EN
TR DE RU
Menu Close
Barut Hotels
Barut Club
Personal Data Processing and Protection Policy Cookie Policy Privacy Policy Rules and Regulations CLARIFICATION TEXT ON COMMUNICATION FOR ACANTHUS CENNET BARUT COLLECTION CLARIFICATION TEXT ON E-BULLETIN FOR ACANTHUS CENNET BARUT COLLECTION CLARIFICATION TEXT ON FEEDBACK FOR ACANTHUS CENNET BARUT COLLECTION

Personal Data Processing and Protection Policy

Personal Data Processing and Protection Policy

A. The Purpose of Protecting and Processing Personal Data:

Each of our following companies acting as data supervisors, below (collectively known as the “Companies”):

• Barut Yönetim Hizmetleri A.Ş.
• BAND Turizm ve Ticaret A.Ş.
• CANEM Turizm ve Ticaret A.Ş.
• Barut Turizm ve Eğitim Ticaret A.Ş

As Barut Hotels, a leading brand in the tourism and hotel management sector, we attach great importance to the security of personal data, and to the processing, recording and sharing, and the transfer and storage of all kinds of personal data belonging to all individuals related to our Companies, including those who benefit from our products and services, in accordance with Law No. 6698 on the Protection of Personal Data (PDP Law).

The protection of personal data is among the fundamental policies of our Companies. Our Companies prioritize the protection of personal data, and have adopted this priority as a working principle, with all employees acting in line with this principle. Our Companies are committed to full compliance with all the responsibilities of the PDP Law. With full awareness of this responsibility and as data supervisor, we process, store, transmit, share and retain your personal data within the limits of the official regulations, as we have explained below.

If you have any questions about our Company's "Personal Data Processing and Protection Policy", you may contact us using the following information:
Application Address: Mehmetçik Mah. 1242 Sok. İdea İş Merkezi Sitesi No: 1/201 Daire: 6 Kat: 2, PK: 07100 Muratpaşa/ANTALYA
Application E-mail : [email protected]

Our Companies reserve the right to update the “Personal Data Processing and Protection Policy” at any time within the framework of amendments to the applicable legislation.

B. Collection, Process and Purpose of Processing Personal Data:

Our Company's policy regarding the Protection and Privacy of Personal Data has been prepared in accordance with the PDP Law. In this context, while your personal data may vary depending on the services, products or business activities provided by our Companies, this data is collected verbally, electronically or in writing via automated or non-automated methods, including offices, branches, dealers, call centres, websites, social media channels, mobile applications and similar tools. Your personal data will be processed and updated during the time that you benefit from our products and services.

In addition, if you intend to benefit from our products and services, your personal data will be processed:
a. When you use our call centre or website,
b. When you visit our companies, facilities or units;
c. When you visit our website or social media channels;
d. When you attend workshops, seminars or organisations carried out by our Companies;

Your personal data is collected from you upon your approval or in compliance with the regulations according to the Turkish Republic Laws, and is processed for the following purposes:

a. To improve the ability of our business units to enable you to benefit from the products and services offered by our Companies,
b. To recommend and present to you the products and services offered by our Companies by customizing them according to your preferences and usage,
c. To improve the quality of the services offered by our Companies and our quality policy,
d. To inform and let you take best advantages of general and special campaigns, promotions, presentations, discounts, and similar advantages offered by our Companies,
e. To provide you with the information and services that you request for your personal data, your preferences, your transactions and navigation data, along with your username and password when you log in to the channels offered by our Companies,
f. To send notifications of any kind of loyalty card that is or will be issued either by our Companies and related companies or the website memberships (renewal, termination, etc.) of our Companies and related companies; to provide any kind of communication that may be established with you and to inform you regarding changes, innovations and similar issues in products, personal data policies and membership conditions,
g. To safeguard the legal and commercial rights of employees of our Companies and our professional partners. (The administrative operations carried out by our Companies are to ensure the physical security and oversight of the business locations, evaluation processes for our professional partners / customers / suppliers (authorized or employees), the legal compliance process, financial affairs etc.),
h. To respond to and to manage security operations, accidents or other similar incidents, including medical and insurance purposes,
i. To carry out market research and internal research and development, and to develop and improve our product range, services, shops, IT systems, security, know-how and the way we communicate with you. We use CCTV images to help maintain the safety of anyone working in or visiting our shops, premises and other buildings, and for the prevention, detection and prosecution of criminal offences. We may also rely on the images to establish, exercise or defend our legal rights,
j. To communicate information, activities and services that you request from our Companies,
k. To help determine and implement the commercial and business strategies of our Companies,
l. To ensure that our Company's human resources policy is executed accordingly,
m. To comply with legal obligations specified in the legislation or, where necessary, in accordance with legislation
n. Such data may be processed by our Company and its associated Companies / organizations and other real person and / or legal entities specified in Article (E) below, subject to the personal data processing requirements and purposes set forth in Articles 5 and 6 of the PDP Law.
o. any Force Majeure event, including infectious epidemics such as COVID--19

