PRIVACY POLICY AND CLARIFICATION TEXT

  1. Data Controller

Pursuant to the Personal Data Protection Law No. 6698 (“Law”) in particular and the European Union General Data Protection Regulation (“GDPR”), your personal data is under the protection of Niceint Turizm İnşaat Emlak Gıda A.Ş.’nin (“Niceint” or “Company”) s a data controller under the law and under GDPR. The Company takes the necessary technical and administrative measures, using its available technology and infrastructure facilities, to ensure that personal data is legally processed and securely stored within the framework of the Law and GDPR.

The purpose of this Privacy Policy and Clarification Text is to provide clarification on personal data, which is collected by the Company and/or provided by the users themselves within the scope of fulfilling the disclosure requirement under the Law and GDPR, using the Website and Communication Channels and receiving the services provided by the Company, about how it is collected, for what purposes and on what legal grounds, its transfer to third parties, and the rights of data owners within the scope of the Law and GDPR, regarding the processing of your personal data obtained (i) during the use of the “www.niceint.com.tr” website (“Website”) managed by the Company, by signing up, purchasing, submitting a contact form and similar transactions and (ii) while you communicate with us through Niceint’s call center, e-mail address, Facebook, Twitter, Youtube, Instagram and Linkedin social media accounts and Whatsapp line (together referred to as “Communication Channels”), and during the provision of services to you accordingly.

The Privacy Policy and the Clarification Text will be effective as of the date of publication by Niceint. Niceint can always modify the Privacy Policy and Clarification Text as necessary. Changes to be made becomes effective immediately upon the publication of the Privacy Policy and the Clarification Text at “www.niceint.com.tr/en/gdpr-and-privacy-policy”.

  1. Personal Data Collection Methods and Legal Grounds

Our Company has been authorized to use the “Niceint Touristik” brand and to provide services to customers within the scope of the Package Holiday Program (“Package Holiday”) throughout the agreement period via the Package Holiday Sales Cooperation Agreement. In order to provide you with services within the scope of Package Holidays, we collect your personal data through the Website and Communication Channels from you and/or the people who make reservations on your behalf, automatically and/or manually.

Your personal data specified in the 3rd section titled “Data Categories and Data Types” of this Privacy Policy and Clarification Text is processed within the scope of the relationship you will establish with the Company and the service to be provided by the Company, subject to the legal reasons of “being explicitly stipulated in the law, necessity to process the personal data of the parties of the agreement, provided that it is directly related to the conclusion or performance of an agreement, necessity for the data controller to fulfill its legal obligation, necessity of data processing for the establishment, exercise or protection of a right and necessity of data processing for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject” specified in clauses 5/2 a, c, ç, e, f of the Law and clauses 6/1 b, c, d, e, f of the GDPR...

In cases where your express consent is required, your personal data will be processed limited to the scope of the express consent provided by you with your free will. We would like to remind you that you may withdraw your express consent at any time.      

Your sensitive personal data is collected, stored and processed based on the following legal compliance grounds:

  • By having your express consent,
  • Without seeking express consent in cases stipulated by law for the personal data other than health,
  • As for personal data related to health; by persons or authorized institutions and organizations under the obligation of confidentiality without seeking the express consent of the related person, only for the purpose of protecting public health, performing preventive medicine, medical diagnosis, treatment and care services, planning and managing health services and financing.
  1. Data Categories and Data Types

Following personal data are processed by the Company within the scope of the above-mentioned legal grounds:

Credentials Name-Surname, ID and Passport Information, Date of Birth, Place of Birth, Passport Number
Contact Information Address, E-mail, Phone / Mobile Phone, social media contact information.
Location Information Information of the province where they are located is obtained from the customers who use the website.
Advanced Passenger Information (“API”) Personal data related to your name, nationality, date of birth, gender, travel type and number, validity start and end dates and country of issue.
Customer Transaction Information Reservation and flight information, insurance information, car rental and hotel reservation information, billing information, customer service score, an instruction associated with the person and a request-based CDR (call detail record), call center records, credit card statement, box office receipts, customer instructions, recordings recorded in channels oriented for this, etc.
Financial Information Credit/debit card information, payment information and other financial information.
Processing Security Information System and user account information (username, log records, etc.) with IP address information and website login-logout information
Marketing Information Reports and evaluations that are associated with the relevant person, showing the habits and tastes of the person and will be used for marketing purposes, information derived from targeting information, cookie records, data enrichment activities, information and evaluations obtained as a result of surveys made with the person, satisfaction surveys, special offers and direct marketing studies, etc.
Audiovisual Recordings Sound recordings and photograph.
Your Evaluations and Requests Evaluation and request information we have received from you about our services.
Sensitive Personal Data HES code and health information.
  1. What Purpose Will Personal Data Be Processed?

Your personal data specified in the 3rd section titled “Data Categories and Data Types” of this Privacy Policy and Clarification Text, subject to the legal grounds listed in the 2nd section titled “Personal Data Collection Methods and Legal Grounds”, is collected and processed within the scope of the relationship you will establish with our Company and the services to be provided by our Company, for the following purposes.

