Data Protection | Lasagrada Hotel Istanbul

PRIVACY NOTICE REGARDING PERSONAL DATA PROCESSED THROUGH THE CONTACT FORM

This privacy notice has been prepared by Polatdemir Turizm Ticaret Anonim Şirketi tarafından, , acting as the data controller, in accordance with Article 10 of Law No. 6698 on the Protection of Personal Data (Kişisel Verilerin Korunması Kanunu, "KVKK") and the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Inform, to inform and enlighten you about the processing purposes, legal grounds, collection methods, to whom they may be transferred, and your rights under KVKK regarding your personal data.

The following personal Data that you share through the "Contact Us" button on our website:

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Name and Surname
Contact Data	Telephone adress and e-mail adress

Is processed for the purposes of informing you about the services offered by our company, enabling you to benefit from them, and contacting you regarding the subject of your inquiry. We do not have absolute control over the information you share. We also recommend that you do not share with our company any personal data or special categories of personal Data that you do not want us to know.

The personal data in question is processed through automated means based on the following legal grounds stipulated in Article 5 of KVKK:

"Processing of personal data belonging to the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract"

and will be shared with the infrastructure service provider company and, when necessary, with the relevant judicial authorities.

You may submit your requests under Article 11 of the Law, which regulates the rights of the Data subject, in writing to Meşrutiyet Mah. Şair Nigar Sk. No: 88 Şişli/İstanbul or send them to kvkk@lasagradahotel.com e-mail address in accordance with the Communiqué on Application Procedures and Principles to the Data Controller.

An application form you can use has been published on our website. You can access the relevant form at https://www.lasagradahotel.com

LASAGRADA HOTEL ISTANBUL

COOKIE POLICY AND COOKIE NOTICE

This Cookie Policy has been prepared by Polatdemir Turizm Ticaret Anonim Şirketi to provide information about cookies and similar technologies placed on your device when you visit our website at https://www.lasagradahotel.com. This policy explains what types of cookies are used, the purposes for which these cookies are collected, how they can be managed, and how you can exercise your rights under the KVKK (Personal Data Protection Law).

For cookies other than essential cookies used on our website, users' explicit consent is obtained, and they are provided with the option to change their consent at any time. Users can view the types of cookies used on our website via the cookie management panel and select their preferences for all cookies other than Essential Cookies using the “accept all” or “reject all” options. Users can also change their preferences at any time via this panel.

Cookie:

Cookie is the name of a type of identification file that is placed on and read by the browser used by the user by any website. Cookie files store various Data such as the user's session information, the duration of content consumption on the page, and content consumption habits.

Our cookies are used to provide you with a personalized experience when you use our websites, to improve our services, and to enhance your experience.

Cookies can be categorized based on their purpose and method of use. Some of these categories are explained below:

Types of Cookies:

Cookie types by duration:

Our website uses session cookies and persistent cookies based on their duration. Session cookies are used to maintain session continuity and are deleted when the user closes the browser. Persistent cookies are not deleted when the browser is closed and are automatically deleted on a specific date or after a certain period.

First-party and third-party cookies:

Whether a cookie is first-party or third-party depends on the website or domain that placed the cookie. First-party cookies are placed directly by the website the user is visiting, i.e., the web address shown in the browser's address barhttps://www.lasagradahotel.com Third-party cookies are placed by a domain different from the one the user is visiting.

Cookie types by purpose:

1) Essential Cookies

These cookies are necessary for the website to function properly. They are used to perform the basic functions of the website (e.g., logging in, form filling, security verification, page redirection, etc.) and are also mandatory for fulfilling a requested information society service (such as remembering privacy preferences). If essential cookies are blocked, some parts of the website may not function properly.

2) Analytics/Performance Cookies

These are cookies that enable statistical measurement to analyze user behavior on websites. These cookies are frequently used to improve the site. They are used by website owners for various purposes such as estimating the number of unique visitors, measuring traffic, optimizing performance, identifying the most important search engine keywords leading to a web page, or monitoring browsing behavior on the website.

3) Functional Cookies

These cookies are used to personalize the content offered by the site. For example, they enable the remembering of information such as username, language preference, and region selection (excluding your privacy preferences, to ensure your other preferences are remembered when you return to the site).

