Personal Data Protection Notice
MULBERRY TURİZM EML. İNŞ. TİC. VE SAN. LTD. ŞTİ DATA PROTECTION NOTICE FOR GUESTS / PRIVACY POLICY
Mulberry Turizm Eml. İnş. Tic. Ve San. Ltd. Şti. and its affiliates or subsidiaries (collectively “Mulberry Turizm”, “we”, “us” or “our”) value privacy and want you to be informed about how we collect, share, disclose and use your personal information (“Processing”). Our approach to protecting personal information and the policy we provide for your information applies worldwide, but depending on where you live, certain provisions of this policy may not apply to you. This privacy policy (“Policy”) is intended to inform you about how we collect, identify and use the personal data you provide to us when you use our accommodation services through our websites (“Websites” or “Sites”), the social media sites we control (“Social Media Sites”), the software applications (“Apps”) we offer and offline activities (e.g. when you submit your data by calling our call centres by telephone or in person) (all of the above are collectively referred to as the “Services”).
We are committed to protecting the privacy of our users and guests. We ask that you take the time to read this privacy policy carefully. If you intend to provide us with personal information about another person (for example, if you make a reservation on behalf of another person), please note that you may only share that person's information with us with that person's consent and you must inform us of how we will use that person's information, including the information referred to in this policy.
This policy contains an explanation of your rights to protect your data, including the right to object to certain processing carried out by us.
Specific provisions for different countries
Please note that your rights as a data subject may vary depending on where you live. As there may be local differences, particularly within the European Union, please contact the receptionist at your hotel or contact us at www.asfiyaseaviewhotel.com for more information. If you have any questions about the practices of a particular hotel or the information it provides, please contact the hotel directly.
Special provisions for children
We do not knowingly collect data from anyone under the age of 18, nor do we knowingly allow them to book a room in one of our hotels. If we learn that we have collected personal data from a child under the age of 18 without parental consent, we will immediately take the necessary steps to remove the information in question and destroy the personal data without delay.
Processing of your personal data and purposes of processing
- Hotel Booking Process
During the booking process at our hotels, whether it is made online on one of our brand websites, through an online booking channel, a travel agent, our call centre or directly at the hotel, your personal data will be processed for the following purposes;
- To be able to book a room at the hotel of your choice,
- To check the availability of the hotel and manage the reservation.
- To send you a booking confirmation,
- To be able to send you emails before your arrival
You can cancel your email subscription at any time by clicking on the unsubscribe link in the emails we send you.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname Date of birth Phone E-mail Booking details (including booking number) Date of arrival and departure, First and last name of other adult guests Payment card type - number - expiry date | Depending on the booking method; Directly from you via the online booking form Via the online booking channel, you use to make the booking From your travel agent From our call centre Directly from the Mulberry Turizm hotel you have booked | Directly from you via the online booking form Via the online booking channel, you use to make the booking From your travel agent From our call centre Directly from the Mulberry Turizm hotel you have booked |
Cancelled or incomplete online booking process
If for any reason you are unable to complete the booking process when booking online, we will process your personal data by sending you an email with a link to the online booking form so that you can easily continue the online booking process with the data you have already provided in the form.
We process your personal data in order to;
- be able to contact you again for legitimate business purposes in the event of a cancelled or incomplete booking process.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname Phone E-mail Date of arrival and departure, First and last name of other adult guests Type of payment card - number - expiry date | Directly from you via the online booking form | Service provider for e- mail communication Targeted advertising provider |
Check-in and check-out procedures
In the event that you stay at your preferred hotel, in accordance with your contract with us, the personal data received directly and indirectly from you by our hotel will be automatically stored in the system.
Your personal data will be processed for the following purposes;
- For the registration of your arrival and departure from the hotel;
- Allocating a key card for the room assigned to you.
- Organising (and archiving) your accommodation register/card.
- Creating and updating your profile in our hotel management system;
- Organising payment for your stay;
- Creating, printing or sending an invoice for your stay; (It is the customer's responsibility to ensure that the email address provided at check-in or updated thereafter is correct and is the preferred email address for this communication).
- Paying a commission to your travel agent (if applicable).
If you have booked a room in one of our hotels but - without cancellation - do not arrive on the date notified to you,
Your personal data will be processed for the following purposes;
- To cancel your stay and any other bookings you have made;
- To organise, process and collect overdue payments
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname TR identity card number/ Passport number Date of Birth Telephone E-mail Booking details (including booking number) Address details Date of arrival and departure, First and last name of other adult guests Type of payment card - number - expiry date Visual records | Depending on the booking method; Directly from you via the online booking form Via the online booking channel you use to make the booking From your travel agent From our call centre Directly from the Mulberry Turizm hotel you have booked | Related other Mulberry Turizm companies IT service provider Your travel agency, if any |
Procedures for hotel accommodation
When you stay at one of our hotels, we aim to make your stay as pleasant as possible. This requires the processing of your personal data in order to provide specific services during your stay at the hotel, to organise daily hotel activities, to personalise the services offered to you and/or to identify the owner of a lost or forgotten item, as well as for the legitimate business purposes of the Mulberry Turizm Group.
