Information Text Regarding the Processing of Personal Data
This explanation is made to inform you in order to protect the fundamental rights and freedoms of individuals, especially the right of privacy, in accordance with the law (Law) no. 6698 on the Protection of Personal Data.
The title Dobedan Grup is a title used on this website to refer to all the companies included in our group of companies. Dobedan Group companies is ‘Alva Emlak Otelcilik İnşaat Ticaret A.Ş. and Alva İnşaat Emlak Turizm ve Yatırım Ticaret A.Ş.’ whose information is provided under the title ‘information society services’ in accordance with Article 1524 of the Turkish Commercial Code.
We request your express consent in order for your personal data detailed in this text to be collected by verbal, written, visual or electronic media and processed in accordance with the law and good faith and to be transferred to the following third parties, provided that the legislation permits, limited to the purposes they are processed by Dobedan Grup in accordance with the Law No. 6698 and within the scope of the purposes described below except that they are compulsory regarding the performance of the contract, that it is clearly stated in the law, that we fulfil our legal obligation.
It defines in the scope of the Law;
Explicit consent: Consent that is on a specific topic, based on information and explained with free will;
Personal data: Any information relating to a natural person whose identity is identified or can be identified;
Processing of personal data:Processes performed on data, such as the prevention of the personal data such as the acquisition, storage, archiving, preserving, modification, rearrangement, disclosure, taking-over, making it acquirable, classification, usage of the personal data, whether fully or partially automated or as part of any data recording system
Sensitive personal data: defines thedata about person’s race, ethnicity, political thought, philosophical belief, religion, sect or other beliefs, appearance, membership to association, foundation or union, health, sexual life, criminal conviction and security measures, and biometric and genetic data.
It may be processed by Dobedan Gruppursuant to the procedures and principles stipulated in the Law and in accordance with the following principles and within the scope of the purposes described in this text and may be transferred in a limited manner for the purpose they are processed where permitted by the Law.
a) Compliance with the law and the good faith.
b) Accuracy and up-to-date if necessary.
c) Processed for specific, clear and legitimate purposes.
d) Being connected, limited and moderate for the purpose they are processed.
e) Retention for the period required by the relevant legislation or for the purpose for which they areprocessed.
1. YOUR PROCESSED PERSONAL DATA
Identity Information Name-Surname, Place of Birth, Date of Birth, Marital Status, Photograph, Marriage Certificate, TRIN, Passport No., Identity Card Serial Number, Driver's License No., Father's Name, Mother's Name, Nationality, Place of Birth, Place of Registration
Contact Information Mobile-Landline Phone Number, E-mail Address, Contact address
Physical Space Security Closed Circuit Camera Video Recordings, Voice Recordings, Security
Information Recordings, Vehicle License Plate Recordings Received During Entry-Exit to the Workplace and being present at the Workplace (In case of being present at the workplace and making use of the workplace car park)
Information Correspondence information of the judicial authority, information in the case file (In case of legal dispute with the Company)
Information Call center records, invoice, order information, request information, survey and form information
Financial Information Account and Credit Card Information
Marketing Information Information obtained from advertising, campaign and marketing activities
Transaction Security and
Information Personal / Company-owned electronic devices and Internet access log records over Company networks, related IP addresses
Sensitive Personal Data First aid done by the contracted hotel physician in case of health problems, medical information received for the management of medical diagnosis and treatment services; information about health status in SPA center; disease state; Allergen status; disability status, religious; health data; blood group; device and prosthesis information, Body Temparature, PCR Test
Sensitive Personal Data Information on security measures and criminal convictions shared legally with competent public institutions and organizations
Sensitive Personal Data Information on racial and religious belonging taken with identity information
Audio-visual Data (photos
& videos taken in-
company events and
organizations, etc.) Planning and implementation of corporate communication activities; management of corporate social media accounts, visual and audio recordings in publicity and advertising
Other Website, Browser Information during the visit of social media channels / environments (if internet service is available in public areas)
2. COLLECTION METHOD OF PERSONAL DATA AND LEGAL REASONS
Your personal data given above, information and documents transmitted by you, driver's license, ID card, passport and ID photocopy may be collected verbally, in writing or electronically and may be processed by the person(s) or the authorized institution or organization (s) of this company, for the following legal reasons via closed circuit camera recording system, employment, service or consulting companies, their agencies and similar channelsfrom which external service is received, agencies and similar channels, orally, in writing or electronically and may be processed by the person(s) or the authorized institution or organization(s) with confidentiality obligation of this company.