4) Advertising/Marketing Cookies

These cookies allow personalized advertisements to be shown to users by tracking their browsing habits on the internet. They are used for online behavioral advertising activities. These types of cookies may also be shared with advertising partners.

5) Triggered Cookies (Interaction-Based):

These types of cookies are not created directly for a specific purpose. When users click on embedded content such as YouTube videos or Google Maps on the relevant site, these cookies falling into advertising, analytics, or functional categories are automatically triggered.

Purposes and Legal Basis for Processing Personal Data

Essential cookies are processed for the following purposes:

To perform the basic functions of our site,
To ensure our site works properly,
To maintain session and security,
To improve the performance of our site for faster response

The personal Data collected through these cookies is processed under Article 6(1)(b) of GDPR "processing is necessary for the performance of a contract" or Article 6(1)(f) "processing is necessary for the purposes of the legitimate interests pursued by the controller".

Advertising and Marketing cookies and Analytics/Performance cookies are processed with your explicit consent under Article 6(1)(a) of GDPR.

Cookies Used on Our Website

Cookie Name	Cookie Purpose	Cookie Category	Cookie Owner	Cookie Type	Storage Duration
_ga	Distinguish users, generate visitor statistics	Analytics	Third Party (Google Analytics)	Permanent	1 year 6 months
_ga_3R5SJEDWK4	Google Analytics 4 – Measuring session and user behavior	Analytics	Third Party (Google Analytics)	Permanent	1 year 6 months
_ga_4KTGPCL72W	Google Analytics 4 – performance and usage analysis	Analytics	Third Party (Google Analytics)	Permanent	1 year 6 months
_ga_9DQ7VXDV5T	Google Analytics 4 – measuring user interactions	Analytics	Third Party (Google Analytics)	Permanent	1 year 6 months
_ga_D49P33QH59	Google Analytics 4 – statistical analysis	Analytics	Third Party (Google Analytics)	Permanent	1 year 6 months
_gcl_au	Google Ads conversion tracking and advertising performance measurement	Necessary / Security	Third Party (Google Ads)	Permanent	7 months
cf_clearance	Security verification against bots and malicious traffic	Necessary / Security	Third Party (Cloudflare)	Permanent	1 year 5 months

Data Subject Rights

Data subjects whose personal Data is processed through cookies used on our website may submit their requests under GDPR in writing to Meşrutiyet Mah. Şair Nigar Sk. No: 88 Şişli/İstanbul or by email to

Cookie Settings via Browser

You can change your cookie preferences at any time by clicking on the consent preferences icon located at the bottom left of our website. Set the buttons in the cookie management panel to on or off according to your preference and click the "Save Preferences" button.

Additionally, partial control can be achieved through browser settings. You can access information on managing cookies in commonly used browsers through the following links:

Google Chrome: support.google.com/accounts/answer/61416
Microsoft Edge: support.microsoft.com/microsoft-edge
Mozilla Firefox: support.mozilla.org/kb/clear-cookies
Safari: support.apple.com/safari
Opera: help.opera.com/en/latest/web-preferences

CORPORATE GENERAL PRIVACY NOTICE

As Polatdemir Turizm Ticaret Anonim Şirketi acting as the Data controller, we have prepared this Corporate General Privacy Notice to inform our online visitors, website users, customers, and our suppliers' authorized representatives and employees about the processing, storage, and transfer of your personal data within the scope of our activities arising from Law No. 6698 on the Protection of Personal Data (Kişisel Verilerin Korunması Kanunu, "KVKK") and the relevant legislation and regulations.

Your personal information may be processed by Libart Proje ve Uygulama Sanayi ve Ticaret Anonim Şirketi in accordance with the principles set forth in Article 4.2 of KVKK:

Being in compliance with the law and the rules of good faith,
Being accurate and, where necessary, kept up to date,
Being processed for specified, explicit, and legitimate purposes,
Being relevant, limited, and proportionate to the purposes for which they are processed,
Being retained for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed,

within the scope of our established and ongoing business relationships with our business partners (a person may fall into more than one category), for the purposes specified below.

For Employees;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your first name, last name, Turkish ID number, date of birth, place of birth, gender, marital status, copy of your identity card, signature etc.
Contact Data	Your phone number, full address, email address, contact information for the person you want us to reach in case of an emergency,
Personnel Data	Your resume, military discharge certificate, financial and salary details, bank account information, insurance enrollment/retirement information etc.
Legal Transaction Data	Your information in correspondence with judicial authorities, Your information in the case file
Physical Location Security Data	Your security camera recordings,
Transaction Security Data	Your IP address information, website entry and exit information, etc.,
Financial Data	Bank account information and other financial Data
Professional Experience Data	Your educational background, diplomas, certificates, training received, skills, courses taken, copy of your driver's license etc.
Visual and Audio Recordings	Visual and audio recordings you share with our company
Health Data	Your detailed health information
Personal Data Belonging to Family Members	Information and documents such as education, death, birth, military service, and marriage certificates belonging to your family members, for the purpose of administering benefits and entitlements for employees working with your explicit consent.

your personal Data may be processed for the following purposes.

Fulfilling Employment Contract and Legal Obligations for Employees
Implementing Processes for Employee Benefits and Entitlements
Implementing Emergency Management Processes
Implementation of Communication Activities
Monitoring and Implementation of Legal Affairs
Implementation of Audit/Ethics Activities
Implementation of Training Activities
Implementation of Activities in Compliance with Legislation
Execution of Finance and Accounting Affairs
Execution of Assignment Processes
Planning of Human Resources Processes
Execution/Audit of Business Activities
Implementation of Occupational Health and Safety Activities
Implementation of Performance Evaluation Processes
Ensuring the Security of Data Controller Operations
Implementation of Storage and Archiving Activities
Provision of Information to Authorized Persons, Institutions, and Organizations

Employee candidate;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your first name, last name, date of birth, place of birth, gender, marital status etc.
Contact Data	Your phone number, your full address, your email address etc.
Personnel Data	Your CV’s, military status information etc.
Legal Transaction Data	Your information in correspondence with judicial authorities, Your information in the case file.
Physical Location Security Data	Your security camera footage if you visit our company buildings
Professional Experience Data	Information about your work experience, educational background, diplomas, certificates, training received, skills, driver's license information etc.
Transaction Security Data	When visiting our company headquarters, IP address information, website entry and exit information, password and login information, etc.
Visual and Audio Recordings	Visual and audio recordings you share with our company
Health Data	Your chronic illness and disability status information

your personal Data may be processed for the following purposes.

Conducting Employee Candidate / Intern / Student Selection and Placement Processes
Conducting the Application Process for Job Candidates
Conducting Communication Activities
Planning of Human Resources Processes
Monitoring and Execution of Legal Affairs
Conducting Activities in Compliance with Legislation
Ensuring Physical Location Security
Conducting Storage and Archiving Activities

Visitors;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your name and surname
Contact Data	Your phone number and email address, if you share them with our company
Physical Location Security Data	Your security camera recordings if you visit our company addresses, Your vehicle's license plate information etc.

your personal Data may be processed for the following purposes.

Management of Emergency Situations
Conducting Activities in Compliance with Legislation
Ensuring Physical Premises Security
Conducting Communication Activities
Conducting/Monitoring Business Activities
Conducting Storage and Archiving Activities
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Creating and Tracking Visitor Records

For Online Visitors;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Name and surname information if shared via the “Contact Us” button
Contact Data	Email and phone number information if shared via the “Contact Us” button
Marketing Data	Purchase history information, surveys, cookie records, information obtained through campaign activities, etc.

Your personal Data may be processed for the following purposes.

Management of Emergency Situations
Conducting Activities in Compliance with Legislation
Management of Company/Product/Service Loyalty Processes
Conducting Communication Activities
Management of Customer Relationship Processes
Conducting Storage and Archiving Activities
Tracking Requests/Complaints
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Creating and Tracking Visitor Records

From the perspective of mobile app users;

Users of the “Lasagrada Hotel Istanbul” Mobile Application;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your name, surname, signatures
Contact Data	Your phone number, e-mail address, address,
Legal Transaction Data	Your information in correspondence with judicial authorities, Your information in the case file.
Marketing Data	Purchase history information, surveys, cookie records, information obtained through campaign activities, etc.
Location	Location information based on your current location, if you grant permission via the Lasagrada Hotel Mobile App
Accommodation Data	To use the Lasagrada Hotel Mobile App, you need to provide Data such as your length of stay at Lasagrada Hotel Istanbul, your check-in and check-out dates, your room number, the number of people, etc.

your personal Data may be processed for the following purposes.