It is in the legitimate business interest of Mulberry Turizm to organise the daily maintenance of the hotel, to personalise the services offered and/or to identify the owner of a lost or forgotten item.
Your personal data will be processed for the following purposes;
- To better serve you during your stay with us,
- To perform housekeeping and maintenance services,
- To be able to return lost or forgotten items to you,
- To accommodate your preferences and those of the guests staying with you, such as dietary requirements/allergens, personal preferences and pillow preferences.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname TR identity card number/ Passport number Telephone E-mail Address Date of arrival and departure, First and last name of other adult guests Type of payment card - number - expiry date Visual records Consumption habits Payment details (for the return of lost or forgotten items) Other preferences Visual records Type of payment card - number - expiry date | Depending on the booking method; Directly from you via the online booking form Via the online booking channel you use to make the booking From your travel agent From our call centre Directly from the Mulberry Turizm hotel you have booked | Hotel staff including housekeeping, maintenance, reception and/or related hotel staff. Related other Mulberry Turizm companies IT service providers Delivery or courier services (for the return of lost or forgotten items) |
Additional services and facilities for hotel guests
In most of our hotels you can use additional services and facilities, such as breakfast, room service, minibar, pool, restaurants and bars, spa treatments, laundry service, taxi requests, free Wi-Fi, etc. If you use additional services and facilities at one of our hotels, your personal data will need to be processed.
Your personal data will be processed for the following purposes;
- To organise booking and use of these additional hotel services and/or facilities;
- To organise early booking of additional services and/or facilities in your file;
- To personalise arrivals of returning hotel guests and their preferences for room facilities,
- To regulate expenses for these additional services and facilities.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname Phone E- Mail Booking details (including booking number) Your personal preferences | Directly from you | Related other Mulberry Turizm companies IT service provider Our relevant supplier |
Guest satisfaction surveys
We may send you guest satisfaction surveys during or after your stay to evaluate the performance of our hotels. You can cancel your guest satisfaction survey email subscription at any time by clicking on the unsubscribe link in the emails we send you.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname E-mail Arrival and departure date Booking details (including booking number) | Depending on the booking method; Directly from you via the online booking form Via the online booking channel you use to make the booking From your travel agent From our call centre Directly from the Mulberry Turizm hotel you have booked | Related other Mulberry Turizm companies Guest satisfaction survey provider |
Organisation of meetings and events
If you would like to organise a meeting or event at one of our hotels, or if you would like more information about this facility, you can contact us by filling out the contact form on our website, by contacting your preferred hotel directly or by other means.
Your personal data will be processed for the following purposes;
- To carry out contract processes,
- To fulfil your request to organise a meeting or event,
- To inform you about our services and our latest offers
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname E- Mail Phone Address Date of meeting or event Trade title Tax number | Directly from the Mulberry Turizm hotel you have booked Online contact form Your request sent by other means | Related other Mulberry Turizm companies Guest satisfaction survey provider |
Analytical methods
Your personal data will be processed for the following purposes;
- Optimise your experience,
- To increase our marketing, commercial and operational efficiency,
- To segment our guests based on personal data,
- For analytics purposes, to personalise our offers and promotions according to your preferences and consumption habits.
As part of these analytics, we may analyse and combine various data we hold about our guests, including guest satisfaction survey responses, guest communications with us, click-through rates for our marketing communications, guest behaviour on our websites, bookings and other information we receive.
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| First name/Surname TR identity card number/ Passport number Phone E-mail Address details Date of arrival and departure, First and last name of other adult guests Consumption habits Payment details Other preferences - Payment card type - number - expiry date | Directly from you via the online booking form Via the online booking channel you use to make the booking From your travel agent From our call centre From our email analytics service provider Directly from you when you request additional services/amenities at the hotel reception or information desk, | Related other Mulberry Turizm companies IT service provider Analytics service provider Targeted ads provider |
Social media and online reviews
The processing of your personal data received via social media platforms (including Facebook, Instagram, LinkedIn, Weibo and Twitter) or online reviews of our brands (including those on Trip Advisor) is processed for the purpose of improving our services and identifying business opportunities, as it is in our legitimate interest to process your personal data that you submit to us or share publicly on social media platforms, online booking channels or other (comment) websites.
