Website Privacy And Security Instructions 2022-05-05
WEBSITE PRIVACY AND SECURITY INSTRUCTIONS
The purpose of this instruction is Ek-Sa İnşaat Emlak Turizm ve Tic. Ltd. Sti. It is to define the security and privacy policies that visitors to the websites operated within the scope of Daima Hotels will be deemed to have accepted.
This instruction, Ek-Sa İnşaat Emlak Turizm ve Tic. Ltd. Şti is valid for the entire scope defined for ISMS carried out at Daima Hotels.
Established: Ek-Sa İnşaat Emlak Turizm ve Tic. Ltd. Sti Daima Hotels
Stakeholder: Ek-Sa İnşaat Emlak Turizm ve Tic. Ltd. Şti are Organizations, groups or individuals who will be directly or indirectly affected by the activities carried out within the scope of Daima Hotels, in a positive or negative way.
Third Party: Legal entities and personnel who provide services to the organization by contract.
Personnel: Personnel in the organization
Information Security: Protecting the confidentiality, integrity and accessibility of organizational assets
ISMS: Information Security Management System
BID: Daima Hotels IT Department
WEBSITES: Ek-Sa İnşaat Emlak Turizm ve Tic. Ltd. Şti includes the websites of Daima Hotels.
CUSTOMER: Visitor to the Websites.
How to use and protect the information we obtain regarding you and the services you request during your visit to this website and your use of the services we offer through the site are subject to the conditions set forth in this instruction. By visiting this website and requesting to benefit from the services offered through the site, you accept the conditions specified in this instruction.
INTERNET SITES request some of your personal information (name, age, interests, e-mail, etc.) from you in order to provide better service to its customers. This information collected on corporate computers is used only within the organization for periodic campaigns, designing special promotional activities for customer profiles, and customer "classification" studies aimed at not sending unsolicited e-mails.
The organization does not share the information collected from the membership forms with third parties without the knowledge of the member in question or otherwise, and does not use or sell it for commercial purposes for any reason other than activity.
Apart from the personal information requested in the e-mail addresses and membership forms, the organization analyzes and interprets the visitor movements and preferences that it monitors during the use of the site. These statistical data, which do not contain personal information, can be shared with business partners.
Customer information can only be disclosed to official authorities if this information is duly requested by the official authorities and in cases where it is obliged to make a statement to the official authorities in accordance with the provisions of the mandatory legislation in force.
Only the customer can access all the information that the customer enters into the system, and only the customer can change this information. It is not possible for anyone else to access and change this information.
Your credit card information requested on the payment page is not kept on the servers of the INTERNET SITES or the companies that serve it, in order to keep the security of our valued customers at the highest level. In this way, it is ensured that all transactions for payment are carried out between the bank and your computer through the INTERNET SITES interface.
When you make a purchase on our site, you accept that your financial information is given to the third parties (banks, credit card companies, etc.) necessary to perform your transaction. Otherwise, you will not be able to complete the purchase.
The copyrights on the information, materials and their arrangement on our website belong to the organization. All copyrights, registered trademarks, patents, intellectual and other proprietary rights regarding the information and materials contained in our Website, excluding the materials belonging to third parties, belong to us.
In order to protect the privacy of our customers' personal information, necessary precautions have been taken by keeping the system and internet infrastructure at the most reliable level. In addition, do not hesitate to consult us on matters that require information.
It is one of the leading principles of the organization to protect the privacy of the visitors ("Data Owner") of the WEBSITES operated by the organization.
1. PROCESSING OF PERSONAL DATA OF DATA OWNERS
With the policy, our visitors who visit WEBSITES are informed about the following issues:
Which personal data of the Data Owners is obtained, the method of collection of personal data and the legal reason;
The purposes for which the personal data of the Data Owners are processed;
With whom personal data of Data Owners can be shared;
Storage periods of personal data of Data Owners;
Rights of Data Owners;
Measures taken to ensure the security of personal data of Data Owners.