Implementation of Emergency Management Processes
Implementation of Information Security Processes
Implementation of Activities in Compliance with Legislation
Implementation of Finance and Accounting Operations
Monitoring and Implementation of Legal Affairs
Execution of Communication Activities
Execution/Audit of Business Activities
Execution of Goods/Services Procurement Processes
Execution of Post-Sales Support Services for Goods/Services
Execution of Goods/Services Sales Processes
Execution of Goods/Services Production and Operations Processes
Execution of Storage and Archiving Activities
Execution of Product/Service Marketing Processes
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Execution of Business Continuity Activities

Customers;

The authorized representatives and/or employees of our individual customers or corporate customers;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your first name, last name, Turkish ID number, Turkish ID card serial number, date of birth, passport information,
Contact Data	Your phone number, e-mail address, address,
Customer Transaction Data	Call center records, Invoice, promissory note, check information, Information on cashier receipts, Order information, Request information, etc.
Marketing Data	Purchase history information, surveys, cookie records, information obtained through campaign activities, etc.
Location	If you use the “Lasagrada Hotel Istanbul” mobile app and grant location access permission, your location Data will be collected.
Physical Location Security Data	Security camera recordings processed in areas indicated by lighting signs in the common areas of our hotel building

Your personal Data may be processed for the following purposes.

Implementation of Emergency Management Processes
Implementation of Information Security Processes
Implementation of Activities in Compliance with Legislation
Implementation of Finance and Accounting Operations
Implementation of Processes Related to Company/Product/Services
Ensuring Physical Premises Security
Monitoring and Execution of Legal Affairs
Execution of Communication Activities
Execution/Audit of Business Activities
Execution of Logistics Activities
Execution of Goods/Services Procurement Processes
Execution of Goods/Services After-Sales Support Services
Execution of Goods/Services Sales Processes
Execution of Goods/Services Production and Operations Processes
Execution of Customer Relationship Management Processes
Execution of Customer Satisfaction Activities
Organization and Event Management
Execution of Storage and Archiving Activities
Execution of Contract Processes
Ensuring the Security of Movable Property and Resources
Tracking Requests/Complaints
Execution of the Remuneration Policy
Execution of Product/Service Marketing Processes
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Execution of Management Activities
Creation and Tracking of Visitor Records

From the perspective of our Supplier Representative and Supplier Employee, and our Agent Representative and Agent Employee;

Supplier and Agent Authorized Representatives/Employees;

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your name, surname, Turkish ID Number
Contact Data	Your phone number, full address, e-mail address
Legal Transaction Data	Information in correspondence with judicial authorities, information in case files, etc.
Physical Location Security Data	Your security camera recordings if you visit our company addresses, Your vehicle's license plate information etc.
Transaction Security Data	Your IP address information, website entry and exit information, etc. will be collected when you visit our company building.
Financial Data	Financial performance information, Credit and risk information, Asset information, etc.
Professional Experience Data	Information about your work experience, educational status, diplomas, etc.
Visual and Audio Recordings	Visual and audio recordings you share with our company
Other Personal Data	TURSAB Certificate and Tax Certificate, Signature Circular, signatures, etc. belonging to sole proprietorships

Your personal Data may be processed for the following purposes.

Implementation of Emergency Management Processes
Implementation of Information Security Processes
Implementation of Activities in Compliance with Legislation
Implementation of Finance and Accounting Operations
Ensuring Physical Premises Security
Implementation of Assignment Processes
Monitoring and Implementation of Legal Affairs
Implementation of Communication Activities
Implementation/Audit of Business Activities
Implementation of Goods/Services Sales Processes
Execution of Customer Relationship Management Processes
Execution of Activities Aimed at Customer Satisfaction
Organization and Event Management
Execution of Marketing Analysis Studies
Execution of Storage and Archiving Activities
Execution of Contract Processes
Ensuring the Security of Movable Property and Resources
Execution of Supply Chain Management Processes
Execution of the Remuneration Policy
Execution of Product/Service Marketing Processes
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Management Activities
Creating and Tracking Visitor Records

What Are the Collection Methods for Your Personal Data?

Your personal Data specified in the categories above;

Through physical means such as contracts,
Through information systems and electronic devices (e.g. telecommunications infrastructure, computers, and phones),
Servers,
Our website,
Through other documents declared by the data subject

are collected through automated or non-automated means.

What Is the Legal Basis for the Collection of Your Personal Data?

Your personal Data is processed by Polatdemir Turizm Ticaret Anonim Şirketi based on the legal grounds listed below and stipulated in Article 5 of KVKK for the realization of the purposes explained above:

Being explicitly prescribed by law,

It is necessary for compliance with a legal obligation to which the Data controller is subject
Processing of personal Data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract.
Processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.
Protection of public health,
Preventive medicine
Legal proceedings related to employment, occupational health and safety, social security, social services, and social assistance,
Data subject has given his/her explicit consent

Do We Transfer Your Personal Data to Third Parties?

For Employees;

Natural persons or private legal entities (organizations from which we receive attorney and financial advisor services)
Our Affiliates and Subsidiaries
Our business partners
Banks, consulting firms, insurance companies, and travel agencies with which our company has agreements
Authorized public institutions and organizations
Our suppliers
The General Directorate of Security within the scope of the Identity Reporting System
May be shared with law enforcement agencies and judicial authorities if requested for the purposes specified above and in accordance with relevant legislation.

Employee Candidate /Visitor/Online Visitor:

Your personal Data may be transferred to judicial authorities or relevant law enforcement agencies in the event of legal disputes or upon request in accordance with applicable legislation.

Personal information belonging to the Mobile Application User:

Your personal Data shared through the “Lasagrada Hotel Istanbul” mobile application will be transferred to the supplier company we work with to perform backup operations.

For Customers:

Natural persons or private legal entities (organizations from which we receive attorney and financial advisory services)
Our Affiliates and Subsidiaries
Our business partners
Our suppliers,
Authorized Public Institutions and Organizations
The General Directorate of Security within the scope of the Identity Reporting System
May be shared with law enforcement agencies and judicial authorities if requested for the purposes specified above and in accordance with relevant legislation.

Personal Data belonging to the supplier representative and supplier employee, and the agent representative and agent employee:

Natural persons or private legal entities (organizations from which we receive attorney and financial advisory services)
Our Affiliates and Subsidiaries
Our business partners
Our suppliers,
Authorized Public Institutions and Organizations
May be shared with law enforcement agencies and judicial authorities if requested for the purposes specified above and in accordance with relevant legislation.

How Can You Exercise Your Rights Regarding Your Personal Data?

You may submit your requests within the scope of Article 11 of KVKK, which regulates the rights of the Data subject, to us through the "Data Controller Application Form" prepared for your convenience in accordance with the Communiqué on the Procedures and Principles of Application to the Data Controller available on https://www.lasagradahotel.com/ belonging to Polatdemir Turizm Ticaret Anonim Şirketi.

Data Controller: Polatdemir Turizm Ticaret Anonim Şirketi

Adress: Meşrutiyet Mah. Şair Nigar Sk. No: 88 Şişli/İstanbul

E-mail: kvkk@lasagradahotel.com

Kep address: polatdemir@hs01.kep.tr

PRIVACY POLICY

AGENT INFORMATION NOTICE

Dear Agent/Business Partner; www.akkasgroup.com

This privacy notice has been prepared by Polatdemir Turizm Ticaret Anonim Şirketi (Lasagrada Hotel Istanbul) acting as the data controller, in accordance with Article 10 of Law No. 6698 on the Protection of Personal Data (Kişisel Verilerin Korunması Kanunu, "KVKK") and the Communiqué on the Procedures and Principles to be Followed in Fulfilling the Obligation to Inform, regarding the processing of your personal data, including the following:

Processing purposes,
Legal grounds,
Collection methods,
To whom they may be transferred,
Your rights under KVKK,

To inform you as an agent.

Which of Your Personal Data Do We Process?

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your name and surname
Contact Data	Your phone number and email address, if you share them with our company
Legal Transaction Data	Information in correspondence with judicial authorities, information in the case file, etc.
Physical Location Security Data	Your security camera recordings if you visit our company addresses, Your vehicle's license plate information etc.
Transaction Security Data	If you use our hotel's WiFi service, IP address information, website entry and exit information, etc.
Financial Data	Financial performance information, Credit and risk information, Asset information, etc.
Professional Experience Data	Your educational background, diplomas, certificates, training received, skills, courses taken, copy of your driver's license, SRC Certificate
Visual and Audio Recordings	Your visual and audio recordings if shared with our company
Other Personal Data	TURSAB Certificate and Tax Certificate, Signature Circular, signatures, etc. belonging to sole proprietorships

For What Purposes Do We Process Your Personal Data?

Execution of Emergency Management Processes
Execution of Information Security Processes
Execution of Activities in Compliance with Legislation
Execution of Finance and Accounting Operations
Ensuring Physical Premises Security
Execution of Assignment Processes
Monitoring and Execution of Legal Affairs
Execution of Communication Activities
Execution/Audit of Business Activities
Execution of Goods/Services Sales Processes
Execution of Customer Relationship Management Processes
Execution of Customer Satisfaction Activities
Organization and Event Management
Execution of Marketing Analysis Studies
Execution of Storage and Archiving Activities
Execution of Contract Processes
Ensuring the Security of Movable Property and Resources
Execution of Supply Chain Management Processes
Execution of Remuneration Policy
Execution of Product/Service Marketing Processe
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Execution of Management Activities
Creation and Tracking of Visitor Records

For these purposes, they will be obtained, processed, recorded, stored, retained, and classified.

3. To Whom and For What Purposes Do We Transfer Your Personal Data?

Recipient Group	Examples Related to Recipient Groups and Transfer Purposes
Natural Persons or Private Legal Entities	For the purpose of monitoring legal proceedings, to the law firms we have agreements with, for financial transactions and services, to financial advisors,
Authorized Public Institutions and Organizations	In matters related to public safety and in the event of potential legal disputes, to provide information to prosecutors, courts, and relevant public officials upon request and as required by law, and in necessary cases, to relevant ministries, public institutions, and organizations.
Affiliates, Partners	If deemed necessary for the coordinated execution of our business activities, to our subsidiaries, affiliated companies, and business partners,
Suppliers	For the performance of goods/services contracts, to Banks, to Couriers for the purpose of sending documents and products, to Accounting and CRM programs for the execution/tracking of customer and financial transactions, to Information Technology companies providing services for communication, marketing, advertising, promotion, and notification activities, to supplier companies providing online payment services, and to subcontractor companies within the scope of operations management.

4. What Are the Collection Methods and Legal Grounds for Your Personal Data?

The personal data in question are processed with the explicit consent of the data subject or based on the following legal grounds stipulated in Article 5 and 6 of KVKK:

Explicitly provided for in the laws
It is necessary for the data controller to fulfill their legal obligations.
Provided that it is directly related to the establishment or performance of a contract, the processing of personal data belonging to the parties to the contract is necessary.
Provided that it does not infringe upon the fundamental rights and freedoms of the data subject, it is necessary for the legitimate interests of the data controller.

Based on these legal grounds, within the scope of the purposes specified in this Privacy Notice and in accordance with the General Principles listed in Article 4 of the Law:

a) Being in compliance with the law and the rules of good faith,

b) Being accurate and, where necessary, kept up to date,

c) Being processed for specified, explicit, and legitimate purposes,

d) Being relevant, limited, and proportionate to the purposes for which they are processed,

e) Being retained for the period stipulated in the relevant legislation or necessary for the purpose for which they are processed,

They will be processed, recorded, stored, retained, classified through automated means, and may be transferred to the parties mentioned above when necessary.

5. What Are Your Rights Regarding the Processing of Personal Data and How Can You Exercise These Rights?

Article 20 of the Constitution (Anayasa) establishes that everyone has the right to be informed about their personal data. Article 11 of KVKK lists the rights of the data subject under the law.

You may submit your requests regarding your rights under KVKK to Polatdemir Turizm Ticaret Anonim Şirketi in accordance with Article 5 of the Communiqué on Application Procedures and Principles to the Data Controller, either in writing or by using a registered electronic mail (KEP) address, secure electronic signature, mobile signature, or the e-mail address previously notified by the data subject to the data controller and registered in the data controller's system.