a) Explicitly foreseen in the law
b) It is compulsory for the protection of the life or body integrity of the person or someone else who is unable to disclose his / her consent due to the impossibility of the person or whose consent is not granted legal validity.
c) Providing that the personal data of the parties to the contract are required to be processed, provided that it is directly related to the establishment or performance of a contract (all kinds of activities within the scope of activity of the Company may be carried out within the legal framework and the company fulfills its contractual and legal obligations fully and properly)
d) Obligation for the data officer to fulfil his/her legal obligation
e) Publication by the person concerned
f) Data processing is mandatory for the establishment, use or protection of a right
g) Data processing is compulsory for the legitimate interests of the data officer, provided that they do not harm the fundamental rights and freedoms of the person concerned.
Other personal data except for the data related to race, ethnic origin, political thought, philosophical belief, religion, sect or other beliefs, appearance, association, foundation or union membership, health, sexual life, criminal conviction and security measures and biometric and genetic datamay be processed without the express consent of the person concerned. Personal data related to health and sexual life may be processed only for the protection of public health, preventive medicine, medical diagnosis, treatment and care services can be processed for planning and management of health services and financing, by persons under the obligation of keeping secrets or authorized institutions and organizations with the obligation of secrecy without seeking the express consent of the person concerningof persons or authorized institutions.
Your personal data, except for the legal reasons listed above,
• The law no. 6698 on the protection of personal data
• Turkish Code of Obligations No. 6098
• Turkish Civil Code No. 4721
and other relevant legal regulations.
3. PURPOSE OF PROCESSING PERSONAL DATA
Your personal data collected may be processed for the following purposes in accordance with the processing conditions set out in Articles 5 and 6 of Law No. 6698:
• Provision of guest accommodation services,
• Making the promotion of the products, services offered by our company on social media and other media, to make them benefit from campaigns and to make them informed,
• Customizing the products and services offered by our company according to tastes, usage habits and needs, and offering them to you,
• Fulfilment of obligations arising from law and contract,
• Solving the future legal problems probable to arise between the parties,
• Communication with the guest in case of service interruptions and problems during the stay of the guest,
• Paying for the service purchase price and other payments through the electronic system used by the guest,
• Protecting the guests and public health, provision of health care, fulfilment of legal and regulatory requirements,
• Ensuring occupational safety and physical security; administrative management, monitoring and control of workplace entrances and exits; providing security for theoffice buildings, departments, system rooms, guest rooms, administrative management of the internet data network and providing cyber security.
4. TRANSFER OF PERSONAL DATA
Pursuant to the basic principles stipulated in the Law no. 6698 on the Protection of Personal Data and within the conditions of the transfer of personal data specified in Articles 8 and 9 of the Law and other relevant legal provisions, your personal data processed for the purposes described may be transferred;
• to the Public / private institutions and organizations authorized to receive information and documents, to the professional institutions in the nature of public institutions
• to the legal consultancy offices where the company receives services to prevent or solve possible legal problems.
• to the limited number of direct and indirect domestic and international suppliers, group companies and shareholders of the company (You may apply to our company in writing for further information)
• to the health institutions and insurance companies where the company receives health services
• to the institutions or organizations in which the Company receives services as Data Operators in order to fulfil its obligations under the relevant legislation,
• to the tax consultants and other consulting firms
• to the official authorities of regulatory or supervisory institutions within the scope of compliance with legal obligations and company policies.
