Privacy | BRIDGE TOURS

SECURE SHOPPING

The security of your personal information is one of the most important issues for us. No information received from members on Bridgetours.net is shared with other institutions or organizations. Bridgetours.net respects the privacy rights of its customers and visitors. In some special cases, verbal or written confirmation of your order may be requested from the bank or our company. In this case, your bank or company will call you from your registered information and ask for confirmation about your order. In order for your bank and our company to reach you, please make sure that your personal information registered at your bank and given while registering on our site is up-to-date and accurate.

Important Reminder: If your phone number cannot be reached during the security check, your order may be canceled. Please make sure that the phone number you entered during booking is correct. All kinds of information about your reservation will be made through your registered phone number and e-mail address. The security of your credit card information Bridgetours.net has been configured using the latest technologies to provide you with 24-hour uninterrupted service. Under no circumstances and under any circumstances Bridgetours.net can store or record credit card information of its customers. Neither Bridgetours.net employees can access their customers' credit card information. For this purpose, Trustwave SecureTrust SSL security certificate, which is accepted by the world, is used for your credit card security during order transactions. Your credit card information is encrypted before it is sent and it is on the way. During the transfer, your information is transmitted in the most secure way. Your browser (Internet Explorer, Mozilla, etc.) will recognize this certificate and to inform you that the pages you enter are safe; It will show addresses starting with https: // (secure pages), which means secure page in the address line. You will see the LOCK icon indicating the security status at the bottom right of your browser. Our security system is compatible with all current browsers.

You can shop safely on our site and we wish you a good holiday.

PROTECTION OF PERSONAL DATA

1 About the Policy

1.1 Purpose:

The purpose of this Personal Data Protection and Data Privacy Policy ("Policy") dated October 7, 2016 is Park Turizm Otelcilik Sey.İnş.San.Tic.Ltd.Şti. (“Bridge Turizm”), with the determination of the principles regarding the processing of personal data belonging to existing and potential customers, business partners, visitors, shareholders, company directors, employee candidates, employees and officials of the cooperating institutions and third parties, especially the privacy of private life. protection of fundamental rights and freedoms of individuals, determination of the necessary rights and obligations within the scope of duly processing of personal data in question, protection of personal data and awareness of data privacy in the eyes of Bridge Turizm employees, provision of Article 20 of the Constitution and Law on Protection of Personal Data No.6698 ("Law") and the relevant legislation, especially the secondary regulations of this Law, and taking necessary measures in this direction.

1.2 Scope

The provisions and principles in the Policy cover all kinds of information and documents that can be associated with an identified or identifiable natural person, and the measures taken and regulations made in relation to them.

1.3 Responsible

Bridge Turizm Personal Data Protection Committee, from the preparation, updating and submission of this Policy to the approval of the Board of Directors and / or senior management; The Bridge Turizm Personal Data Protection Committee, the units that use / manage the systems in which personal data are stored, processed and / or transferred, and the relevant employees are responsible for the implementation.

2. Definitions

The terms in this Policy refer to the meanings given below.

Personal Data: All kinds of information regarding an identified or identifiable natural person. Accordingly, the data of legal persons are not protected under the Law.

Special Quality Personal Data:

Individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, costume and dress, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric and genetic data.

Explicit Consent: Consent on a specific subject, based on information and expressed with free will.

Anonymous Rendering: Making personal data unidentifiable or unrelated to a natural person by matching other data.

Law: Law No.6698 on Protection of Personal Data

Processing of Personal Data: Obtaining, recording, storing, preserving, changing, reorganizing, disclosing, transferring, taking over, making available, through fully or partially automatic means of personal data or non-automatic means provided that it is a part of any data recording system, Any action taken on the data, such as classification or prevention of use.

Board: Personal Data Protection Board

Authority: Personal Data Protection Authority

Company: Park Turizm Otelcilik Seyahat Construction Industry and Trade Limited Company

Data Processor: Real or legal person who processes personal data on behalf of the data controller based on the authority given by him.

