Within the scope of the Fulfilment of the Obligation to Inform of the Data Controller in accordance with the Personal Data Protection Law No. 6698 (“KVKK”) and the European Union 2016/679 General Data Protection Regulation (“GDPR”), we aim to inform you about your personal data processed by Gözen Technology and Informatics Inc. (in Turkish, Gözen Teknoloji ve Bilişim Anonim Şirketi) (“Gözen Digital Aviation”, “GDA”, “Company”, “we”) in the capacity of data controller with this Privacy Notice.
Identity Information: Name-Surname (This information is collected only if you submit a request via the form on the contact page or booking section of the Website)
Contact Information: E-mail address (This information is collected only if you submit a request via the form on the contact page or booking section of the Website), Phone Number (This information is collected only if you submit a request via the form on the contact page of the Website)
Customer Transaction Information: Website usage information, preferences, likes, interests and usage habits, Requests and Complaints (This information is collected only if you submit a request via the form on the contact page of the Website)
Transaction Security Information: Data about the device you use, such as device type, model, operating system and version, IP address, user transaction logs
Marketing Information: (Other Information Obtained for Marketing Purposes) Reports and assessments showing the habits and tastes of the person that will be associated with our customers and used for marketing purposes, targeting information, cookie records, information and assessments obtained as a result of surveys, satisfaction surveys, campaigns and direct marketing activities with the person.
Other: Relevant Company or Organization Name (This information is collected only if you submit a request via the form on the contact page or booking section of the Website)
Your personal data mentioned above are collected by automatic and/or partially automatic methods during the establishment of your relationship with us (via visiting our website, filling our contact form or booking memo form) and during the continuation of the relationship in question, for the purposes and based on the reasons for compliance with the law set out below.
| PERSONAL DATA CATEGORY | PURPOSES | LEGAL BASIS |
|---|---|---|
| Transaction Security Information |
|
|
|
|
|
Your personal data can only be transferred to third parties in the following cases, being limited, associated and restrained with the purposes of the processing, in accordance with the provisions of the KVKK and GDPR regarding the transfer of personal data.
| RECIPIENTS | PURPOSES |
|---|---|
| Authorized Persons, Institutions or Organizations | To fulfill our legal obligations, to inform authorized persons, institutions, or organizations within the scope of our legal obligations, to carry out legal processes, and to conduct our business operations in accordance with the legislation. |
| Suppliers and Business Partners | Obtaining support from third parties within the scope of supplying goods or services (For example: advertising agencies etc.), ensuring business continuity, managing our relations with suppliers and business partners, conducting organizations and events. |
In accordance with the provisions of the KVKK and GDPR regarding the transfer of personal data, limited, related and adequate (proportionate) to the purposes of the processing; for the purpose of obtaining support within the scope of supplying goods or services (for example: advertising agencies, social media platforms just for the purpose of creating a "Custom Audience" etc.), ensuring business continuity, managing our relations with suppliers and business partners for the purpose of conducting organizations and events, your relevant personal data may be transferred to our suppliers and business partners abroad.
We may transfer your personal data abroad for data storage and messaging services. Please be informed that your personal data may be transferred abroad since digital services such as cloud application and storage, hosting and messaging systems used by the Company are obtained from service providers located abroad.
Your personal data is not stored for longer than the required period. In accordance with our company procedure, the storage period of your personal data processed during your relationship with our Company is 10 years. At the end of this period, the data is destroyed.
In addition, our company is committed to ensuring the protection of your personal data. Therefore, technical and organisational measures are taken within the scope of KVKK and GDPR to protect your personal data from unauthorised access, use or disclosure.
In accordance with the Article 11 of the KVKK, you have the following rights regarding your personal data;
Right to be Informed: To learn whether personal data is processed, to request information if personal data is processed, to learn the purpose of processing personal data and whether they are used in accordance with their purpose,
Right of Access: To know the third parties to whom personal data are transferred domestically or abroad,
Right to Rectification: To request correction of personal data in case of incomplete or incorrect processing,
Right to Erasure: Request deletion or destruction of personal data,
Right to Notification: In case of correction, deletion or destruction of personal data, to request notification of these transactions to third parties to whom personal data are transferred,
Right of Objection: To object to the occurrence of a result to the detriment of the person himself/herself by analysing the processed data exclusively through automated systems,
Right to Compensation: To demand compensation for damages in case of loss due to unlawful processing of personal data.
In accordance with the Section 3 of the GDPR, you have the following rights regarding your personal data;
Right to be Informed: Organisations must tell individuals what data is collected, how it is used, how long it will be stored and whether it will be shared with third parties.
Right of Access: Individuals have the right to request a copy of the information an organisation holds on them.
Right to Rectification: Individuals have the right to correct inaccurate or incomplete data.
Right to Erasure and to be Forgotten: In certain circumstances, individuals can ask organisations to erase personal data stored on them, including on the Internet.
Right to Data Portability: Individuals can request organisations to transfer all data held on them to another company.
Right to Restriction of Data Processing: Individuals can request that an organisation limit the way it uses their personal data.
Right to Object: Individuals have the right to object to certain types of processing, such as direct marketing.
Rights relating to automated individual decision-making tools, including profiling: Individuals can ask organisations to provide a copy of their automated processing activities if they believe that data is being processed unlawfully. Organisations should also remind individuals that they are free to exercise their rights and explain how they can do so.
In order to exercise these rights granted to the data subjects under Article 11 of KVKK and Article 3 of the GDPR, certain procedures are set out in the Communique on the Procedures and Principles of Application to the Data Controller. To exercise your rights and to get information about your rights;
You can send your requests to the following address of our company by hand upon identification in person or through a notary public,
You can apply to our company's dpo@gozendigital.com e-mail address or our company's registered electronic mail (KEP) gozendigital@hs01.kep.tr address with your secure electronic signature and mobile signature or your e-mail address previously notified to us by you and confirmed by us in our systems.
