online payment and mobile payment apps;
    • other information about you that you give us by filling in forms or by communicating with us, whether face-to-face, by phone, email, online, or otherwise;
  2. Information we collect or generate about you, e.g.:

    • your financial information and information about your relationship with us, including the products and services you hold, the channels you use and your ways of interacting with us, your ability to get and manage your payment history, transactions records, market trades, payments into your account including salary details and information concerning complaints and disputes;
    • information we use to identify and authenticate you, e.g. your signature and your biometric information, such as your facial ID;
    • marketing and sales information, e.g. details of the services you receive and your preferences;
    • information about your device or the software you use, e.g. its IP address, technical specification and uniquely identifying data;
    • cookies and similar technologies we use to recognise you, remember your preferences and tailor the content we provide to you – our cookie policy contains more details about how we use cookies and can be found at
    • risk rating information, e.g., transactional behaviour and underwriting information;
    • investigations data, e.g. due diligence checks, sanctions and anti-money laundering checks, content and metadata related to relevant exchanges of information between and among individuals and/or organisations, including emails, voicemail, live chat, etc.;
    • records of correspondence and other communications between us, including email, live chat, instant messages and social media communications;
    • information that we need to support our regulatory obligations, e.g. information about transaction details, detection of any suspicious and unusual activity and information about parties connected to you or these activities.
  3. Information we collect from other sources, e.g.:

    • information you’ve asked us to collect for you, e.g. information about your accounts or holdings with other companies including transaction information;
    • information from third party providers, e.g. information that helps us to combat fraud or that relates to your social interactions (including your communications via social media, between individuals, organisations, prospects etc.);
    • information from publicly available sources.

3.How we use your information

We’ll only use your information where we have your consent or we have another lawful reason for using it.

These reasons include where we:

  • need to pursue our legitimate interests;
  • need to process the information to enter into or carry out an agreement we have with you;
  • need to process the information to comply with a legal obligation;
  • believe the use of your information as described is in the public interest, e.g. for the purpose of preventing or detecting crime;
  • need to establish, exercise or defend our legal rights;
  • need to use your information for insurance purposes.

The reasons we use your information include to:

  • deliver our products and services;
  • carry out your instructions, e.g. to fulfil a payment request;
  • manage our relationship with you, including (unless you tell us otherwise) telling you about products and services we think may be relevant for you;
  • understand how you use your accounts and services;
  • support our payment operations;
  • prevent or detect crime including fraud and financial crime, e.g. financing for terrorism and human trafficking;
  • ensure security and business continuity;
  • manage risk;
  • provide Online payment, Ininal card, mobile apps and other online product platforms;
  • market our products and services to you, and to people like you, e.g. through traditional and online advertising;
  • improve our products and services, including through analysing how you use them;
  • analyse data to better understand your circumstances and preferences so we can make sure we can provide you with the best advice and offer you a tailored service;
  • protect our legal rights and comply with our legal obligations;
  • correspond with solicitors, surveyors, valuers, other lenders, conveyancers and third party intermediaries;
  • undertake system or product development and planning, insurance, audit and administrative purposes;
  • How we make decisions about you

We may use automated systems to help us make decisions, e.g. when you apply for products and services and to carry out fraud and money laundering checks. We may use technology that helps us identify the level of risk involved in customer or account activity, e.g. for fraud or financial crime reasons, or to identify if someone else is using your card without your permission.

You may have a right to certain information about how we make these decisions. You may also have a right to request human intervention and to challenge the decision. More details can be found in the ‘Your rights’ section below.

  • Compliance with laws and regulatory compliance obligations

We’ll use your information to meet our compliance especially with the Laws No 6493 and 5595, the Regulation, and to comply with other laws and regulations and to share with regulators and other authorities that Ininal is subject to. This may include using it to help detect or prevent crime (including terrorism financing, money laundering and other financial crimes). We’ll only do this on the basis that it’s needed to comply with a legal obligation, it’s in our legitimate interests and that of others, or to prevent or detect unlawful acts.

  • Marketing

We may use your information to provide you with details about Ininal products and services. We may send you marketing messages by post, email, telephone, text, secure messages, or through social media once you consent us to do so in compliance with the Law No. 6563 on the Regulation of Electronic Commerce. You can change your mind on how you receive marketing messages or withdraw your consent to stop receiving them at any time. To make that change, please contact us in the usual way. .

4.Legal Reason of Collecting and Processing Your Personal Data

We’ll only use your information in accordance with Articles (4, 5) and (6) of the PDPL, where we have your consent or we have another lawful reason for using it.

We use information to meet our compliance obligations, to comply with

  • the Law No 6493,
  • Other laws (such as the Law no. 5549 On Prevention Of Laundering Proceeds Of Crime )
  • Other regulations

and, to share with regulators and other authorities that Ininal is subject to. This may include fulfilling legal obligations (such as financial reporting, internal control, audit, risk management) against The Central Bank of the Republic of Turkey, Banking Regulation and Supervision Agency, Financial Crimes Investigation Board, and also may include using it to help detect or prevent crime (including terrorism financing, money laundering and other financial crimes).


Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology.

For further information about cookies we use, please visit our Cookies Page for the policy and for all information about cookies visit

6.Making Contact

If you wish to send a message via our web site, you can click on the Contact button on the web site and submit your message through our info e-mail address by using your name- surname and e-mail address.

7.Who we might share your information with?

In accordance with the legal obligations, Ininal is subject to disclose some sort of personal data to competent authorities aforementioned above due to the legal provisions laid down in special Laws, such as the Law No. 6493 and the Regulation. Additionally we may share some of your information with our business partners to operate our technical and administrative services.

8.Data retention

In accordance with the Art 7 in the Law, KVK no: 6698 and special provisions laid down in related laws and regulations; We process and store your personal data as long as it is necessary for the fulfilment of our legal obligations and legitimate interests. If the storage of personal data is no longer necessary for the fulfilment of these obligations, it will be deleted, unless there are legal obligations to retain such data (i.e. the Internet Law No: 5651 mentioned above), or such as commercial and fiscal obligations of for the preservation of evidence within the framework of statutory limitation rules.

9.Rights of the data subject

You have the following rights with regard to your personal data:

  • Right to information
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

However, firstly you also have the option of contacting to the Contact Person of Data Controller via

If you have given us your consent (Art. 5/1 PDPL, Art. 6(1/a) GDPR), you can revoke it at any time with effect for the future.

If we base the processing of your personal data on legitimate interests (Art. 6(1/f) GDPR), you may object to the processing. In the event of such an objection, we kindly ask you to explain why we should not process your personal data. In the event of a justified objection, we will examine the situation and either discontinue or adapt the data processing or point out legitimate reasons why we will continue the processing, likewise in the Law, PDPL no: 6698

You can object to the processing of your personal data for advertising purposes at any time.

10.Submission of the Application

Pursuant to paragraph 1 of Article 13 of the PDPL, you can send your request for exercising your rights specified in article 11 of the same Law, to the Contact Person [] by using the registered e-mail (REM) address or the e-mail address that you have previously notified to our company and registered in our system, or to our company's contact address in writing in person.

11.How to contact with the appropriate authority

Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact with the Personal Data Protection Authority (KVKK) in Turkey that contact details given below.

Kişisel Verileri Koruma Kurumu
Nasuh Akar Mahallesi,
Ziyabey Cad. 1407. Sok. No:4,
06520 Çankaya/Ankara
Tel : +90 312 216 50 00 Web:

Meet ininal Card

Secure and fast shopping card that is valid everywhere, has chip and contactless options.