Privacy and Security
1. Purpose and Scope of the Policy
Personal Data within the scope of KVK Law; relate to an identified or identifiable natural person refers to all kinds of information. According to the provisions of the KVKK, the processing purposes of personal data and Who determines the means, is responsible for the establishment and management of the data recording system The natural or legal person is considered as the data controller. Our company in terms of KVKK position is Data Supervisor. This document ("Policy"), as the data controller of our company in order to enlighten the real persons whose personal data is processed within the scope of Article 10 of KVKK. has been written. Havaİst hereby expresses the text on the Protection of Personal Data the right to update at any time within the framework of the changes that can be made in the current legislation keeps it hidden. Matters regarding the processing of personal data of Havaİst employees, hereby Processing and Protection of Havaİst Employee Personal Data, which is not covered by the Policy It is regulated separately in the policy.
2. Methods of Collecting Personal Data and Legal Basis
Havaİst, personal data from the website https://www.hava.ist, mobile applications of the website, notifications from social media accounts, cookies, call center, administrative and judicial authorities and Through other communication channels audio, electronic or written, with our company Business cards, CVs for purposes such as establishing a commercial relationship, applying for a job, making a proposal. (cv), physical or In a virtual environment, face to face or at a distance, verbally or in written or electronic media, KVK In accordance with the personal data processing conditions specified in the Law and the It is collected in line with the legal reasons specified in the Protection Policy. Personal There are regulations in various laws regarding the use of data. KVKK in the first place and the principles of protection of personal data have been determined. In addition, the number 6563 Electronic Commerce The Law on its Regulation also includes provisions on the protection of personal data. 5237 In some cases, for the protection of personal data, through the provisions of the Turkish Penal Code no. criminal sanctions are stipulated. On the other hand, Law No. 6502 on Consumer Protection In order to fulfill our obligations arising from the Regulation on Distant Contracts and Distance Contracts, it needs to be collected and used. Purposes of Processing Personal Data Pursuant to the Law As a rule, personal data cannot be processed without the explicit consent of the data owner. Havaİst will be able to record your personal information where and to the extent permitted by legislation, be able to store, update, disclose to third parties, transfer, classify and process. Your personal data are used for the following purposes: Web Confirming the identity information of the buyer / buyer on the website / mobile applications to record the address and other necessary information for communication, the Distance Sales Contract and The contracts we have concluded under the relevant articles of the Law on the Protection of the Consumer To communicate with our customers about conditions, current status and updates, To be able to make the necessary information, in electronic (internet / mobile etc.) or paper environment to arrange all the records and documents that will be the basis of the transaction, the Distance Sales Contract and Contracts we have concluded under the relevant articles of the Law on the Protection of the Consumer To fulfill the obligations undertaken in accordance with the request regarding public security issues. and to provide information to public officials as required by the legislation, A better service to our customers "taking into account the interests of our customers" To provide information to our customers about our products, to convey the campaigns, To increase customer satisfaction, to get to know our customers who purchase tickets from the website and to to be able to use it in the analysis of its environment, to use it in various marketing and advertising activities, and In this context, surveys in electronic and / or physical environment through contracted organizations Suggestions to our customers by our contracted institutions and solution partners. to provide information about our services, to inform our customers about our services, To be able to evaluate customer complaints and suggestions, to fulfill our legal obligations and to be able to use our rights arising from the current legislation.
