The purpose of this Personal Data Processing and Protection Policy (“Policy”) is to ensure that all regulations, measures and requirements relevant within the scope of compliance with Law No. 6698 on Personal Data Protection (“KVKK”) are adopted by Best Care Istanbul Tourism. In this context, this Policy provides guidance on how each individual within Best Care Istanbul Tourism will concretely apply the rules established by the KVKK and the relevant legislation, as well as to inform and educate our employees, customers/employees and all relevant persons who have provided us with personal data by contacting us in any way about our KVKK policy.
For this purpose and in this spirit, Best Care Istanbul Tourism takes the necessary precautions for compliance with this Policy and ensures continuity of compliance with the Policy at regular intervals by using internal audit mechanisms for compliance with the Policy. The relevant regulations and internal control mechanisms, including this Policy, have been prepared in accordance with the KVKK and the relevant legislation; Best Care Istanbul Tourism has issued and put into effect various policies and instructions as internal regulations within the scope of personal data protection. These regulations consist of the Policy on Processing and Protection of Special Categories of Personal Data, the Policy on Storage and Destruction of Personal Data and the Instruction on Filing and Archiving and the Information Form on Protection of Customers/Employees Personal Data, which is an annex to this Policy.
Implementation and Amendment of the Policy
The Policy has been put into effect by Best Care Istanbul Tourism. Best Care Istanbul Tourism has the right to amend the Policy and other internal regulations and documents issued in accordance with the Policy, provided that they are in accordance with the KVKK and personal data are better protected in accordance with the Constitution and personal rights.
Scope and Amendment of the Policy
This Policy aims to protect all personal data of our business partners, employees, customers and customers and employees of companies working with us in solution partnership or other persons, which are processed automatically or non-automatically, provided that they are part of a data collection system, and includes regulations regarding these data.
In this context, all kinds of administrative and technical measures necessary for the processing and protection of data in accordance with the principles established within the scope of the KVKK and other laws are taken by Best Care Istanbul Tourism, necessary trainings are carried out to ensure the awareness of Best Care Istanbul Tourism employees, relevant compliance processes are carried out for Best Care Istanbul Tourism employees and employee candidates, and necessary notifications and warnings are made within the scope of the KVKK. The present Policy determines the content of all these measures and actions and specifies the implementation procedures. In this context, it should be noted that Best Care Istanbul Tourism undertakes to fulfill all the responsibilities and obligations imposed by the KVKK.
Basic rules for the processing of personal data
Best Care Istanbul Tourism processes personal data within the framework of the following principles and rules;
Compliance with the law and good faith: Best Care Istanbul Tourism questions the source of the personal data it collects or receives from third parties and attaches importance to the fact that the data is collected in accordance with the law and the rules of honesty.
Accuracy and timeliness when necessary: Best Care Istanbul Tourism attaches importance to ensuring that all personal data in its possession are accurate and up-to-date, do not contain any false information and finally, if the personal data changes, they are updated promptly as soon as they are communicated to it.
Processing for specific, explicit and legitimate purposes: Best Care Istanbul Tourism processes data only in the cases listed in Article 5 of the KVKK and in other cases by obtaining the explicit written consent of the data subjects by means of consent forms specifying the specific purpose and duration and limited to the purposes specified in the policy. No data is processed, used or utilized for purposes other than the purpose of the activity.
They must be consistent with the purpose