Our Privacy Policies

Crowne Plaza Istanbul Oryapark

Data Controller: Oryataş İnşaat ve Ticaret A.Ş.
İnkılap Mahallesi, Küçüksu Caddesi, No: 58, 34768, Ümraniye, İstanbul

WHAT IS THE LEGAL BASIS OF THE COLLECTION OF YOUR PERSONAL DATA OF SPECIAL NATURE?

Data about the race, ethnicity, political opinion, philosophical belief, religion, sect or other beliefs, appearance and clothing, membership to an association, foundation or trade union, medical condition, sexual life, criminal conviction and security measures as well as biometric and genetic data of persons are considered as personal data of special nature.

Personal data of special nature require higher protection compared to other data categories. As per the LPPD, it has been regulated that respective information should be provided in order to process such data type.

To whom and for what purpose can your personal data be transferred?

Your personal data,

●      will be shared with persons expressly authorized under the legislation in particular with the Social Security Institution as per the legislation which we are subject to as well as the legal regulations. Your personal data may furthermore be shared with an authorized person or authorized public institutions and organizations upon a court order or at the request of the authorized administrative authorities.

●      It can be shared with real persons or private legal entities with whom we cooperate within the scope of the service contract excluded, for the purpose of conducting financial and accounting procedures, conducting goods/services sales processes and conducting activities related to customer satisfaction.

●      It can be shared with our business partners for the purpose of conducting/supervision of business activities and conducting goods/services sales processes.

●      It can be shared with our suppliers for the purpose of conducting/supervision of business activities and conducting goods/services sales processes pursuant to the service contract executed by our side.

As Oryataş İnşaat ve Ticaret A.Ş., we can share your personal with the Intercontinental Hotels Group abroad by taking the required technical and administrative measures in order to conduct the business activities.

How long will your personal data be maintained?

If a period of time has been prescribed by law or by the relevant legislation for your personal data to be maintained, such data should be preserved for at least this period of time. If a period has not been prescribed by the law or by the related legislation, it will be preserved for the specified reasonable periods of time, provided that this is limited and restrained in connection with the purposes of processing.

What are your rights as the Data Owner?

Regarding your personal data within the scope of the LPPD and the relevant legislation;

●      To learn whether your personal data has been processed or not,

●      If your personal data has been processed, to request information pertaining to this process accordingly,

●      To learn the purpose of processing the personal data and whether they are used appropriately in accordance with the intended purpose,

●      To have information about the third parties to whom your personal data has been transferred either in Turkey or abroad,

●      To request the rectification of the incomplete or inaccurate data, if any,

●      To request the deletion or destruction of your personal data in accordance with the terms and conditions set forth under the LPPD legislation,

●      When requesting the correction of incomplete or inaccurate data or deletion or destruction of your personal data, to request such situation to the third parties to whom you have transferred your personal data

●      To object to the occurrence of a result against the person himself by means of analyzing the processed data exclusively through automated systems and

●      To claim damages in the case you incur losses due to unlawful processing of your personal data,

will be listed as your rights which you may exercise.

How can you exercise your rights?

You can submit your applications and requests related to your personal data through the Data Subject Application Form over the web address www.cporyapark.com/en/lppd.

●      By sending an originally signed letter with a copy of your identity, to the address İnkılap Mahallesi, Küçüksu Caddesi, No: 58, 34768, Ümraniye, İstanbul,

●      By personally applying to Oryataş İnşaat ve Ticaret A.Ş. with a valid identity document,

●      By sending an e-mail to the address  kvkk@cporyapark.com  after signing with a mobile signature or secure electronic signature,

●      By using a registered electronic mail (REM) address and secure electronic signature or mobile signature to send to our registered e-mail address at oryatasinsaat@hs03.kep.tr

to Oryataş İnşaat ve Ticaret A.Ş.

As per the Communiqué on the Methods and Principles of Applying to the Data Controller, it is obligatory that the name, surname, signature - if the application is made in a hardcopy format and in written form - Turkish Republic Identity Number for the Turkish Republic citizens (the nationality, passport number or identity number if available, if the applicant is of foreign origin), place of residence or business address constituting the basis for notices, e-mail address constituting the basis for notices, if any, telephone and fax number and the subject matter of the request are present.

The Data Subject should clearly state what is requested in the application, including the explanations regarding the right to be exercised as well as the requests to exercise the rights mentioned above. Information and documents regarding the application should be attached to the application.

Even if the subject matter of the request must be related to the applicant in person, if acting on behalf of someone else is in question, then the applicant should be specially authorized in this regard and this authority must be certified (by a power of attorney). Furthermore, the application must contain the identity and address information and documents authenticating the identity must be attached to the application.

Requests made by unauthorized third parties on behalf of other will not be taken into consideration.

How long will it take for your requests related to the processing of your personal data to be responded to?

Your requests regarding your personal data will be evaluated and responded to within 30 days at the latest as of the date they have been received by the relevant department. If your application is not responded to positively, then the grounds for the reasoned rejection will be sent to the address you have specified in the application via e-mail or by post and if possible, using the procedure through which the request has been made.