PRIVACY/PROTECTION OF PERSONAL DATA POLICY
The following definitions are important for the use of http://www. mythahotels.com.
mythahotels.com means xxxx, the owner of the web site;
IAWL: means the Intellectual and Artistic Works Law No. 5946;
User and/or Users: mean any individual/natural person who, as a member, discloses his personal data that contact forms available at the web site may require with his express consent or who may be visiting the site only without disclosing his personal data;
Site means the web site at the address of http://www. mythahotels.com;
The Law No. 5651: means the Law on the Regulation of Internet Broadcasts and Fight against Crimes committed through these Broadcasts;
The Law No. 6698: means the Law for the protection of Personal Data.
User(s) hereby agree and represent that neither mythahotels.com nor a member of its group nor its employees and directors and authorized individuals or entities shall be under any civil or criminal liability or responsibility for the display of myth7ahotels.com logo or the site’s web pages at any other web site or for the use of information that may come from the contents uploaded by third parties or visitors to the site or any content that does not cause any responsibility on account of the general use of the Internet.
This “Privacy/Personal Data Protection Policy” sets out our policy applicable to your personal data in the course of the provision of our services related to the site at http://www. mythahotels.com.
Purpose of Private Data Protection Policy
The present Policy for the Protection of Private Data explains:
a. what kind of personal data xxx (mythahotels.com) collects;
b. in what way and how such personal data are used;
c. to whom mythahotels.com may disclose your personal data;
ç. what kind of rights mythahotels.com shall have over your personal rights processed by it and in what way these rights may be exercised; and
d. how you can change your preferences/settings to receive or to reject e-commerce messages.
1- Your Processed Personal Data, Purpose and Basis of Personal Data Processing
xxx, one of the affiliates of Doğuş Holding A.Ş., asks you for your personal data (any and all personal data and information including but not limited to name, surname, birth date, mobile phone number, e-mail, gender, address, profession, education, marital status, motor vehicle license plate, ID details, photographs, accommodation and spending details, boat/transportation/travel details, details about insurance, hull and crew members, social media account shopping details and invoice details) to allow it to perform its purpose in question and legal obligations under the applicable legislation arising from, specifically, the Law No. 5651 on the Regulation of Internet Broadcasts and Fight against Crimes committed through these Broadcasts and applicable secondary legislation, and the Law No. 6563 on the Regulation of Electronic Commerce, the applicable secondary legislation, the Turkish Criminal Code No. 5237, and the Law No. 6698 on the Protection of Personal Data in order to offer better services to its customers. These personal data shall be processed and stored upon your express consent to allow you to take advantages of membership to mythahotels.com subject to the adoption of all applicable information and security measures, provided that they shall not be used for any purpose and scope other than the ones defined in this Privacy/ Personal Data Protection Policy and Communication Permission.
2- Permission to Share and Disclose Personal Data
You hereby give your consent for the disclosure of your personal data in our possession upon your express consent to the following third parties so that we will collect, save, process, store and use and share your personal data with the following parties to ensure that you will get the services that you ask from us and you will pay its consideration; that various advantages will be defined and offered to you; that we will be able to administer commercials, advertorials, ads, promotional materials, sales, marketing, information, promotion, campaign notices and operations, membership procedures, frequently visiting customer management program and general registration procedures appropriate for your personal tastes; that legal and regulatory requirements shall be met; that the safety and security of our customers/visitors and personnel and other visiting parties shall be assured, that we will handle any and all electronic communication for the purposes of polls, customer satisfaction surveys and the relevant services as well as for the fulfillment of our statutory obligations and that we shall send all other communication and contact messages. The third parties to whom we shall disclose your personal data upon your express consent include, but is not limited to, the following:
Doğuş Müşteri Sistemleri A.Ş. (www.dogusmusterisistemleri.com);
Doğuş Holding A.Ş. (www.dogusgrubu.com.tr);
Doğuş Holding affiliates and subsidiaries (www.dogusgrubu.com.tr);
Local and/or foreign third parties with whom we maintain contractual relationships;
Our affiliates and subsidiaries (https://www.dogusgrubu.com.tr/tr/dogus-turizm-grubu);
Any service provider that processes data and offers research, promotional, and consultancy services on behalf of our Company;
Such competent public/government authorities and agencies to whom personal data should be disclosed under the applicable law.
You can contact us to inquire about other third parties to whom we transfer/disclose your personal data.
These data shall be disclosed to such third parties with whom we are in a contractual relationship with and who act in compliance with the applicable law and assume and act in line with the same legal and technical liabilities applicable to us for data protection and security only on a need-to-know basis and to the necessary extent. The purpose of this disclosure is to offer services to you in full and on a timely basis; to deliver your possible dispatches in a healthy way and to deliver notices on a timely basis via telephone, SMS and/or e-mail.
