Home About Us GDPR

GDPR

BALÇOVA TERMAL TURİZM VE OTELCİLİK TİCARET ANONİM ŞİRKETİ

(BALÇOVA THERMAL TOURISM AND HOTEL MANAGEMENT TRADING JOINT STOCK COMPANY)

(GENERAL) INFORMATION TEXT ON PROTECTION AND PROCESSING OF PERSONAL DATA

1.         General Description

Within the scope of the law, personal data includes all kinds of data regarding an identified or identifiable natural person. Personal Data of Special Nature, which is a special type of personal data, includes race, ethnic origin, political thought, philosophical belief, religion, sect, other beliefs, appearance and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures.

Processing of personal data, provided that personal data is fully or partially automated or part of any data recording system, refers to any action performed on data, such as obtaining, recording, storing, maintaining, using non-automatic means, changing, rearranging, explaining, transferring, taking over, making available, classifying or preventing its use.

2.         Data Controller

 

Your personal data may be processed by BALÇOVA TERMAL TURİZM VE OTELCİLİK TİCARET ANONİM ŞİRKETİ (Company), as the data controller, within the scope explained below, in accordance with the Personal Data Protection Law No. 6698 (Law).

3.         Collection and Processing of Personal Data

The company can obtain personal data directly from the data owners themselves, as well as indirectly from third parties and from data that the data owner has made public. In this context, data is collected verbally, physically or electronically and these personal data are processed. You can review what your personal data is, how it is collected, and what personal data may be subject to processing by us by looking at the table below.

 

 

EMPLOYEE CANDIDATES’

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, all identification information, TR ID Number, nationality, marital status, place of birth, date of birth, ID photocopy,

1. It is provided by the employee.

2.Via e-mail

Communication information

Telephone number, full address, e-mail address,

1. It is provided by the employee.

2.Via e-mail

Financial Information

Financial and salary details

1. Created or acquired by the company.

Special Personal Data

Physical or psychological disease-disorder, disability, infectious disease status, religious information-blood type section included in the ID photocopy

1. It is provided by the employee.

2.Via e-mail

Education Information

Details of education, certificates and diplomas, last graduated school and year of graduation, education and skills, curriculum vitae (CV)

1. It is provided by the employee.

2.Via e-mail

Visual and Audio Data

Passport photo, photo in ID photocopy, closed circuit security camera footage

1. Photo and ID are provided by the employee.

2. Security camera images are obtained through closed circuit security cameras.

Current and Previous Job Information

Job title, CV, candidate application forms, last company worked

1. It is provided by the employee.

2.Via e-mail

Other

Military service, deferred certificate, signature, criminal record, alcohol/drug problem

1. It is provided by the employee.

2.Via e-mail

 

EMPLOYEES’

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, all identification information, TR ID Number, nationality, marital status, date of birth, ID photocopy

1. It is provided by the employee.

Communication information

Telephone number, full address, e-mail address,

1. It is provided by the employee.

Financial Information

Financial and salary details, bonus list, file and debt information regarding enforcement proceedings, bank information

1. Bank information is provided by the employee.

Special Personal Data

Health policies, health reports regarding disability, health declaration document, health reports, occupational disease records, employment examination form, daily patient complaints, medications used, clinical history, chest x-ray, hearing test, eye examination, blood type information, criminal record, religion information in the identity card,

1. Health report, pregnancy status, occupational disease records, daily patient complaints, medications used, clinical history, health tests, blood type, criminal record, religious information are given by the employee.

2. Health policies are provided by insurance companies, and employment examination forms are provided by the workplace physician.

Education Information

Educational status, certificate and diploma photocopies, training and skills, curriculum vitae (CV)

1. It is provided by the employee.

Visual and Audio Data

Photographs and closed circuit security camera footage,

1. The photo is provided by the employee.

2. Security camera images are obtained from relevant devices.

Employee Performance and Career Development Information

Training participation forms, training hours and durations, exam results (if any), internal promotion evaluation processes (English, general aptitude exams), ethical non-compliance reports, personnel promotion transfer movement file, tally and performance reports, meeting records, employment date, weekly working hours (login-logout records), all other information specifically entered by employees on the profile screen

1. Data regarding training is obtained from training providers. Other information is related to performance management and is created by the Company.