Data Controller: Real or legal person who determines the purposes and means of processing personal data and is responsible for the establishment and management of the data recording system.

3.Personal Data Processing Principles

Bridge Turizm collects, processes and transfers personal data to third parties within the framework of the following principles and principles. All of Bridge Turizm concerned persons within the policy framework are directly responsible for the implementation of these principles.

3.1 Bridge Turizm's Personal Data Processing Principles:

By Bridge Turizm, personal data is obtained, processed and securely stored in accordance with the law, for a legitimate purpose with due care. When the purpose of processing personal data disappears or when the purpose is finalized, it is anonymized or deleted / destroyed by an appropriate method in accordance with this Policy.

Privacy:

It is essential that the processing of personal data within Bridge Turizm is carried out in full confidentiality. In this context, Bridge Turizm prevents any unauthorized access to personal data to the extent possible, and implements all possible technical and administrative measures within its scope. It periodically carries out the related audits.

Legality:

Bridge Turizm obtains and processes personal data in accordance with the rule of honesty and law while providing travel and other services within the limits stipulated by the laws. Bridge Turizm informs you of the purposes of using your personal data and obtains your consent if required.

Timeliness and Correctness:

Personal data is kept complete and accurate by Bridge Turizm and updated when necessary. Bridge Turizm makes the necessary arrangements in order to detect the correction, modification, updating or deletion of the personal data that are inaccurate or insufficient.

Specificity and Transparency:

The principle of processing data for specific, explicit and legitimate purposes ensures that Bridge Turizm clearly and precisely determines the purpose of data processing and that this purpose is legitimate. Bridge Turizm does not process data for other purposes, except for the purposes of data collection and processing, which it makes transparent to the relevant person.

The purpose is legitimate,

It means that the data processed by Bridge Turizm is linked to and necessary for the work it has done or the service it provides.

Care, Moderation and Consistency

Personal data processed by Bridge Turizm is processed only in a manner consistent with the stated purpose and with a reasonable limitation in this context. Personal data will not be collected for possible future data processing purposes, and such data will not be used, processed or transferred in any way that is not suitable for the purpose of obtaining the personal data. In accordance with the minimum data principle, personal data are kept limited and measured for the purpose of their acquisition, and data that are not required within the scope of this purpose are not kept.

Limited Time:

In the event that the main purpose requiring the processing of personal data is eliminated and such data is no longer needed, the personal data in question will be deleted. In case the time periods for data retention are stipulated in the laws, these data are kept in accordance with the periods stipulated in the relevant legislation; After the expiry of the period stipulated in the legislation, these data are deleted / destroyed or anonymized by Bridge Turizm from the systems / devices where the data is stored or from the environments in which they are physically located.

Selection and Confirmation

Bridge Turizm informs the data owner fully and properly regarding the processing of personal data. When necessary, it obtains the consent of the data owner regarding the transaction in question, and offers the option of withdrawing or requesting the data whenever the consent given is requested.

3.2 Processing of Personal Data in Accordance with Law:

Bridge Turizm seeks the existence of the explicit consent of the person concerned in order to process personal data and special quality personal data in accordance with the law, and in cases where there is no express consent, it processes personal data only if one or more of the legal processing reasons are found. Bridge Tourism, said processing activities above 3.1. It executes in full compliance with the principles specified in the section.

3.3 Purposes of Processing Personal Data:

Personal data collected by Bridge Turizm and special quality personal data are processed in accordance with the principle of transparency and openness, within the following two main purposes;

a) Fulfillment of our business activities Providing travel services: travel planning, execution of visa applications to present to consulates, realization of insurance transactions within the scope of travel, fulfillment of activities related to the services offered to you with contracted institutions.

Providing accommodation services: Making reservations and rentals

b) Improving our service standards and providing customized services for each user

Improving services: Ensuring customer satisfaction by evaluating requests and complaints by the relevant departments, conducting / evaluating customer surveys when necessary, and taking customer feedback into consideration.