Your personal data will be processed for the following purposes;
- To answer your questions and complaints
- To monitor our online reputation
- To improve our services and identify opportunities for us to focus on
| What data is processed? | How do we get your data? | With whom do we share your data? |
|---|---|---|
| Personal data that you provide to us or that you post about us on social media or other review platforms | Directly from you via public social media pages, online booking channels or other (rating) websites. Our online monitoring service provider | Related other Mulberry Turizm companies IT service provider Service provider |
Basic rules for the processing of your personal data
Although your personal data may vary depending on the service, product or commercial activity we provide, they will be processed in accordance with the principles set out below, pursuant to Article 4 of the Turkish Personal Data Protection Law (KVKK – Law No. 6698): In accordance with the law and in good faith.
- Accurate and, where necessary, up to date
- For specific, explicit and legitimate purposes
- Relevant, limited and proportionate to the purpose for which they are processed
- Data shall be kept for as long as provided for by the relevant legislation or as necessary for the purpose for which it is processed.
In this context, our company processes your personal data for the following purposes:
- Carrying out the management and activities of our company in accordance with legislation, company policies, procedures and instructions,
- Carrying out corporate communications and management activities,
- Fulfilment of contractual, product and service conditions and fulfilment of assumed obligations in a complete and correct manner and execution of contractual processes.
- Complying with legal obligations,
- Carrying out advertising/campaigns/promotional processes
- Offering for sale the products and services offered by our company,
- Ensuring communication and business relationships between suppliers, business partners, external service providers and customers, and planning supply chain management processes,
- Ensuring information and process security and executing access authorisations,
- Planning and implementing business continuity processes,
- Ensuring the physical, legal and commercial security of the company, its personnel, its customers and those who have business relations with the company,
- Conducting marketing analysis studies,
- Ensuring employee and customer satisfaction, managing customer relations and dealing with enquiries and complaints,
- Resolving problems and complaints of the persons concerned, ensuring their satisfaction and providing an efficient service
- Carrying out financial, accounting and operational procedures,
- Organisation and event management,
- Carrying out storage and archiving work
- Carrying out audit and risk management activities and quality control procedures,
- Fulfilment of the objectives of the establishment of the joint venture and customer service,
- Responding to requests for information from administrative and judicial authorities and following up on all legal procedures,
- Providing information to authorised persons, institutions and organisations.
*When you click on a link to a third-party website, you will be redirected to a website that is not under our control and our privacy policy will no longer apply. Your browsing and interaction on another website is subject to the terms of use, privacy and other policies of that third party website.
- Method and legal basis for the collection of personal data
Your personal data will be collected through all types of oral, written or electronic media in order to provide the products and services offered by our company in accordance with the purposes set out above, within the established legal framework and, in this context, so that our company can fully and correctly fulfil its contractual and legal obligations. For these legal reasons, your personal data will be collected by means of
manual or electronic media within the terms and purposes of the processing of personal data in this disclosure document.
Transfer of your personal data
Your personal data collected may be disclosed to our business partners, suppliers, company representatives, shareholders, legally authorised public bodies and private individuals in order to carry out the necessary work of our business entities to enable you to benefit from the products and services offered by our company by adapting them to your tastes, your usage habits and needs, to ensure the legal and economic security of individuals (administrative processes for communications carried out by the company, ensuring the physical security and monitoring of our company's sites, processes for evaluating business partners/customers/suppliers (agents or employees), reputational research processes, legal compliance processes, audits, financial matters, etc.) associated with our company and our business units. ) that have business relationships with our company and group of companies, to establish and implement our company's commercial and business strategies and to ensure the implementation of our company's guest service policy, will be disclosed under the conditions set out in this disclosure text by taking the necessary measures.
| Persons to whom the data may be transmitted | Description | Purpose of the data transfer |
|---|---|---|
| Business partner (agency, client, etc.) | It defines the parties with whom the company has entered into business partnerships for purposes such as the purchase or sale of services in the conduct of its commercial activities. | Limited to the purpose of ensuring the fulfilment of the purpose for which the joint venture was established and assessing the agent or employee. |
| Suppliers | It defines the parties who supply products/services to the Company on a contractual basis in accordance with the Company's orders and instructions in the course of the Company's business. | Limited to the purpose of ensuring that the products and services which the Company obtains from the Supplier and which are necessary for the performance of the Company's business are made available to the Company |
| Company authorities | Members of the Board of Directors of the Company and other authorised natural persons | Limited to the purpose of ensuring physical security and surveillance of the Company's sites, developing strategies for the Company's commercial activities in accordance with the relevant legislation, ensuring a high level of management, developing financial matters and the like |
| Legally authorised persons under private law | Persons under private law who are authorised to receive information and documents from the company in accordance with the relevant legal provisions | Limited to the purpose requested by the private law persons concerned within the scope of their legal powers |
| Legally authorised public institutions and organisations | Public bodies and organisations authorised under the relevant legislation to receive information and documents from the company | Limited to the purpose required by the competent public institutions and organisations within the scope of legal authority |
Storage of your personal data
Your personal data may be processed for as long as necessary to carry out the activities set out in this policy, until you are notified otherwise, or for as long as permitted by applicable law. For example, we may retain your personal data where reasonably necessary to comply with legal obligations, to comply with the requirements of law, to resolve disputes or litigation and for other purposes deemed necessary to implement this policy.
To determine the appropriate retention period for the data we collect, we assess the potential risks arising from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes by other means, as well as any applicable legal requirements.
Measures relating to the security of personal data
Mulberry Turizm is aware of its responsibility to ensure the confidentiality and security of the personal data it processes and shall exercise due diligence. In addition to the requirements of the relevant legislation, it takes the necessary technical and administrative measures at an appropriate level to ensure the confidentiality and security in accordance with Article 12 of the Turkish Personal Data Protection Law (KVKK – Law No. 6698). These administrative and technical security measures are intended to prevent unlawful processing of personal data, to prevent unlawful access to personal data and to maintain personal data at an appropriate level of security.
Should your personal data unlawfully come into the hands of third parties, the data owners, the Board of Directors and other relevant public institutions and organisations will be notified in accordance with the provisions of the relevant legislation. The technical and administrative measures taken to store personal data in accordance with the Security Act and relevant legislation and to prevent unlawful processing and access are set out below but are not limited to those listed.
Your rights as a data subject
You have the following rights in relation to the processing of your personal data;
- To know whether or not your personal data have been processed,
- To request information if personal data have been processed,
- To know the purposes for which personal data are processed and whether they are used for those purposes,
- To know the third parties to whom personal data are communicated, whether domestic or abroad,
- To request rectification of personal data in the event of incomplete or inaccurate processing,
- To request the erasure or destruction of personal data,
- To request communication of the operations referred to in letters e) and f) to third parties to whom personal data are communicated,
- To object to the analysis of the data processed solely by automated systems leading to a result which is prejudicial to the data subject,
- In the event of damage caused by the unlawful processing of personal data, to obtain compensation for the damage suffered,
Your requests in your application will be processed free of charge within thirty days at the latest, depending on the nature of the request. However, if the process requires additional costs for the Company, the fee provided for in the tariff established by the Personal Data Protection Committee in the “Communiqué on the Procedures and Principles for Applications to the Data Controller” may be charged.
In connection with the processing of your personal data, you must submit your application to our Company by completing the application form on our Company's website, in writing or using your registered email
address, secure electronic signature, mobile signature or email address previously provided to us and included in our records. Our Company may require additional verifications (e.g., send a message to your registered phone number, call you) to determine whether the application belongs to you according to the reason for your request and your application method, and thus to protect your rights. For example, if you apply via your email address registered with the company, we may contact you via another method of communication registered with the company to ask you to confirm whether the application belongs to you.
Submitting a request to the data controller
Pursuant to Article 13(1) of the Turkish Personal Data Protection Law (KVKK – Law No. 6698), you may submit your request to our Company in writing or in any other manner determined by the Data Protection Committee. In this regard, the channels and procedures for submitting your written request to our company under Article 11 of the Turkish Personal Data Protection Law (KVKK – Law No. 6698) are explained below.
To exercise your above-mentioned rights, you can access the KVKK application form with the required information on your identity at www.asfiyaseaviewhotel.com and send it signed to the company.
- After completing the application form, a wet-signed copy of the application form must be sent to Kalkan Mahallesi Akdeniz Caddesi No: 11/1 07960 Kaş / ANTALYA by hand or via a notary,
- The application form must be completed and sent to the e-mail address [email protected] by using your “secure electronic signature“ or “mobile signature” under the Electronic Signature Act No. 5070 or by using the e-mail address previously provided by the data subject to the data controller and registered in the data controller's system.
In order for third parties to file a request on behalf of the personal data subject, there must be a specific authorisation issued by the data controller through a notary on behalf of the applicant. In order to determine whether or not the applicant is the personal data subject, the Company may request information from the person concerned and ask questions of the personal data subject in order to clarify the points mentioned in the request.
These rights will be considered and processed within 30 (thirty) days if communicated in the manner specified in the policy. Although it is essential not to charge a fee for the requests, the Company reserves the right to charge a fee based on the fee scale set by the Personal Data Protection Committee.
CONTACT DATA
Address : Kalkan Mahallesi Akdeniz Caddesi No: 11/1 07960 Kaş / ANTALYA
Phone 0242 844 1271