Family, Relative Information

Family notification forms, certified population registration copy

1. It is provided by the employee.

Other

Vehicle information, IP addresses and web browsing movements of work computers used by employees, signature, hobbies, exit interview reports, discharge certificate, annual leave usage book, exit interview forms, SSI registration number, tax registration number, tax deduction letter,

1. Vehicle information, signature, hobbies, discharge certificate are provided by you.

2. IP addresses and web browsing movements are obtained through computers and software. Exit interview reports and forms, annual leave usage book are created by the Company. SSI registration number and tax deduction letter are obtained from relevant institutions.

 

VISITORS’

Data Category

Where is the Data Obtained?

Visual Data

Closed circuit security camera footage

1. Obtained through closed circuit security cameras.

 

EXTERNAL SERVICE PROVIDER/BUSINESS PARTNER EMPLOYEES’

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, signature

1. External Service Provider/Business Partner Provided by the employees themselves.

Communication information

Address information, telephone, address, e-mail

1. External Service Provider/Business Partner Provided by the employees themselves.

Visual and Audio Data

Closed circuit security camera footage

1. Obtained through closed circuit security cameras.

 

 

 

 

 

 

 

CUSTOMER REAL PERSON/REPRESENTATIVES’

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, TR ID Number

1. It is provided by the customer himself/herself.

Communication information

Telephone, e-mail addresses, address information, contact address

1. It is provided by the customer himself/herself.

Customer Transaction

Invoice, Order information, Request information etc.

1. It is provided by the customer himself/herself.

2. Can be issued and processed by the company.

Financial Information

Bank account information, IBAN etc.

1. It is provided by the customer himself/herself.

Visual and Audio Data

Closed circuit security camera footage.

1. It is obtained through closed circuit security cameras.

2.Can be issued and processed by the company.

 

SUPPLIER EMPLOYEES’

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, ID card or TR ID card photocopy, driver's license photocopy

1. It is provided by the supplier himself or his representative.

Communication information

Full address, mobile phone number

1. It is provided by the supplier himself or his representative.

Special Personal Data

Criminal record, religion information section in the identity card, blood group section in the driver's license

1. Criminal record, identity card or TR ID card photocopy, driver's license photocopy is given by the supplier himself or his representative.

Visual Data

Closed-circuit security camera footage, identity card or Turkish ID Card and photo in driver's license

1. A photocopy of the identity card or TR ID Card, a photocopy of the driver's license is given by the supplier himself or his representative.

2. Security camera images are obtained through closed circuit security cameras.

 

DATA OF THE REAL PERSON SUPPLIER/BUSINESS PARTNER/EXTERNAL SERVICE PROVIDER AND THE REAL PERSON REPRESENTATIVE OF THE LEGAL PERSON SUPPLIER/BUSINESS PARTNER/EXTERNAL SERVICE PROVIDER

Data Category

Where is the Data Obtained?

Identity Information

Name, surname, TR ID Number, signature

1. Provided by him or his representatives.

Communication information

Address information, e-mail addresses, telephone

1. Provided by him or his representatives.

Visual Data

Closed circuit security camera footage

1. Obtained through closed circuit security cameras.

Real Person Supplier - Business Partner - External Service Provider Financial Information

Tax numbers, bank account information

1. Provided by you or your representative. 2. Provided by him or his representatives.

 

4.         Purposes of Processing Your Personal Data

Your collected personal data, may be processed within the framework of company activities for the purpose of ensuring the legal, technical, commercial and occupational security of the company and the relevant persons who have a business relationship with the company and for the performance of their activities, in the management processes of data owners' personal data by BALÇOVA TERMAL TURİZM VE OTELCİLİK TİCARET ANONİM ŞİRKETİ, in accordance with the basic principles stipulated in the Law and within the personal data processing conditions specified in Articles 5 and 6 of the Law.