C. Method of Collecting Personal Data and Its Legal Reason:

Your personal data is acquired in any verbal, written or electronic environment in order to be able to present products and services of our Company in the legal framework specified in the aforementioned articles , and to fulfil the responsibilities arising from our contracts and laws in this context in a complete and correct manner. Your personal data collected within this legal framework is processed, recorded, transferred, shared and retained for the purposes stated in Article (B) of this Policy within the scope of the personal data processing conditions and purposes stated in Articles 5 and 6 of the PDP Law.

D. General Data Protection and Privacy Policy

The website you are visiting is owned and operated by the Companies. By using our website, you consent to the use of personal data obtained and collected through our website.

Companies are committed to protecting your personal privacy. This policy applies only to this website and does not apply to websites owned by third parties. Once you visited our website, if you do not agree with the terms of our current Privacy Policy posted on this site, please do not share your personal data on this site.

If you do not share your personal data with your express consent, we assure you that the Company will not collect any personal data from your visits to our site. When you share your personal data, you authorize us to use this information in accordance with the terms of the Privacy Policy.

The personal data you may share would be for the following purposes:
• Send press releases or notifications via email
• Sending printed publications or other correspondence
• Delivering your purchased products or rewards
• To process your reservation requests and manage your account
• Calculate statistics for your transactions and
• Establishing business statistics and analysis on the use of the website.

If you choose not to share your personal data on this site, you will not be able to benefit from certain rights such as accessing certain areas of the site, requesting online newsletters, making online reservations, applying for a job, submitting feedback about our businesses or sending us electronic mail.

Cookies are small data files that allow our website to collect and store a set of data on your desktop, laptop, or mobile device. Companies can use "cookies" to collect information such as the specific website areas you visit and the services you use on our website. We collect this information to change our website, products you need and are interested in. These "cookies" can also be used to help you make your transactions faster if you visit our website again. For example, our website may recognize the personal data you use to avoid being asked to use the same information once again. Many web browsers are pre-set to accept a "cookie". You can set up your own web browser, preferably to deny "cookies" or to be warned when "cookies" are sent. Rejecting "cookies" on the website you enter may prevent you from browsing some areas of the website or getting personalized information when you visit the website.

We can measure how effective the presence of our website is by determining when you enter our website, which pages you are browsing and how long you have stayed. Website metering statistics can be used to create and evaluate statistics on the use of our website - both anonymously and wholly - as well as the personalization of your website experience.

Information about your computer, such as your IP address (the number assigned to your computer when you use the Internet), the type of Web browser you are using, and the operating system you are using, can also be collected and linked to your personal data. This is necessary to ensure that our website offers the best experience for our visitors and that it is an effective source of information.

We take reasonable steps to ensure the security of your personal data. All identifiable personal data is subject to restricted access to prevent unauthorized access, modification or misuse.

The institutions providing services to companies are required to keep the information confidential and they are not allowed to use this information for any purpose other than the services they perform for the Companies.