Providing customer services: Reporting, auditing and improving the services received by customers through call centers, website or authorized agencies within the framework of quality standards, making the necessary analysis, promoting and informing about products and services via e-mail, sms and other communication tools, / to increase the recognition of the company with messages to be sent with celebration and other content and to provide general or personalized advertisements, announcements, campaign information for the promotion and marketing of our services

For more detailed information regarding the purposes of processing personal data, you can refer to Bridge Turizm Information Text at www.bridgetours.net.

3.4 Transfer of Personal Data

The principles mentioned in section 3 above are also applied in the transfer of personal data. Bridge Turizm transfers personal data limited to third parties for the purpose of transmission and takes the necessary measures in this regard.

Personal data by Bridge Turizm, in the event that the explicit consent of the relevant person or one or more of the legal compliance reasons are found within the above-mentioned purposes; It is transferred to authorized representatives and agencies within Bridge Turizm, official institutions and organizations, service providers, and to third parties whose services we benefit from or cooperate with, such as companies providing call center services.

Third parties to whom personal data are transferred cannot use and process the transferred personal data for their own personal or commercial purposes other than the purpose of transfer. Third parties to whom personal data are transferred are obliged to comply with the instructions given by Bridge Turizm and to take all necessary technical and administrative measures to ensure data security.

Bridge Turizm may transfer data to third parties in order to achieve the following purposes and if necessary and necessary;

Fulfilling the obligations stipulated in accordance with the law or regulations,
Fulfillment of a court decision or a regulatory and supervisory public institution decision / order,
Providing administrative and technical measures as well as infrastructure security and protecting the rights of Bridge Turizm in case of legal disputes.
In the case of making abroad the transfer, Chapter 3 in the mentioned conditions and to countries that adequate protection will be determined by the Board in addition to these conditions, while there is no protection in this way to commit themselves to an adequate protection of those responsible for the data in and in the foreign countries, Turkey written and Assembly Bridge Turizm may transfer personal data abroad if the permission is granted.

4 Our Obligations

4.1 Obligation to Disclose

BridgeTurizm, at the time of obtaining personal data,
The identity of the data controller and its representative, if any,
Purpose of processing personal data,
It gives information about the persons to whom the personal data will be transferred and the purposes of the transfer, the method and legal reason for collecting personal data and the rights of the relevant person specified in Article 4.5 below.
1. Obligations Regarding Data Security

Technical Measures:

Bridge Turizm takes the necessary technical measures within the bounds of possibility to prevent unauthorized access and illegal processing and to prevent accidental data loss, change and destruction. The said obligation relates to both the electronic environment and the physical environment. In this context, Bridge Turizm determines technical procedures and rules and reviews them regularly, while observing confidentiality in design.

Bridge Tourism ensures the implementation of security measures such as encryption, masking and anonymization by taking into account the existing risks that may occur within this scope and by following up-to-date technology.

Administrative Measures: Bridge Turizm employees can only access personal data in accordance with the scope and purpose of the task in question. Employees cannot process personal data, which they have access to, for personal or commercial purposes; For these purposes, it cannot disclose personal data to unauthorized persons or disclose this information.

Bridge Turizm informs its employees that they will not disclose the personal data they obtain for business purposes to anyone in violation of the provisions of the Law and will not use them for purposes other than processing, and that this liability will continue even after they quit their job.

4.3 Data Controllers Registry

Bridge Turizm is / will be registered in the registry of data controllers established in accordance with the relevant legislation. The following information is included in the relevant registry;

Identity and address information of the data controller and its representative, if any, for what purpose personal data will be processed
Explanations about the group and groups of data subject persons and the data categories belonging to these persons
Recipient or recipient groups to which personal data can be transferred
Personal data envisaged to be transferred to foreign countries
Measures taken regarding personal data security
The maximum period required for the purpose for which personal data are processed

4.4 Audit Obligation

Bridge Turizm conducts the necessary audits, especially regarding technical and administrative measures, at certain intervals in order to meet the Bridge Turizm principles and the legislative requirements regarding the protection of personal data in its own institutions or organizations and at third parties with whom it transfers data.