Which Personal Data of Data Owners are Obtained, Method of Collection of Personal Data and Legal Reason
Any information that makes your identity specific or identifiable is “personal data”. The Organization carries out all kinds of activities necessary to act in accordance with the Law on the Protection of Personal Data No. 6698 (“Law”) and the relevant legislation in the processing of your personal data.
Your personal data obtained by visiting the WEBSITES are listed below:
Transaction Security Information
Product/Service Usage Information
Request/Complaint Management Information
For What Purposes the Personal Data of Data Owners is Processed
Your personal data obtained due to your visit to the WEBSITE may be processed by the organization for the purposes listed below in accordance with Articles 5 and 6 of the KVK Law:
Carrying out the necessary work by our business units and executing the relevant business processes in order to benefit the relevant people from the products and services offered by the organization,
Planning and executing the activities necessary to recommend and promote the products and services offered by the organization to the relevant people by customizing them according to the tastes, usage habits and needs of the relevant people,
To carry out the necessary work by our relevant business units for the realization of the commercial activities carried out by the organization and to carry out the related business processes,
Planning and execution of corporate commercial and/or business strategies,
Ensuring the legal, technical and commercial-occupational safety of the Organization and the related persons who have a business relationship with the organization.
With whom Personal Data of Data Owners can be Shared
Your personal data obtained, in accordance with the purposes of processing your personal data, to our business partners (such as outsourcing service providers, hosting service providers, research companies, call centers), our shareholders, affiliates, legally authorized public institutions and private individuals. It can be transferred within the scope of the personal data processing conditions and purposes specified in Articles .
Storage Periods of Personal Data of Data Owners
Although it has been processed in accordance with the provisions of the law and other relevant laws, personal data is deleted, destroyed or anonymized by the organization in the event that the reasons for its processing disappear.
In accordance with the Law, the Organization will be able to preserve personal data during the time-out periods determined by the relevant legislation to be used within the scope of any possible dispute. In this case, the stored personal data is not accessed for any other purpose and is only accessed when it is required to be used in the relevant legal dispute.
You can find detailed information about the storage of your personal data here.
Rights of Data Owners
Pursuant to Article 11 of the Law, Data Owners have the following rights regarding their personal data:
Learning whether personal data is processed or not,
If personal data has been processed, requesting information about it,
Learning the purpose of processing personal data and whether they are used in accordance with the purpose,
Knowing the third parties to whom personal data is transferred at home or abroad,
Requesting correction of personal data in case of incomplete or incorrect processing and requesting notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
Requesting the deletion or destruction of personal data in the event that the reasons requiring its processing have disappeared, although it has been processed in accordance with the provisions of the KVK Law and other relevant laws, and requesting the notification of the transaction made within this scope to the third parties to whom the personal data has been transferred,
Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,
To request the compensation of the damage in case of loss due to unlawful processing of personal data.
The establishment, in accordance with the Law, within the administrative and technical possibilities; It operates the systems necessary to enable Data Owners to use their personal data.
You can update your personal information on the INTERNET SITES with the help of the relevant forms. If you submit your requests regarding your rights to the organization using the methods in the Organization Application Form, it will be concluded free of charge as soon as possible and within thirty days at the latest, depending on the nature of the request. However, if the transaction requires a separate cost, the fee in the tariff determined by the Personal Data Protection Board may be charged by the organization.
Measures Taken to Ensure the Security of Personal Data of Data Owners
In line with the importance our organization attaches to the protection of personal data and ensuring data security, in order to ensure data security by our organization in accordance with Article 12 of the KVK Law,
To prevent the unlawful processing of personal data,
To prevent unlawful access to personal data,
To ensure the protection of personal data,
takes all necessary technical and administrative measures to ensure the appropriate level of security for the purpose.
Website Security and Privacy Instruction is dated 01.03.2020. In case of renewal of all or certain articles of the instruction, the effective date of the instruction will be updated.
The instruction is published on the organization's WEBSITEs and is made available to the relevant persons upon the request of the personal data owners.