PDPL ( Personel Data Protection Law )

We reserve the right to make changes to this Statement to provide accurate and up-to-date information on practices and regulations regarding the protection of personal data. In addition, in the event of a material change in the Notice, relevant persons will be notified by appropriate means.

This Statement has been prepared to provide information about which personal data Harem Cappadocia Hotel processes within the scope of its commercial activities, the purposes of the processing, the parties to which personal data is transferred, and the purposes of these transfers. This Statement covers the following channels through which personal data is collected:

reservation offices, check-in counters, requests, and complaints, surveys, fairs, and events; verbal, written, or electronic media, automatic and non-automatic means,

 

Harem CAPPADOCIA website and mobile applications,

Harem Cappadocia Hotel products and services and sales channels via the web, social media, passenger and customer conversations, SMS channels, business intelligence, contracted merchants, business/program partners; verbally, in writing or electronically, automatically and non

automatically.

Harem Suites Cappadocia Hotel (“Website”); software and applications provided through computers or other smart devices (“Application”); Social media accounts (“Social Media”) and other channels managed by persons authorized to serve on behalf of Harem Suites Cappadocia will be referred to as “Digital Platforms”.

 

What personal data do we process?

Personal data processed by our company differ according to the nature of the legal relationship established with our company. In this context, the categories of personal data collected by our Company through all channels, including Digital Media, are as follows:

Identity Information (Personal data provided when creating an account on our Site or Application, making a seat reservation on the plane, or benefiting from privileged services such as name, surname, identity, and passport number offered by Harem Suites Cappadocia Hotel and its business partners.)

Contact Information ( personal data number, social media contact information, address, etc.)

Location Data (location data collected by location-based tools such as airport directions, a map view, nearest parking lot)

Front Passenger Information “API” (name, nationality, date of birth, gender, type and number of travel documents, issue and expiration date, as well as personal data relating to the issuing authority)

Information about Family and Relatives (identity information, contact information, children of the person concerned, occupation and education information about his spouse, etc.)

Customer Transaction Information (personal data recorded in channels such as call centers, credit card statements, box office receipts, customer orders including reservation, purchase, cancellation, postponement, and other changes to an individual's instruction or request)

Transaction Security Information (website password, etc. information provided during the use of products and services offered in digital environments)

Risk Management Information (results and records of various inquiries made by public institutions regarding the person concerned, security control records regarding whether you have a flight ban, address registration system records, IP tracking records, etc.)

Financial Information (credit/debit card information, bank account information, IBAN information, balance information, credit balance information, and other financial information)

Physical Environment Security Information (Entry/exit logs, visit information, camera, audio recordings, etc.)

Legal Procedure and Compliance Information (information provided within the scope of information requests and decisions of judicial and administrative authorities, etc.)

Audit and Inspection Information (information on all kinds of records and transactions regarding the legal request of the data owner and the exercise of our rights)

Special Categories of Personal Data (data such as race, ethnicity, political opinion, philosophical belief, religion, special categories of personal data processed, limited to the cases expressly stipulated by the laws and when necessary for the Company's activities and with your explicit consent ), sect and other beliefs, attire, association, organization and union memberships, health and sexual life, criminal convictions and security measures, and biometric and genetic data.)

Marketing Information (reports and evaluations containing information about preferences, tastes, usage, and travel habits that can be attributed to the data owner and used for marketing purposes, targeting information, cookie records, data created within the scope of data enrichment operations, survey records, satisfaction surveys, campaigns and as a result of direct marketing activities) information and evaluations obtained, etc.)

Request/ Complaint Management Information (information and records collected regarding requests and complaints regarding our products or services, and information contained in reports regarding the conclusion of such requests by our business units, etc.)

Audio-Visual Information (photos, camera and sound recordings, etc.)

 

Transfer of personal data

Your data may be shared on behalf of our company or with the parties that provide us with products or services and with our suppliers and business partners, from whom we receive support in the establishment, execution, and termination of our relationship, including the parties with which we cooperate. purposes of providing you with products and services. Your data may also be shared with public institutions and legally authorized private individuals within their authority. In such cases, our company as Harem Suites Cappadocia takes all precautionary measures to ensure that the parties carry out processing and transfer activities by the rules outlined in this Communiqué and other relevant laws.

Personal data can be shared with group companies, business partners, public institutions, and private individuals authorized by law within the framework of the processing conditions and purposes of personal data specified in Articles 8 and 9 of the Law, or it can be transferred abroad limited to the specified matters. and by the procedures and principles specified in Article 9 of the Law and the decisions of the Personal Data Protection Board.

Your data can only be transferred abroad;

express consent, or

express consent is not obtained, but one or more of the data processing conditions specified in the Law are met,

It is determined that the transferred country provides adequate protection by the decision of the Personal Data Protection Board, or;

If the protection in the transferred country is found to be insufficient, a written commitment was obtained between our Company and the Data Controller to whom the data was transferred, and the approval of the Personal Data Protection Board was obtained. 

 

Storage of personal data

Our company determines the retention periods, taking into account the relevant laws and data processing purposes. In this context, we take into account, where appropriate, the statute of limitations and legal obligations regarding the processing of personal data. When the purpose of processing personal data ends, the data will be deleted, destroyed, or anonymized, unless another legal reason or basis is allowing the personal data to be kept.

 

Principles on personal data privacy

Our company acts by the following principles in all data processing activities. “Acting lawfully and in good faith”, “Originality and timeliness”, “Processing for specific, clear and legitimate purposes”, “Relevant, limited and proportionate”, as long as specified in the relevant law or necessary for the relevant purpose”

 

Use of digital platforms

Your data may be processed during your use of the Digital Platforms to manage and operate the Website, to carry out activities to optimize and improve the user experience of the Website and the Application, to identify, support, and support how the Website is used. improve the use of location-based tools to manage your online accounts and inform you about services available near you.

If you want to benefit from the products and services offered, your data will be processed only to enable you to benefit from these products and services.

 

 

 

Data owners' exercise of rights

You can easily exercise your above-mentioned rights and easily convey your requests to us using the contact information below.

The requests of data owners regarding the above-mentioned rights will be finalized by us within thirty days at the latest, within the limitations stipulated by the Law.

In principle, data subject requests will be concluded free of charge. However, Harem Suites Cappadocia reserves the right to charge a fee from the tariff determined by the Board if the request requires an additional cost.

Our company may request certain information from the data subject to determine that the applicant is the Data Owner, and additional questions may be asked to the applicant to clarify the issues regarding the applications.

 

Harem Suites Cappadocia

 

Tekell Mah. Goreme Cad . No:65/A
Uchisar / Nevsehir / Turkey

Contact : +90 384 219 3075
GSM Contact : +90 532 967 5050

General Information: info@haremcappadocia.com.tr

 

 

 

organizational measures to protect your data and reduce the risks associated with unauthorized access, accidental data loss, deliberate deletion, or damage to personal data.

In this direction, our company;

Provides data security by using other software and hardware that includes protection systems against viruses and other malicious software, firewalls and intrusion prevention systems,

Access to personal data within our company is carried out in a controlled process based on unit/role/application by the nature of the data and within the framework of authorization,

with Article 12 of the Law, it ensures that the necessary inspections are carried out for the implementation of the provisions of the Law,

To ensure the legality of data processing activities through internal policies and procedures,

Implements stricter measures to access special categories of personal data,

In case of external access to personal data due to outsourced service procurement, our Company undertakes to comply with the provisions of the Law on the relevant third party,

It takes the necessary measures to inform all its employees, especially those who have access to personal data, about their duties and responsibilities under the Law.