E. GDPR and Cookie Policy

Per Article 6 of the PDP Law, personal data that could cause victimization or discrimination if processed illegally has been designated as "private". This data includes biometric and genetic data with respect to race, ethnicity, political affiliation and philosophical and/or religious beliefs, as well as association, foundation or trade union affiliation or membership, health, , sexual life, criminal background and security measures. Our corporations act in accordance with the regulations set out in Article 6 of the Law on the Protection of Personal Data for the processing of special categories of personal data, and act sensitively regarding the protection of such data.

Regarding special categories of personal data, our Companies operate in accordance with the PDP Law in line with the following conditions, provided that adequate measures to be determined by the PDP Board are taken:

a. If the personal data owner has provided explicit consent:
Our guests may request special services by sharing their conditions with our Companies and share special category data for this purpose (e.g., requesting a thin pillow due to cervical disc hernia, requesting a ground-floor room due to heart disease, special food requests due to allergies, etc.). We can provide customized services for our guests' needs by sharing their special category data; and we can offer similar services in the future by retaining this data, with the assurance that our Companies will process such data only with the explicit consent of the individual providing the data, and only for collection purposes.
b. If the personal data owner does not provide their explicit consent:
– Special categories of personal data, apart from the personal data owner’s health and/or sexual life, as foreseen in the laws,
– Private data regarding the personal data owner’s health and/or sexual life are processed by individuals operating under confidentiality agreements, or by authorised institutions and organisations and solely for the purpose of protecting public health and/or for preventive medical attention and medical diagnosis, for carrying out treatment and care services, and for the planning and management of health services and their financing.

As Barut Hotels Group, in addition to cookies, within the scope of services received from third parties such as Google and Facebook, we are engaged in advertising activities to improve your user experience and in accordance with your preferences.

F. Force Majeure

The personal and private personal data shall be processed in accordance with the measures, which are taken or required to be taken for any Force Majeure event such as COVID-19 or such other similar global or regional epidemics, infectious diseases, earthquake, flood, warfare or state of emergency.

G. Why and To Whom Processed Personal Data May Be Transferred:

To serve the purposes of Article B, your collected personal data may be transferred to the following Barut Hotels Companies:

• Barut Yönetim Hizmetleri A.Ş.
• BAND Turizm ve Ticaret A.Ş.
• CANEM Turizm ve Ticaret A.Ş.
• Barut Turizm ve Eğitim Ticaret A.Ş

In addition, this data may be transferred to our shareholders, business partners, suppliers, authorised legal institutions and organisations and special persons, under the scope of the personal data processing conditions and purposes mentioned in Articles 8 and 9 of the PDP Law.

H. Transferring Personal Data Abroad:

Our Companies have the authority to transfer personal data abroad according to the conditions set by the Protection of Personal Data Board on the Protection of Personal Data Law, in accordance with the other conditions of the law, and with the consent of the individual for this purpose.

I. The Rights of the Personal Data Owner Stated in Article 11 of the PDP Law:

Within the scope of the PDP Law, we hereby acknowledge that the person who is the owner of his/her own personal data is the authority regarding the fate of this data prior to its recording, transmission, sharing and storage; and that the data owner has the right to approve and obtain information prior to the processing, recording, transmission, sharing and storage of personal data. In this context, if you, as the personal data owner, submit a request to our Company to exercise your rights by means of the "Personal Data Processing and Protection Policy", our Companies will comply with the request within 30 or fewer days and free of charge, in accordance with the legitimacy of the claim.

In accordance with the Communiqué on the Procedures and Principles of Application for Data Officers, issued by the Personal Data Protection Board and regarding your requests upon your rights as personal data owners:

i. If your application requires a return in writing, you will not be charged up to a maximum of ten pages. For every page exceeding ten pages, a transaction fee of 1 Turkish lira may be charged.
ii. If your application requires a return via a recording medium such as a CD or flash drive, the cost requested by our Companies as the data supervisor may not exceed the cost of the charge of the recording medium.

