GDPR

GDPR

DISCLOSURE TEXT ABOUT PROCESSING PERSONAL DATA

At Biblos Alacati Turizm Yatırımları AŞ. (“Biblos Resort”), confidentiality and safety of your personal data is significant for us. Within this context it is essential to process and store any kind of personal data of all the people related to Biblos Resort, including our guests who benefit from our services and products and our business partners, in compliance with the provisions of Code 6698 on “Protection of Personal Data” (“GDPR”)

As “Data Responsible” as defined under GDPR, we would like to explain the processing purposes of your personal data, reasons, methods for collection of your personal data and your rights related to processing of your personal data and the terms and basis for the applications related to the usage of these rights.

WHAT KIND OF PERSONAL DATA ARE COLLECTED?

At Biblos Resort, we collect personal data of our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations). Personal data collected can be classified as follows:

Identity Information: 

Name, surname, T.R. ID number, nationality, vehicle plate number, ID card copy and any other such information collected from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations) about the identity of the person.

Communication Information: Telephone number, address, e-mail address and any other such information enabling to contact with and collected from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations) whom we have business relations) and other third persons while we are receiving any demands for our complaints about our hotel or during their evaluation process.

Confidential Personal Information: Health information, association or foundation membership information, biometric data (audio and video records), blood type or conviction information or any other information defined in Article 6 of GDPR and collected from our guests, visitors or business partners.

Other Information: data processed for technical process security, risk management information, legal transaction data, marketing data, location data, cookies and other data collected from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations) and other third parties automatically using other tools.

WHAT ARE THE LEGAL GROUNDS AND METHODS EMPLOYED FOR COLLECTING OR PROCESSING YOUR PERSONAL DATA?

We collect your personal data via

  • communication methods including the printed or electronic forms used for reservations, check in and check out or staying in our hotel,
  • our internet websites, our social media accounts operated on the name of or with the brand of Biblos Resort in various social media channels,
  • other communication channels including your e-mail, telephone, printed and electronic forms used by you in Biblos Resort sale and marketing activities,
  • closed circuit tv (CCTV) systems in Biblos Resort facilities,
  • the contracts executed between us and your company under the business relations carried out, submitted commercial offers, printed and electronic forms, documents, communications or applications made to us,
  • the business cards and other documents submitted by you under the frame of the discussions made and the activities guests by our work units,
  • Establishing direct communication with our guests and business partners in order to offer and manage the services under hotel activities; making notifications, communications and reservation confirmations related to hotel and accommodation services;
  • Carrying out advertisement and marketing activities related to the products and services offered by Biblos Resort; giving information about presentations, promotions, campaigns, offers, activities and other similar issues, offering products and services by customizing them according to personal preferences, usage habits and needs;
  • Carrying out marketing and Guest Relations Management works;
  • Corporate communication and organizing activities, campaigns and feasts for this purpose, giving information about these; carrying out market researches;
  • Making statistics about the number, type, visit frequency, behaviors, geographical locations and other similar issues in order to Improve digital platforms made available for our guests and offer efficient and customized experience to the platform users; offering customized contents, campaigns and advertisements on the basis of interests and needs of platform users; using cookies for this purpose;
  • Follow-up and evaluation from the demands, proposals and complaints received from the relevant persons, guest satisfaction management and performing planning, statistics and satisfaction evaluation works for this purpose;
  • Performing quality evaluation and improvement works in order to offer better and reliable products and services and to ensure sustainability; inspecting suppliers, subcontractors and other business partners;
  • Management of the relations with business partners, travel agents, suppliers, contractors and other persons with whom we have business relations; performing works and execution of commercial relations;
  • Ensuring legal and commercial security of the persons having business relations being in compliance with the provisions of GDPR. We, at Biblos Resort, hereby undertake that your personal data shall be kept safe and not be processed in an illegal manner.

RIGHTS OF PERSONAL DATA OWNER UNDER GDPR AND APPLICATION TERMS AND BASIS

i. Your Rights related to Your Personal Data

We hereby inform you that you have the following rights about the data processed by our Company:

  • Learning whether your personal data has been processed or not;
  • Being informed about your personal data if it is processed;
  • Learning the purpose of processing your personal data and whether your personal data is used in compliance with the purpose;
  • If exists, learning the third parties whom the personal data has been transferred within Turkey or abroad and which data was transferred;
  • Demanding the correction of the processed personal data if they are wrong or incomplete;
  • If your personal data was modified, deleted or destructed, demanding the notification of these transactions to the third parties to whom your personal data has been transferred;
  • If the reasons requiring your personal data is processed are over or your personal data is not up to date any more, demanding the deletion or destruction of your personal data;
  • Objecting any situation against you as a result of analysis of your processed personal data exclusively via automatic systems;
  • Demanding the indemnification of any damage suffered by you due to processing of your personal data against law.

ii. Application

You can make your demands about your rights mentioned above with your application meeting the minimum conditions defined under Announcement on “Terms and Basis about the Application to the Data Responsible” to our KEP address

Information about Family Members/Relatives: 

Information about the family members, relatives or the persons accompanying the relevant person during his/her stay in our hotel and which are collected pursuant to the provisions of the relevant legislations and/or in order to protect legal and other benefits of this person.

