Personal Data Protection Law

Website Confidentiality Agreement

The use and protection of the information we obtain about you and the services you request is subject to the conditions set out in this “Privacy Policy” during your visit to this website and your use of the services we offer through this website. You agree to the terms set out in this “Privacy Policy” by visiting this website and requesting to benefit from the services we offer through this site. 

I. Purpose of the personal data protection and processing policy

 
The data from our customers or prospective customers have been kept confidential and have never been shared with third parties, due to the sensitivity of the work we have been dealing with as PARSPRO up to now. Protection of personal data is the basic policy of our company. Even before any legal regulation, our company and our subsidiaries attached great importance to the confidentiality of personal data and adopted this as a working principle and instructed their employees to work in line with this principle. We, as PARSPRO, also undertake to comply with all responsibilities imposed by the Law on the Protection of Personal Data. Our Company’s principles regarding the protection of personal data also cover our subsidiaries. 

  1. Scope and amendment of the personal data protection and processing policy

 
This Policy prepared by our Company has been prepared in accordance with the Personal Data Protection Law No. 6698 (“PDPL”). The Law has entered into force with all its provisions as of today. The data obtained from you with your consent or due to other legal compliance listed in the Law will be used for the purpose of improving the quality of the services we provide, improving the services offered to you and our quality policy. Again, some of the data we have are de-personalized and anonymized. This data is used for statistical purposes and is not subject to the application of the Law and our Policy. PARSPRO Personal Data Protection and Processing Policy aims to protect the automatically obtained data of our customers, prospective customers, employees and customers and employees of companies working in solution partnership with us or other persons and includes regulations regarding thereof. 
The Company has the right to change the Policy and Regulation – provided that it complies with the Law and personal data is better protected.

 
III. Basic rules on the processing of personal data

  1. a) Compliance with the law and good faith: PARSPRO inquires into the source of the data it collects or receives from other companies and ensures that it is obtained lawfully and in good faith. Within this framework, it makes the necessary warnings and notifications to third parties (agencies and other intermediary institutions) that sell the services offered by PARSPRO in order to protect personal data.
  2. b) Being accurate and up-to-date when necessary: PARSPRO attaches importance to ensure that all data within the organization is accurate, does not contain false information, and finally, if there are changes in personal data, to update them as soon as they are communicated to it.
  3. c) Processing for specific, explicit and legitimate purposes: PARSPRO only processes data limited to the purposes it offers and obtains consent from individuals during the service. PARSPRO does not process, use or make data used for purposes other than business purposes.
  4. d) Being relevant, limited and proportionate to the purpose for which they are processed: PARSPRO only uses the data limited to the purpose for which they are processed and to the extent required by the service.
  5. e) Retention for the period stipulated in the relevant legislation or required for the purpose for which they are processed: PARSPRO retains contractual data for the duration of the dispute periods of the Law and the requirements of commercial and tax law. However, when these purposes disappear, it deletes or anonymizes the data.

It is important to note that whether PARSPRO collects or processes data with consent or in accordance with the law, these principles listed above still apply.

You have the following rights according to Article 11 of the Personal Data Protection Law. In order to facilitate these rights, PARSPRO has also prepared an application form for you.

Persons whose personal data are processed can apply to our contact person announced by PARSPRO on our website regarding their data; have the following data

  1. a) Learn whether your personal data is being processed,
  2. b) Request information if personal data has been processed,
  3. c) To learn the purpose of processing personal data and whether they are used in accordance with their purpose,

ç) To know the third parties to whom personal data are transferred domestically or abroad,

  1. d) To request correction of personal data in case of incomplete or incorrect processing,
  2. e) To request the deletion or destruction of personal data within the framework of the conditions stipulated in the law,
  3. f) To request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data are transferred,
  4. g) To object to the occurrence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems, 

ğ) In case of damage due to unlawful processing of personal data, persons have the right to demand compensation for the damage. We, as PARSPRO respects these rights.

 

Maximum Savings Principle/Parsimony Principle

According to this principle, which is called the principle of maximum savings or the principle of parsimony, the data reaching PARSPRO is processed only as much as necessary. Which data we collect is therefore determined by the purpose. Non-essential data is not collected. Other data transferred to our company are transferred to the company information systems in the same way. Excess information is not saved in the system, deleted or anonymized. This data can be used for statistical purposes. Health data, which are among the sensitive data, are collected only for the purpose of providing better service to customers and protecting their health, and are transferred to the relevant domestic or foreign airline company depending on the type of service preferred by the customer, limited to the same purpose, and are carefully kept in the system. 

In some airline systems, if a reservation is made with multiple passenger information, all passengers traveling with the same PNR number can be displayed.

Deletion of personal data

When the periods required to be kept by law expire, judicial processes are completed or other requirements are eliminated, personal data are deleted, destroyed or anonymized by our company automatically or upon the request of the person concerned.

 

Accuracy and timeliness of data

 
As a rule, data held by PARSPRO is processed in the manner declared by the data subjects upon their declaration. PARSPRO is not obliged to investigate the accuracy of the data declared by customers or persons in contact with PARSPRO, nor is it required to do so by law or due to our business principles. Declared data are considered accurate. The principle of accuracy and timeliness of personal data is also adopted by PARSPRO. The Company updates the personal data it has processed upon receipt of official documents or upon the request of the relevant person. It takes necessary measures for such. 

Confidentiality and data security

Personal data is confidential and PARSPRO respects this confidentiality. Personal data can only be accessed by authorized persons within the company. All necessary technical and administrative measures are taken to protect the personal data collected by PARSPRO and to prevent unauthorized access and to prevent our customers and prospective customers from being victimized. Within this framework, it is ensured that the software complies with the standards, third parties are carefully selected and the data protection policy is complied with within the company.

Additional health data may be requested or collected from our employees due to Covid-19 and epidemics, and the collected data may be shared with the relevant authorities.

IV. Data processing purposes

PARSPRO’s collection and processing of personal data will be carried out in line with the purposes specified in the clarification text. Data is collected and processed for the purpose of establishing the contract and providing better service to customers.

 

  1. Customer, prospective customer and business and solution partners data

 
Collection and processing of data for the contractual relationship

 
If a contractual relationship has been established with our customers and prospective customers, the personal data collected may be used without the consent of the customer. However, this use is realized in line with the purpose of the contract. The data is used for the better execution of the contract and the requirements of the service and is updated by contacting the customers when necessary. On the other hand, the data left to us by our prospective customers (prospective customers) are processed in order to provide them with easier and higher quality service afterwards. This data will be deleted upon their request, unless it has not turned into a contractual relationship. 

Business and Solution Partners Data

 
PARSPRO adopts the principle of acting in accordance with the law while sharing data with both business and solution partners. Data is shared with business and solution partners with a commitment to data confidentiality and only as much data as required by the service and these parties are obliged to take measures to ensure data security.-. 

Data processing for advertising purposes

 
electronic messages for advertising purposes can only be sent to persons who have received prior approval in accordance with the Law on the Regulation of Trade and the Regulation on Commercial Communication and Commercial Electronic Messages. The consent of the person to whom the advertisement will be sent must be explicitly present. PARSPRO complies with the details of the “approval” set out in the same legislation.In order to send electronic messages, personal data are transferred to service providers and to the İleti Yönetim Sistemi A.Ş.’. in accordance with the Regulation on Commercial Electronic Messages.

 
Data transactions made due to the legal obligation of the company or explicitly stipulated in the law

Personal data may be processed without further consent if the processing is explicitly stated in the relevant legislation or for the purpose of fulfilling a legal obligation determined by the legislation. The type and scope of data processing must be necessary for the legally permitted data processing activity and must comply with the relevant legal provisions.

 
The company’s data processing

 
Personal data may be processed in line with the services provided by the Company and its legitimate purposes. However, the data may in no way be used for unlawful services.

 

 

Processing of sensitive data

 
According to the Law, data relating to race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership to associations, foundations or trade unions, health, sexual life, criminal conviction and security measures, and biometric and genetic data are sensitive personal data. PARSPRO also takes adequate measures determined by the Board in the processing of special categories of personal data.

 
In order to provide better services, PARSPRO may process special categories of data with the consent of individuals only for the purpose for which they were collected.

The facility and airline you have booked through us may request some personal data from the guests, including personal data of special nature such as health data of themselves and their relatives, in accordance with the circulars and legal regulations issued within the scope of Covid-19. This personal data may be shared with official authorities and health institutions when necessary.

Data obtained through membership transactions

If you become a member of Trendyflight, the personal data you provide during your membership is processed in our systems. If you become a member of our system via Facebook, Google or other social media tools, the information provided by the relevant social media instrument to its partners, such as your name, surname, profile picture and e-mail address, is accessed and transferred to Parspro systems.

Data processed by automated systems

 
PARSPRO acts in accordance with the Law regarding data processed through automated systems. The information obtained from these data cannot be used against the person without the explicit consent of the person. However, PARSPRO may take decisions regarding the persons it will process by using the data in its own system.

Domestic and International Transfer of Personal Data

Your personal data is shared by trendyflight.com with contracted hotels and airline companies in domestic and abroad in order to enable you to stay and/or travel. Your personal data may also be shared with other electronic platforms in domestic and abroad in order for you to search, book and stay in hotels that do not have an agreement with Trendyflight.com. Personal data may be shared with these institutions and organizations upon the duly requests of official institutions authorized to request information and documents from private law legal entities according to their own establishment laws.

Your Rights Regarding Your Personal Data

By applying to PARSPRO as the data subject; you have the following right

  • Learn whether your personal data is being processed,
  • Request information if your personal data has been processed,
  • To learn the purpose of processing your personal data and whether they are used in accordance with their purpose,
  • To know the third parties to whom your personal data is transferred domestically or abroad,
  • To request correction of your personal data in case of incomplete or incorrect processing and to request notification of the transactions made within this scope to third parties to whom your personal data has been transferred,
  • Although it has been processed in accordance with the provisions of Law No. 6698 and other relevant laws, to request the deletion or destruction of your personal data in the event that the reasons requiring its processing disappear, and to request notification of the transactions made within this scope to third parties to whom your personal data has been transferred,
  • Object to the occurrence of a result against you by analyzing your processed data exclusively through automated systems,
  • In case you suffer damage due to unlawful processing of your personal data, you have the right to demand compensation for the damage.

If you submit your requests regarding your rights listed above to our Company in accordance with the application procedures stipulated in the Communiqué on the Procedures and Principles of Application to the Data Controller, PARSPRO will finalize your request as soon as possible and within 30 (thirty) days at the latest, depending on its nature. However, if the transaction requires an additional cost, PARSPRO may charge the fee in the tariff determined by the Personal Data Protection Board.

Functional and Analytical

Cookies contain data about remembering your preferences, using the website effectively, optimizing the site to respond to user requests and how visitors use the site. Due to their nature, these types of cookies may contain your personal information such as username etc..

Third Party Cookies

Trendyflight websites/mobile applications/mobile websites work with third party trusted, recognized advertising providers. Third party service providers place their own cookies in order to provide you with customized advertisements. Cookies placed by third parties collect, process and analyze visitors’ browsing information on websites and how they use it.

Commercial cookies

It serves to enhance your user experience by offering a more advanced, personalized advertising portfolio and presenting products/content similar to the ones you are targeting in line with your interests and preferences. The above-mentioned session, persistent, functional and analytical and commercial cookies are kept in the background for approximately 2 (two) months and the necessary adjustments can be made in the individual internet browser settings. The process of removal from these settings may vary depending on the internet browser.

How to delete cookies?

Many internet browsers are set to automatically accept and use cookies from the first time they are installed on your computer. You can use your browser’s help or settings menus to block cookies or to be alerted when cookies are sent to your device. You can use your browser’s instruction or help options screen to learn about different ways to manage cookies and to get detailed information on how to adjust the settings of the browser you are using.

VI. Data on our employees

Processing data for the employment relationship

Personal data of our employees may be processed without consent to the extent necessary for labor relations and health insurance. However, PARSPRO ensures the confidentiality and protection of its employees’ data.

 
Processing Pursuant to Legal Obligations

 
PARSPRO may process the personal data of its employees without obtaining separate consent in order to clearly state the processing in the relevant legislation or to fulfill a legal obligation determined by the legislation. This is limited to the obligations arising from the law. 

Processing for the Benefit of Employees

 
PARSPRO may process personal data without obtaining consent for transactions in the interest of company employees, such as private health insurances. PARSPRO may also process employee data for disputes arising from labor relations.

 
Processing of special categories of data

According to the Law, data relating to race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance and dress, membership of associations, foundations or trade unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data are sensitive personal data. PARSPRO also takes adequate measures determined by the Board in addition to the consent of the data subject in the processing of special categories of personal data. Special categories of personal data may be processed without the consent of the person concerned, but only in relation to and limited to the cases permitted by the Law. In order for our employees to benefit from insurance and health services, the qualified data obtained from them are used only for the purpose. 

Data processed by automated systems

Data processed by automated systems in relation to employees may be used for internal promotions and performance evaluations. Our employees have the right to object to the result that goes against them and they do so in accordance with internal procedures. Employees’ objections are also evaluated within the company. 

 

  Telecommunications and internet

The computer, telephone, e-mail and other applications allocated to employees within the Company are allocated to the employee for business purposes only. The employee may not use any of these tools allocated to thereto by the Company for his/her private purposes and communication. The Company may control and audit all data on these tools. The employee undertakes that it will not keep any data or information other than work on the computer, phones or other tools allocated to him/her from the moment it starts work. 

VII. Transfer of personal data domestically and internationally

Personal data may be shared with business and solution partners and Trendyflight affiliates for the purpose of providing services by Ucuabilet.

 
Trendyflight may transfer personal data to the following persons and organizations for specific purposes; 
» To Trendyflight’s business partners for the limited purpose of ensuring the fulfillment of the purposes for which the joint venture was established,

 
» To Trendyflight’s suppliers for the limited purpose of providing our Company with the services outsourced by our Company from the supplier and necessary to fulfill our Company’s commercial activities,

 
» To Trendyflight’s solution partners limited to ensuring the execution of our Company’s commercial activities that require the participation of affiliates, 

» To Trendyflight’s subsidiaries.

 

Trendyflight is authorized to transfer personal data domestically and internationally within the conditions determined by the Board in accordance with the other conditions in the Law and subject to the consent of the person. 

VIII. Rights of the person concerned

 
PARSPRO recognizes that under the Law, the data subject has the right to obtain his/her consent before the data is processed and has the right to determine the fate of his/her data after the data is processed. 

In relation to personal data by applying to our contact person announced by PARSPRO on our website; 
a) Learn whether their personal data is being processed,

  1. b) Request information if personal data has been processed,
  2. c) To learn the purpose of processing personal data and whether they are used in accordance with their purpose, 
    ç) To know the third parties to whom personal data are transferred domestically or abroad,
  3. d) To request correction of personal data in case of incomplete or incorrect processing,
  4. e) To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7, 
  5. f) To request notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data are transferred,
  6. g) Object to the occurrence of a result to the detriment of the person himself/herself by analyzing the processed data exclusively through automated systems,

 
ğ) In case of damage due to unlawful processing of personal data, it has the right to demand the compensation of the damage. 

However, individuals do not have any rights regarding anonymized data within the Company. PARSPRO may share personal data with the relevant institutions and organizations in accordance with the business and contractual relationship, for the purpose of exercising the legal powers of a judicial duty or state authority. 

Personal data owners can submit their requests regarding the above-mentioned rights to the Company by filling out the application form on the Company’s official website www.Parsprotur.com.tr completely and signing it with wet signature and sending it to the address …….. / Istanbul by registered mail with return receipt requested and photocopies of their identity cards (only the front side photocopy for the identity card). Your applications will be answered as soon as possible depending on the content of your application or within 30 days at the latest after it is received by our company. You must submit your applications by registered letter with return receipt. In addition, only the part of your applications related to you will be answered, and an application made about your spouse, relative or friend will not be accepted. PARSPRO may request other relevant information and documents from applicants.

You can also submit your requests using a secure electronic signature.

  1. Confidentiality Principle

Whether the data of employees or other persons in Parspro is confidential. No one may use, copy, reproduce, transfer, use for any other purpose other than business purposes without complying with the contract or the law. 

