Personal Data and Privacy Policy

Protection of Personal Data and Privacy Policy
Website Privacy Agreement

The use and protection of information obtained about you and the services you request during your visit to this website and while benefiting from the services we offer through this site are subject to the terms specified in this “Privacy Policy.” By visiting this website and requesting to benefit from our services, you accept the terms set forth in this Privacy Policy.

I. Purpose of the Personal Data Protection and Processing Policy

As Norm Kar İns.Tic.Ltd.Şti (“Beyond Hotel”), we have always kept the information received from our customers and prospective customers confidential due to the sensitive nature of our work and have never shared it with third parties. The protection of personal data is a fundamental policy of our company.

Even before legal regulations were established, our company and its affiliates valued data privacy, adopted it as a working principle, and instructed employees accordingly. We, as Beyond Hotel, commit to complying with all responsibilities brought by the Personal Data Protection Law. Our data protection principles also apply to our affiliates.

II. Scope and Modifications of the Personal Data Protection and Processing Policy

This policy, prepared by our company, is in accordance with the Personal Data Protection Law No. 6698 (“PDPL”). The law has come into full effect as of today.

Personal data collected with your consent or in compliance with legal bases will be used to improve the quality of the services we offer and our quality policy. Some data will also be anonymized and used for statistical purposes, which are not subject to the law or this policy.

This policy covers the protection and regulation of automatically obtained personal data of our customers, prospective customers, employees, partners, and their respective customers and employees.

Our company reserves the right to modify this policy and related regulations to comply with legal requirements and enhance personal data protection.

III. Basic Rules for Processing Personal Data

a) Lawfulness and Fairness
Beyond Hotel checks the sources of collected data to ensure they are obtained lawfully and fairly. It warns third parties (such as agencies) involved in its services about personal data protection.

b) Accuracy and Up-to-Date When Necessary
Beyond Hotel ensures that all data within its structure is accurate, not misleading, and updated when changes are communicated.

c) Processing for Specific, Explicit, and Legitimate Purposes
Beyond Hotel processes data only for specific purposes explicitly stated and approved by the data subject.

d) Relevant, Limited, and Proportionate to the Purpose
Beyond Hotel processes data strictly within the scope of the stated purpose and only as much as the service requires.

e) Retention for the Period Required by Law or Purpose
Beyond Hotel retains data for the duration of relevant legal, tax, and commercial requirements. Once those purposes expire, the data is deleted or anonymized.

IV. Purpose of Data Processing

Beyond Hotel collects and processes personal data for the purposes stated in its data disclosure text, particularly for contract formation and improved service delivery.

V. Data from Customers, Prospective Customers, and Business Partners

Beyond Hotel processes personal data as a data controller under the PDPL and related laws. Categories include:

Identity Information: Full names of guests and their companions, nationality, place/date of birth, ID, driver’s license, and passport details.
Contact Information: Address, phone number, email address.
Financial Information: Mobile billing, bank account and payment card details.
Feedback Data: Preferences regarding accommodation, marketing, communication, and opinions/complaints about brands and facilities.

VI. Employee Data

Beyond Hotel may process employee data without consent when required by employment or health insurance needs. However, data privacy and protection are guaranteed.

VII. Data Transfer (Domestic & International)

Personal data may be shared with business partners or Euro-Protel affiliates to deliver services. It may be transferred to specific entities for designated purposes.

VIII. Rights of the Data Subject

Beyond Hotel acknowledges the data subject’s right to give consent before processing and to determine the fate of their data thereafter. Rights include:

Knowing whether personal data is being processed.
Requesting information if data has been processed.
Learning the purpose and appropriate use of data.
Knowing the third parties to whom data is transferred.

IX. Confidentiality Principle

All data at Beyond Hotel is confidential. No one may use, copy, share, or exploit this data without legal or contractual basis.

X. Data Security

Beyond Hotel takes all necessary technical and administrative measures to prevent unauthorized access to personal data. This includes secure software, careful third-party selection, and adherence to internal data protection policies.

XI. Audits

Beyond Hotel conducts both internal and external audits on data protection practices.

XII. Breach Notification

In case of any breach, Beyond Hotel takes immediate action to minimize harm and compensate affected individuals.

Requests Under the Personal Data Protection Law

All requests must be submitted by completing the form available at https://www.hotelbeyond.com/kvkk, attaching a photocopy of identification, and sending it via registered mail to the address listed on the form.

Policy Changes

Beyond Hotel reserves the right to change this policy. In the case of significant updates, a link to the updated policy will be provided on the website’s homepage.

Policy Last Updated: 20.09.2019

Contact
For questions about the privacy policy, please contact us using the information below: