Personal Data Protection Law
Security department that presents organization as the Hayat Sağlık Hiz. Yat. İşl. Turz. Taah. Tic ve San. A.Ş. ("Long Beach Hotels"), minds the protection of privacy regarding to private life, the protection of fundamental rights and freedoms, the provision and protection of information security, and respect for ethical values, consider the goals listed above are primary principles of our work.
The following explanations regarding the processing and protection of your personal data and private personal data are presented for your information in order to fulfill the disclosure obligation arising from article 10 of the personal data protection law of our company, which has the duty of data controller within the scope of the personal data protection law No. 6698.
The term of “personal data” in this document is used to include special categories of personal data. If you do not accept this policy, you should not share your personal data with us. However, in this case, we would like to inform you that there will be disruptions in the services that we offer you and the provided service may not be fully functional. If you state that you are responsible for the accuracy and up-to-date of personal information which you have submitted to us and share the personal data of other people with us, it is understood that you have obtained all necessary permissions from the other third side party to collect, process, use and disclose their information. In this case our company does not have any responsibilities for obtained information.
About Long Beach Hotels
Long Beach Hotels is officially stated organization under the local laws and regulations. It operats under its legal entity, in the Incekum region, famous for its sand-pebble, beautiful beaches, by the sea, offers you comfort, entertainment, recreation and activities under the magnificent Sun of the Mediterranean, 20 km from Alanya, 5 km from the city center (Avsallar, Konaklı). This tourism facility is located 90 km from Antalya airport and 60 km from Gazipaşa/Alanya airport. The terms "we" or "Company" or "Long Beach Hotels" in the notice refer to stated organization. It is related to the personal data processing activities carried out as data controller by “Long Beach Resort Hotel & Spa” and “Long Beach Harmony Hotel & Spa” under its legal entity.
Our personal data processing principles, all your personal data processed by our company are processed only in accordance with the procedures and principles provided by law and the items listed in the personal data protection policy. In accordance with article 4, the main principles and principles to which we pay attention when processing your personal data are the following:
- Follow the laws and honesty rules.
- Being accurate and up to date when necessary.
- Processing data for specific, explicit and legitimate purposes.
- Being relevant, limited and proportionate to the purpose for which they are processed.
- Data is kept for the period required by the relevant legislation or for the purpose for which they are processed.
Data Subject Categories
Our company applies a separate policy regarding the processing of personal data of our employees (including interns and subcontractor company employees), whose personal data are processed. Others like employees, customers, potential customers, visitors, employee candidates/interns, employees, shareholders and officials of the institutions which we cooperate with are also data owners. They will be able to direct their requests to our company within the scope of purpose of processing and transferring personal data to our company processes personal data on limited purposes and conditions that are specified in the 2nd paragraph of article 5 of the Law on Protection of Personal Data No. 6698 and the personal data processing conditions specified in the 3rd paragraph of article 6. It is possible to process personal data if at least one of the items listed below is motioned:
- Existence of the explicit consent of the person concerned,
- Clearly stipulated in the law,
- It is vitable for the protection of the life or physical integrity of the person or another person, who is unable to express his consent due to actual impossibility or whose consent is not legally valid,
- It is necessary to process the personal data of the partners to the contract, provided that it is directly related to the establishment or performance of a contract,
- It is mandatory for the data controller to fulfill its legal obligation,
- The person who has interest is announced in public,
- Data processing is mandatory for the establishment, exercise or protection of rights,
- Data processing is mandatory for the legitimate interests of the data controller, secure that it does not harm the fundamental rights and freedom of the data subject.
Under the conditions stated above, our company can process personal data for the following purposes:
- Evaluating potential suppliers/business partners,
- Establishing and managing customer relations,
- Execution and conclusion of the contract process with our suppliers/business partners,
- Execution of direct marketing processes,
- Communication and support (upon your request),
- Compliance with legal obligations,
- Protecting company interests and ensuring security,
- Planning and execution of company’s commercial activities,
- Reporting and control of financial activities,
- Protection of rights and interests.
We share your personal data with other persons, including professional consultants, such as: public institutions and organizations, banks, insurance companies, auditors, lawyers, accountants, other external professional consultants, joint health and safety unit for the fulfillment of occupational health and safety obligations. We transfer your personal data and private personal data within the scope of the above-mentioned personal data processing purposes, within the framework of legal grounds and your consent, with law enforcement agencies in band with the law enforcement, in cases where marketing activities are approved, with domestic and international service providers and our contracted partnership places, where we receive services within the scope of marketing activities.
When we collect personal data about you
We collect your personal data in following cases:
- When you stay at our hotel and purchase or use our services,
- When you make a reservation for accommodation on the website or when you make a reservation for the relevant service to benefit from our other services outside the hotel,
- When you sell goods or provide services to us,
- When you subscribe to our newsletters, choose to receive our marketing offers,
- When you contact us through travel agencies in Turkey or abroad and stay at our facilities,
- When you contact us via our website, e-mail, social media platforms, other online channels or telephone,
- When you attend our company events and organizations,
- Indirectly, for example, by using "cookies" and customizing the software used while browsing the website to your specific preferences, or while monitoring your usage of certain pages of the site (for example, your IP address) or other technical methods that enable us to monitor your usage of the site,
- When you contact us for any purpose as a potential guest/customer/supplier/business partner/subcontractor.