Data Controller: Polatdemir Turizm Ticaret Anonim Şirketi

Address: Meşrutiyet Mah. Şair Nigar Sk. No: 88 Şişli/İstanbul

E-mail: kvkk@lasagradahotel.com

PRIVACY POLICY

GUEST INFORMATION NOTICE

Dear Guest; www.akkasgroup.com

Processing purposes,
Legal grounds,
Collection methods,
To whom they may be transferred,
Your rights under KVKK,

To inform you as a guest.

Which of Your Personal Data Do We Process?

Data Categories	Examples of Data Types Processed in This Category
Identity Data	Your first name, last name, Turkish ID number, Turkish ID card serial number, date of birth, passport information,
Contact Data	Your phone number and email address, if you share them with our company
Customer Transaction Data	Your billing information, order information, request information, etc.
Marketing Data	Purchase history information, surveys, cookie records, information obtained through campaign activities, etc
Location	If you use the “Lasagrada Hotel İstanbul” mobile app and grant location access permission, your location data will be
Physical Location Security Data	Your security camera recordings if you visit our company addresses, Your vehicle's license plate information etc.
Transaction Security Data	If you use our hotel's WiFi service, IP address information, website entry and exit information, etc.
Other Personal Data	By completing the Accommodation Form, you have provided your signature, vehicle registration information, details of accompanying persons, company information, number of children, and arrival and departure dates.

For What Purposes Do We Process Your Personal Data?

Your Personal Data listed above;

Execution of Emergency Management Processes
Execution of Information Security Processes
Execution of Activities in Compliance with Legislation
Execution of Finance and Accounting Operations
Execution of Processes Related to Company/Product/Services
Ensuring Physical Premises Security
Monitoring and Execution of Legal Affairs
Execution of Communication Activities
Execution/Audit of Business Activities
Execution of Logistics Activities
Execution of Goods/Services Procurement Processes
Execution of Post-Sales Support Services for Goods/Services
Execution of Goods/Services Sales Processes
Execution of Goods/Services Production and Operations Processes
Execution of Customer Relationship Management Processes
Execution of Customer Satisfaction Activities
Organization and Event Management
Execution of Storage and Archiving Activities
Execution of Contract Processes
Ensuring the Security of Movable Property and Resources
Tracking Requests/Complaints
Execution of the Remuneration Policy
Execution of Product/Service Marketing Processes
Ensuring the Security of Data Controller Operations
Providing Information to Authorized Persons, Institutions, and Organizations
Execution of Management Activities
Creation and Tracking of Visitor Records

For these purposes, they will be obtained, processed, recorded, stored, retained, and classified.

3. To Whom and For What Purposes Do We Transfer Your Personal Data?

Recipient Group	Examples Related to Recipient Groups and Transfer Purposes
Natural Persons or Private Legal Entities	For the purpose of monitoring legal proceedings, to the law firms we have agreements with, for financial transactions and services, to financial advisors,
Authorized Public Institutions and Organizations	In matters related to public safety and in the event of potential legal disputes, to provide information to prosecutors, courts, and relevant public officials upon request and as required by law, and in necessary cases, to relevant ministries, public institutions, and organizations.
Affiliates, Partners	If deemed necessary for the coordinated execution of our business activities, to our subsidiaries, affiliated companies, and business partners,
Suppliers	For the performance of goods/services contracts, to Banks, to Couriers for the purpose of sending documents and products, to Accounting and CRM programs for the execution/tracking of customer and financial transactions, to Information Technology companies providing services for communication, marketing, advertising, promotion, and notification activities, to supplier companies providing online payment services, and to subcontractor companies within the scope of operations management.
General Directorate of Security (EGM)	Your identity information within the scope of the Identity Reporting System

4. What Are the Collection Methods and Legal Grounds for Your Personal Data?

The personal data in question are processed with the explicit consent of the data subject or based on the following legal grounds stipulated in Article 5 and 6 of KVKK:

1. It is explicitly provided for by law

2. It is necessary for the Data controller to fulfill its legal obligations

3. It is necessary for the establishment or performance of a contract, provided that it is directly related to the contract and the processing of personal data belonging to the parties to the contract

4. It is necessary for the establishment, exercise, or protection of a right

5. It is necessary for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject.

6. It has been made public by the data subject.

7. The Data subject has given explicit consent.