Your personal data may only be transferred to persons and organizations established in foreign countries after the procurement of explicit consentpursuant to the principles stipulated in article 4, paragraph 2 of the Law No. 6698on Protection of Personal Data, or may be transferred without the procurement of explicit consentin the event of the existence of the situations stipulated in Article 5 paragraph 2 and article 6 paragraph 3; and it can be transferred to abroad for the countries where it is determined and announced that there is not sufficient protection limited to the situations where data officers in Turkey and in the respective foreign country undertake adequate protection in writing, and the board’s consent is received for the transfer after the foreign countries with sufficient protection is determined by the Personal Data Protection Board (“the Board”) pursuant to the rules in article 9 of the law.
Your personal data will only be disclosed to the authorities if requested by the official authorities and where it is necessary to make disclosures in accordance with the mandatory legislation in force. Our Company does not use and sell your personal information for any purpose other than this purpose, scope and activities.
We take all necessary technical and administrative measures in order to prevent that your personal information is not processed unlawfully, to prevent the access to your personal data unlawfully, and to store your personal data in a safe way.
5. WHAT ARE YOUR RIGHTS UNDER THE LAW?
Within the scope of Article 11 of the Personal Data Protection Law no.
• you can find out whether your personal data has been processed, whether it was used for its purpose and proper to its purpose, and if so, you can request information about it;
• you can obtain information about third parties to whom your personal information is transferred at home / abroad in accordance with the applicable legislation;
• you can ask for it to be corrected if it is processed incompletely or incorrectly;
• you can request it to be deleted or destroyed in accordance with the provisions of the Law;
• you can request that any requests for correction, deletion or destruction are notified to the third parties to whom the data has been transferred;
• you can object to a negative outcome against you by making it analysed it exclusively through automated systems;
• you can request compensation for the damage if you suffer damage due to unlawful processing.
You may apply to our company by filling out the “Data Owner Application Form” at the website www.dobedanhotels.com to use your rights regarding the implementation of the Law and send the mentioned application in the following ways. In case new application methods are determined by the Personal Data Protection Board, these methods will be announced by us.
• After completing the Application form, Data Owner willsend a copy of the original signed document by hand or through a notary public to the address “Fener Mah. TekeliogluCd. No: 3, 07160 Muratpaşa / Antalya”. • You can send it to our registered e-mail address of email@example.com as signed with a secure electronic signature for Dobedan Hotel, Dobedan World Palace Hotel and Shemall AVM (Shopping Center) withinthe scope of Electronic Signature Law No. 5070. • You can send it toourregistered e-mail address of firstname.lastname@example.org as signedwith a secure electronic signature for Dobedan Beach Resort Hotel within the scope of Electronic Signature Law No. 5070.
• Yourapplicationsyoumakewithinthisscopewill be finalized within the shortest possible time and within 30 days at the latest. We will contact you to clarify your application if the information and documents you provide to us are missing or incomprehensible.
6. PERSONAL DATA STORAGE TIME
Your personal data will be stored for 10 (ten) years. Your personal data are deleted, destroyed or anonymized by the Company ex officio every six months at the latest or within thirty days at the latest upon your request provided that the reasons that require its processing are eliminated although it is processed in accordance with the provisions of the Law and other relevant laws.
Deletion of your personal data is the process of making the personal data inaccessible and non-reusable in any way for the persons who process the personal data within the organization of our Company or with the authorization and instruction received from our Company except the person or unit responsible for the technical storage, protection and backing up of such data.
Destruction of your personal data is the process of making your personal data inaccessible, irrevocable and non-reusable by nobody and in any way. In order to make your personal data anonymous it is required to make it unrelated to a certain or identifiable natural person, even through the use of appropriate techniques in terms of the recording environment and the field of activity such as returning and mapping the data to other data.
All transactions related to the deletion, destruction and anonymization of your personal data are recorded and such records are kept for 3 (three) years from the date of the transaction to be submitted to the relevant Ministry when necessary.
We respectfully submit to your information.