Privacy Policy

Information notice on the processing of Personal Data

We, Eresin Turizm İthalat İhracat İnşaat Sanayi ve Ticaret A.Ş. (“Eresin”), acting as the Data Controller, would like to inform you the scope of our liability under the Law numbered 6698 on the Protection of Personal Data ("DP Law"), with this Information Notice on the Processing of Personal Data ("Information Notice”)

1. Method and Legal Basis of Collecting Your Personal Data

The processing of Personal Data indicated in this Information Notice are carried out in accordance with the relevant legislation and Eresin Personal Data Protection Policy. You can reach our policy for the protection of your Personal Data by visiting our website.

In accordance with the DP Law, we collect your Personal Data automatically or non-automatically, verbally, in writing or electronically, through the following channels and methods and other channels that may be added in the future and processing your Personal Data within the scope of Article 5.1., Article 5.2, Article 6.2. and Article 6.3 of the DP Law:

  • through our website domain named www.eresin.com.tr and our other websites ("Websites"), our mobile and other applications, all kind of online media belonging to an Eresin Group Company ("Media Tools") or cookies that provide communication with your devices on Web Sites ("Cookies"), automatically or non-automatically and electronically,

  • through hotels administrated by Eresin (“Hotels”), automatically or non-automatically and verbally, in writing, or electronically,

  • through social media accounts operated on behalf of Eresin (“Social Media”) automatically or non-automatically and electronically,

  • through all kind of communication methods, including correspondence through our e-mail addresses ("E-mail"), short messages ("SMS") or multimedia messages ("MMS") sent to Eresin for all kind of purposes, automatically or non-automatically and in writing, verbally or electronically,

  • through call centers run by Eresin or by service-provider company to Eresin (“Call Center”) automatically or non-automatically and verbally or electronically,

  • through third parties such as group companies, business partners, producers or service/product suppliers which Eresin serves or from which Eresin receives services, automatically or non-automatically and verbally or electronically.

2. Identity of the Data Controller

Eresin Turizm İthalat İhracat İnşaat Sanayi ve Ticaret A.Ş., residing at the address of Topkapı Mah. Turgut Özal Bulv. Millet Cad. No:186 Fatih - ISTANBUL and registered in İstanbul Trade Registry Directorate with the registered number 33510 and Mersis number 354005078200026 is the Data Controller for your Personel Data shared through above-mentioned channels.

3. Purpose of the Processing of Your Personal Data

Your Personal Data collected by the methods through the channels mentioned in this Information Notice are processed by Eresin within the following purposes:

(a) Within the scope of Article 5.2 and 6.3 of DP Law;

  • (i) For the purpose of fulfilling our legal obligations (tax legislation, consumer protection legislation, occupational health and safety legislation, code of obligation, commercial law and other legislation such as telecommunication legislation, banking legislation): e-invoices, e-archives or any other transactions required by the consumer protection legislation and the other processing required by the related regulation and the Law on the Notification of Identity numbered 1774, the processing of the identification information of our guests staying in our hotels for the purpose of reporting to law enforcement officers to within the framework of our legal obligations can be given as examples.

  • (ii) For the purpose of protecting the life or physical integrity of the data subject or another person where the data subject is physically or legally incapable of giving consent or the consent of such person is not legally accepted: the processing of your Personal Data as a result of an incident in case you are unconscious and all kind of processing as per the related legislation can be given as examples.

  • (iii) For the purpose of establishment or execution of a contract: processing such as supply of products and services which you have ordered or purchased online, contacting you in this context if necessary, use of POS machines, return procedures, transfer services, establishment of distant sales agreements as per electronic commerce, sale, supply and delivery of products or services as part of our obligations and any other processing attributable to Eresin within this context.

  • (iv) For the purpose of fulfilling our legal obligations: processing such as replying and resolving questions, complaints and notifications regarding Eresin products and services that you place through Websites, Communication Tools or Call Center and processing of health reports that you have shared with Eresin as regards to your complaint and any other processing attributable to Eresin within this context.

  • (v) For the purpose of establishing, using or protecting a right: processing such as storing the records of sale transactions as evidences and any other processing attributable to Eresin within this context.

  • (vi) Data processing which is imperative for the Company’s legitimate interest given that no harm is caused to your rights and freedoms: processing such as camera recordings to ensure safety in hotels and measure the quality of services provided to you and reviewing and resolving of your requests in this regard and any other processing attributable to Eresin within this context.

Also, Personal Data that you have publicized may be processed for the purposes above without your explicit consent. An example for this could be processing of your Personal data that you have publicized in Social Media, your website and other channels and any other processing attributable to Eresin within this context.