5.         Parties to Which Your Personal Data is Transferred and Purposes of Transfer

Your collected personal data, may be transferred by our company to our shareholders, business partners, suppliers, legally authorized public and private institutions and organizations within the scope of the purposes listed above, in accordance with the provisions of all relevant legislation and the basic principles stipulated in Law No. 6698, within the personal data transfer conditions specified in Articles 8 and 9 of the Law.

6.         Method and Legal Reason for Collection of Your Personal Data

 

Your personal data may be collected by BALÇOVA TERMAL TURİZM VE OTELCİLİK TİCARET ANONİM ŞİRKETİ electronically via e-mail, mobile application, website, open internet resources, social media, telephone, SMS and call center channels, and physically via hand delivery or postal channels. In addition, your personal data will be collected based on legal reasons such as the establishment and/or performance of the contract specified in Articles 5 and 6 of the Law, the establishment, exercise and/or protection of a right, fulfillment of legal obligation and legitimate interest, and your explicit consent if you provide it. When the purpose requiring the processing of your personal data in accordance with Article 7/1 of the KVK Law no longer exists and/or the statute of limitations/storage periods that we are required to process your data in accordance with the legislation expire, your personal data will be deleted, destroyed or anonymized.

7.         Your Rights Listed in Article 11 of the Law as a Personal Data Owner

 

In accordance with Article 11 of the Law, whether or not you have expressed express consent, By applying to our company, you can exercise your existing rights regarding the following issues regarding your personal data (especially in the scope of Articles 5-6 of the KVK Law and its relevant regulations, as well as other legal regulations and rights regarding data processing).

In this context, as personal data owners;

·           Learning whether personal data is processed or not,

·         Requesting information if personal data has been processed,

·         Learning the purpose of processing personal data and whether they are used for their intended purpose,

·         Knowing the third parties to whom personal data is transferred domestically or abroad,

·         Requesting correction of personal data in case of incomplete or incorrect processing and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,

·         Requesting the deletion or destruction of personal data in case the reasons requiring processing no longer exist, even though it has been processed in accordance with the provisions of the Personal Data Protection Law No. 6698 and other relevant laws, and requesting that the action taken in this context be notified to third parties to whom personal data has been transferred,

·         Object to the emergence of a result against the individual by analyzing the processed data exclusively through automatic systems,

·         As well as above, have the right to demand compensation for the damage in case of damage due to illegal processing of personal data,

 

In accordance with your legal rights stipulated within the relevant law and various legislation, you can personally submit your requests to our address below, or have it delivered through a notary. Besides, in accordance with Article 5 of the Communiqué on the Procedures and Principles of Application to the Data Controller, you can send it to info@balcovatermal.com by using the registered e-mail (KEP) address, secure electronic signature, mobile signature or the e-mail address you have previously notified our Company and registered in our systems.

8.         Situations in which Personal Data Can Be Processed Without Explicit Consent in accordance with the Personal Data Protection Law

In accordance with Article 5 of the Personal Data Protection Law No. 6698, your personal data may be processed without your explicit consent in the following cases. Namely;

a) In cases clearly provided for by law,

b) If you are unable to express your consent as the data owner due to actual impossibility, or in cases where your consent is not given legal validity, it is necessary to process your personal data in order to protect your own or someone else's life or physical integrity,

c) If it is necessary to process your personal data belonging to the parties to the contract, provided that it is directly related to the establishment or performance of a contract,

d) mandatory to fulfill a legal obligation,

e) Having your personal data made public by you,

f) If Data processing is mandatory for the establishment, exercise or protection of a right,

g) If it is mandatory for BALÇOVA TERMAL TURİZM VE OTELCİLİK TİCARET ANONİM ŞİRKETİ to process data for its legitimate interests, provided that it does not harm your fundamental rights and freedoms.

h) Personal health data; may be processed without the explicit consent of the person concerned, by persons under the obligation of confidentiality or authorized institutions and organizations, for the purpose of protecting public health, preventive medicine, medical diagnosis, treatment and care services, planning and management of health services and their financing.

