Privacy Policy

Last Updated: March 27, 2019

Colendi Yapay Zekâ ve Büyük Veri Teknoloji Hizmetleri Anonim Şirketi (from hereinafter referred to as “Colendi”, or “us”), its website (, and its mobile applications (both hereon referred to as “Sites”) adopt the following privacy policy for any user who registers with either one of these sites (from hereinafter referred to as “User”, or “Users” in plural). Colendi’s mission is to provide its Users a credit scoring service that is based on financial and social credibility scores. The service is enabled through advanced technologies and applications that are developed by data from Users and from the platform. The platform obtains credit from sellers and Users’ credit scores (the platform will be referred to as “Services” from hereinafter). At the crux of this mission, the data we collect about you, how we use it, how we share it, and how we protect it are essential in order to ensure the safety of your data.

This privacy policy contains information about how you can monitor the integrity of personal and private data (from hereinafter referred to as “data”) collected from Users under this privacy policy (from hereinafter referred to as “Policy”). The Policy also has Colendi’s contact information, and how you can request to delete/anonymize data if you so choose. The Services are provided in blockchain structure which comes with the principles of nonerasable data. Any information that is collected directly by Colendi from you when you register (from hereinafter referred to as “User Contact Data”) will be held encrypted in the blockchain. But the data collected from third parties and surveys for calculating User’s credit score, will not be stored in the blockchain. Therefore, when Users start using Services, only Users’ Contact Data will be added to the blockchain system and will not be erased even after Users delete their accounts.

How does the Blockchain system work?

Blockchain is a decentralized digital recording system that keeps the data in blocks which attach each other and create a chain. Once the data is added to blockchain, it cannot be erased. Therefore, even if the User erases his/her account, the User’s Contact Data will be kept in the blockchain system. The data kept in blockchain is encrypted and only the User has access to unencrypted version.

The Users Contact Data is mutually kept in all computers who connect to the blockchain system rather than being stored on a centralized server. The computers in the blockchain validate each other and update simultaneously. However, the computers in the blockchain and Colendi will only have access to the encrypted version of data.

What kind of Data is Processed?

Colendi collects data directly from you, Colendi’s own technology, and from third party sources in order to maintain the results you expect from its Services.

Users who register with one of Colendi’s Sites express their consent to Colendi’s data operations. The operations include data collection from social media accounts, smartphone data, and appropriate commercial shopping history with the consent of Users.

Name and Contact Information: Colendi collects the Users' name, surname, phone number, email address, country of residence, and its addresses.

Authentication Information: User’s password, membership information, and account authentication are processed. Account authentication is held after all the information is anonymized.

Demographic Data: Date of birth, age, and gender are processed.

Favorites and Usage Data: Data from social media sites (only the ones consented by User through the social media account connection page such as Facebook, LinkedIn, Google, Twitter, etc.) are gathered and processed from the User’s device(s), including smartphone(s). Additional favorites and usage data include p h o n e directory data, application usage data, visited pages, social media validation data, number of friends in a given social media platform, a User’s friends’ profile information (including data embedded in comments, photos, and social tastes).

Location Data: Data from a Users’ smartphone or social networks are processed.

Payment Data: Data from commercial purchases and payments are processed.

Device Information: Data from a Users’ electronic device model and its IP address information.

Cookies and Similar Technologies: Our “Cookie Policy” has information on how we use cookies and how you can control their use. You can check our Cookie Policy to get information.

Survey Information: We collect data from our surveys to profile Users status such as credit usage data, education level, income data, residential status, information about family members, profession, marital status, financial information and background (credit cards, bank accounts, loans), daily habits.

Under this Policy, irreversibly anonymous data will not be deemed as data.

How is your data collected?

We collect your data by the procedures below:

  1. Collected data when you registered to Colendi: To benefit from the Services when you register to Colendi, we collect User Contact Data such as your name, surname, email, mobile phone number, date of birth, profile photo. User Contact Data is collected directly by Colendi and not be accessible to us after registration is completed

  2. Collected survey data by Colendi: To personalize and improve the Services, we collect personal data (profession, education level, financial background, etc.) through surveys. Surveys will help us to provide Services to Users.

  3. Data collected by third parties to benefit from our Services: In order to calculate your credit score, we collect data such as your address information, your social network data ofwhichyouprovidedconsent for (such as Facebook, Linkedin, Google, Twitter, etc.) collected rothrough your devices especially from your smartphone, your contacts information, application usage data, visited pages data, data

    to determine whether you are a valid social media User, your friends’ p h o n e numbers and their profile information on social media, your comments and likes on the above mentioned social media platforms, your registered photographs on social media, your location data, payment data and device information, your commercial and payment information. Colendi is collecting data through third parties’ tokens embedded to the Sites. Token is a piece of data created by Colendi and allows Colendi to access information to identify the User when data are received from third parties. Third party data will only be collected if the User, provides expressly consent to Colendi through token to access data.

    Where are the data processed and stored?

