GENERAL INFORMATION NOTICE ON PROTECTION, COOKIES AND PROCESSING OF PERSONAL DATA
As Sirkeci Turizm ve Yatırım Tic. AŞ. (“Neorion”, “Neorion Hotel” or the “Company”) we conduct maximum care with regards to safety of your personal data. With this consciousness, we attach great importance to processing of all kinds of personal data of every person related with Neorion, in compliance with the Law no. 6698 on protection of Personal Data (“PDPL”), and to preservation thereof. Being fully aware of this responsibility imposed upon us, as defined in the PDPL, we, as Neorion, with the capacity of “Data Controller”, process personal data relating to you, in compliance with the basic principles set forth in the PDPL and the personal data processing terms and conditions set forth in article 5 of the PDPL.
Neorion, with the capacity of “Data Controller”, shall collect, process, protect and share all kinds of personal data relating to every person related with it, within the framework of the principles specified below, and in compliance with the PDPL, related secondary regulations (regulation, communiqué, circular letter), put into effect and will be put into effect in the future, and the decisions taken and to be taken by the Personal Data Protection Board (“PDPB”), which shall be of binding nature, and within the scope of statutory limits set by the legislation. By this "Information Notice", we, as Neorion, would like to inform all persons who are within the scope of our obligation to provide information.
1. Information Regarding the Data Controller
According to the PDPL, Sirkeci Turizm Yatırım ve Ticaret AŞ. with its principal place of business at the address of "Orhaniye Cad. No:14 Sirkeci Fatih İstanbul Türkiye", is the Data Controller.
2. Personal Data which may be collected
Neorion collects your information for purposes such as serving you in best manner, ensuring our internal operations and fulfilling the legal obligations. All kinds of information collected, shall be connected to your interactions with Neorion and content of the services you use.
Below are the samples of the information that can be collected:
• Identity information (name, TR identity / passport no, etc.)
• Communication details (e-mail address, postal address and phone number, etc.)
• Payment information (payment card numbers, invoice address and bank account information etc.)
• Demographic data (age, gender, country and preferred language, etc.)
• Information relating to your reservation, accommodation information (including arrival and departure dates, purchased goods and services);
• Information required to meet your private requests and/or to provide your private accommodations;
• If you contact us, copies of your correspondence;
• Your areas of interest and preferences;
• Health data (information on disability status, information on allergy, which shall be declared to us by you)
• Information collected by use of closed circuit television systems, card keys and other security systems and
• İnformation relating to use of and interaction with our Web Site.
3. Methods of Collecting Personal Data
We collect this information by various methods, including those defined below:
• Information You Give Us: In case you reach us by “Information and Reservation” tab available on our web site, you request to contact us by the “Let’s Call You” tab available on the web site, you make reservation at Neorion by the “Reservation” tab available on the web site; information you enter or send to us by any other way, shall be kept (stored). If you send personal data relating to another person (for example, you make reservation for another person), you shall be deemed to have declared that you are authorised by that person and that you consent us to use the information in accordance with this Confidentiality Policy. Furthermore, you also declare that the information you provide is correct.
• Automatic Information: When you use our web site or have interaction with them and/or when you use an application which we can offer for use on our web site, we shall collect and keep the information formed by your activity and the information collected automatically from your browser or mobile device. For instance, when you have access to our web site, we obtain certain information, including your web browser, IP address, browser type, operating system, mobile network data, displayed pages and access periods.
• When you actually visit our hotel, relevant information can be collected by closed circuit television systems, electronic key card and other security systems.
• Information Taken from Other Resources: We can obtain information regarding you from other resources such as public databases, common marketing partners and other third parties. Accordingly, this may include the information obtained from your travel agency, airway company, your credit card and other business partners.
• Age Limitations: Neorion shall not collect information which can be used to identify persons from any person below the age of 18 on our web site. Neorion Hotel may collect personal data from persons below the age of 18, as part of guest registration process; however, such information shall be collected, at all times, based on consent of the parents or guardian of that person.
4. Purposes of Collecting and Processing Personal Data
Neorion shall collect your information in order to conduct its operations efficiently and to offer you best experiences by our services. Neorion may collect, use and disclose, for various reasons, the information collected by it.
• Making Reservation and Other Purchases: We may process your information relating to transactions which you shall make with us and/or via our web site ("transaction data"). Transaction data may be processed for the purposes of completing your room reservation, making necessary agreements between the Company and you, delivering you the notices relating to accommodation and other related services you purchase, indicating your address in e-invoice, e-archive which we shall issue/keep due to our fiscal obligations, customising our services according to your choices, receiving feedback relating to your accommodation and keeping appropriate records of said transactions.
• Response to Requests: We may process the information contained in any correspondence you send us ("correspondence data"). Correspondence data may be processed for the purposes of contacting you, meeting your requests and keeping records.
• Internal Business Purposes: For our internal operations such as data analysis, audits, new product development, improving the web site, improving our services, detecting usage trends and visit patterns, detecting efficiency of our promotions and fulfilling the contractual obligations.
• Purposes of Processing Health Data: Your health data, considered to be of private nature, which you shall disclose to us at your will and within the scope of private request and service, during the reservations you shall make at Neorion Hotel; shall be processed only to provide services at your satisfaction according to your request, and shall only be shared with the persons who have confidentiality obligations and with competent public authorities and institutions within the scope of conducting protection of public health, preventive medicine and medical diagnosis treatment and maintenance services, defined in article 6 of the PDPL.
• Administrative and Other Communications: Important information relating to our web site, changes to our terms, conditions, and policies or other administrative information (for example information relating to your travel reservations such as your reservation confirmations).
• Marketing and Promotions: Sending the news, bulletins and promotions regarding products and services relating to Neorion Hotel and other products and services, which we think to be of your interest, and conducting lottery, competition or other marketing and promotion activities.
• Safety and Security: For protecting your security when visiting our hotel, protecting the security of our other guests and our personnel.
• Our Legal Duties: Complying with legal and regulatory requirements and requests in accordance with related law, court order, court summons or any other legal process.
• Additional Usages: When you give your data to us, we may also use your data in other manners explained to you. Legal basis regarding processing of your personal data, shall consist of one or more of the following: (i) your consent and/or (ii) offering the services you request and/or (iii) your legal interests and/or (iv) compliance with applicable laws, regulations, court orders or other legal processes.
In this context, your personal data; shall be processed based on the legal reasons that processing of personal data of the parties to an agreement is required since it’s directly related with entering into or implementation of an agreement; processing of personal data is required for fulfilment of the data controller’s legal obligation; that such data are publicised by related person and processing of data is required for legitimate interests of Neorion Hotel, provided that the basic rights and obligations of the related person are not impaired; as set forth in the second paragraph of article 5 of the Law.
5. To Whom and For What Purpose the Processed Personal Data Can Be Transferred
We, as Neorion Hotel, shall share processed personal data with Neorion Hotel authorised staff, in necessary cases; with third persons with whom we cooperate, our performance assistants, sub-contractors, in accordance with our activities, with legally authorised public authorities and institutions, official authorities, within the scope of relevant legislation (authorities such as Social Security Institution, Ministries, judicial authorities, authorised public authorities and institutions such as Banks from which the company receives services, private insurance companies, sub-contractor firms from which services are received, in order to conduct our business processes in accordance with the law and our other legitimate interests, to exercise our defence right in any potential judicial process; with lawyers, auditors, tax consultants and other third persons from whom we receive consulting services; for the purposes of fulfilling our legal obligations, including but not limited to: conducting our services and operational activities, conducting hotel management processes, ensuring physical location security, conducting various platforms, printed and digital publication activities, planning and implementing our human resources, financial affairs policies and processes and for other purposes specified above, in compliance with the requirements defined in articles 8 and 9 of the Law and within the scope of applicable legislation; processed personal data may be disclosed to parties in Turkey and abroad, within the scope of data security measures.
Furthermore, as set forth in article 138 of the Turkish Criminal Code and article 7 of the Law, although processed in compliance with relevant legal provisions, upon expiration of the reasons which require processing thereof, personal data shall be deleted, destroyed or anonymised by Neorion Hotel, based on its own decision or upon request of the personal data subject.
6. The Rights of the Personal Data Subject listed in Article 11 of the PDPL
As the personal data subject, we hereby declare that you have the following rights, according to article 11 of the Law:
• To learn whether your personal data is processed or not,
• To request information about personal data if it has been processed,
• To learn the purpose of the processing of your personal data and whether they are used in compliance with their purpose,
• To know the third parties in Turkey or abroad to which your personal data is transferred,
• If your personal data is incompletely or incorrectly processed, to ask them to be corrected,
• To request your personal data to be deleted or destructed within the framework of the conditions foreseen in the related legislation,
• To request that the correction, deletion or destruction transactions are notified to third parties with whom your personal data is shared,
• To object to the occurrence of a result against you through analysing the processed personal data exclusively through automated systems,
• In case you suffer any damage due to processing of your personal data illegally, to request indemnification of the damage.
For your requests and explanations relating to your rights and implementation of the PDPL, you can fill in the PDPL Application Form, and deliver in person or send by other methods defined in the Law, a signed copy of the form to the address "Orhaniye Cad. No:14 Sirkeci Fatih İstanbul", together with documents certifying your identity, or you can send related form to the electronic mail address of "info@Neorionhotel.com", via electronic mail (REM-Registered Electronic Mail) address, by secure electronic signature and mobile signature. Please click to reach the Data Subject Application Form.
Your applications which you shall send to Neorion Hotel, shall be answered within 30 (thirty) days, beginning from the date when your request is received by Neorion Hotel, depending on the nature of request, according to 2nd paragraph of article 13 of the Law. However, in case the transaction requires any cost separately, Neorion Hotel reserves the right to charge the fee specified in the tariff, determined by the Personal Data Protection Board. On the other hand, you can declare changes and/or updates relating to your personal data, to Neorion Hotel, at any time, via the communication means defined above.
Neorion Hotel may update this Information Notice on Protection of Personal Data from time to time and may provide additional information notices, taking into account the changes which shall be made in relevant legislation. In this context, we request and recommend you to visit our web site from time to time and to read the information notice we have prepared in relation to the PDPL.
7. Cookies
Some of the websites use cookies. Cookies do not harm your device and do not contain viruses. Cookies serve to make our service more user-friendly, more effective and safer. Cookies are small text files that are stored on your device and saved by your browser. Most of the cookies we use are called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser/device the next time you visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. shopping cart function) are stored on the basis of Art. 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, they will be treated separately in this data protection declaration.