9.         RETENTION PERIOD

The retention period of your personal data is as follows;

If a period of time is specified for the retention of data in the law or relevant legislation, the data in question must be stored for at least this period.

Considering the possibility that a possible court request or a request from an administrative authority authorized by law regarding the relevant data may be received by us late or that a dispute may occur in which we may be a party, the storage period of the data is determined by adding a period of 6 months to 1 year to the periods stipulated in the legislation for the storage of your data, and at the end of the determined period, the data in question is deleted, destroyed or anonymize.

If the legislation does not specify a period for the storage period of the data we process, it is stored for the period required in accordance with the relationship between us. After the end of the relationship in question or after the period specified in the contract has passed, your data will be deleted, destroyed or anonymized without your request.

If you request that your data, whose retention period is determined in the legislation, be deleted or destroyed before the stipulated periods, your request will not be fulfilled. In cases where a specific period is not stipulated in the legislation regarding the retention period of personal data, if you request the deletion or destruction of your personal data, your data will be deleted, destroyed or anonymized on the first periodic destruction date and within 6 months at the latest.

You can submit your requests regarding your rights listed above by using the APPLICATION FORM ON THE PROTECTION OF PERSONAL DATA, which you can access at https://www.balcovatermal.com/ url or you can personally deliver your petition, which includes the minimum requirements in the Communiqué on the Procedures and Principles of Application to the Data Controller, in writing and with wet signature, to the address of Vali Hüseyin Öğütcen Caddesi No: 2 35330, Balçova - İZMİR - TURKEY, where the company headquarters is located, or send it through a notary public, Besides, In accordance with Article 5 of the "Communiqué on the Procedures and Principles of Application to the Data Controller", if your registered e-mail (KEP) address (balcovatermalturizm@hs01.kep.tr), secure electronic signature, mobile signature or your e-mail address is registered in our company's systems, you can forward it to our Company via the e-mail address https://www.balcovatermal.com/. Depending on the nature of your request, your applications will be finalized free of charge as soon as possible and within 30 (thirty) days at the latest. However, if the transaction requires an additional cost, you may be charged according to the tariff determined by the Personal Data Protection Board.


KY.YD.042EN CLARIFICATION TEXT_86647c.pdf 




Clarification Text About Security Cameras Located in Our Service Building

This clarification text has been prepared by Balçova Termal Turizm ve Otelcilik Tic AŞ, as the data controller, within the scope of Article 10 of the Personal Data Protection Law No. 6698 and the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Disclosure Obligation.

In our service building, images are recorded and the recording process is supervised through security cameras in order to ensure building security.

The personal data in question is processed automatically based on the legal grounds stated in Article 5 of the Law that "it is mandatory for the data controller to fulfill its legal obligations" and "data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject."

The personal data in question may be transferred to judicial authorities or relevant law enforcement forces upon request to resolve legal disputes or in accordance with the relevant legislation.

You can send your requests within the scope of Article 11 of the Law, which regulates the rights of the relevant person, in writing and with wet signature to the address Balçova Termal Turizm ve Otelcilik Tic AŞ Vali Hüseyin Öğütcen Caddesi No: 2 35330, Balçova - İZMİR - TURKEY in person, through a notary or by other methods to be prescribed by the Personal Data Protection Board in accordance with Article 13 of the KVK Law, in accordance with the "Communiqué on the Procedures and Principles of Application to the Data Controller", submit your application in a clear and understandable manner and by attaching documents proving your identity and address information.

Copyright © 2019 | Balcova Thermal Hotel | Web design Deltawebsistem
Close
Room type
Room
Adult
Children
Entry date
Departure date
Name surname
E-mail:
Telephone: