GDPR
Purpose of the Legal Regulation:
As stated in Article 1 of Law No. 6698:
“The purpose of this Law is to protect the fundamental rights and freedoms of individuals, especially the right to privacy, in the processing of personal data, and to regulate the obligations of natural and legal persons who process personal data, as well as the procedures and principles to be followed.”
Legal Basis for Providing This Information:
Article 10 of Law No. 6698 states:
(1) During the collection of personal data, the data controller or the person authorized by them is obliged to inform the data subjects about:
a) The identity of the data controller and their representative, if any,
b) The purposes of processing the personal data,
c) To whom and for what purposes the processed personal data may be transferred,
ç) The method and legal basis of personal data collection,
d) Other rights listed in Article 11.
As this provision includes a legal obligation, this information notice is provided to ensure transparency.
Data Security:
POINT HOTEL MANAGEMENT TURİZM A.Ş. maintains its system infrastructure and internet servers at the highest level of security to protect the confidentiality of the personal data obtained from its guests and customers.
What Does Processing of Personal Data Mean?
According to Article 3, paragraph e of Law No. 6698:
“Processing of personal data means any operation performed on personal data such as collection, recording, storage, preservation, alteration, rearrangement, disclosure, transfer, retrieval, classification or prevention of usage, whether fully or partially by automatic means or by non-automatic means provided that they form part of a data filing system.”
Principles Considered in the Processing of Personal Data:
Personal data may be processed with the explicit consent of the data subject, provided that it is:
-
In compliance with the law and good faith,
-
Accurate and up-to-date,
-
Collected for specific, explicit and legitimate purposes,
-
Relevant, limited and proportionate to the purposes for which it is processed,
-
Stored only for the period required by the relevant legislation or for the purpose for which it is processed.
Purpose of Processing Personal Data:
We process the identity data of our guests and individuals who visit our establishment temporarily in order to fulfill our legal obligations, maintain contractual relationships, ensure the security of our guests, and for similar interests related to the institution, the public, and the guests.
We record the identity information of our employees in compliance with labor and social security legislation.
We process the identity information of job candidates to evaluate their applications.
We process data of visitors, suppliers, contractors and similar business-related individuals for commercial requirements and to ensure the safety of our guests and institution.
Collection of Personal Data and Legal Basis:
We collect identity, address, phone, payment and other necessary information:
-
Due to legal obligations,
-
To fulfill contractual obligations and resolve potential legal disputes,
-
To return forgotten items or provide other notifications to our guests,
-
To inform guests and deliver the requested products and services.
Sharing and Transfer of Personal Data Abroad:
As per Article 8 of Law No. 6698, personal data cannot be transferred without the explicit consent of the data subject, except in legally defined exceptions.
As per Article 9, personal data cannot be transferred abroad without the explicit consent of the data subject, except under legally specified conditions.
Data Controller – Representative:
POINT HOTEL MANAGEMENT TURİZM A.Ş. is the data controller within the scope of Law No. 6698.
A Data Controller Representative appointed by POINT HOTEL MANAGEMENT TURİZM A.Ş. will be registered in the Data Controllers Registry once the legal infrastructure is provided in accordance with Articles 16 and related articles of the KVKK.
Rights of the Data Subject:
According to Article 11 of Law No. 6698, each person has the right to apply to the data controller and request:
a) To learn whether their personal data is processed,
b) Information regarding the processing,
c) The purpose of processing and whether it is used in accordance with its purpose,
ç) The third parties to whom the data is transferred,
d) Correction of incomplete or inaccurate data,
e) Deletion or destruction of data as per Article 7,
f) Notification of correction or deletion to third parties,
g) Objection to a result arising against them from analysis by automated systems,
ğ) Compensation for damage due to unlawful processing.
Application Address:
In accordance with the KVKK, you can submit your requests regarding your personal data along with documents verifying your identity to the address:
Topçu Cad. No: 2 34437 Taksim/Istanbul
or via email to: info@pointhotelmanagement.com
Application to the Data Controller:
As per Article 13 of Law No. 6698:
(1) The data subject may submit their requests regarding the implementation of this Law to the data controller in writing or by other methods determined by the Board.
(2) The data controller processes the request as soon as possible and no later than 30 days, free of charge. If the process incurs a cost, a fee may be charged as per the tariff set by the Board.
(3) The data controller may accept the request or reject it with justification and notify the data subject in writing or electronically. If the request is accepted, the data controller fulfills the requirement. If the request was due to an error on the data controller’s part, the fee is refunded.
If the request is rejected, if the response is insufficient, or if no response is provided, the data subject may file a complaint to the Personal Data Protection Board in Ankara within 30 days from learning the result and in any case within 60 days from the application date.
Storage of Personal Data:
In accordance with Article 7 and other related legal regulations, personal data may be stored for the duration required by law or for the purposes of processing. Once the legal obligations or purposes no longer apply, the personal data will be deleted or destroyed by the data controller upon request or automatically.
PRIVACY
We Respect Your Privacy
We take the protection of your privacy seriously while collecting your personal information during transactions. Any personal information collected during your visit to our site is securely stored in accordance with legal regulations. This is a part of our company policy. Our website may contain links to other websites that do not follow our privacy policies.
Collection of Personal Information
During your visit to our site, our web analytics program automatically records your internet service provider’s name, the website you were referred from, the parts of our website you visited, the date of your visit, and the time spent on our site. We use cookies and other technologies (e.g., JavaScript) to analyze guest preferences and improve our system accordingly. You may set your browser to notify you when cookies are used or to reject them altogether. Note, however, that rejecting cookies may limit the functionality of some features on our site. Other personal data is collected only if you voluntarily fill out a registration, survey, form, or contract.
Use and Purpose of Personal Information
We use your personal information only when necessary and for technical site administration, marketing, and surveys. Your information will never be disclosed to third parties without your permission.
Security
We employ high-level security protocols to protect your data against manipulation, loss, damage, or unauthorized access. These protocols are continually improved as technology evolves.
Freedom of Choice
We may use your data stored in our hotel records to inform you about campaigns or services or to ask for your feedback—but only with your consent. If you do not wish to receive such communication, you may inform us at any time, and we will cease to use your data for these purposes.
Contact
For any questions, suggestions, or complaints regarding your personal data, you can contact us at the email or phone number below. If you identify any incorrect information despite our best efforts for accuracy and timeliness, we will correct it upon your request.
Data Controller
Email: kvkknipponhotel@nipponhotel.com.tr
Phone: +90 212 313 33 00