(b) Your Personal Data collected through the abovementioned channels and methods may be processed for the following purposes given that explicit consent is obtained as per Articles 5.1 and 6.2 of DP Law:

  • (i) For CRM (Customer Relations Management) works and for offers of exclusive products and services provided for you in internet advertisements, targeting, re-targeting, cross sales, campaigns, promotions and product/service advertisements,

  • (ii) For loyalty program and membership services,

  • (iii) For providing targeted content in website visits,

  • (iv) For creating new products and services,

  • (v) For sending electronic commercial messages (such as campaigns, newsletters, customer satisfaction questionnaires, product and service ads),

  • (vi) For sending gifts, promotions and other magazines,

  • (vii) For corporate communications and, in this regard, organizing various events and notifying about these events,

  • (viii) Within the context of SPA service offered, processing of your personal health data especially for determining the healthy conditions in massage and steam rooms and for providing the best services possible,

  • (ix) For your sensitive personal data to be processed due to your inability to express your consent due to physical impossibility, establishment or execution of a contract, for Eresin to fulfill its legal obligations, to establish, use or protect a right, and where data processing is imperative for the Company’s legitimate interest given that no harm is caused to your rights and freedoms.

4. Duration of Personal Data Processing

Your Personal Data you have shared with Eresin through channels described in this document will be processed in accordance with the required periods set forth in Personal Data Protection legislation and any other legislation, and in any case until the legitimate purposes set forth above disappears.

5. Transfer of Your Personal Data to Third Parties and/or Abroad

Eresin may transfer your Personal Data collected through the channels and methods described herein to third parties or abroad within the purposes set forth in DP Law and other legislation and this Information Notice. Your Personal Data may be transferred:

  • (a) If abovementioned purposes under DP Law Article 5.2 and 6.3 exist, with third parties from which we got assistance as regards to the storage, archiving, information technologies (server, hosting, program, cloud computing), security, call center services etc., business partners and/or affiliates providing service to us, business partners, suppliers, banks, financial institutions, consulting firms operating in the areas of law, tax etc. which provide service to us, and other related parties, institutions and organizations when transfer is necessary under determined data processing purposes, that are located in Turkey and in other countries primarily in EU countries, United States of America, England, OECD countries, India, China and Russia.

  • (b) Within the scope of the purposes under Article 5.1 and 6.3 of the DP Law, with marketing companies, affiliates, third party firms providing marketing support to us (e-mail delivery, advertising agents for creating campaigns, firms providing CRM services) located in Turkey and in other countries, primarily in EU countries, United States of America, England, OECD countries, India, China and Russia, provided that your explicit consent has been obtained.

Additionally, if a partial share transfer or asset transfer (including but not limited to trademark, domain name and other business organization elements) occurred within Eresin, your Personal Data may be transferred to the assignees whether real persons or legal entities and other third parties to whom the transfer is necessary under the transfer transaction, that are located in Turkey or abroad such as their shareholders, business partners, agents, consultants. During this transaction, your Personal Data may be processed in a limited way by above mentioned third parties in order to make the necessary evaluation. In case of a transfer, assignor shall be liable for the all the transferred assets as well as your Personal Data and shall process your Personal Data as a data controller.

6. Access to Your Personal Data and Your Rights under DP Law

Under Article 11 of DP Law, you have the right to request the following regarding your Personal Data;

  • (a) information about whether your Personal Data has been processed,

  • (b) if your Personal Data has been processed, information about such data processing,

  • (c) information about the purpose for the data processing and whether your Personal Data was used in this purpose,

  • (d) information about third parties located whether inland or abroad whom the data is transferred to,

  • (e) if your Personal Data has been incompletely or inaccurately processed; correction of such Personal Data,

  • (f) if the grounds for processing Personal Data are no longer valid in terms of principles of purpose, duration and legitimacy, deletion or destruction of the Personal Data,

  • (g) in case of correction, deletion or destruction of Personal Data, request third parties to whom that such data is transferred to be notified about such transaction,

  • (h) objection to any negative consequence of your Processed Personal Data being analyzed exclusively through automated systems,

  • (i) if you suffer any damages due to the illegal processing of your Personal Data, indemnification of such damages and losses.

If you wish to exercise your abovementioned rights, you may send your request by filling forms provided under our Web Site or in a way determined by the Personal Data Protection Board to our e-mail address, which may change from time to time, from your e-mail address registered under our data base (please check your registered e-mail address) or with a secure electronic signature or mobile signature to our secure e-mail address, or to the mail address below, which may change from time to time, along with a written petition with a wet-ink signature either submitted in person or via a notary public, or through other methods to be determined by Personal Data Protection Board in the future. Current application procedures must be checked from the legislation before the application. Eresin will conclude the request, free of charge, within 30 (thirty) days at the latest, depending on the nature of the request. If a cost arises in relation to the finalization of the request by Eresin, fees indicated in the tariff determined by the Personal Data Protection Board may be requested by Eresin.

Legal Entity: Eresin Turizm İth. İhr. San. ve Tic. A.Ş.

Legal Address: Topkapı Mah. Turgut Özal Bulv. Millet Cad. No:186 Fatih - İSTANBUL

E- Mail Address: kvkk@eresinhotels.com.tr

Websitewww.eresin.com.tr

Contact Number+90 212 631 1212

Mersis No: 0354-0050-7820-0015

Kep Addresseresinturizm@hs01.kep.tr

You can make all your applications regarding your personal data through the GDPR application form on our website and the channels specified in the forum. For detailed information, you can review our GDPR policy and cookie policy.