Cookie Policy

This site uses cookies to deliver more efficient and user-friendly experience, analyze the customer behavior and assist with our marketing efforts. By using our website, you acknowledge that we can reach cookies on your device. For more information and control the cookies you allow, you can visit Cookies Policy page.

  /  Processing of Personal Data General Disclosure Text

Processing of Personal Data General Disclosure Text

This General Disclosure, hereby, has been edited in accordance with the Article 10 of Turkish Personal Data Protection Law (“KVKK”)

  • DATA SUPERVISOR

Data supervisor is the legal identity titled “IKON YAPI VE GAYRIMENKUL TICARET A.S.” (“Windsor Hotel İstanbul”) with their headquarters at the address of “Yenidoğan Mah. Erciyes Sok. No:7 Bayrampaşa/ İstanbul”, registered to “İstanbul Ticaret Sicil Müdürlüğü” (Istanbul Registry of Commerce) with the 688561-0 registration number, 

  • COMMENTS

The protection of personal data, which is a constitutional right, is among the top priorities of our hotel and in this regard, we make maximum efforts to act in accordance with national and international regulations, especially the Constitution of the Republic of Turkey, international conventions in which our country is a party of, and the Personal Data Protection Law, numbered 6689. As data supervisors, we attach importance to the processing and disposal of personal data of our customers, potential customers, staff/staff candidates, supplier/subcontractor employees and officials, company shareholders and company partners, visitors and third parties with whom we process the data in accordance with the Personal Data Protection Law

  • YOUR PROCESSED PERSONAL DATA
  • Identity Data: Data we collect from our guests, visitors, business contacts (from the authorized staff and personnel that we have business relations with, such as travel agency, supplier, subcontractor) are data related to the identity of the person, such as the name, surname, Turkish identity number, nationality, license plate number, and photocopy of identify card of the person concerned. 
  • Communication Data: Data that enables communication with the person such as phone number, address, e-mail address that we collect from our guests, visitors, business contacts (from the officials and personnel we have business relations with, such as travel agencies, suppliers, subcontractors). 
  • Data of Relatives of the Relevant Person: Data about the family members, relatives or persons accompanying you during the stay, which we collect from our guests in order to protect the legal and other interests of our Company or the person concerned and/or in accordance with the relevant legislation.
  • Financial Data : Data we collect from our guests and business contacts such as salary, payment information, credit card information  according to the legal relationship that our company has established with the data owner,
  • Personal Data: Any kind of personal data that is the basis for the formation of personal rights of real people who have a business relationship with our Company, and which we collect from subcontractors, similar business officials and employees. 
  • Physical Space Security Data: Personal data such as security and camera footage taken from our guests, visitors, business contacts (from subcontractors and officials and employees of the institution with whom we have business relations) during physical entrance and stay
  • Visual / Auditory Data: These are personal data such as photographs, sound and video recordings that are not covered by physical space security information and that we collect from our guests, business contacts (from any shareholder, official and employee of the institution with whom we have business relationships such as subcontractors, subcontractors). 
  • Transaction Data: The personal data regarding the transactions performed by the guest, such as reservation information that we collect from our guests, accommodation or records regarding visits, product or service purchases, membership information, connected groups and activities related to accommodation and guest preferences. 
  • Communication and Complaint Management Data: The personal data obtained from our guests, visitors, business contacts (travel agency, supplier, subcontractor, shareholder, official and employees) and other third parties in the process of receiving and evaluating all kinds of requests or complaints about our company. 
  • Special Qualified Personal Data: Health data, association foundation membership, biometric data (sound and image records), blood group and criminal record information that are stated in the Article 6 of Personal Data Protection Law, and that we collect from our guests, visitors and business contacts.  
  • Other Data: The data collected automatically by means of cookies and other means such as the data processed for the technical transaction security we collect from our guests, visitors, business contacts (travel agency, supplier, subcontractor, all shareholders, officials and employees) and other third parties, risk management information, legal transaction data, marketing data, location data. 
  • WITH WHICH METHODS AND LEGAL REASONS DO WE COLLECT / PROCESS YOUR PERSONAL DATA

We collect your personal data via reservation, registration/entry to our facilities and other communication methods including printed and electronic forms during the accommodation at our facilities,

  • through our websites and various social media accounts,
  • Through other communication methods including e-mail, telephone, text messages (“SMS”) or multimedia messages (“MMS”), printed and electronic forms we use within the scope of sales and marketing activities,
  • Through the closed-circuit camera systems in our hotel,
  • Through applications in our accommodation facilities (sending messages via television in rooms, etc.),
  • Through Contracts we sign with you or with the company in which you are authorized within our field of activity, commercial offers, printed and electronic forms, documents, correspondences, 
  • Through business cards and other documents provided by you within the scope of business negotiations and events we have held.

We process your personal data that we collect in accordance with the above-mentioned methods, based on one or more of the following legal reasons:

  • Your explicit consent,
  • The current laws and regulations in the Republic of Turkey require processing,
  • It is compulsory to protect the life or integrity of you or someone else’s when you are unable to explain your consent due to actual impossibility,
  • It is necessary for the establishment/execution of the contract to be signed with you or the company in which you are legally authorized,
  • The processing of your personal data is mandatory for us to be able to perform our legal obligations.
  • Your personal data is publicized by you, 
  • It is necessary to use or protect our legal or contractual rights as a company,
  • Processing of your personal data is necessary for the legitimate interests of our Company, provided that this processing shall not violate your fundamental rights and freedoms,

We preserve all of your personal data we process in accordance with the times stipulated in Personal Data Protection Law and other legislations, and in any case, by taking all necessary administrative and technical measures, unless the legitimate objectives above have been eliminated.

  • FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?

We process your Personal Data we collect according to the following purposes:

  • To comply with national and international legislation, to provide information requested by public institutions and organizations and to fulfill our reporting obligations,
  • To protect our legal rights, to fulfill our legal obligations,  
  • To carry out the reservation procedures regarding our accommodation services,
  • To perform accommodation services, to fulfill your demands and expectations with the services provided to you, to provide our guests with the desired level of hospitality and personal experience,
  • To carry out advertising and marketing activities for the services offered by Windsor Hotel, to inform about advertisement, promotion, campaign, offer, bulletin, event and similar issues, 
  • To communicate directly with our guests and business contacts to inform about their services within the scope of our hospitality activities; 
  • To conduct corporate communication activities, to personalize and offer products and services according to the likes, usage habits and needs of the people concerned;
  • To manage Guest Relations in line with demands, 
  • To organize corporate communication and other events, campaigns and invitations within this scope and to inform about them, to carry out market research studies,
  • Follow-up and evaluation of requests, suggestions and complaints from related people, and implementation of satisfaction assessment studies within this scope
  • Management of relations with our solution partners, conducting business and commercial relations;
  • Ensuring the physical safety and control of Windsor Hotel by planning occupational health and safety processes
  • Determination and implementation of commercial, legal and business strategies;
  • Execution of financial affairs policies; e-invoice management; use of information regarding the transaction history as evidence in case of disagreement after the end of the legal relationship;
  • Planning, auditing and execution of information security processes, management of information technology infrastructure;
  • To plan, report, to analyze visitor/customer statistics and similar investigations within the scope of our company’s activities
  • DO WE TRANSFER YOUR PERSONAL DATA TO  THIRD PARTIES AND/OR ABROAD?
    In the event of the aforementioned legal reasons occurring, and in accordance with the stated purposes, we can transfer your personal data to our business partners serving our Company to continue our company activities and business processes, to our cooperated agencies and business contacts that offer online hotel reservation service, to our third-party service providers that provide on-site services, to our insurance companies, to banks and financial institutions, to our consultancy companies that we get support in areas such as law, tax etc., to Company officials, to our stakeholders, public institutions and private persons, to our service providers that we receive support in the fields of storage, archiving, information technology support (server, hosting, software, cloud informatics etc.) in the country and / or abroad that process personal data on behalf of our company provided that they comply with the provisions regulated under the Personal Data Protection Law.

 

    • RIGHTS OF THE PERSONAL DATA OWNER COVERED BY PERSONAL DATA PROTECTION LAW, AND APPLICATION PROCEDURES AND PRINCIPLES
  • Your Rights Regarding Your Personal Data

You have the following rights regarding your personal data in accordance with the provisions of Article 11 of the Personal Data Protection Law.

  • To learn whether personal data has been processed or not,
  • To request the relevant information if personal data has been processed,
  • To learn the purpose for the processing of personal data and whether those have been used in accordance with intended purpose or not,
  • To know the third parties to whom personal data has been transferred within Turkey or abroad,
  • To request the rectification of incomplete or inaccurate data, if any,
  • To request deletion or destruction of personal data,
  • To request notification of transactions to third parties to whom personal data are transferred, in case of correction, deletion or destruction of personal data,
  • To object to the emergence of a result against the person himself due to analyzing the processed data exclusively through automated systems,
  • To claim compensation in case of suffering loss due to illegal processing of the personal data.

As the data supervisor, Windsor Hotel will finalize the requests free of charge, as soon as possible and within thirty days at the latest depending on the nature of the request. In case of a cost increase due to the fulfillment of your requests, we can only request the fees in the tariff determined by the Board of Personal Data Protection.

We can accept requests directed to us, or reject them by explaining the reasons, and relay the answer to the requester in written or digital form.

  • Complaint

If your requests towards Windsor Hotel are rejected by the Company, if you are not satisfied with the answer given by the Company or if there is no response, you can complain to the Board of Personal Data Protection within 30 days from when the answer is relayed to you, and if there is no answer, within 30 days from the end of the Company’s 30 days answer period.

 

 

 

  • DATA SUPERVISOR IDENTITY AND CONTACT INFORMATION

You can petition your requests within the scope of Personal Data Protection Law to our address given above, by hand, or by certified mail.