LPDD
This information text has been issued for clarifying the methods and principles relevant to the processing of personal data of our guests by the company Beyak Gayrımenkul Tur. İnş. San. Ve Tic. A.Ş. Sirene Luxury Hotel (hereinafter “data processor”) that has been appointed by the hotel operator Beyak Gayrımenkul Tur. İnş. San. Ve Tic. A.Ş. Sirene Luxury Hotel (hereinafter “Company”) that is established in Turkey in accordance with the Law on the Protection of Personal Data No. 6698 (hereinafter “Law”). We process your personal data as laid down in the Law in accordance with the purposes and conditions stated in subparagraph 2 of article 5 and subparagraph 3 of article 6 of the Law.
Hereunder, the Company processes your data;
- In case of expressly ordered by law during the continuation of the service offered to you by our Company,
- The processing of your personal data by our company is directly relevant and necessary for the establishment or performance of a contract,
- Processing of your personal data is compulsory for our company to fulfil its legal obligation,
- Provided that your personal data is publicized by you; our company processes such data with limitation to your purpose of publicizing the same,
- The processing of your personal data by our company is compulsory for the establishment, use or protection of the rights of our company or of you or third parties,
- Personal data processing is compulsory for the legitimate interests of our company, provided that it does not harm your fundamental rights and freedoms,
- Personal data processing by our Company is mandatory for the protection of the life or body integrity of the personal data owner or someone else, and in this case the personal data owner is unable to disclose his consent due to actual or legal invalidity,
- And it is foreseen in the law with regards to the sensitive personal data of the owner except health and sexual life,
In this context, our company processes your personal data for the following purposes:
- Institutional sustainability operations and execution
- Event management
- Guest/customer relations management
- Business partner and supplier relations management
- Execution/follow-up of company’s financial reporting and risk management operations
- Execution/follow-up of company’s legal transactions
- Execution/planning of corporate communication operations
- Execution of corporate management operations
- Claim and complaint management
- Ensuring the safety of community values
- Efforts to protect the reputation of the company
- Investor relations management
- Giving information to the competent authorities from the legislation
- Creation and follow-up of visitor records
We hereby inform you that your personal data might be transferred, assigned, classified and processed in other ways as specified in the Law,
- Within the scope of our commercial relations or our business relationship with you,
- Within the framework of the purpose requiring their processing and in connection with this purpose, in a limited and measured manner,
- By maintaining the correct and up-to-date version of personal data as reported to us,
- And to third parties domestically or abroad under the terms of the Law and it might be recorded, stored, maintained, reorganized and shared with the institutions authorized by Law to request such personal data.
The Company pays special attention to the protection of personal data and takes all necessary technical and administrative measures. By the end of the service, your identity data and communication data, which are detailed under the title of the “processed data” below, will be kept for 10 years whereas your sensitive personal data, visual and audio personal data and family and relatives personal data will be kept for 2 years by taking all necessary technical and administrative measures.
Your personal data will be collected by company units and offices, group companies, website, social media channels, mobile applications, agencies and similar means verbally, in written form or electronically by means of automatic or manual methods although this might vary depending on the services and commercial activities of the company. As long as you benefit from the products and services offered by our company and group companies, your personal data will be processed by creation and updating in different ways.
In addition, your personal data may be processed when you use our call centres or website to use the services of the Company, visit the Company or our website, request the services of the Company through agencies, and participate in trainings, seminars or organizations organized by the Company.
THE TYPES OF PERSONAL DATA THAT IS PROCESSED
Identity Data: Name, surname, date of birth, nationality, place of birth, gender, marital status, T.R. identity card information (identity no, serial no, certificate no, father name, mother name, place of birth, city, district, neighborhood, volume no, family order no, order no, section no, page no, registration no, place of issue, reason of issue, issue date, former surname), certified copy of ID card, Passport no.
Contact Data: Phone number, zip code, explicit address, e-mail address, corporate e-mail address.
Sensitive Personal Data: Health data, Food allergy, Disease monitoring dates, symptoms of illness information, disease monitoring rates information.
Visual and Audial Data: photos, voice recordings, camera recordings (video records such as birthday celebrations, etc.) of real persons.
Data of Family and Relatives: Name and surname of spouse and children, T.R. identification number, passport number, date of birth, telephone number, name, surname and e-mail address of relatives who can be reached in case of an emergency
Other: Car license plate, VIP service and arrival-departure times, data of VIP service stop, internet access logs, entry and exit logs, Guest Product acceptance information, Guest arrival and departure dates, agency/company information, profession.
