TRANSVARO ELEKTRON ALETLERI SANAYİ VE TİCARET ANONİM ŞİRKETİ (“GOLDENKEY HISARÖNÜ”) takes the utmost security measures in order to ensure that your personal data is collected, stored and shared in accordance with the law and to protect your privacy.
Our goal is the inform you in the most transparent way of how your personal data is collected, the purposes of processing, shared persons, legal reasons and your rights in alliance with Article 10 of the Law on Protection of Personal Data No. 6698 and in line with your personal satisfaction.

a) Data Controller

In accordance with the Law No. 6698 on the Protection of Personal Data (“Law No. 6698”), your personal data is collected and processed by TRANSVARO ELEKTRON ALETLERİ SANAYİ VE TİCARET ANONİM ŞİRKETİ (“COMPANY”) as the data controller within the scope described below.

b) Processing Personal Data

Your personal data is processed within the scope of the legal relationship between us due to the use of the hotel (accommodation, food & beverage, banqueting, activities, meetings, pool and spa)

Golden Key Hisarönü undertakes to collect and process your personal data lawfully and fairly. The processing implemented by Golden Key pursues specified, explicit and legitimate purposes.

Your data may be processed for the following purposes in particular on the legal basis of the processing  is the performance of the contract between our company and you.

Providing hotel services: accommodation, food & beverage, banqueting, activities, meetings, pool & spa)
Recording / managing your booking and its payment
Providing security, keeping security log
Fulfilment of financial liabilities
Fulfilment of legal responsibilities
Measuring and increasing guest satisfaction
Dealing with any complaints guest can have
Get your opinions and suggestions on new services and products
To handle any questions or requests and deal with any complaints
To send you marketing/commercial information
Prepare our company for internal or external audits
Promotions, memberships and loyalty programmes
To carry out statistical analyses, develop the Site, optimize your browsing and provide you with a personalised experience
To conduct CRM system

Your personal data is collected to increase our service quality in floor corridors, spa & pool, in public areas by observation, follow-up, monitoring and recording systems to prevent any negativities that may occur, to inform the relevant law forces when it occurs, incident detection and response, to inform the required people or institutions, and protection against dangers that may come from inside or outside of the hotel.

c) Transfers of your personal data

Your personal data is transferred to the institutions and organisations mentioned below, in the context of data processing purposes stated on article b.
COMPANY’s business partners, shareholders and subsidiaries.
Tax Procedure Law, Social Security Agency Legislation, Court of Accounts, Law on the prevention of laundering criminal income, Law on the prevention of money laundering, Turkish Commercial Code, Code of Obligations and other persons or institutions permitted under the provisions of other legislations.
Authorised public institutions and organizations, administrative authorities and legal authorities
To their foreign companies and subsidiaries,
service providers such as natural and legal entities that we cooperate, program partners (institutions or organisations), contracted communication companies, cargo companies for analysis, product & service comparison, commercials and any other purposes listed above.

ç) Purpose, Scope and Definitions

The provisions of this Law shall apply to natural persons whose personal data are processed as well as to natural or legal persons who process such data fully or partially through automatic means or provided that the process is a part of any data registry system, through non-automatic means.
Your personal data is being collected by on your behalf or by persons authorized to act on your behalf, both in full or partially means, both part of the data registration system but with non-automatic methods – Applications made over contracted websites, Outlet and Company General Directorate staff, support services and natural and / or legal entities and direct automated systems within all types of legislation or contract (our website and mobile app, call centres, social media accounts) and oral, written or electronic platforms – in accordance with the legal reasons listed below.
Indicated in Article 5th and 6th of the Law;
Clearly set forth in the law,
To be able to fulfil the legal obligation of our company,
Processing of personal data belonging to the parties of a contract, is necessary provided that it is directly related to the conclusion or fulfilment of that contract.
Data processing is mandatory for the establishment, exercise or protection of any
right.
It is mandatory for the controller to be able to perform his legal obligations.
Personally recognised

d) The rights of Data Subject

The data controller shall conclude the demands involved in the applications within the shortest time possible depending on the nature of the demand and within thirty days at the latest and free of charge up to 10 days. 1 Turkish Lira processing fee will be charged for each page on the ten pages. If the answer to the application is given in a recording medium such as a CD, Flash Memory, the fee that can be requested by our company will not exceed the cost of the recording medium.
In this context, personal data owners have the right:
to learn whether his personal data are processed or not,
to request information if his personal data are processed,
to learn the purpose of his data processing and whether this data is used for intended
purposes,
to know the third parties to whom his personal data is transferred at home or abroad,
to request the rectification of the incomplete or inaccurate data, if any,
to request the erasure or destruction of his personal data
to object to the processing, exclusively by automatic means, of his personal data, which leads to an unfavourable consequence for the data subject,
to request compensation for the damage arising from the unlawful processing of his personal data.
You may convey your request to exercise any one of your rights specified above in writing and in Turkish or through your registered electronic mail (KEP) address, mobile signature or other electronic mail address previously notified to the COMPANY and entered into our records as set forth in article 13(1) of the Law no 6698 and the communiqué numbered 30356 and dates 10.03.2018 on the procedures and principles for submitting requests to the data controller. Only the applicant is the subject to the application and it is not possible to receive information on other family members and third parties. The Company reserves the right to verify your identity before answering your application.
In your application:

Name, Last Name and signature if written
TC Identification number if you are a Turkish citizen, if not, your nationality, your passport number or your identification number,
E-mail address, telephone or fax number,
Subject of your request,

are mandatory; additional information and documents are also requested to be added to the application.
You may send your written application to our company’s Dereboyu Cd. Çalışkan Sk. No:4 Halkalı 34303 Küçükçekmece/İstanbul address. Click here to access the application form.
E-mail to kvkk@transvaro.com for online applications or e-mail to transvaro@hs02.kep.tr for PAB applications.
According to the nature of your request, the information and documents to verify your identification must be complete and accurate. Any failure to complete that information may result in Company refusing to process your request or difficulties to process the request. In this case, the Company declares that he has reserved the legal rights.