PERSONAL DATA PROTECTION LAW
As Balıkçılar Hotel, we are aware of the importance of protecting the personal data of our guests. Therefore, we take high-security measures to safeguard your personal data from unauthorized access. In order to protect the privacy of your personal life, as well as your fundamental rights and freedoms, we process your personal data in accordance with Law No. 6698 on the Protection of Personal Data and relevant regulations.
The Identıty of the Data Controller
In accordance with Law No. 6698 (Türkiye) on the Protection of Personal Data, Balıkçılar Hotel is the data controller. This document has been prepared to inform you about the purpose of processing your personal data, to whom and for what purposes it may be transferred, the method of collection and its legal basis, and your rights, in compliance with the data controller’s obligation to inform under Article 10 of the KVKK.
Method and Legal Basıs for Collectıng Personal Data
Your personal data is obtained directly from you or indirectly within the scope of the services we provide. Data may be collected in any verbal, written, or electronic format. This data is obtained in various situations such as room reservations, hotel check-in processes, and customer satisfaction surveys.
Your personal data may be processed in accordance with the following legal grounds stated in Article 5 of Law No. 6698:
- Explicit consent.
- Clearly stipulated by laws.
- Directly related to the performance of a contract.
- Necessary for the data controller to fulfill its legal obligations.
- Necessary for the establishment, exercise, or protection of a right.
- Processing data for legitimate interests.
- Your sensitive personal data will only be processed based on your explicit consent or under circumstances stipulated by law.
Purposes of Processing Personal Data
Your personal data is processed for the following purposes:
- Carrying out room reservation procedures.
- Fulfilling legal and regulatory requirements.
- Quality improvement activities.
- Managing guest relations.
- Marketing and sales activities.
- Conducting and auditing financial transactions.
Retentıon Perıod of Personal Data
Your personal data will be deleted, destroyed, or anonymized once the purposes for processing have ceased or when the retention periods required by the relevant legislation have expired.
Rıghts of the Data Subject
Any individual can submit a request to the data controller to exercise the following rights:
- Learn whether personal data is being processed.
- Request information about the processed data.
- Learn the purpose of the processing and whether the data is used appropriately.
- Know the third parties, domestically or abroad, to whom personal data is transferred.
- Request the correction of incomplete or inaccurate data.
- Request the deletion or destruction of personal data.
- Request the notification of actions taken regarding the correction or deletion of data to third parties to whom the data has been transferred.
- Object to any unfavorable outcomes resulting from the analysis of data processed solely by automated systems.
- Request compensation for damages incurred due to the unlawful processing of personal data.