Financial Information: 

Salary, payroll, payment, credit card and other such information collected from our guests or business partners according to the relationship established between our company and the owner of the data.

Personal Information:

 any kind of personal information collected from the managers and employees of the institutions which we have contract or other business relationship and which was taken as a base for the establishment of the personal benefits of the real persons who have employment relationship with our company.

Physical Location Security Information: 

Personal information like camera records or security information taken from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations) when they are entering into or exiting from or during their stay in our hotel.

Visual/Audio Data

personal information like photos, audio and video records collected from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with whom we have business relations) but not considered as physical location security information.

Transaction Information:

information about the transactions performed by the guests like reservation information, records about accommodation or the visit, product or service purchase transactions, membership information, groups and activities related to the accommodation or guest preferences.

Communication and Complaint Management Data: 

personal data obtained from our guests, visitors and business partners (including travel agencies, suppliers, subcontractors and all the shareholders, managers, employees with performed,

  • the business connections of Biblos Resort, third parties like travel agencies or companies supplying goods or rendering services, with full or partially automatic or non automatic data recording systems provided to be in verbal, written or electronic media.

We process your personal data collected using the above mentioned methods on the basis of one or several of the following legal reasons:

  • Your express consent,
  • Processing obligation pursuant to the provisions of laws and regulations of Turkish Republic,
  • If it is required for the protection of your or any other person’s life or physical integrity when you cannot give your express consent due to physical impracticability,
  • If it is required for the execution of the agreement executed between you and us,
  • If we are obliged to process your personal data in order to perform our legal requirements,
  • If your personal data was publicized by you,
  • If it is required to protect or use our legal and contractual rights;
  • If it is required to process your personal data for our legitimate rights provided that your fundamental rights and freedoms are not harmed.
  • We keep all your personal data processed during the terms required under GDPR and other legal legislations by taking all the required administrative and technical measures as long as the above mentioned legitimate purposes exist.

FOR WHAT PURPOSES ARE YOUR PERSONAL DATA PROCESSED?

We process your personal data for the following purposes:

  • Carrying out our hospitalization activities, meeting your demands and expectations with products and services offered to you by Biblos Resort, offering hospitality and personal experience at the desired level to our customers,
  • Making the planning and evaluations and performing works required to make the products and services available for our with Biblos Resort Alacati. (Planning administrative operations for the services rendered by our Company; business partner/customer/supplier (managers or employees) evaluation and inspection processes, legal compliance process, etc.)
  • Physical security and supervision of the facility operated by Biblos Resort;
  • Planning and execution of work health and safety processes;
  • Exercising legal rights, using information about the transaction history as evidence after the end of legal relations in case of any disputes;
  • Determining and application of commercial, legal and business strategies;
  • Execution of financial policies; e-invoice management;
  • Planning, supervision and execution of information security processes; management of information technology infrastructure;
  • Planning, reporting, customer/visitor statistics or performing other similar evaluations under the frame of our company operations; and/or
  • Being in compliance with the national legislations; submitting information demanded by public bodies and institutions, meeting reporting obligations.

DO WE TRANSFER YOU PERSONAL DATA TO THIRD PARTIES OR ABROAD?

We might transfer your personal data to our business partners that are located in Turkey or abroad who render services to our Company, to agencies we work in cooperation with and online hotel reservation service providers, our suppliers, third party service providers working within the facility, our insurance companies, banks and financial institutions, consulting companies rendering services about legal, tax and other similar issues, Company authorities, our shareholders, legally authorized public bodies and private persons, service providers processing personal data on behalf of our Company and rendering storage, archiving, information technology services to our Company within Turkey or abroad for the purposes mentioned above provided that the above mentioned legal basis exist and (biblosalacati@hs02.kep.tr) or our e-mail address (kvk@biblosresorts.com) with an electronically signed or mobile signed mail or with a written application signed and submitted by person or made via Notary public to Alaçatı Mah.18012 Sok. No:2/A Çeşme/İZMİR

Biblos Resort shall conclude all the demands made free of charge as soon as possible on the basis of the demand characteristics provided to be no more than thirty days. If we suffer any costs to fulfill your demand, the costs calculated on the basis of the tariff determined by the Personal Data Protection Board can be charged.

Biblos Resort might accept the demands made or reject them by giving the reasons and such reply can be communicated to the relevant person in written or in electronic media. If the demand is accepted, Biblos Resort Alacati shall fulfill the demand as soon as possible.

iii. Complaints

If the demands made from Biblos Resort are rejected by the Company or you are not satisfied with the reply of the Company or no reply is given, you have the right to complain to Personal Data Protection Board within 30 days after the notification of the reply to you or within 30 days after the completion of 30 day long period if no reply is given.

IDENTITY AND COMMUNICATION DETAILS OF DATA RESPONSIBLE PERSON

This disclosure text was issued to address data owner persons by Biblos Alacati Turizm Yatirimlari A.S., (as being the “Data Responsible”) which is incorporated in Turkey and whose details are given below.

Biblos Alacati Turizm Yatirimlari A.S.

Alaçatı Mahallesi, 18012 Sokak 2/A 35930 Çeşme, İzmir Türkiye

+90 232 335 00 00

Mersis No_0169 0545 2510 0019

KEP Address_biblosalacati@hs02.kep.tr