This clarification text you have accessed is issued by the “data controller”, Anadolu Şeker Turizm İnş.San.Tic. Ltd. that is active at the address Evren Mahallesi, 20.Sokak,No:1/1/1 Manavgat, Evrenseki, Antalya under the brand “Grand Şeker Hotel” (Grand Şeker) in accordance with the provisions of the Law on Protection of the Personal Data no. 6698 article 10 and the “Notice on Procedures and Principles to be Followed in Fulfillment of the Clarification Obligation” showing the application of the said article, regarding the real persons who are/shall be guests of the hotel.

Grand Şeker processes the following information of its real person guests who applied for accommodation in the hotel orally or in writing, on physical or electronic media:

-    Identification data including of name surname, date of birth, place of birth, marital status, gender, nationality, R.T. ID number, Passport number, vehicle license plate information;
-    Contact information including address, e-mail address, contact address, telephone number;
-    Customer transactions and finance data like call center records, invoices, credit card, bank account information;
-    Physical location safety data including entry-exit log information and camera recordings;
-    Transaction safety data including IP address information, website log in and out information;
-    Hotel accommodation history information, marketing information acquired via surveys, cookie logs, campaigns;
-    Audio-visual data including photographs and voice records;
-    In case information is given specially by the guest, smoking information, information on disabilities, personal health information, information on device and prostheses used, sensitivity against specific foods and similar health information that are defined as “special personal data” in the Law no. 6698.

Grand Şeker, in line with the legal regulations regarding the tourism and accommodation, collects and processes the personal information in order to fulfill completely the services it undertakes with Contract against the guests, and to perform its liabilities bestowed by various legal regulations while rendering these services. In this scope, the personal data of the domestic and foreign hotel guests are processed to fulfill the contract provisions executed with the guests and to abide by the public liabilities given by the said legal regulations. 

The personal data of the hotel guests processed with the purposes indicated above, in order to fulfill the legal and contractual liabilities regarding the hotel businesses, are transferred to the Grand Şeker subsidiaries, agencies and business partners, online service providers and platforms providing services like reservation etc., its suppliers, and legally authorized public institutions and associations. 

In case that the hotel guest acquired services like reservation from agencies and online service providers resident in abroad, in order for the Grand Şeker to fulfill the services undertaken in the contract, there occurs a mandate to transfer data abroad. Outside such legal and contractual obligations, based on open consent and in accordance with the rules determined by the KVKK data transfer can be made for marketing purposes. 

There are citizens of European Union member states among the guest of the hotel. The businesses providing service to the EU citizens should act in accordance with the provisions of the EU General Data Protection Regulation (GDPR) that came into force in May 2018. Grand Şeker, following closely the GDPR rules and applications, acts in conformity to the GDPR while processing the personal data of the EU member state citizens. 

The personal data gathered by Grand Şeker based on the legal reasons indicated in the Law no. 6698 article 5 paragraph 2 as “a) stipulated clearly in the laws, c) provided that it is directly related with the organization or performance of a contract, when the processing of the personal data of the contractual parties is required, ç) when it is a mandate for the data controller to fulfill its legal obligations, f) provided that it does not harm the fundamental rights and freedoms of the related person, when data processing is a mandate for the legal interests of the data collector” are processed via written or oral, physical or electronic media, automatically or non-automatic methods as to be a part of the data recording system. 

In accordance with the article 11 of the Law on Protection of the Personal Data no. 6698 that regulates the rights of the related person, as the applicant candidate, regarding your processed data, you have the right to learn whether your data are processed or not, and if they are processed whether they are used conforming to the processing purpose; to know the third parties to which your data are transferred in and out of the country; in case your data are lacking or faulty, to request correction of such data, or to request your data to be deleted or destroyed in accordance with the conditions stipulated by the law; to demur to reaching results against you via analyses with automatic systems and to claim the damages you may face due to illegal processing. 

Under the scope of these rights, you may communicate your requests in accordance with the “Notice on Procedures and Principles of Application to the Data Collector” prepared by the Institution for Protection of the Personal Data, in writing to the Evren Mahallesi, 20.Sokak, No:1/1/1 Manavgat, Evrenseki, Antalya address of the Grand Şeker or the corporate e-mail address info@grandsekerhotel.com.tr of Grand Şeker.