We only process the personal data that we obtain in the above information according this notice.
Which personal data we process
Our personal data processing methods are aplicable when you participate in our business events and surveys or interact with us in any other way, via our website, by phone or e-mail, through electronic applications that used by our customers. In this context, the categories of personal data we process about you are following:
- ID information cards,
- Contact information,
- Login information of the account,
- Images and/or videos that can identify you, financial data,
- Any other information you decide voluntarily to share with Long Beach Hotels, guest information,
- Electronic data collected automatically,
- Legal process and compliance information,
- Corporate customer/supplier data,
- Incident management and security information,
- Personal data collected from other sources.
Processing of personal data via video camera recording
Security cameras are used in our facilities for the security of our company and property. Our purposes of monitoring with security camera; reasons such as increasing the quality of the service provided, ensuring the safety of life and property of individuals, and protecting the legitimate interests of data subjects. Personal data processing activities carried out by our company with security cameras are carried out in accordance with the Constitution, the Law on Private Security Services No. 5188 and the relevant legislation. Our company, and the article about personal data statment 4, processes personal data in a limited and measured way in connection with the purpose for which they are processed. In this context, data owners are informed by placing warning signs in common areas where personal data recordings are made. However, since our company has a legitimate interest in keeping security of personal data policy records, their explicit consent is not obtained. In addition, personal data security policy due to article 12, takes necessary technical and administrative measures to ensure the security of personal data obtained as a result of personal data monitoring. In addition, a procedure is applied regarding the areas with video cameras, the monitoring areas of the cameras, and the recording periods. It is not allowed to place cameras to the extent that exceeds the security purpose and influences the privacy of people. Only a certain number of company stuff can access recordings. The stuff who have access to these records sign a commitment that they protect and do not spread personal data in accordance with the law. In order to ensure building security, vidios are recorded by means of a total [210] security cameras located in the service area of the entrance doors, building exteriors, dining hall, cafeteria, visitor waiting room and floor corridors in the hotels. Our recording process is supervised by the [security and information processing] department.
For which legal reasons do we process your personal data?
Personal data is collected, used, recorded, stored and stored within the framework of the principle of proportionality, in accordance with the law and the rules of honesty, in connection with the legitimate purpose clearly stated above, by giving clear and understandable written notification to the personal data owners by our company it can be processed. Your personal data is processed by the Turkish Commercial Code No. 6102, the Turkish policy of Obligations No. 6098, the Tax Procedure Law No. 213, electronic commerce legislation. We process your personal dta in accordance with the following legal reasons, which are regulated in article 5 and included under the title of the purpose of processing and transferring personal data policy;
- Existence of the explicit consent of the person concerned, clearly stipulated in the law,
- It is vital for the protection of the life or physical integrity of the person or another person, who is unable to express his consent due to actual impossibility or whose consent is not given legal validity,
- It is necessary to process the personal data of the partnership to the contract, provided that it is directly related to the establishment or performance of a contract,
- It is mandatory for the data controller to fulfill its legal obligation,
- The person concerned has been announced in public,
- Data processing is mandatory for the establishment, exercise or protection of rights,
- Data processing is mandatory for the legitimate interests of the data controller, secure that it does not harm the fundamental rights and freedom of the data subject.
In cases where your personal data is processed with explicit consent, we would like to notice that if you withdraw your explicit consent, you will be removed from the commercial membership program where the processing based on explicit consent is required, and you will not be able to benefit from the advantages you have benefited in relevant situations.
Storage and disposal periods of personal data
Your personal data will be stored for the mentioned periods specified in the relevant legal regulations or for the period required by the above-mentioned processing purposes, and then they will be deleted, destroyed or anonymized in accordance with the personal data policy. According to the personal data storage and disposal policy the procedures have been prepared.
How do we protect your personal data?
In order to protect your personal data and prevent illigall access, our company takes necessary administrative and technical measures iaccording to personal data security guide that is established by personal data policy, procedures are organized within the company, clarification and explicit consent texts are prepared, and the personal data policy in accordance with 12/3 article, together with necessary inspections are carried out to ensure the implementation of personal data policy while given to outsourced services.
What are your rights regarding personal data processes?
According to personal data policy and article 11, everyone can apply to the data controller to receive the data about himself/herself;
- If personal data has been processed, requesting information about it,
- Learning the purpose of processing personal data and whether they are used in accordance with its purpose,
- Knowing the third parties to whom personal data is transferred at home or abroad,
- Requesting correction of personal data in case of incomplete or incorrect processing,
- Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in article 7 of personal data policy,
- Requesting notification of the transactions made according to article 4 to third parties to whom personal data has been transferred,
- In case of disagreement with the results against, analyzing of the matirials is processed by automated systems.
- One has the right to demand the compensation for the damage in case of loss due to the illigal processing of personal data.
Making request according to the Law on protection of personal data
To obtain more detailed information about your personal data, you can access the information application form on our company's website at www.longbeach.com.tr and at Türkler Mahallesi Akdeniz Bulvarı No:26 Alanya. In order to respond to your requests in short time and regarding your personal data, your requests and questions must be asked clearly, understandably and with a specific date.
Document No: POL.KVKK.02 Release date: 01.12.2019