tamkonum logotamkonum
All legal documents

Privacy Policy

Effective date: 2026-06-04·Version 2.0

Privacy Policy

Effective date: 4 June 2026 · Version: 2.0

1. Introduction

This Privacy Policy ("Policy") has been prepared to fulfil the data controller's obligation to inform data subjects under Law No. 6698 on the Protection of Personal Data ("KVKK") and related legislation, in connection with the personal data processed during the use of the services offered through the tamkonum brand and its website/application.

tamkonum is a vertical-video-based real estate and multi-category (residential, commercial, land, vehicles, restaurants, hotels) listing and discovery platform. tamkonum is not a real estate broker or intermediary; it acts as a hosting service provider within the meaning of Law No. 6563 on the Regulation of Electronic Commerce.

2. Identity of the Data Controller

Pursuant to the KVKK, your personal data is processed by the company identified below in its capacity as data controller:

InformationDetails
Trade nameBM İNTERNET MAĞAZACILIK VE ELEKTRONİK TİCARET HİZMETLERİ LİMİTED ŞİRKETİ
Brand/business nametamkonum
Websitehttps://tamkonum.com
AddressMerkez Mah. Abide-i Hürriyet Cad. No: 211 İç Kapı No: 64 Şişli/İstanbul, Türkiye
Phone+90 850 123 45 67
MERSIS No.0178077397900019
Trade Registry No.11416-5
Tax Office / Tax No.İstanbul Şişli Tax Office / 1780773979
KVKK / personal data requestskvkk@tamkonum.com
General contactiletisim@tamkonum.com

In this Policy, the terms "tamkonum", "Company", and "we" refer to the data controller identified above.

3. Categories of Personal Data Processed

The following categories of personal data are processed in order to provide our services:

3.1. Identity Data

  • First name, last name
  • Membership and identity verification data performed via phone number
  • Name-change requests and history shared by the user in the profile
  • For business/real estate agent accounts, legal entity and authorized representative information

3.2. Contact Data

  • Phone number
  • E-mail address
  • Communication content shared in the context of messaging, requests and support

3.3. Location Data

  • Coordinate and address data relating to the location of a listing
  • Location data processed for the purpose of location verification
  • Approximate/precise location data processed within the scope of map tools (commute time calculation, neighborhood analysis, search along a route) and the personalized feed (subject to your device's location permission)
  • Locations saved by the user (e.g. workplace, school, home)

3.4. Listing Content and Media

  • Videos and photographs you upload
  • Listing title, description and features
  • Text and label data generated from video/audio content as a result of AI-assisted feature extraction

3.5. Transaction and Payment Data

  • Transaction records relating to paid digital services such as subscriptions, listing promotion (boost), live streaming packages and project advertising
  • Invoice and transaction history information
  • Payments are carried out through the Tosla virtual POS using 3D Secure infrastructure; your card details are not stored by tamkonum. Only data such as the result, amount and reference information of the transaction is processed by us.

3.6. Usage, Device and Log Data

  • Application and website usage activity, search and interaction history
  • Device information, operating system, application version, IP address
  • Push notification tokens and notification preferences
  • System and security logs

3.7. Voice Call Recordings

  • Within the scope of in-app buyer↔business voice calls, audio recordings and call metadata (duration, parties, timestamp) obtained provided that the relevant parties are informed

3.8. Cookie and Similar Technology Data

  • Data collected through cookies, local storage and similar technologies (see the Cookie Policy for details)

4. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

  • Creating a membership, phone-based identity verification and account management
  • Creating, publishing, feature extraction and location verification of listings
  • Providing search, personalized feed and map tools
  • Conducting property tours via live streaming
  • Providing messaging, in-app voice calling and appointment services between buyers and businesses
  • Providing business/real estate agent profiles, team management and portfolio/CRM services
  • Providing paid digital services, collecting payments and invoicing
  • Promoting construction projects and providing related services
  • Where your explicit consent exists, sharing leads with contractors/developers
  • Improving service quality, analysis and improvement activities
  • Ensuring information security and preventing fraud and misuse
  • Fulfilling legal obligations and responding to requests from authorized institutions
  • Communication, support and complaint management

5. Legal Grounds for Processing Personal Data

Your personal data is processed on the basis of the following legal grounds set out in Articles 5 and 6 of the KVKK:

5.1. Processing Without Requiring Explicit Consent (KVKK Art. 5/2)

  • Being directly related to the conclusion or performance of a contract: providing membership, listing, payment, messaging, appointment and other services
  • Fulfillment of a legal obligation: record-keeping and retention obligations under tax, commercial and electronic commerce legislation
  • Being mandatory for the establishment, exercise or protection of a right: dispute and claim management
  • The legitimate interest of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject: security, fraud prevention, service improvement and analysis

5.2. Processing Requiring Explicit Consent (KVKK Art. 5/1 and Art. 6/2)

The following processing activities are based on your explicit consent:

  • Processing of usage/location data for the purposes of the personalized feed and profiling (beyond the extent permitted by legislation)
  • Sharing your contact and request information with third parties for the purpose of sharing leads with contractors/developers
  • Sending commercial electronic communications (non-mandatory notifications)
  • Transfer of personal data abroad in cases not expressly provided for by law

You may withdraw your explicit consent at any time. Withdrawal does not affect the lawfulness of processing carried out on the basis of explicit consent prior to the date of withdrawal.

