Terms and Conditions

At Octet Express Ödeme Kuruluşu Anonim Şirketi (“Octet”), we exercise all due care in order to ensure that our users are informed about our systems and services. In this regard, the briefing/information note we have drafted within the scope of Article 17 of the Communiqué on Information Systems of Payment and Electronic Money Institutions and Data Sharing Services in the Field of Payment Services of Payment Service Providers, which was promulgated in the Official Gazette No. 31676 of December 1, 2021 and numbered 31676, is submitted below for our users' review.

SECURITY NOTICE

* We hold PCI-DSS Service Provider Level 1 certification, the standards of which are determined by the PCI Security Standards Council (PCI SSC), jointly established by American Express, Discover, JCB International, MasterCard and Visa. Octet is audited annually under this certificate by an independent organization authorized by PCI SSC. All technology infrastructure, physical security, operational and technical processes of Octet concerning card payment systems are subjected to an inspection during such audit.

* Octet is a payment institution operating under the Central Bank of the Republic of Turkey (CRBT). In this regard, Octet’s information systems are periodically inspected by independent audit firms authorized by the CBRT. The reports compiled as a result of such audits are shared directly with the CBRT.

* All our systems are subjected to security tests - on a quarterly and/or annual basis - by independent companies specialized in security software and information security.

* All our systems are protected 24/7 with the most advanced and up-to-date security hardware and software in place and are kept under surveillance.

* All changes implemented on our systems are constantly recorded.

* All communication exchanged between our users and our systems are encrypted by up-to-date encryption methods.

SECURITY ALERTS

In spite of the fact that we, as Octet, spare the utmost effort to ensure the security of our users in our systems, a truly secure system for our users is possible only when our users are also knowledgeable about secure transactions. To that end, we kindly request you to carefully read the information provided below and consider them while using our systems.

* Make sure that you have the most up-to-date security patches offered by the manufacturer installed on your devices such as your computer, tablet or mobile phone. Do not install on these devices operating systems or system software that are not offered or approved by the original manufacturer. In case security software such as anti-virus software for the devices you use are available, make sure to use such software and check that they are continuously active and up-to-date.

* Be vigilant when connecting to the internet with your devices over wireless networks in public areas. While connecting to internet in these areas, ensure that you have a secure connection to the websites where you enter information such as your personal data or password, and that the security software on your device is active.

* You may access Octet's systems with your internet browser by using only our internet applications. Use the latest versions of internet browsers whilst accessing our applications.

* Always ensure to establish a secure connection with us while using Octet’s applications. In order to verify whether you have established a secure connection, check the address indicated in the address bar of your internet browser to make sure that it starts with [https://]https://. Additionally, check to make sure that there is a lock icon on the bottom left or right of your address bar, indicating that your connection is encrypted. In case of an error in the encryption on your connection, up-to-date browsers will show you an alert before opening our page or on the address bar. In case you detect such an alert while using our systems, please do not enter any information on your screen, and contact us via destek@octet.com.tr or by calling +90 850 360 1511.

* Do not share for any reason with anyone, including Octet’s employees and your company’s employees, your passwords, credit card information, the contents sent by Octet to your e-mail address and the codes sent to your mobile phone for identity authentication purposes. In the event of any circumstances which, in your opinion, requires the sharing of such information with any employee in your company, your company must contact Octet and consummate the necessary procedures to open a separate user account for such company personnel, as per the payment services framework agreement you have executed with Octet.

* If you are going to leave your computer unattended after using Octet’s applications, make sure to log out by using the option in the user menu at the top right corner.

* Do not keep your passwords written on notebook, paper or similar mediums. In case the passwords are in writing, dispose of them immediately to render them unreadable.

* Avoid keeping your passwords exposed on your computer, mobile phone or e-mail box for any reason. The safest ways are to memorize your passwords or to keep them in a secure password storage application developed for this purpose.

* Octet never sends e-mails to your e-mail address requesting you to share your personal information or password. When you receive such an e-mail, please contact us via destek@octet.com.tr or the phone number +90 850 360 1511 without entering any information.

* In case some e-mails which, in your opinion, are sent by Octet contain links directing you to a website, make sure that the address begins with https://secure.octet.com.tr or https://www.octet.com.tr by checking the internet addresses opened by such links from the address field of your browser.

* Octet makes user-specific announcements, warnings and similar continuous notification requirements via destek@octet.com.tr or the phone number +90 850 360 1511. Information not received through these channels must be ignored.

* Beware of people who claim to be calling you from Octet and seek information. Please confirm that the calling number belongs to Octet. Only the responsible customer representative contacts our users. If you do not know the person/number calling you and are suspicious, please end the call and contact your customer representative and report the incident. If you are unable to reach your customer representative, please contact us via destek@octet.com.tr or by calling +90 850 360 1511.

* This briefing/information note may be updated from time to time due to technical requirements, therefore, please check for the updates.

* While creating your passwords, please follow the specifications below:

- Use long passwords instead of short ones. The use of passwords containing at least 8 characters is recommended.

- Make sure your passwords include at least one lowercase letter, one uppercase letter, one number and one special character. While doing this, avoid patterns followed by many users such as capitalizing only the first letter, ending the password with an exclamation mark or a period.

- Refrain from using the same character or number more than twice in your passwords. 

- Avoid using sequential series of numbers (such as “123”), alphabetical sequences (such as “abc”) or sequences based on keyboard layout (such as “qwerty”) in your passwords. 

- Do not use information such as your name, date of birth or the name of your pet in your passwords that can be figured out by your social environment or through your social media account. 

- Change your passwords at least quarterly. Watch out for using, in your new password, as few as the same characters included in your previous password. For instance, when renewing your passwords, avoid using the same password for a long time merely by inserting the year and month of the change, to the end of such password.

- Refrain from using the same password on more than one system. Create a different password for each system holding your confidential data.

- If you believe that your passwords, sensitive customer data or personal information have been lost, stolen, deleted or are required to be changed, please contact us via destek@octet.com.tr or the phone number +90 850 360 1511. 

- If you suspect fraud or encounter any issues during the service provided by Octet, please contact us via destek@octet.com.tr or the phone number +90 850 360 1511.

- We recommend that you read the below-linked document compiled by the Banks Association of Turkey and titled "Fraud Detection and Prevention Methods", which, in our opinion, will contribute to your secure use of financial systems. https://www.tbb.org.tr/Content/Upload/Dokuman/7328/TBB-Dolandiricilik-Eylemleri-ve-Korunma-Yontemleri.html

OTHER NOTICES

* You may benefit from Octet systems 24/7. The terms regarding the services provided by Octet and the respective rights and responsibilities of the users and Octet in relation thereto are accessible through the payment service framework agreement you have executed with Octet, a copy of which is shared with your party, and the Terms and Conditions of Use of Octet Express Ödeme Kuruluşu Anonim Şirketi’s Portal, which you can access at any time through our system. If you have any difficulty in accessing the relevant documents, please contact us via destek@octet.com.tr or the phone number +90 850 360 1511.