Gestor de canales 
Metabúsqueda | Direct Plus 
Finanzas y pagos 
Sitios web 
Análisis de la competencia 
Inteligencia empresarial | Insights 
HotelRunner Elite Privacy Statement for Physical Visit Processes
1. Data Controller
Your personal data is processed by our Company as the data controller within the scope of the provisions of the Law on Personal Data Protection No. 6698 (“Law”) and in accordance with this Privacy Statement for Physical Visit Processes (“Privacy Statement”).
Our Company respects your privacy and your rights regarding the protection of your personal data and strives to establish and maintain a relationship of trust with you. In this context, our Company processes your personal data in accordance with the provisions of all legislation regarding the protection of personal data, in particular Law, ensures that your data is stored securely, and takes all necessary security measures against possible unlawful access. This Privacy Statement explains the scope of processing of your personal data collected within the framework of your visit to our Company’s premises.
2. Methods of Collecting Your Personal Data
Your personal data is collected by our Company through fully or partially automatic methods or non-automatic methods, provided that it is part of any data recording system, from physical and/or electronic environments, through closed-circuit television cameras (CCTV) for security in our Company’s headquarters and branches and other premises and other methods (channels) that may be added to these in the future
3. Categories of Your Personal Data Processed and Purposes and Legal Reasons for Processing Your Personal Data
Your personal data categories processed within the framework of ensuring and maintaining the security of the Company’s buildings and premises, employees and fixtures, and visitors to the Company, as well as the purposes and legal reasons for the processing of your personal data are explained in detail below.
| Personal Data Category | Purposes of Processing Personal Data and Legal Reasons for Processing |
| Identity Data | Your data in this category are processed within the scope of the personal data processing conditions (legal reasons) and for the following purposes, provided that it is mandatory for the data controller to fulfill its legal obligation in accordance with subparagraph (ç) of paragraph 2 of Article 5 of the Law, that data processing is mandatory for the establishment, exercise, or protection of a right in accordance with subparagraph (e), and that data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject in accordance with subparagraph (f): – Performance of the Audit / Ethics Activities – Performance of Activities in Accordance with Legislation – Ensuring Physical Security of the Place – Following Up and Performance of the Legal Affairs – Conducting Internal Audit/Investigation / Intelligence Activities – Performance/Audit of the Business Activities – Performance of the Storage and Archive Activities – Ensuring the Security of the Movable Property and Resources – Informing Authorized Persons, Institutions, and Organizations – Creating and Monitoring the Visitor Log Records |
| Physical Environment Security Data | Your data in this category are processed within the scope of the personal data processing conditions (legal reasons) and for the following purposes, provided that it is mandatory for the data controller to fulfill its legal obligation in accordance with subparagraph (ç) of paragraph 2 of Article 5 of the Law, that data processing is mandatory for the establishment, exercise, or protection of a right in accordance with subparagraph (e), and that data processing is mandatory for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject in accordance with subparagraph (f): – Performance of the Audit / Ethics Activities – Performance of Activities in Accordance with Legislation – Ensuring Physical Security of the Place – Following Up and Performance of the Legal Affairs – Conducting Internal Audit/Investigation / Intelligence Activities – Performance/Audit of the Business – ActivitiesPerformance of the Storage and Archive Activities – Ensuring the Security of the Movable Property and Resources – Informing Authorized Persons, Institutions, and Organizations – Creating and Monitoring the Visitor Log Records |
4. Transferring Your Personal Data to Domestic and/or Abroad Third Parties
Within our Company, your personal data may only be accessed by our employees who have limited access authorization for the purposes detailed above, to the extent necessary to perform their duties, and in cases where the conditions for transfer specified in Articles 8 and 9 of the Law are not present, your personal data are not transferred to domestic and/or overseas third parties. However, your personal data processed within the scope of each of the above-mentioned personal data categories may be transferred to the following recipient groups in accordance with Articles 8 and 9 of the Law and provided that the above-mentioned personal data processing conditions (legal reasons) for the relevant data category also exist in terms of the transfer purposes:
- Primarily for the purpose of procuring products and/or services for the performance of company activities, your personal data limited to the personal data categories of identity and physical security of the place may be transferred to our domestic and/or abroad suppliers (e.g. information technologies and data hosting service providers, legal advisors) for the purposes specified in the relevant category for each data category above;
- Primarily for the purpose of planning and/or carrying out compliance, communication, auditing, and reporting activities, your personal data limited to the personal data categories of identity and physical security of the place, may be transferred to our Company’s domestic and/or abroad shareholders and group companies for the purposes specified above for each data category, and
- Primarily for the purpose of fulfilling our Company’s legal obligations and to follow up on its legal affairs, your personal data limited to the personal data categories of identity and physical security of the place, may be transferred to authorized public institutions and organizations.
5. Processing Period of Your Personal Data
Your personal data obtained during our Company activities are stored and destroyed in accordance with the general principles and regulations specified in our Company’s policies and procedures regarding storage and destruction prepared in accordance with the provisions of the Constitution, Law, Regulation on the Erasure, Destruction, or Anonymization of Personal Data, and other relevant legislation.
In this context, your personal data shall be destroyed if all of the above personal data processing conditions are eliminated. Accordingly, your personal data shall continue to be processed during the relevant legal limitation periods specific to the process. We kindly request you to review Section 6 of this Privacy Statement regarding your requests for the destruction of your personal data.
6. Your Rights within the Scope of Law
We inform you that you, as a personal data owner, have the following rights pursuant to Article 11 of the Law:
- To learn whether your personal data have been processed or not,
- To demand for information as to whether your personal data have been processed,
- To learn the purpose of the processing of your personal data and whether these personal data have been used in compliance with the purpose,
- To know the third parties to whom your personal data have been transferred in the country or abroad,
- To request the rectification of your personal data in case of incomplete or inaccurate processing and to request reporting of the transaction carried out within this scope to third parties to whom your personal data have been transferred,
- Although it has been processed in accordance with the provisions of the Law and other relevant laws, to request the deletion or destruction of your personal data in the event that the reasons requiring its processing disappear, and to request reporting of the transactions carried out within this scope and in case of incomplete or incorrect processing of your personal data to third parties to whom your personal data have been transferred,
- To object to the occurrence of a result against the person himself/herself by analyzing the data processed solely through automated systems,
- To claim compensation for the damage arising from the unlawful processing of his/her personal data.
You can send your applications for your above-mentioned rights to our Company in accordance with the procedures and principles set out in the relevant legislation by filling out the Data Owner Application Form, in accordance with the provisions of the Communiqué on the Principles and Procedures of Application to the Data Controller (in writing or via registered electronic mail (KEP) address, secure electronic signature, mobile signature or your e-mail address that has been registered in our systems and that you have previously notified to our Company, along with the information/documents * (such as TR ID number or passport number for citizens of other countries, residence address/workplace for notification, mobile phone/telephone/fax number, e-mail address) confirming your identity in order to enable our Company to electronically determine that you are the real right owner). Depending on the nature of your request, your applications will be concluded free of charge as soon as possible and within 30 (thirty) days at the latest; however, if the transaction requires an additional cost, you may be requested with a charge according to the tariff to be determined by the Personal Data Protection Board.
* We would like to remind you that any sensitive personal data (such as the details about your religion or blood type) should not be included in the scope of these documents.