6. Transfer of Personal Data

Within the framework of the purposes and legal grounds set out above and in accordance with Articles 8 and 9 of the KVKK, your personal data may be transferred to the following groups of recipients:

6.1. Domestic Transfers

  • Payment service provider (Tosla): for the purpose of carrying out payment transactions
  • Authorized public institutions and organizations: within the scope of legal obligations
  • Business partners from whom legal, financial advisory and audit services are received: only to the extent necessary

6.2. Cross-Border Transfers

The infrastructure of the following service providers may be located abroad. Transfers within this scope are carried out within the framework of Article 9 of the KVKK and, where necessary, on the basis of your explicit consent:

  • Hosting/infrastructure: Google Cloud and Cloudflare (server hosting, content delivery and storage)
  • Push notification providers: for the purpose of delivering mobile notifications

For cross-border transfers, security and legal measures in line with the KVKK and the decisions of the Personal Data Protection Board are applied.

7. Retention Periods for Personal Data

Your personal data is retained for as long as the purpose of processing requires and for the minimum retention periods stipulated in the relevant legislation:

Data categoryRetention period
Membership and account dataThroughout the membership period; upon account deletion, erased or anonymized at the end of a 30-day grace period
Transaction and payment recordsA minimum of 10 years as required by the relevant tax and commercial legislation
Listing content and mediaAs long as the listing remains published and during the legal retention periods
Voice call recordingsA maximum of 30 days from the date of the call; in the event of a dispute/objection, until the dispute is resolved
Log and security recordsFor the duration of the relevant legislation and legitimate interest

Personal data whose retention period has expired is erased, destroyed or anonymized.

8. Data Security Measures

In order to prevent the unlawful processing of and access to personal data and to ensure the safekeeping of data, the Company takes appropriate technical and administrative measures within the scope of Article 12 of the KVKK:

  • Encryption during transmission and storage
  • Access authorization and role-based access control
  • Processing of payment data through 3D Secure infrastructure and non-storage of card details
  • Keeping and monitoring system and security logs
  • Data minimization and privacy-by-design principles
  • Confidentiality obligations for personnel and business partners

9. Children's Data

tamkonum is not intended for use by persons under the age of 18. We do not knowingly collect personal data of persons under the age of 18. If we determine that data belonging to a person under the age of 18 has been processed, we will erase such data without delay.

10. Rights of the Data Subject (KVKK Art. 11)

Pursuant to Article 11 of the KVKK, by applying to the data controller, you have the following rights regarding your personal data:

  • To learn whether your personal data is being processed
  • To request information if your data has been processed
  • To learn the purpose of processing and whether it is used in accordance with its purpose
  • To know the third parties to whom your data is transferred, domestically or abroad
  • To request rectification if it has been processed incompletely or inaccurately
  • To request erasure or destruction within the framework of the conditions set out in Article 7 of the KVKK
  • To request that rectification, erasure and destruction operations be notified to the third parties to whom the data has been transferred
  • To object to a result arising against you due to analysis exclusively by automated systems
  • To request compensation for damages in the event that you suffer damage due to unlawful processing

Method of Application

To exercise your rights, you may submit your requests through the following channels:

  • E-mail: kvkk@tamkonum.com
  • Mail: Merkez Mah. Abide-i Hürriyet Cad. No: 211 İç Kapı No: 64 Şişli/İstanbul, Türkiye

Your requests will be concluded within a maximum of 30 days within the scope of the Communiqué on the Procedures and Principles of Application to the Data Controller. Depending on the nature of your request, verification of your identity may be requested.

11. Cookies

Our website and application use cookies and similar technologies. For detailed information on the types, purposes and management of cookies, please refer to the Cookie Policy document.

12. Changes to the Policy

The Company may update this Policy depending on changes in applicable legislation and services. The current version is published on our website together with its effective date and version number. In the case of significant changes, notification is made by appropriate means.

13. Contact

For any questions or requests regarding your privacy and personal data, you may contact us:

  • KVKK / personal data requests: kvkk@tamkonum.com
  • General contact: iletisim@tamkonum.com
  • Address: Merkez Mah. Abide-i Hürriyet Cad. No: 211 İç Kapı No: 64 Şişli/İstanbul, Türkiye
  • Phone: +90 850 123 45 67