4.5 Obligation to Reply to the Application of the Relevant Person

Data owner data subjects apply to Bridge Turizm to get information about themselves;

a) Learning whether personal data is processed,
b) To request information if personal data has been processed,
c) Learning the purpose of processing personal data and whether they are used appropriately for their purpose,
ç) To know the third parties to whom personal data is transferred domestically or abroad,
d) Request rectification in case personal data are processed incompletely or inaccurately,
e) Requesting the deletion or destruction of personal data,
f) Request notification of the processes regarding the correction, deletion or destruction of personal data to third parties to whom personal data have been transferred,
g) To object to the occurrence of a result against the person himself by analyzing the processed data exclusively through automated systems, and
ğ) In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage.

In this context, Bridge Turizm returns to these applications within thirty days at the latest. If the application in question also requires a cost, Bridge Turizm may charge a fee in the tariff to be determined by the Board for the finalization of the application. If the processing of the personal data of the relevant person is based on explicit consent, Bridge Turizm takes the necessary steps if the relevant person withdraws his / her express consent.

5 Security Purpose Data Processing Activities in Bridge Tourism Workplaces

Workplace entrances and personal data processing activities performed within the workplace by Bridge Turizm are carried out in accordance with the Constitution, the Law and other relevant legislation. In this context, Bridge Turizm keeps footage with a camera to ensure security. It also processes personal data for tracking visitor entry and exit.

While the personal data of the visitors are obtained during their visits to Bridge Turizm workplaces, the relevant persons are informed about the said processing activities. In addition, internet access can be provided to our visitors during their visits to Bridge Turizm workplaces, and log records can be kept in such a case.

Bridge Turizm aims to ensure full compliance with the legislation in force in the processing of camera, log and other visitor records, aiming to take the security as required and at the highest possible level. Bridge Turizm ensures that such digital records are accessed only by a certain number of authorized persons and in accordance with the principles of this Policy.

On the websites managed by Bridge Turizm, cookies, etc., by technical means, as detailed in the privacy policy of the relevant website. browser movements can be recorded. Bridge Turizm aims to ensure compliance with the applicable legislation in the registration process.

6 Bridge Turizm Personal Data Protection Committee

In accordance with the decision of the Company's senior management, a “Personal Data Protection Committee” has been established within the Company to manage this Policy and other policies, procedures and implementation guides connected to and related to this Policy. The duties of this committee are listed below.

To prepare and put into effect the basic policies regarding the Protection and Processing of Personal Data and the changes when necessary, to submit them to the approval of the senior management.

To decide on the implementation and supervision of the policies regarding the Protection and Processing of Personal Data, and to make in-house assignments and coordination within this framework, to submit the matters to the approval of the senior management.

To determine the things to be done in order to comply with the Personal Data Protection Law and the relevant legislation and to submit what needs to be done for the approval of the senior management; to observe its implementation and to ensure its coordination.

Raising awareness within the Company and among the Company's business partners about the Protection and Processing of Personal Data.

To determine the risks that may occur in the personal data processing activities of the company and to ensure that the necessary measures are taken; presenting the improvement suggestions with the approval of the senior management.

To design and execute trainings on the protection of personal data and the implementation of policies.

To decide the applications of personal data owners at the highest level.

Personal data owners; Coordinating the execution of information and training activities in order to ensure that they are informed about personal data processing activities and legal rights.

To follow developments and regulations regarding the Protection of Personal Data; to advise senior management on what needs to be done within the Company in accordance with these developments and regulations.

Coordinating the relations with the Personal Data Protection Board and Institution. To perform other duties assigned by the senior management of the company regarding the protection of personal data.