MRA TURIZM VE OTEL ISLETMECILIGI A.S. PERSONAL DATA PROTECTION AND PRIVACY POLICY

 

WEBSITE CONFIDENTIALITY AGREEMENT

During your visit to this website and your use of the service through this Site, how the information that we receive regarding you and the services you request will be used and protected are subject to this ‘’Confidentiality Agreement’’. You hereby accept the conditions stipulated in this ‘’Confidentiality Agreement’’ when you visit this website and request to use the services we provide through this Site.

DATA OF OUR EMPLOYEES

Processing of the data for business relations

Personal data of the employees may be processed without obtaining consent to the extent of requirements of health insurance and business relations. However, ‘’MRA Turizm’’ hereby undertakes the protection and confidentiality of the data of the employees.

Data is obtained from the Kariyer.net system for job applications and candidate recruitment, as well as for the management of human resources, and the data is recorded in the system within the scope of the candidate evaluation process.

Processing as per Legal Obligations

‘’MRA Turizm’’ may also processes the personal data of the employees without obtaining a separate consent to fulfil a legal obligation stipulated in the legislation or in case it’s explicitly specified in the legislation. This case is limited to the obligations arising from the Law.

Processing in Favour of the Employees

‘’MRA Turizm’’ may process the personal data without obtaining the consent for the procedures in favour of company employees like private health insurances. For the disputes arising from the business relations, ‘’MRA Turizm’’ may also process the data of the employees.

 

Processing of data of special nature

Pursuant to the Law, race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, clothes, membership of association, foundation or union, health, sexual life, juridical sentence and data regarding safety measures and biometric and genetic data are among the special quality data. Besides the consent of the relevant person, ‘’MRA Turizm’’ also takes adequate measures determined by the Board for the processing of special quality data. Special quality data may be processed limited to and related to the cases permitted by the Law without the consent of the person. The quality data obtained from the employees shall only be used for the corresponding purpose to allow them to benefit from the insurance and health services.

Data processed with automatic systems

The data processed regarding the employees with automatic systems may be used for in-house promotions and performance assessments. The employees reserve the right to appeal to the results against them and they should perform this process in compliance with the internal procedures. Appeals of the employees shall be evaluated again within the company.

Telecommunication and internet

The computers, telephone, e-mail and other applications allocated to the employees within the company shall only be used for business purposes. The employee cannot use any of these means allocated to himself/herself by the company for private purposes or communication. The company may control and monitor all communication on these tools within the scope of ensuring the continuity of intercompany relations, contracts and commercial communication for a maximum of 1 year, even after the employee leaves the job. The employee undertakes not to keep any data or information apart from the business purposes on the computer, telephones or other means allocated to himself/herself as of his/her employment date.

It is the user’s responsibility to pay attention to the use of mobile devices (mobile phone, portable computer, tablet, etc.) in public places, meeting rooms and other unprotected areas. Mobile devices must also be physically protected from theft in places such as cars and other transportation vehicles, hotel rooms, conference centers and meeting rooms. When a mobile device is lost or stolen, it should be forwarded to IT units without delay.

TRANSFERRING OF THE PERSONAL DATA DOMESTICALLY AND INTERNATIONALLY

Personal data may be shared with business and solution partners and “ETS Ersoy Turistik Servisleri A.S. and VOYAG Turizm” subsidiaries for the purpose of providing the services by “MRA Turizm”.

“MRA Turizm” will be entitled to transfer the personal data for certain purposes to the following person and institutions;

» Business partners of “MRA Turizm” limited to the purpose of execution of the aims of the establishment of the business partnership,

» The suppliers of “MRA Turizm” to the extent of providing the necessary services by our company to fulfil its commercial activities and procured by the supplier as external sources,

» Solution partners of “MRA Turizm” limited to ensuring the execution of the commercial activities which require the participation of the affiliates of the company,

» Subsidiaries of “Ets Ersoy Turistik Servisleri A.S.”

» Subsidiaries of “Voyag Turizm”.

CONFIDENTIALITY PRINCIPLE

The data of the employees and other persons within “MRA Turizm” are confidential. Nobody can use, copy, reproduce, transfer these data for other purposes apart from the business purposes without the compliance with the contract or the law.

 

PROCESS SECURITY

All necessary technical and administrative measures are taken to protect the personal data received by “MRA Turizm” and to prevent the retention of them by unauthorized persons and to prevent the damage on our customers and potential customers. Within this framework, it’s ensured that the software complies with the standards, third parties are selected with care and data protection policy is followed within the company. Measures related with the security are constantly renewed and developed.

CHANGES TO BE MADE IN PERSONAL DATA PROTECTION AND PRIVACY POLICY:

MRA Turizm reserves the right to make changes on the declarations here.

There is a link attached on the homepage of the website to access the up-to-date ‘Personal Data Protection and Privacy Policy’.

When the last time this Policy was updated and update number are given at the end of this text.

Each change made on the Policy becomes effective upon the publication of the changed declaration on the website.

By using the website or any of our products and services following such changes, you accept the changed declaration that is effective at that time.

Policy Update: May 19, 2022 Rev.1.0