3. Our Company's Right Arising from the Law and ObligationsPersonal data by our company, Article 20 of the Constitution and Protection of Personal Data In accordance with Article 4 of the Law (KVKK), In accordance with the law and the rules of honesty, Correct and Up to date when necessary, For specific, explicit and legitimate purposes, In connection with the purpose, Limited and in a measured manner, for the period stipulated by Laws or required by the purpose of personal data processing by preserving, based on one or more of the conditions specified in Article 5 of the KVKK, is being processed. Personal data shared with Havaİst is under the surveillance and control of Havaİst. Havaİst ensures the confidentiality and integrity of the information in accordance with the provisions of the applicable legislation. to establish the necessary organization for its protection and to take and adapt technical measures. has undertaken the responsibility as the data controller. Being aware of our obligation in this matter We would like to state that we have taken the following administrative and technical security measures. In this context, data processing We inform you that we always update our policies. All of the items received through our website data can be retrieved from your computer or mobile via TLS 1.2 standard compliant 256-bit RSA SSL certificate. are transferred from your device to our application servers. Critical payment on our application servers your information is not kept in any way, in the standards required by the relevant payment system It is encrypted and transmitted to the relevant bank-payment system infrastructure. According to KVKK, you have rights are obligations of Hawaii. With this awareness and as required by the legislation, your personal data We process this information on our page in case of legal changes. that we will update in accordance with the legislation, and the updates made are always easily accessible through this page. We would like to inform you that you can follow up. In accordance with Article 4 of the KVKK, Havaİst's personal has an obligation to keep your data accurate and up to date. Any of your data In case of a change, by contacting us through the specified communication channels We ask you to update your data. Our company processes the personal data determined by the legislation. and in the event that no additional time is specified in the legislation; personal data Depending on the services our company provides while processing that data, our Company's practices and commercial as long as the time required to be processed in accordance with the customs of his life and after this period only The periods required in practice in order to constitute evidence in legal disputes is stored throughout. After the expiry of the specified periods, the personal data in question they are deleted, destroyed or anonymized. (Anonymization of personal data, Even if personal data is matched with other data, the identity of the personal data is never known or means making it unrelated to an identifiable natural person.)
4. Rights of Data Owners Arising from the Law
According to Article 11 of the Law, personal data owners; Personal data about him is processed and To learn that it has not been processed, to request information about it if personal data has been processed about it, Learning the purpose of processing personal data and whether they are used appropriately for their purpose, To know the third parties to whom personal data are transferred domestically or abroad, Personal To request correction of data in case of incomplete or incorrect processing, Incomplete / incorrect correction of my personal data, which I think is processed, by third parties to whom it has been transferred. Although the request was processed in accordance with the provisions of the Law and other relevant laws, In the event that the reasons requiring the processing disappear, the personal data will be deleted or the actions taken as a result of the requests for destruction, rectification, deletion and destruction, request to be notified to third parties to whom personal data has been transferred, and also to third parties requesting correction, deletion and destruction, of processed data exclusively through automated systems. objecting to the emergence of a result against the person himself by analyzing it, In case of damage due to unlawful processing of personal data, to demand removal, has the right. In certain circumstances, paragraph 2 of Article 28 of the Law that the data owner cannot make any request from the data controller other than compensation for their damages. arranged. Accordingly, Personal data processing is prevented from committing a crime or personal information made public by the data subject himself / herself. the processing of data, based on the authorization granted by law of personal data processing, and by authorized public institutions and organizations and professional organizations that qualify as public institutions, or for the performance of regulatory duties and for disciplinary investigation or prosecution Regarding the budget, tax and financial issues of personal data processing, the state's economic and is necessary for the protection of financial interests, In case of relevant data The rights specified above cannot be used.
5. Transfer of Personal Data
Sharing personal data of our customers with third parties, customers' consent and, as a rule, personal data without the consent of our customer are not passed on to third parties. However, due to our legal obligations and Courts and other public institutions, including personal data are shared. In addition, to be able to provide the services we have committed and to In order to perform quality control, personal data are transferred to contracted third parties. Technical and legal information required to prevent violations of rights during data transfer to third parties. precautions are taken. However, the data protection of the third party receiving personal data policies and risk area under the responsibility of the third party. Havaİst is not responsible for violations. Your personal data The program partner institutions, organizations that we cooperate with, and the cloud data to our customers with domestic / foreign persons and institutions that we receive service to keep in a Domestic / abroad, with which we have an agreement to send commercial electronic messages institutions, the Interbank Card Center, the banks we have contracted with and you better Various marketing activities in order to provide service and to ensure customer satisfaction with various domestic and international agencies, advertising companies and survey companies, and can be shared with other domestic / foreign third parties and our relevant business partners. Personal data by our company; Sufficient by the Personal Data Protection Board Foreign countries with protection will only be transferred to these countries after they have been declared. Enough For countries that have been declared lacking protection; in Turkey and in foreign countries related data responsible persons undertake an adequate protection in writing and have the Board's permission. In cases, personal data will be transferred.
6. Categories of Personal Data
Data Responsible: HAVAİST TAŞIMACILIK SAN. VE TİC. A.S. ADDRESS: Yahya Kemal Mahallesi Sair Sok No: 1 Kat: 1 KAĞITHANE / İSTANBUL VKN: Zincirlikuyu VD - 4590571857 Contact Phone: +90 212 258 70 71 / +90 212 321 73 08