Personal Data Protection Law Policy Clarification Text

 “Darma Organization and Hotel Management Services Trade Limited Company” (Hereinafter referred to as the “Company”.) Protection of personal data is of great importance for us.  We show great sensitivity in protecting the personal data of our partners, customers, employees, employee candidates, company officials, affiliated company employees, employees of companies we work with, shareholders, officials, visitors and third parties. The “Personal Data Protection Policy”, which sets out the principles adopted by the Company on the processing and protection of personal data, is presented to the information of the relevant persons on the Company’s website.

  • Legal Basis for the Collection of Your Personal Data

The personal data of our customers and people who use our website are subject to the provisions of the Law on Protection of Personal Data No. 6698 (“PDPLP”) and other relevant legislation, especially the Constitution of the Republic of Turkey, and the personal data of our customers shopping from the Mobile Application, Electronic Commerce numbered 6563. It is collected and processed in accordance with the provisions of the Law on the Regulation and other relevant legislation.

  • Collection Methods of Your Personal Data and Personal Data Collected

Although your personal data may differ in terms of the quality of the service, product or commercial activity offered by you, such as stores, call centers, customer service units in our stores, websites, social media channels, loyalty programs applications, live service services, etc. are processed verbally, in writing and electronically, in accordance with the express consent or approval of our customers and the provisions of the legislation. There are cookies on our website in order to provide a better shopping experience for our visitors and customers. You can access detailed information about cookies from our Cookie Policy. If you shop on our website and/or Company Stores and have provided this information to the Company Stores; your identity information such as your name, surname, age, gender, date of birth; your contact information such as your address, e-mail address, mobile phone number; Your preferences, interests, comments on Company products, application evaluations, complaints and suggestions, demographic information such as your profession and favorites, and your billing information are processed due to your payment for your shopping. In addition to these, if you receive a newsletter or promotional e-mail from the Company Stores, your personal data is also processed with signs, customized links and similar technologies to determine whether the e-mail was opened and which links you clicked. Our customers; religion, sect, ethnicity; health, genetics, sexual life; Special categories of personal data regarding associations, foundations, unions and similar memberships are not processed by us under any circumstances.

  • Purposes of Processing Your Personal Data

Within the framework of your personal data, the services offered by the Company and its field of activity; in accordance with the law and the rules of honesty, in an accurate and up-to-date manner; In line with this Clarification Text and/or for specific, clear and legitimate purposes within the scope of our Company’s personal data processing purposes; They are processed in connection with the purpose for which they are processed, in a limited and measured way, and by keeping them for the period required for the purpose for which they are processed or stipulated in the relevant legislation. The Company will be able to record, store, update, disclose, transfer, classify and process your personal information to third parties in cases and to the extent permitted by the legislation.

In this context, your personal data;

  • Confirming the identity information of the trader / operator,
  • To save the address and other necessary information for communication,
  • To arrange all records and documents that will be the basis of the transaction in electronic (internet / mobile etc.) or paper media,
  • Performance of the sales contract, execution of the distance sales contract and issuing invoices in accordance with the current legislation, ensuring that our customers can fully and duly exercise their rights (right of withdrawal, right of choice, etc.) arising from the current legislation,
  • Providing personalized advertisements, campaigns and other benefits to our customers, if they give their explicit consent, customer segmentation in line with the data obtained, survey and tele-sales applications, data mining and developing and improving customer data quality, loyalty transactions for customer management, cross-selling and repeating lost customers. designing and managing winning actions,
  • To be able to evaluate customer complaints and suggestions about our products and services,
  • To ensure the security and control of the stores, buildings and facilities of the Company,
  • Determining and implementing the company’s commercial and business strategies,
  • We are processing limited to the purposes of fulfilling our obligations arising from PDPLP and other applicable legislation and exercising our rights arising from the legislation.
  • Security of Your Personal Data

The Company takes all necessary technical and administrative measures to ensure the appropriate level of security in order to prevent the unlawful processing of personal data and illegal access to personal data and to ensure the preservation of personal data.

In this context, first of all, a study was carried out to determine what the personal data processed by our Company is, taking into account whether the processed personal data is special quality personal data, the risks that may arise regarding the protection of this data were determined, and necessary technical and administrative measures were implemented to reduce or eliminate the risks.

In order to ensure personal data security, regular trainings are given to personnel and managers in order to prevent illegal disclosure and sharing of personal data and to raise awareness about PDPLP.

