The Central Palace Taksim

The Central Palace Taksim

The Central Palace Taksim

Protection of Personal Data

Protection of Personal Data

Clarification Text

INFORMATION ABOUT THE PERSONAL DATA PROTECTION LAW No. 6698:

The purpose of the legal regulation is stated as follows: “The purpose of this Law is to protect the fundamental rights and freedoms of individuals, in particular the right to privacy, with regard to the processing of personal data, and to regulate the obligations of natural and legal persons who process personal data and the procedures and principles to be followed.” The legal basis for informing is Article 10 of Law No. 6698: “During the acquisition of personal data, the data controller or the person authorized by him/her shall inform the data subjects about; a) The identity of the data controller and, if any, of its representative, b) The purposes for which personal data will be processed, c) To whom and for what purposes the processed personal data may be transferred, ç) The method and legal reason for collecting personal data, d) Other rights specified in Article 11.” This information is provided due to the provision contained in the Law, in terms of legal obligation and transparency.

USTALAR TURİZM OTELCİLİK SAN.TİC. A.Ş. maintains the confidentiality of personal information obtained from its guests-customers by keeping its system infrastructure and internet servers at the most reliable level. Processing of personal data means: In Article 2 of Law No. 6698, paragraph e, “Processing of personal data: Any operation performed on data such as obtaining, recording, storing, preserving, altering, rearranging, disclosing, transferring, taking over, making available, classifying, or preventing the use of data, either wholly or partly by automatic means or by non-automatic means, provided that it is part of any data recording system.” Principles considered in the processing of personal data: Personal data may be processed with the explicit consent of the data subject, in accordance with the law and honesty, accurately and up-to-date, for specific, explicit, and legitimate purposes, relevant to the purposes for which they are processed, limited and proportional to the purposes for which they are processed, and preserved for the period stipulated by the relevant legislation or for the period required for the purposes for which they are processed, provided that the explicit consent of the data subject is obtained. Purpose of processing personal data: We process the identity data of all individuals who enter and exit our establishment on a daily basis in order to fulfill our obligation under the legislation we are subject to, the contractual relationship we have established with our guests, the purpose of ensuring the security of our guests, and similar interests of guests, the public, and our establishment. We record the identity data of our employees in accordance with the labor and social security legislation. We process the identity data of job applicants for evaluating job applications; We process the data of individuals with whom we have business relationships such as visitors, suppliers, contractors, etc., for commercial necessity and for the purpose of ensuring the security of our guests and our establishment. Collection and legal basis of personal data: As a requirement of legal obligations, within the scope of obligations arising from contracts made with our guests, for determining in legal disputes, for ensuring the notification of our guests about their forgotten belongings and similar situations, for making any kind of notification about our establishment to our guests, and for providing the requested products and services, we record identity, address, telephone, payment information if necessary, and other necessary information. Sharing and transfer of personal data abroad: As stated in Article 8 of Law No. 6698, personal data cannot be transferred without the explicit consent of the data subject. In exceptional cases specified in the laws, they can be shared in the manner and conditions specified in the law. As stated in Article 9 of Law No. 6698, personal data cannot be transferred abroad without the explicit consent of the data subject. In exceptional cases specified in the laws, they can be transferred abroad within the manner and conditions specified in the law. Data Controller – Representative: USTALAR TURİZM OTELCİLİK SAN.TİC. A.Ş. is the Data Controller within the scope of Law No. 6698. The Data Controller representative to be appointed by USTALAR TURİZM OTELCİLİK SAN.TİC. A.Ş. will be announced in the Data Controllers Registry when the legal infrastructure is provided in accordance with Article 16 of the Personal Data Protection Law and related articles. Rights of the data subject: In accordance with Article 11 of Law No. 6698, (1) Everyone has the right to apply to the data controller and request the following regarding themselves; a) To learn whether personal data is processed, b) Requesting information if personal data has been processed, c) To learn the purpose of processing personal data and whether they are used appropriately for their purpose, ç) To know the third parties to whom personal data are transferred, whether domestic or abroad, d) If personal data is incomplete or incorrectly processed, to request their correction, e) To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7, f) To request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data are transferred, g) To object to the occurrence of a result against the person by analyzing the processed data exclusively through automated systems, ğ) To demand the compensation of the damages in case of suffering damage due to the processing of personal data unlawfully. Address for application: You can submit your rights regarding your personal data within the scope of Law No. 6698 KVKK with your identity-explanatory documents and your petition containing your request to Lamartin Cad. No: 18 34437 Taksim – Beyoğlu / Istanbul in writing or by email to ‘’www.thecentralpalace.com.’’ Application to the data controller: In accordance with Article 11 of Law No. 6698: (1) The data subject submits his/her requests related to the application of this Law to the data controller in writing or through other methods determined by the Board. (2) The data controller concludes the requests included in the application, depending on the nature of the request, as soon as possible and within thirty days at the latest, free of charge. However, in case the process requires an additional cost, a fee may be charged according to the tariff determined by the Board. (3) The data controller accepts the request or rejects it with an explanation and notifies the response to the data subject in writing or electronically. If the request is accepted, it is fulfilled by the data controller. If the application results from an error of the data controller, the fee paid is refunded to the data subject. Refusal of application to the data controller, finding the response insufficient, or not responding, within 30 days from the date of learning and in any case within 60 days from the date of application, a complaint may be filed with the Personal Data Protection Board located in Ankara. Storage of personal data: In accordance with Article 7 of Law No. 6698 and related legal regulations: Your personal data can be kept for the periods required by legal obligations and the purposes of processing. In case the legal obligations and contractual obligations disappear, your personal data, the processing purposes of which have disappeared, are deleted or destroyed by the data controller ex officio or upon the request of the data subject. Other legal regulations regarding this matter are reserved.”

For other details and questions you may have: