The abbreviations used in this Policy are as follows. 1. COMPANY: ATTAŞ Alarko Turistik Tesisler A.Ş., the official owner of the website, with legal headquarters at the address Muallim Naci Caddesi, No: 69, Ortaköy, Istanbul and administrative headquarters at Nispetiye Cad. Ahular Sokak No:6 Etiler – Istanbul 2. SITE: The internet page with the domain name www.hillsidebeachclub.com.tr 3. VISITOR: Person or persons who read the site without sharing his/their personal contact details and visit the site for information purposes or share his/their personal data with the site owner company via the forms in the site and on his/their own consent. To be hereinafter referred to as “User” in the Policy. 4. CUSTOMER: Any person or organization that benefits from the services specified in the site in exchange for a fee and share their personal and organizational data on their consent for this. To be hereinafter referred to as “User” in the Policy.
1. Privacy: Necessary precautions for the security of data and transactions entered into the SITE are taken within the infrastructure of the system or Internet, by the COMPANY, and/or related card institutions in accordance with the nature of the information and transaction. All credit card transactions and confirmations are carried out online by the related bank or similar card agencies, between the user and the bank and similar card agency independently of the COMPANY. (Information such as credit card password cannot be seen or saved by the COMPANY).
Other Internet users cannot see any information that users enter into the SITE for membership, purchasing a service or for updating information, and especially confidential information about credit cards and debit cards. The COMPANY is responsible for the security of any personal data obtained through the SITE, and for taking the requisite precautions in order to block illegal access and processing of this information, save for the Bank Cards and Credit Cards Law No.5464, dated 23/2/2006 and Law No. 6698 on the Protection of Personal Data dated 07/04/2016 (“the Law”) and other related legislation provisions.
Data belonging to users can only be disclosed within the scope of our liabilities set forth by the legal arrangements.
Contact details and other information shared by Users during their membership application and/or shopping transaction can be saved by the COMPANY for the processing and updating of membership to the SITE, the provision/sale of various products/services by the COMPANY and its business partners and suppliers, and for the collection of product/service fees/expenses only for a definite period of time needed for the execution of these purposes only. The COMPANY can share the personal data it has obtained from Users if needed for the purposes specified herewith in this Privacy and Protection of Personal Data Policy with its domestic and international business partners, third party service providers and suppliers for services such as Web hosting, data analysis, payment transactions, order processing, provision of IT technologies and relevant infrastructure, customer services, e-mailing, credit card transactions, and auditing, as well as insurance companies; it can disclose this information to the said parties, and transfer it abroad. The third party the personal data is transferred to will not use these transferred data for purposes other than specified herewith in this policy and will only use them for Attaş Alarko Turistik Tesisler A.Ş.’s data processing purposes.
The COMPANY is not responsible for any indirect damage, harm and costs that may arise from any error, interruption, delay in data transfer, computer virus, line or electrical fault during the use of the SITE. Similarly, when the User is connected to the SITE via a link provided by other websites, with or without the COMPANY’s permission, the COMPANY bears no responsibility since these links cannot be controlled.
The copyright of any data and material on the SITE, and the arrangement of these belongs to the COMPANY. All copyrights of content on our site concerning the registered trademark, patent, intellectual and other property rights are reserved by the COMPANY. A person and/or organization cannot use a part of the SITE in any other website, or in a link of any other website, without obtaining the prior authorisation of the COMPANY.
If you wish to get additional information about any topic, you can consult the COMPANY via the contact addresses listed on the SITE. 2. Impersonal and Compiled Information: When the SITE is visited, general information such as the IP via which you enter the SITE, the pages you visit on our SITE and how much time you spend on each page, data form and application are recorded. The purpose of keeping this information is to develop the site of the COMPANY by monitoring it regularly and improve its services. This information is usually obtained using the IP addresses which are not connected with the personal identification details. 3. Personal Data: When a USER sends a question via the SITE, fills out a contact form or makes an application for a certain service, personal data (such as name-surname, commercial and delivery address, phone number, e-mail address and/or social media/messaging accounts) can be collected from the USER and recorded by the COMPANY by way of compulsory fields in the form in order to be used by the COMPANY for purposes limited to the execution of services, requests for information, and applications. In addition, in case the User shares personal data (such as name-surname, commercial and delivery address, phone number, e-mail address and/or social media/messaging accounts) with the COMPANY by an open consent given on the SITE, the COMPANY can store this personal data for any product-service promotion, advertising, communication, special offers, sales, marketing, and member registration, notification and execution purposes. Personal and/or sensitive data about you obtained by the COMPANY and our call center, customer and booking services, or through the SITE, our social media accounts, hotel form and/or any other written, oral or electronic channel not limited to these examples, can be recorded, stored, updated, periodically reviewed, rearranged, classified, captured or processed in other ways. The COMPANY can share this personal data obtained from the USER if needed for the purposes specified herewith in this Privacy and Protection of Personal Data Policy with its domestic and international business partners, third party providers of services such as Web hosting, data analysis, payment transactions, order processing, provision of IT technologies and relevant infrastructure, customer services, e-mailing, credit card transactions, and auditing, as well as insurance companies; it can disclose this information to the said parties, and transfer it abroad. The third party the personal data is transferred to will not use these transferred data for purposes other than specified herewith in this policy and will only use them for Attaş Alarko Turistik Tesisler A.Ş.’s data processing purposes.
If the User gives his open consent on the SITE, he will be deemed to have granted permission for SMS, push notifications, customer calls and e-mails about all kinds of promotions, advertising, sales and marketing concerning the products and services, and also about card and membership notifications, operations and applications.
Your personal data will be processed within the scope of Articles 5 and 6 of the Law on the Protection of Personal Data covering open consent, explicit requirement in the legislation, establishment and execution of a service agreement, establishment, use or protection of a right, protection of our legitimate interest as a Company and performing our legal obligations.
The COMPANY may use your personal data for the following purposes:
To provide services offered by the COMPANY.
To respond to your questions.
To send to you marketing communications through your preferred channel of the content we think might be of interest to you such as newsletters.
To offer customized products, marketing messages, offers and content to you.
Duly provide the accommodation service offered by the COMPANY (such as obtaining and processing personal or private personal data in order to deliver services such as the selection of the location and type of the room, preference for food, bed and pillows, baby and child care services/activities and kids club).
To identify requests of the guest from Club staff made to Hillside Beach Club’s relevant departments during phone conversations taking place on the phone in the room during their stay at Hillside Beach Club for participation in and organization for any activity, reservations, etc. and check the quality of other services that could be delivered to the guest on the phone.
To provide you with the opportunity to participate in surveys, lotteries, competitions and similar promotions (some of these activities might involve additional rules with more information on the way we use and disclose your personal data. Therefore, we recommend you read these said rules carefully.).
To complete your purchase, for instance, make your payment, ensure that your order is delivered to you, contact you about your purchase, provide the relevant customer service to you.
For business purposes such as data analysis, audits, crime/fraud surveillance and prevention, security, new product development, testing, service development/improvement or change, identification of usage trends, assessment of the effectiveness of promotional campaigns, and execution and development of business activities.
For fulfilling accounting, billing, reconciliation, and collection procedures.
To carry out other activities in line with the objective of this statement.
Vis-à-vis the use and disclosure of your personal data for the purposes explained in this Privacy and Protection of Personal Data Policy, you can use any one of the methods stated below to access and update your contact details and choice of communication and, as stipulated in the Law and the Communiqué No. 30356 on the Procedures and Principles of Application to the Data Controller, you can personally deliver your requests to access, update, delete or edit the personal data you have provided to the COMPANY or any request regarding your rights listed below in writing and signed to the application address below, send it through a notary public, send a registered e-mail to the account firstname.lastname@example.org, or send an e-mail to email@example.com using your secure electronic signature, mobile signature or the e-mail account you have declared to the COMPANY before and that is registered in our system. We will respond to your request(s) at our earliest convenience and in line with the current legislation.
Unless a longer storage period is required or prohibited by law, we will store your personal data as long as needed for the purposes explained in this Privacy and Protection of Personal Data Policy. Your personal data will be stored for a maximum of twenty years.
In accordance with the Law, if the USER applies to the COMPANY, s/he is entitled to the right to (a) learn whether these personal data have been processed, (b) if they have been processed, to ask for information on the process, (c) learn about the purpose of data processing, and whether they have been used to serve the initial purpose, (d) find out about the third persons the personal data was transferred to in the country and abroad, (e) ask for the correction of personal data if they have been processed incompletely or inaccurately, (f) ask for the deletion or destruction of their personal data, (g) ask for the notification of third persons about the actions taken in response to requests under (e) and (f) above, (h) object to a conclusion against themselves reached through an analysis of the processed data carried out exclusively by automated systems, and (i) claim indemnification for losses should they incur a loss due to the unlawful processing of personal data. 4. Cookies: In time, the COMPANY or its partners may send a “cookie” to your computer. Cookies are small data sent by the web server to your Internet browser and then, stored in the memory of your computer. Cookies cannot retrieve data from the memory of your computer or cookie files created by other webpages. Cookies do not harm your system. Cookies are used to identify which parts of the SITE are visited or whether the pages are rearranged by you. This facilitates repeat visits to the website. By changing the settings of your Internet browser, you may reject cookies or have your browser alert you when a cookie is sent to your computer. By restoring the settings of your browser to its original state, you accept all cookies. If you reject cookies, the number of applications you see in the SITE and other websites may decrease and some features may not function as desired. The COMPANY shall not be responsible for the lower number of applications and malfunctions. 5. Data Security: To prevent unauthorized access to the SITE, to maintain data integrity and to enable the accurate use of the information, physical, electronic and administrative procedures are applied to protect and secure the information collected via the SITE. Despite all conditions, the COMPANY cannot guarantee that personal data cannot be obtained by illegal means from the systems of the COMPANY and you accept all the risks and responsibility that may arise including the risk of lack of security in our systems by using the online services of the COMPANY. 6. Linked Sites: This SITE contains links that convey the Users to other websites whose content is not controlled by the COMPANY. These linked websites may have different conditions than the confidentiality terms specified in this Policy. The COMPANY shall not be responsible for the collection, use or disclosure of personal data that may be collected by such websites. The COMPANY does not assume responsibility for any damages that may arise from such a collection, use or disclosure. That links to other sites are provided in the site of the COMPANY does not mean these sites are safe and the relevant responsibility shall be entirely born by the user. The Users accept that when you click on a link that is directed to external sites, as these sites are prepared and controlled by third parties, they leave the responsibility area of the COMPANY and from this point on, the COMPANY does not have any responsibilities whatsoever. The COMPANY shall not be responsible for any direct or indirect damages, harm and costs that may arise due to any error, cut, delay in data transfer, computer virus, line and power failure that may occur while using the SITE. Similarly, when the User is connected to the SITE via a link provided by other websites, with or without the COMPANY’s permission, the COMPANY bears no responsibility because of the structure that does not allow for the control of these links. 7. Information Given on the Site The COMPANY reserves the right to change and/or limit the content, design or access terms of the SITE without notification. The COMPANY can limit or ban access to the SITE for any reason and solely based on its own decision.