Privacy Policy

POLEN TURİZM YATIRIMLARI A.Ş.
PRIVACY STATEMENT

Data Controller: Kızılağaç Mahallesi Meydan Alanı Sokak No:56 Kızılağaç Turizm Merkezi Manavgat / ANTALYA / TÜRKİYE

Polen Turizm Yatırımları A.Ş. has prepared this privacy statement to inform our visitors, guests, employees, applicants and business associates about the processing, storage and transfer of personal data related to our hospitality and tourism activities, in accordance with the scope of the Personal Data Protection Law No. 6698 (“Law”) and related regulations.

What categories of personal data do we collect? What is the purpose of processing personal data?

As part of our hospitality, tourism and accommodation services, we collect the following data categories:

Identity Data

Contact Data

Family Data

Financial Data

Employment Data

Other Data

Identity Data

Description: Data related to verifying the identity of the data owner.

From Whom We Collect Identity Data: We collect identity data from our guests, visitors, members, employees, job applicants and third parties with whom we collaborate.

Content: Name, surname, identification number, passport number, vehicle registration details, photograph, copy of identity card, etc.

Purpose of Data Collection: We collect identity data from our guests and visitors to comply with applicable legislation and ensure the security of all our guests.

We are obliged to record the identity information of our employees in compliance with labour and social security legislation.

We collect identity data from job applicants for application evaluation purposes; additionally, we collect similar information from our suppliers, subcontractors and other business associates to meet commercial requirements and fulfil obligations arising from signed agreements.

Legal Basis for Data Collection: The primary legal basis for collecting the relevant data is the legal obligations arising from applicable regulations.

Additionally, we collect identity data due to our contractual relationship with the data owners.

For the purposes of legitimate interests and adherence to corporate principles, we occasionally collect identity data from visitors (e.g., same-day visitors) to ensure security and provide a more peaceful accommodation environment for our guests.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Contact Data

Description: Personal data that facilitates communication with the data owner.

From Whom We Collect Contact Data: We collect contact data from our guests, visitors, members, employees, job applicants and third parties with whom we collaborate.

Content: Examples include home and work addresses, mobile phone numbers, home phone numbers, room numbers, mailing addresses, e-mail addresses and IP addresses.

Purpose of Data Collection: We collect contact data from our guests and visitors to comply with applicable regulations and ensure the safety of all our guests. We use this data to inform our visitors and guests about advertisements, campaigns, and promotions, as well as for loyalty card programs, employment relationships and hospitality operations.

We are obliged to record the contact information of our employees under labour and social security legislation.

We collect contact data from job applicants to communicate the outcomes of application evaluations. Additionally, we collect similar information from suppliers, subcontractors and other business associates to meet commercial requirements and fulfil obligations arising from signed agreements.

Legal Basis for Data Collection: The primary legal basis for collecting contact data is the legal obligations arising from applicable regulations.

Additionally, we collect contact data due to our contractual relationship with the data owners.

For purposes such as conducting customer satisfaction surveys or ensuring safety, we may occasionally collect contact data based on our legitimate interests and adherence to corporate principles.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Family Data

Description: Data related to the family members of the data owner.

From Whom We Collect Family Data: We collect family data from our guests, members, employees and job applicants.

Content: Examples include the names, surnames, identification numbers, photographs, marital status, home and work addresses, mobile phone numbers, fax numbers, home phone numbers, mailing addresses, and e-mail addresses of family members.

Purpose of Data Collection: We collect family data from our guests to comply with applicable regulations and to ensure the safety of all our guests.

We are obliged to collect family data from our employees and job applicants under labour and social security legislation.

Legal Basis for Data Collection: The primary legal basis for collecting family data is the legal obligations arising from applicable regulations.

Additionally, we collect family data due to our contractual relationship with the data owners.

Occasionally, based on legitimate interests and corporate principles, we may collect such data for purposes such as establishing communication in emergencies or supporting the education of employees’ dependents through scholarships.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Financial Data

Description: Data such as bank accounts, credit cards and billing information.

From Whom We Collect Financial Data: We collect financial data from our guests, members, employees and third parties with whom we collaborate.

Content: Examples include salaries, authorised signature lists, wages, bank account details, credit card information, billing information and tax identification numbers.

Purpose of Data Collection: We collect financial data from our guests and members to comply with applicable regulations and to provide seamless and efficient services.

We are obliged to collect financial data from our employees under labour and social security legislation.

We collect financial data from suppliers, subcontractors and other business associates to meet commercial requirements and fulfil obligations arising from signed agreements.

Legal Basis for Data Collection: The primary legal basis for collecting financial data is the legal obligations arising from applicable regulations.

Additionally, we collect financial data due to our contractual relationship with the data owners.

Occasionally, based on legitimate interests and corporate principles, we may collect financial data to provide payment convenience for our regular guests or to enable our employees to benefit from campaigns or promotions offered by partner banks or other financial institutions.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Employment Data

Description: Data required to maintain a seamless employment relationship.

From Whom We Collect Employment Data: We collect employment data from our employees and job applicants.

Content: Examples include identity, contact and financial data; gender; height and weight; social security number; blood type; documents representing personal status; residence information; IP records; bank account details; proof of residence; references, service records, or employment certificates from previous employers; criminal record documents; CVs (curricula vitae); military service information; disability status; tax exemption data related to disabilities; insurance; accommodation and rental details; foreign language skills; educational background; professional qualifications; previous addresses; and signatures.

Purpose of Data Collection: We collect employment data to fulfil our legal obligations.

Legal Basis for Data Collection: The primary legal basis for collecting employment data is the legal obligations arising from applicable regulations.

Additionally, we collect employment data due to our employment contracts with the data owners.

Occasionally, based on legitimate interests and corporate principles, we may collect employment data for purposes such as participation in corporate orientation programmes, insurance, communication with relatives in emergencies, and placing job applicants in appropriate positions.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Other Data

Description: Data collected as part of our commercial activities.

From Whom We Collect Other Data: We collect this data from our guests, members, employees, visitors, and third parties with whom we collaborate.

Content: This includes identity, contact, and financial data; CCTV (closed-circuit television) recordings; audio recordings; facial recognition system records; magnetic card and turnstile records; identity, contact, and financial data from our business associates; data collected as part of organised events or activities; accommodation-related data; data collected during complaints; and data gathered during communication with the company.

Purpose of Data Collection: We collect data from our guests and members to comply with applicable regulations, provide seamless and flawless services to all our guests, and ensure security. This data is also collected to carry out our tourism and hospitality activities, use it in advertising, marketing, and promotions, and organise events and activities.

We collect relevant data from our suppliers, subcontractor and other business associates to meet commercial requirements and fulfil obligations arising from signed agreements.

Legal Basis for Data Collection: The primary legal basis for collecting other data is the legal obligations arising from applicable regulations.

Additionally, based on our legitimate interests and corporate principles, we collect data to provide payment convenience for our regular guests, enable employees to benefit from campaigns or promotions offered by partner banks or other financial institutions, ensure security and a more peaceful accommodation environment for our guests, organise events based on participant numbers, special conditions, or specific requests, offer special pricing and accommodation options to our regular guests, communicate with guests in case of lost property, assess guest and employee satisfaction and respond to complaints.

Method of Data Collection: We collect data using printed forms and, in some cases, directly through forms available in electronic environments.

Do we share your personal data with local third parties?

Competent Authorities:

In accordance with national legislation, we periodically share identity, contact and certain other data with competent authorities as required by law or upon their request.

Additionally, your personal data may be shared with authorised institutions or organisations upon request by an administrative body legally empowered to do so or pursuant to a court decision.

Seaden Hotels Group Facilities:

Your personal data is also shared with the following tourism facilities under the Seaden Hotels Group, which are intended to merge for limited purposes in the future, to provide you with more exclusive services:

Seaden Corolla Hotels

Seaden Valentine Resort & SPA +16

Seaden Quality Resort & Spa

Seaden Sea Planet Resort & SPA

Seaden Sea World Resort & SPA

Third parties:

Your personal data is also shared with other third-party groups we collaborate with. These include individuals or entities such as travel agencies and online hotel booking services.

Your personal data is shared with authorised individuals or organisations to fulfil your requests for services such as greeting, transportation and returning lost items, or to issue invoices to the extent necessary for delivering these services on our behalf.

Do we transfer your personal data abroad?

Your personal data may be transferred abroad only in the following cases:

With your explicit consent; or

When circumstances specified in the Law arise and the receiving country provides adequate protection; or

In cases specified in the Law, where the receiving country does not provide adequate protection, with the approval of the Turkish Data Protection Board.

Examples: When you receive services from a foreign agency or online booking service, when you make payments via a foreign financial service… In such cases, your personal data may be transferred abroad for limited processing purposes without obtaining your explicit consent to fulfil the service agreement made with you.

How long is your personal data retained?

The retention periods for your personal data are determined based on the following criteria:

If a period is specified by law or relevant regulations, the data must be retained for at least that duration. To account for delays in requests from authorised courts or administrative bodies, or the potential emergence of a dispute involving us, personal data may be retained for an additional 6 months to 1 year beyond the legally mandated period. Once these periods expire, the relevant data is deleted. 

If there is no legally specified retention period for processing the data in relation to our business relationship, your personal data will be retained for the duration stipulated in the contract. At the conclusion of the business relationship or upon the expiration of the contractual period, your personal data will be deleted without requiring a request from you.

What are your rights as a data owner?

As a personal data owner, you’re entitled to:

Learn whether your personal data is being processed,

Request information if your personal data has been processed,

Learn the purpose of processing your personal data and whether it is being used appropriately for its intended purpose,

Obtain information about the domestic and foreign third parties to whom your personal data has been transferred,

Request the correction of incomplete or inaccurate personal data,

Request the deletion or destruction of your personal data within the framework of the provisions set out in the Law,

Request that third parties to whom your personal data has been transferred be informed of corrections, deletions or destruction of your personal data,

Object to a result against you arising from the analysis of processed data exclusively by automated systems,

Seek compensation for any damages incurred due to the unlawful processing of your personal data.

How can you exercise your rights as a data owner? 

Without prejudice to other methods determined by the Turkish Data Protection Board, you can submit your requests regarding your personal data to our registered e-mail address at kvkk@seadenhotels.com or via post to Kızılağaç Mahallesi Meydan Alanı Sokak No:56, Kızılağaç Tourism Centre, Manavgat / Antalya, TÜRKİYE along with documents proving your identity (e.g., a copy of your ID).

We reserve the right to reject your application if the information and documents you provide are incorrect or your application is unauthorised.

How long does it take to respond to your requests?

Your requests will be reviewed and responded to within a maximum of 30 (thirty) days from the date of receipt. In the case of a negative response, the reasons for the rejection will be sent to the e-mail address or postal address you provided in your application.

How Long Does It Take To Address Your Requests Regarding the Processing of Your Personal Data?

Requests related to your personal data rights will be reviewed and responded to within a maximum of 30 (thirty) days from the date we receive them. If your application is rejected, the reasons for the rejection will be sent to the e-mail address or postal address specified in your application.