  • To manage your travel plans, reservations, rentals and flights, and the provision of services, within the scope of Package Holiday processes,
  • To be able to perform operational procedures in order to provide the necessary services,
  • To confirm your identity,
  • To implement customer care management process,
  • To provide information about products and services,
  • To carry out financial or accounting operations within the scope of issuing legal documents such as invoices, waybills, etc. as complementary transactions of the sales process, sending them to our customers and managing the collection process,
  • To ensure the health conditions to be as required by providing safety of travel and accommodation based on the importance of human life,
  • To confirm the reason for cancellation in case of cancellation of purchased packages,
  • To execute and supervise processes and operations related to information security upon the establishment of information technology infrastructures,
  • To personalize and improve your customer experience in order to increase service quality,
  • To perform marketing analysis studies,
  • To implement advertisement, special offer and promotion processes,
  • To manage and conclude your requests and complaints,
  • To define information access authorizations of business partners and suppliers,
  • To prevent forgery and fraud,
  • To be able to store the information that is required to be kept on transactions such as membership / shopping made over the Internet,
  • To be able to present all service history records as evidence in potential legal disputes,
  • To fulfill the obligations regulated in the legislation of consumer law, electronic commerce law, travel agency law and to execute the Company’s activities in accordance with the legislation.
  1. Whom the Processed Personal Data Can Be Transferred to And for What Purpose

Your personal data may be shared with our suppliers and business partners, from whom we receive support in establishing, executing and terminating your relationship with us, including the parties that provide products or services on our behalf and the parties we cooperate with to make you benefit from products and services.

Your personal data may be shared with legally authorized public institutions and also private individuals within the scope of their authority.

Your personal data may be shared with legally authorized public institutions and also private individuals within the scope of their authority.

Your personal data may be shared with domestic and foreign hotels, airline companies, transfer companies and our similar suppliers and business partners in order to perform mandatory transactions within the scope of your travels and the services we provide to you, and may be transferred abroad accordingly.

Your personal data may be transferred abroad within the framework of the procedures and principles specified in Article 9 of the Law and Article 49 of the GDPR and the decisions of the Personal Data Protection Board. In this context, your personal data may be transferred abroad;

  • with your explicit consent, or
  • if there is sufficient protection in the country where the data is transferred, in accordance with the decision of the Personal Data Protection Board; or
  • if our company undertakes in writing of the necessary protection together with the Data Controller in the relevant foreign country and the permission of the Personal Data Protection Board is obtained, when there is not sufficient protection in the country where the data is transferred,

as the databases of Google Cloud (Frankfurt), Google Analytics, Insider (Ireland), Juniper (Spain) and Hepstar (Turkey, Server Location Ireland) applications and software used by the Company are abroad, limited to the administration of the Company, the execution of the works within the scope of the provision of services by the Company, the fulfillment of operational requirements and the implementation of Company policies.

  1. Use of Cookies

As Niceint, we use certain technologies such as cookies, pixels, gifs (“Cookies”) to improve your experience during your visits to our online channels. The use of these technologies is realized in accordance with the legislation we are subject to, primarily the Law.

For detailed information about cookies, you may review the Cookie Policy at “https://www.niceint.com.tr/en/cookie-policy”.

  1. Your Rights Under the Law on Protection of Personal Data

Pursuant to Article 11 of the Law and Articles 15 to 21 of GDPR; regarding your personal data, you have the right

  • to get informed of whether the Company processes personal data about you or not, and to request information about it, if it has,
  • to get informed of the purpose of processing your personal data and whether they are used in accordance with the purpose or not,
  • to get informed of whether personal data is transferred domestically or abroad and to whom it is transferred to,
  • to request revision of personal data if it is incomplete or incorrectly processed,
  • to request to delete or destruct the personal data within the framework of the conditions stipulated in the relevant legislation,
  • to request third parties, to whom personal data has been transferred, to be notified of the transactions made as a result of the request to revise, delete and destruct,
  • to object the emergence of a result against the person due to analyzing the processed data exclusively through automated systems,
  • to request the loss to be compensated in case of a loss due to unlawful processing of personal data.

.

We will try to conclude your requests in your application within thirty (30) days at the latest, free of charge, in accordance with the nature of the request, however, if the process requires an additional cost for the Company, we may charge you the fee in the tariff determined by the Personal Data Protection Board.

You may contact us via our contact information below to exercise the above-mentioned rights.

Additional Information for Persons Covered by GDPR

If your personal data is covered by the GDPR (in other words, you are a person in the European Economic Area); we would like to remind you that in addition to the right to request access and revision of your personal data from the Company, you also have the right to request data portability, if applicable, or to stop processing or to delete your personal data. To stop the processing or to delete is only possible if the processing of personal data is based on consent or legitimate interest.

If personal data processing is based on your express consent, you have the right to withdraw your consent at any time, however, without affecting the legitimacy of the consent-based processing prior to its withdrawal. You may use the contact information specified below to exercise the right to withdraw your consent.

If you are under the impression that the Company’s personal data processing does not comply with the GDPR, you have the right to file a complaint to the regulatory authority in charge.

CONTACT INFORMATION

Business Name: Niceint Turizm İnşaat, Emlak, Gıda A.Ş

E-mail Address: kvkk@niceint.com.tr

Website www.niceint.com.tr

Mersis No: 0000

Address: Güzelbağ Mah. Asmalı Sokak Seval Sitesi E Blok No: 21 Muratpaşa – Antalya