Within this scope, personal data owners have the following rights:
a. To be informed whether their personal data is processed;
b. To request information regarding the processing of personal data;
c. To be informed regarding the purpose of processing their personal data, and whether such data is used in accordance with the stated purpose;
d. To be informed regarding domestic or foreign third parties to whom personal data is transferred.
e. To request correction of personal data if it is incomplete or improperly processed; and to request that a third-party recipient of such personal data is notified of any process conducted within this context.
f. To request the deletion, destruction or conversion of personal data within the framework of the provisions of Article 7 of the PDP Law; and to request that a third-party recipient of such personal data is notified of any process conducted within this context.
g. To object to unfavourable results achieved by analysing the processed data exclusively through automated systems.
h. To request compensation for damages due to corruption resulting from the unlawful processing of personal data.

Personal data owners retain no rights in relation to anonymised data within the companies. Our Companies may share personal data with related institutions and organizations to utilise the statutory powers of a judicial or state authority in accordance with business and contractual relations.

J. Processing Periods of Your Personal Data:

In accordance with the PDP Law and the purposes stated in this Personal Data Processing and Protection Policy, your processed personal data will be deleted or destroyed or will continue to be used as anonymised by the Company when the purpose to be processed according to PDP Law Article 7 / clause f. 1 is no longer in effect and/or, according to the regulations, when the period within which we are required to process your personal data has expired.

K. Circumstances Where Our Companies May Process Your Personal Data Without Your Explicit Consent:

According to Article 5 of the PDP Law, under the following circumstances (listed below), our Companies may process your personal data as stated and collected above, in accordance with the law, without your explicit consent:

As they are clearly foreseen in laws:
• If you are unable to explain your reasoning as the data owner due to the actual impossibility, or if it is necessary to process your personal data to protect the integrity of your or someone else's life or person in cases where the legal validity is not granted;
• If our Companies and their related entities are required to process the personal data of parties to a contract, provided that they are directly related to the establishment or fulfilment of a contract with the other real and/or legal entities mentioned in Article (C);
• If it is mandatory in order for our Companies to carry out their legal responsibility;
• If you have made your personal data public;
• If data processing is mandatory for the establishment, use or protection of a right;
• If data processing is required for the legitimate interests of our Company, provided that your fundamental rights and freedoms are not harmed;

L. To Submit a Request Under the Law on the Protection of Personal Data:

In accordance with paragraph 1 of Article 13 of the PDP Law, you may submit your request to our Companies to exercise your abovementioned rights as regulated by the PDP Law and the related legislation and the methods (s) determined/to be determined by the Personal Data Protection Board, or you can apply via one of the following methods by completing and signing the Application Form at https://www.baruthotels.com/en/page/kvkk .

i. You may deliver a signed copy of the form by hand in person to the following address:

Mehmetçik Mah. 1242 Sok. İdea İş Merkezi Sitesi No: 1/201 Daire: 6 Kat: 2, PK: 07100 Muratpaşa/ANTALYA
Including your statements regarding the right you have requested, along with your official identification documents (e.g., ID card, driver’s licence, passport, etc.).

ii. You may send your form and your official ID documents via notary

or

iii. To the following email address, along with your official identification documents:

[email protected]
with a secured electronic signature or mobile signature,

iv. You may send the form and your official ID documents to our Companies by using your email address which is already registered in our Companies’ system.

Our Companies will finalise it in maximum 30 days according to the legitimacy of the request.

The rights regarding personal data are solely available for the individual's own personal data. Requests from an individual regarding the data of other persons will not be considered. Forms that do not include your official ID documents will not be considered. We also would like to inform you that we are required to share the data with official authorities as requested, even when data deletion requests have been fulfilled.

Are you ready for a brand new holiday with pleasant privileges in Side?

Acanthus Cennet Barut Collection awaits you with its modern architecture, comfortable rooms, gourmet restaurants and delightful privileges.

Reservation +90 444 96 00
Reservation
Booking Options
Book Now +90 444 96 00 Pre Check-in
Need Help?
Hotel Info
+90 242 753 19 11 [email protected] Get Location
Let Us Call You
Your message has been sent successfully.
Chat With Us
Give Feedback
Dear Guest,

Your opinions, suggestions and requests that you have sent to us will be evaluated within the scope of ISO 10002:2018 standards and will be responded quickly by our team.Thank you.

Your message has been sent successfully.