3- Your rights related to your Personal Data
You can contact us at our e-mail address firstname.lastname@example.org to inquire which personal data of yours have been processed, and whether or not they are used in line with the purpose of their process and to know about third parties in Turkey or abroad to whom your personal data are transferred, and to edit, correct or update your personal data in case your personal data are missing or misprocessed or there is a change to your personal data and to ask that such changes or updates should be notified to third parties to whom your personal data are transferred. Other rights that you have pursuant to Article 11 of the Law No. 6698 for the Protection of Personal Data remain reserved.
4- Measures applicable to the Collection of Your Personal Data
It is a highly critical matter for us to protect your personal data. Our Company adopts the necessary measures to protect your personal data against unauthorized access or the loss of such data, their misuse, disclosure, modification or destruction and our Company undertakes to keep your personal data as confidential and to adopt any and all technical and administrative measures and to show due care and diligence to assure their confidentiality and security. In the event that your personal data are compromised, damaged or captured by third parties as a result of attacks to our web site and system in spite of all the necessary information security systems adopted by our Company, we shall immediately notify this to you and the Personal Data Protection Committee.
5- Your rights under Article 11 of the Law No. 6698 on the Protection of Personal Data:
You have the right to contact us to inquire and know about the following:
a) If your personal data have been processed;
b) If yes, then you may ask for details;
c) To ask about the purpose of the process and to see if they are used in line with this purpose;
ç) To know about third parties in Turkey/abroad to whom your personal data are transferred;
d) To ask for the correction of misprocessed/under-processed information;
e) To request that your personal data should be deleted/destroyed subject to the conditions described in Article 7 of the Law No. 6698 on the Protection of Personal Data;
f) To request that procedures applied in line with subparagraphs (d) and (e) above are notified to the third party transferees (recipients);
g) To object to any result to your detriment due to the analysis of such data solely by means of automatic systems;
ğ) To demand for the compensation of your damages in case you suffer a loss upon a legally prohibited processing.
You can use your foregoing rights available under Article 11 of the Law No. 6698 by visiting email@example.com.
6- Term for Storing Personal Data
Pursuant to the Law No. 6563 on the Regulation of Electronic Commerce, the approval, its withdrawal, the contents of the commercial electronic message and other records related to the dispatch shall be saved and stored in order to present them the Ministry if necessary, and your personal data shall be stored for three years following the applicable term of the approval. After this term is over, your personal data shall be deleted, destroyed or anonymized by our Company or upon your request.
7- Keeping Your Personal Data in the Correct and Updated Form
User(s) agree and represent that they understand that keeping such data they disclose at the web site correct and current is significant and important for their exercising of their rights over them in the sense set out in the Law No. 6698 for the Protection of Personal Data and for any other applicable legislation; that they shall be fully liable and responsible for the provision of wrong information. You can edit and/or update your personal data that you share by visiting firstname.lastname@example.org.
8- Deletion, Destruction or Anonymization of your Personal Data
Your personal data that are processed for the purposes set out in this Privacy/Personal Data Protection Policy shall be anonymized by us after the expiry of the applicable statutory terms or whenever the purpose that requires the procession of such information is no more applicable or valid as per Article 7/1 of the Law No. 6698, and we shall continue to use such data in its anonymized version.
You have the right to withdraw your express consent for the process and use of your personal data at all times.
In order to withdraw your said express consent, you can send an e-mail that indicates your intention to email@example.com at any time.
Any possible application or contact by you as described in various parts of this document shall be acceptable by our Company only if they are sent to us via or through the following means:
a. An application e-mail, which should be signed by the secure electronic signature owned by the applicant, should be sent to our firstname.lastname@example.org e-mail address (the said e-mail may be signed with secure e-signature or any file in word or pdf form, or otherwise addressed to our Company may also be signed by secure e-signature), or
b. An application with secure electronic signature should be sent from your personal registered e-mail address (REM) to our Registered e-mail address posted at our web site or to email@example.com, or
c. The originally signed copy of an application letter should be sent via courier company; or
d. You may personally visit our Company and submit your ID details and originally signed copy of an application letter.
In case your applications are received by us through any means other than the ones above, or, except for the ones permitted by the law, your inquiries about third parties shall not be accepted and replied to by our Company.
10- Changes to the Personal Data Protection Policy
Our Company may change the present Personal Data Protection Policy at any time. These changes shall become immediately applicable and valid when the amended version of the Personal Data Protection Policy is posted at the “http://www.mythahotels.com” site. You will be duly given a notice to keep you informed about the changes to the present Policy.