In addition, employees involved in personal data processing processes are asked to sign confidentiality agreements as part of their business processes, and the necessary disciplinary process is carried out if employees are found to act in violation of security policies and procedures.

Access to personal data included in data processing processes has been restricted by the company on the basis of personnel, and a limited number of personnel have been granted access to personal data related to the business processes they carry out. Data processing activities performed by the personnel are recorded. Care is taken to comply with the principle of “Everything is Forbidden Unless Permitted” regarding the access of personal data throughout the company.

In order to prevent unlawful processing of personal data and illegal access to personal data, technical systems have been established to monitor and control the processes related to the processing of personal data. Regular internal audits are carried out to prevent unlawful processing of personal data and illegal access to personal data.

In order to prevent unlawful access to personal data and to ensure that it is stored in secure environments, technical methods with appropriate security levels are used and these methods are updated in accordance with the developing technology.

In case of an internal or external attack on the company’s data recording system, it is regularly checked which software and services are running in the information networks and whether there is any infiltration or any action that should not occur in the information networks, in order to detect this situation early and to intervene early, movements are kept regularly.

  • Transfer of Your Personal Data

The sharing of personal data belonging to and/or related to our customers with third parties takes place within the framework of the consent of the customers, and as a rule, personal data is not transferred to third parties without the explicit consent of the relevant customer. However, due to and limited to our legal obligations, personal data is shared with courts and other public institutions. In addition, personal data is transferred to contracted third parties within the limits stipulated by the legislation in order to provide the services we undertake and to control the quality of the services provided. Your personal data The Company has a contract with the program partner institutions and organizations with which we cooperate in order to carry out our activities, domestic and foreign individuals and institutions from which we receive data storage services in the cloud environment, domestic / foreign institutions with which we have an agreement to send commercial electronic messages we send to our customers with their permission, and the Interbank Card Center. In order to provide better service to banks and you and to ensure customer satisfaction, it can be shared with survey companies and other domestic/foreign third parties within the scope of various marketing activities with our relevant business partners in accordance with Articles 8 and 9 of the PDPLP. Necessary technical and administrative measures are taken to prevent violations of rights during data transfer to third parties. The Company is not responsible for any violations that occur due to the data protection policies of third parties and in the risk area under the responsibility of the third party.

  • Your Rights Regarding Your Personal Data

In accordance with PDPLP, your personal data; To learn whether it has been processed, to request information if it has been processed, to learn the purpose of the processing and whether it is used in accordance with its purpose, to learn the third parties to which it has been transferred in the country and abroad, to request correction if it is incomplete or incorrectly processed, to request its deletion or destruction within the framework of the conditions stipulated in Article 7 of the PDPLP, We would like to remind you that you have the right to request the notification of the transactions made to the third parties to which it is transferred, to object to the emergence of a result against you due to the analysis exclusively by automatic systems, and to demand the compensation of the damage in case you suffer damage due to the processing in violation of the PDPLP. If you submit your requests regarding your rights listed above to the Company in writing, the Company concludes your request free of charge within 30 (thirty) days at the latest. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board will be charged by the Company. In order to exercise these rights, you can make your request in this direction in accordance with Article 13 of the PDPLP, by filling out the Application Form and submitting your request to Pasabahce Stores at “Uchisar town Tekelli neighborhood. Muallim Hasan Arisoy St. No:10 Center – Nevsehir” address, your name, surname and signature, if you are a citizen of the Republic of Turkey, I.D. number, if you are not a citizen of the Republic of Turkey. you can apply as your nationality, passport number or identity number, if any, your place of residence or workplace address for notification, your notification e-mail address and telephone number, and the subject of the request and the necessary information and documents to determine your identity, in written form.

  • Notification of Changes

The rights you have in accordance with the PDPLP are the obligations of the Company. We would like to inform you that we process your personal data with this awareness and to the extent required by the legislation, that we may update this information on our page from time to time in case of legal changes, and you can always easily follow the updates on this page.

  • Update of Personal Data

Pursuant to Article 4 of the PDPLP, the Company has an obligation to keep your personal data accurate and up-to-date. In this context, in order for the Company to fulfill its obligations arising from the current legislation, our customers are required to share their accurate and up-to-date data with the Company. In case of any change in your personal data, we request you to update your personal data by contacting us through the communication channels mentioned above.