Personal Data Recipients and Purpose of Receipt
Your collected personal data might be transferred to our business partners, suppliers, company executives, shareholders, public institutions and private organizations that are authorized by law taking necessary measures within the framework of the conditions stated in this text to spend necessary efforts to benefit you from the products and services offered by our company, to be offered to you by customizing the products and services offered by our company according to your desires, usage habits and needs, to ensure the legal and commercial security of the people in the business relationship of our company (physical security and inspection of the locations of our company, business partner/customer/supplier (authorized or employees) evaluation processes, reputation research processes, legal compliance process, audit, financial affairs, etc.), and to ensure the execution of the Guest Services Policies of our company.
Entities who can transfer data |
Definition
|
The purpose of Data Transfer |
Business Partner (agency, client etc.) |
Describes the parties with which the Company establishes business partnerships for the purpose of buying or selling services while conducting its commercial activities. |
Limited to the purpose of ensuring the fulfillment of the purposes of establishing the business partnership and evaluating the authority or employee. |
Supplier |
Defines the parties that offer products/services to the company on contract basis in accordance with the orders and instructions of the company when carrying out the commercial activities of the company. |
Limited to the purpose of ensuring that the products and services supplied by the company from the supplier and necessary for carrying out the commercial activities of the company are procured. |
Company Representatives |
Members of the Board of Directors and other authorized real persons |
Limited to the purpose of ensuring the physical security and control of the locations of the company, designing strategies regarding the commercial activities of the company in accordance with the provisions of the relevant legislation, ensuring the highest level of management, financial affairs, etc. |
Public Institutions and Organizations Authorized by Law |
Public Institutions and Organizations authorized to get information and document from the company according to the terms of applicable legislation |
Limited to the purpose demanded within the legal authority of the related public institutions and organizations |
Private Entities Authorized by Law |
Private legal persons authorized to get information and document from the company according to the terms of applicable legislation |
Limited to the purpose demanded by the relevant private legal persons within the legal authority |
Method and Legal Justification of Personal Data Collection
Your personal data is obtained in any verbal, written or electronic medium for the purpose of providing the products and services provided by our company within the legal framework determined in accordance with the purposes mentioned above and in order to fulfill our contractual and legal responsibilities completely and accurately. For these legal reasons, your personal data is collected using manual or electronic media, while remaining within the scope and purposes of the personal data processing in this clarification document.
Pursuant to Article 11 of the Law, your rights can be listed as follows:
- Finding out whether your personal data has been processed or not,
- Demanding related information if your personal data has been processed,
- Finding out the purposes of personal data and whether they are used relevantly,
ç) Right to know the third parties to which personal data is transferred at home or abroad,
- Demanding amendment if personal data is incomplete or processed incorrectly,
- Demanding personal data to be deleted or destroyed, (Please request a form from the Human Resources Department for the claim).
- Demanding the report of completed transactions pursuant to paragraphs (d) and (e) above to third parties to whom such data has been transferred,
- Objecting a consequence against the person in question by analysing the processed data only by means of automatic systems, and
- Claiming compensation for the damages due to data process against the Law.
The results of your claim in your application will be concluded free of charge within maximum 30 days depending on the qualification of claim. However, if such transaction requires a separate cost for the Company, the Personal Data Protection Board may charge the fee specified in the Notification on the Procedures and Principles of Application to the Data Officer. You need to submit your application in writing or by registered electronic mail (PEP) address, secure electronic signature, mobile signature or using the e-mail address you have previously informed us in our records by filling out the application form on the internet address of our Company regarding the processing of your personal data. Our company may require additional verification (such as sending a message to your registered phone, calling you) to determine whether the application belongs to you and thus to protect your rights, depending on the reason for your request and the method of application. For example; if you apply through your e-mail address registered with the company, we may contact you using another communication method registered in the Company and request confirmation of ownership of the application.
CONTACT DETAILS
ADDRESS: BEYAK GAYRIMENKUL TUR. İNŞ. SAN. VE TİC. A.Ş. SİRENE LUXURY HOTEL, Geriş Mah. Erdemil Cad. No: 80-A | 48990 Yalıkavak, Bodrum/Muğla, Türkiye
CENTRAL REGISTRATION SYSTEM NO: ……………………………….
Tel : +90 (252) 311 25 25
Fax : +90 (252) 388 70 19
www.sirene.com.tr