    Colendi collects data in proportion to a specific User purpose in order to fulfill services a User requests. Where data are stored and processed, depends on how the data is collected. User Contact Data collected directly by Colendi will be stored in the distributed storage. Therefore, only the User will have access to the User Contact Data. Also, some of the data is stored on the mobile phone of User.

    Datacollected through third parties, such as social networks and data received from surveys, are stored and processed at Amazon Web Services in a third country instead of the distributed storage. With accepting and using the Services, User gives explicit consent to Colendi to transfer the data to a third country.

    Prescribed security measures from the country’s legislation are obeyed.

    For what purposes do we process your data?

    Data obtained by Colendi are used to provide credit scoring and microcredit services on the basis of financial and social scores. The scores are derived from the use of credit evaluation algorithms that are used to analyze User data. The algorithm also provides relevant measurements, artificial intelligence-based credit scores, etc. The data improve Colendi’s services, a r e applied to Colendi’s or other third-party advertising/marketing campaigns, provide promotions to Users, fulfill legal obligations, create User credibility scores via a rating engine, and create Colendi scorecards that contribute to Colendi’s functionality.

    Besides, Colendi uses data to identify system problems and resolve them quickly. This is accomplished through the use of a User’s I.P. address, if necessary. I.P. addresses are also used to identify Users generally and to collect demographic information.

    Who can access your data?

    Colendi will not share User’s data to third parties that have not provided explicit consent of User.

    Third parties and third-party vendors that provide promotions can only have access to the credit score of User. In addition, Colendi’s technology provide outsourcing services to providers, such as to microcredit lenders.

    Colendi shall not be liable to you for any purpose that is related to satisfying t h e required services and development of those services. Explicit consent from the User for any related purposes are also not under Colendi’s liabilities. Finally, any purposes specified under the use of a third party are also exempted from Colendi’s liabilities.

    Users can share their credit score and User Contact Data with third parties at their will via QR Code scan. However, Colendi will still have no access to User Contact Data even if a User shares his or her data via QR Code.

    Colendi will be able to process and share User data with third parties in accordance with the Turkish Protection of Personal Data Act No. 6698 and within cases of exemptions in relevant legislation. Relevant legislation pieces are listed below:

to an automatic decision-making system, including profiling if there is a legal or similar legal effect on the decision.

Storing and Deleting Data

Colendi reserves the right to keep data collected during a statute of limitations period set forth in applicable legislation. This right is limited to extents necessary for Colendi to perform its services, follow collection purposes, maintain legal compliance, and execute administrative and judicial proceedings under dispute.

From the basis of blockchain structure even when the User deletes his/her account, the User Contact Data will be kept encrypted in blockchain system. Colendi will not have access to the unencrypted data after the account deleted. However, Users can always have access to his/her accounts.

Your erasable data shall be deleted, destroyed or anonymized upon your request or automatically by Colendi following the deletion of your account. Colendi reserves the right to select unilaterally the method regarding the destruction of data.

Data Security

Colendi will preserve the collected data for the purpose of using it for product improvement purposes and will not use or transfer it to third parties except for the purposes stated in this Policy. User Contact Data is stored as encrypted in blockchain system; therefore only the User will have access the unencrypted data.

With this bet, Colendi will make data exchanges that will be performed by the service as encrypted through HTTPS. Personalized data belonging to Users are stored by means of advanced encryption methods, some of which are accessible only to Users and some of which are accessible to both Users and Colendi. Access to systems with sensitive personal data will only be provided from certain IPs using the VPN system. By anonymizing data collected by Colendi, Colendi can process these data for the purposes of; average usage of credits under a loan from the system, determination of the countries with the most loans, and determination of the distribution of loan repayment rates by age ranges.

Colendi does not bear any responsibility for the privacy policies and content of the applications for links given to other applications through the Site.

Colendi shall not disclose to the other party the data it obtains from the Users that it collects in violation of the provisions of this Policy and the relevant legislation and shall take the necessary technical and administrative measures to ensure the appropriate level of security in order to ensure the confidentiality of the data it collects; unauthorized access will not be allowed. However, please note that no system is 100% secure.

If Colendi finds a violation related to the security system, it may try to inform you electronically by sending a notification to [email protected] or by sending you an email. If you have any problems with data security, you can contact us via [email protected].

Changes to the Policy

Colendi may change this Policy from time to time. You can check that when we lastly update the Policy from the "last updated" section. The Policy provisions amended by Colendi shall enter into force on the date of publication. In addition, Colendi will notify you in advance of any important changes that may be made by showing you a specific notice in accordance with the conditions or by sending you an e-mail. For this reason, please be sure about reading all such notices carefully.

Children's Privacy

Colendi is not intended for children under 16 years old. However, in some countries tighter age limits may

apply under local law.

We are deliberately unaccompanied by children under the age of 16 or under the current age limit. If you are under 16 please do not use Colendi Services and do not give us your personal data. If you are a parent of a child under the age of 16 and you notice that your child has given the data to Colendi, please contact us at [email protected].

We will take reasonable steps to erase data if we notice that we have collected the data of a child under 16.


If you have any questions about this Policy, you can contact our Data Protection Officer by typing in the address given below.

[email protected]