Cookies are text files with tiny bits of information that are downloaded by your Internet browser upon your visit to http://www.mythahotels.com and that are stored on your computer, mobile phone or tablet.
http://www.mythahotels.com shall collect, process, disclose to third parties, and securely store your visit details in order to give better services to its visitors, to help its visitors and members to take advantage of their membership and to fulfil its statutory obligations, provided that such data shall not be used for any purpose or scope other than the one defined in this Privacy/Personal Data Protection Policy.
http://www.mythahotels.com monitors details about your tour around the site and/or your membership usage history on the site in order to customize promotions for you, to offer promotions and marketing campaigns and to improve the contents of the web site according to you and/or to identify your preferences http://www.mythahotels.com uses session cookies and permanent cookies at its web site and mobile site. Session cookies will terminate when you close down your browser, whereas permanent cookies stay on your hard disc for a long time. You may delete permanent cookies and you may reject both session cookies and permanent cookies by following the instructions set out in the “help” file of your browsers or by visiting “www.allaboutcookies.org” or www.youronlinechoices.eu and you may continue to use the web site or mobile site but you may not have any access or may have restricted access to all functions offered by the web site or the mobile site.
How does “http://www.mythahotels.com” use third party cookies for advertisements and retargeting?
In addition, in order to offer you such ads that may be interesting to you, and in order to create a specific target audience on Facebook, only your e-mail address out of your personal data that you have disclosed to “http://www.mythahotels.com” is disclosed to Facebook. Before we upload or disclose your e-mail address on Facebook, it shall be locally encrypted by Facebook on our system by means of the hash method. Your e-mail address which is encrypted by the hash method and disclosed to Facebook will be used for matching purposes only. It shall not be disclosed to third parties or other advertisers and it will be removed or deleted from Facebook systems as soon as possible after the said matching transaction is completed. Facebook will ensure confidentiality, privacy and security of the Data Encrypted via the hash method and Facebook User ID collection that constitute your special target audience, including technical and physical security measures developed (i) to protect the security and integrity of data as long as your personal data are kept at Facebook systems and (ii) to protect your personal data at Facebook systems in order to prevent unauthorized or erroneous access to them, or their unauthorized disclosure or use. Moreover, unless you give your consent or an applicable law requires so, Facebook does not provide access or information to third parties or other advertisers for your special target audience nor does it add your special target audience data to our user details or create profiles based on area of interest or use your special target audience for any purpose other than offering services to you. For more information about Facebook special target audience conditions, you may visit https://www.facebook.com/ads/manage/customaudiences/tos.php?_=, and for Facebook Privacy Principles, please visit https://www.facebook.com/privacy/explanation.
12- Applicable Law and Jurisdiction
This Privacy/Personal Data Protection Policy shall be subject to Turkish law. Istanbul (Central) Courts and Execution Offices shall have jurisdiction over any dispute that may arise from the use or application of this Privacy/ Personal Data Protection Policy.
13- Final Provisions
User(s) irrevocably agree, represent and undertake that they have read the Privacy/Personal Data Protection Policy above before they visit the web site; that they will comply with all the requirements listed above; that the contents of the web site as well as all our electronic media and computer records shall constitute conclusive evidence pursuant to Article 193 of the Code of Civil Procedures.
Your Processed Personal Data, Purpose and Basis of Processing Personal Data
Doğuş Turizm A.Ş., an affiliate of Doğuş Holding A.Ş., (the “Company”), collects and processes your personal data (including your name and surname, birth place, mobile phone number, e–mail, gender, address, profession, educational background, marital status, license plate no., ID details, accommodation and spending details, vessel/ transport/ travel details, insurance, vessel crew details, social media accounts, shopping details, invoice details etc) in line with the applicable legislation, including, in particular, the Law no. 5651 on Regulation of Online Publications and Fighting against Crimes committed through these Publication, and the Electronic Commerce Regulation Law no 6563 and applicable legislation and Turkish Criminal Code no. 5237 and Personal Data Protection Law no. 6698 in order to fulfil its statutory obligations arising from such legislation so that it can offer better services to its visitors and members. As usual, your personal data shall be processed and stored upon your express consent for the purposes defined in this Personal Data Protection Policy and subject to the information security measures, provided that such data shall be in no event used for any purpose or scope other than the one defined herein.
Your Rights regarding your Personal Data
You can write to us at our following e-mail address, firstname.lastname@example.org, to inquire about which personal data of yours are processed and whether or not they are used in line with the purpose of process, to know about third parties to whom personal data are transferred, and in case of underprocessed or misprocessed personal data, or any change to your personal details, to change and update your personal data and to duly inform third parties to whom personal data are transferred about such changes and updates. Your other rights that you have pursuant to Article 11 of the Personal Data Protection Law no. 6698 are reserved.