X. Process security

All necessary technical and administrative measures are taken to protect the personal data collected by PARSPRO and to prevent unauthorized access and to prevent our customers and prospective customers from being victimized. Within this framework, it is ensured that the software complies with the standards, third parties are carefully selected and the data protection policy is complied with within the company. Security measures are constantly renewed and improved.

  1. Protection of Credit Card and Payment Information

Payment and credit card information received from you for the service we provide is transmitted to a third-party service provider that provides services in accordance with PCI DSS (Payment Card Industry Data Security Standards) security standards and encrypted and stored by us until the date the service fees are collected. The security standards created under the name of PCI DSS were established by a council of leading payment card service providers such as American Express, Discover, JCB International, Mastercard and Visa Inc. to ensure that secure payment solutions are implemented and that merchants, service providers, financial institutions and organizations secure their payment systems and implement new security policies and technologies to prevent possible breaches and theft of card information. The credit card and other payment information you have shared with Trendyflight will be transmitted to a third-party security service provider with a Level 1 security certificate in accordance with the aforementioned standards and will be stored until the service fees are collected by the suppliers as stated above. After this date, the storage of information will continue for a certain period of time in order to ensure transaction security. In the event that you receive services through Trendyflight.com, you agree that you expressly consent to the storage of credit card and other payment information in the systems described above within the specified scope. Your credit card information is secure in Parspro Turizm Tic. A.Ş or Parsprogroup companies. However, you may face some risks if you keep your credit card information and passwords on other websites such as chrome, password storers outside our systems. Our company is not responsible for these risks.

XII. Audit

PARSPRO conducts the necessary internal and external audits on the protection of personal data. 

XIII. Notification of Violations

When PARSPRO is notified of any breach of personal data, it takes immediate action to remedy the breach in question. It minimizes the damage of the data subject and compensates the damage. Immediately notifies the Personal Data Protection Board when personal data is seized by unauthorized persons from outside. 

Applications for notification of violations can also be made according to the procedures specified at http://Parsprotur.com. 

Contact 
You can print and fill out the form below and send a registered letter with return receipt to the address below for your questions and requests regarding the confidentiality agreement,

 

PARSPRO TURİZM TİCARET ANONİM ŞİRKETİ

Address: ERGENEKON MAH. CUMHURİYET CAD. CAN APARTMANI NO:185 DAİRE:4 KAT:2 ŞİŞLİ İSTANBUL

No: 0212 419 50 50

Accounting: 0212 419 50 59

Mail address: info@parspro.com.tr

Mersis no: 722090543400001

Last Update: 14.06.2023

APPLICATION FORM IN ACCORDANCE WITH THE LAW ON THE PROTECTION OF PERSONAL DATA

 

  1. GENERAL REMARKS

 Personal data owners who are defined as the relevant person in the Personal Data Protection Law No. 6698 (“Law”) (hereinafter referred to as “data owner”) have been granted certain rights regarding the processing of their personal data in Article 11 of the Law. Pursuant to paragraph 1 of Article 13 of the Law, applications to be made to our Company, which is the data controller, regarding these rights must be submitted to us in writing or by other methods determined by the Personal Data Protection Board (“Board”). In this context, applications to be made to our Company in “written” form must be submitted by registered mail using this form.

 

 

Application Procedure*

 

Address for Application;

Information to be Specified in Application Submission

Other Information to be Added to the Application

Returned Committed Letter

 

“Information Request for Personal Data Protection Law” will be written on the envelope.

 

 

 

 

* The application procedure has been determined as a “written” application channel in accordance with the first paragraph of Article 13 of the Law. If the Board determines other procedures, they will be announced to you again by Parspro Turizm Ticaret Anonim Şirketi. Your applications submitted to us will be answered “as soon as possible and within thirty days at the latest” from the date of receipt of your request, depending on the nature of the request, in accordance with paragraph 2 of Article 13 of the Law. The answers will be communicated to you in accordance with the procedure determined by the Board. In order for your request to be met completely, the information and documents requested in the form must be provided to us completely and accurately.

 

  1. REQUIRED INFORMATION AND DOCUMENTS

Complete the following information:

 

Name Surname :

 

TR ID No :

 

Your Relationship with Our Company:

 

Customer:

 

Partner:

 

Visitor:

 

Other:

 

Address :

 

Mobile Phone :

 

E-Mail Address :

 

Has your relationship with our company come to an end? :

 

  • CLAIMS OF THE APPLICANT

According to Article 11 of the Law on the Protection of Personal Data, the rights you may request from our Company, which is the data controller, are specified. According to the rights you request, an evaluation will be made within our company and the answers will be sent to you in accordance with the 3rd paragraph of Article 13 of the Law.

 

 

Subject of Request

Legal basis

Your request

I want to know if your company processes personal data about me

Personal Data Protection Law Art. 11/1 (a)

 

If the company processes my personal data, I request information about these data processing activities

Personal Data Protection Law Art. 11/1 (b)

 

If my personal data has been processed, I would like to know the purpose of processing and whether it is used in accordance with the purpose of processing

Personal Data Protection Law Art. 11/1 (c)

 

If my personal data is transferred to third parties at home or abroad, I would like to know about these third parties

Personal Data Protection Law Art. 11/1 (ç)

 

I believe that my personal data has been processed incompletely or incorrectly and I want them to be corrected

Personal Data Protection Law Art. 11/1 (d)

 

Although my personal data has been processed in accordance with the provisions of the law and other relevant laws, I think that the reasons for processing have disappeared and within this framework, I want the following to be done about my personal data.

Personal Data Protection Law Art. 11/1 (e)

A.       Deletion

B.       Anonymization

I would like my personal data (Request No 5), which I believe to be incomplete and incorrectly processed, to be corrected before third parties to whom it has been transferred.

Personal Data Protection Law Art. 11/1 (f)

 

Although my personal data has been processed in accordance with the provisions of the law and other relevant laws, I think that the reasons for processing have disappeared (Request No 6) and within this framework, before third parties to whom my personal data has been transferred; * * *

Personal Data Protection Law Art. 11/1 (f)

A.       Deletion

B.       Anonymization

I think that my personal data processed by your company are analyzed exclusively through automated systems and as a result of this analysis, a result to my detriment. I object to this conclusion.

Personal Data Protection Law Art. 11/1 (g)

 

I have suffered damage due to unlawful processing of my personal data. I demand compensation for this damage. * * * *

Personal Data Protection Law Art. 11/1 (h)

 

 

 

 

 

* * * Please provide additional explanations.

* ** * Provide information documents and evidence that demonstrate your loss.

 

  1. DECLARATION BY THE APPLICANT

In line with the requests I have stated above, I kindly request you to evaluate my application to your Company and inform me.

 

I declare and undertake that the documents and information I have provided to you in this application are accurate and up-to-date and belong to me. I consent to the processing of the information and documents I have provided in the application form by Parspro Turizm Ticaret Anonim Şirketi limited to the purposes of evaluating and responding to the application I have made, delivering my application to me, and determining my identity and address.

 

I request that the answer be sent to my address stated in the Application Form.

I request the reply to be sent to the e-mail address I have specified in the Application Form.

 

Applicant Relevant Person (Personal Data Owner)

 

Name Surname :

 

Application Date :

 

Signature :

 

IMPORTANT NOTE: Applications must belong to the person. No application can be made on behalf of spouse, relative, child, etc. If Parspro Turizm Ticaret Anonim Şirketi suspects the identity of the applicant, it may request verification information from the person concerned.

 

 

 

Dear passengers,

 

The personal data of our valued passengers is carefully protected for your safety and satisfaction.

 

With the current protection measures taken by our company, all kinds of violations related to your personal data are prevented.  

 

Personal data breaches in our country are announced by the Personal Data Protection Authority and published on their websites.  From the link below, you can see the companies that have been notified of personal data breaches and exercise your legal rights for your personal data. We kindly inform you that there is no violation notice published by the Personal Data Protection Authority about our Company and that your personal data is safe with us.

 

Personal Data Protection Authority Announcements Page

https://www.kvkk.gov.tr/Icerik/2015/Duyurular

 

* You can be aware of violations by following this page at regular intervals.