TAXIM SUITES
PERSONAL DATA PROTECTION POLICY

1. Scope
1.1. The purpose of this personal data protection policy (“Policy”) is, Bono Turizm Yatirimlari Sanayi ve Ticaret Limited Şirketi, Taxim Suites; to process personal data in accordance with the regulations of the Law on the Protection of Personal Data No. 6698 (“Law”). Violation of the law will be handled seriously by Taxim Suites and will be evaluated within the scope of legislative provisions and disciplinary procedures. For the purposes of the law, the following definitions will be taken as basis:
1.1.1. Personal Data: Any information relating to an identified or identifiable natural person;
1.1.2. Processing of Personal Data: Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available the Personal Data by fully or partially automatic or non-automatic means provided that it is a part of any data recording system, all kinds of operations carried out on the data, such as the classification or prevention of its use;
1.1.3. Special Qualified Personal Data: Data about the race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, clothing, association, foundation or union membership, health, sexual life, criminal conviction and security measures, and biometric data. and genetic data;
1.1.4. Data Controller: Any natural or legal person who determines the purposes and means of processing Personal Data and is responsible for the establishment and management of the data recording system, and Taxim Suites;
1.1.5. Data Processor: A third natural or legal person who processes Personal Data on behalf of Taxim Suites based on the authorization given by Taxim Suites;
1.1.6. Data Owner: The real person whose Personal Data is processed;
1.1.7. Data Registration System: The registration system in which Personal Data used by Taxim Suites are structured and processed according to certain criteria;
1.1.8. Board: Personal Data Protection Board;
1.1.9. Institution: Personal Data Protection Authority;
1.1.10. Law: Refers to the Law on Protection of Personal Data No. 6698 published in the Official Gazette dated 7 April 2016 and numbered 29677.
1.2. With this Policy, Taxim Suites aims to inform the Data Owner and its content is as follows:
1.2.1. Content and categories of Personal Data collected by Taxim Suites; usage and transfer options;
1.2.2. Processing forms of Personal Data;
1.2.3. How Personal Data is stored;
1.2.4. Rights of Personal Data Owners;
1.2.5. Measures taken to protect Personal Data;
2. Principles Regarding the Processing of Personal Data
2.1. The purpose of Taxim Suites is the entirety of the purposes stated in the articles of association
registered and announced before the relevant trade registry directorate.
2.2. In relation to the purpose of Taxim Suites; The Personal Data that can be collected and
processed from Members of the Board of Directors, customers, visitors, website users, employees,
branches, third party agents, suppliers and their officials are listed below and this list can be
expanded for the purposes of Taxim Suites. (The following Personal Data differ according to the Data
Owner person group):
2.2.1. Identity card, driver’s license, passport, identity record sample, information on military status
and nationality, passport photo, residence certificate and/or their physical or digital copies;
2.2.2. Bank account information, billing information, credit card information;
2.2.3. Tax office information, tax number, tax discount document;
2.2.4. Date of birth and place of birth, parents’ names;
2.2.5. Any address, phone, e-mail, etc. contact information, business card;
2.2.6. General health report, blood group report cards or document showing blood group,
information about the drugs used regularly, if any, hepatitis-b and HIV HBS test results, chest x-ray
report, porter examination result document, information about allergy and eating habits, disability,
disability, disability status report, disability card and other documents and information on these
documents;
2.2.7. The name and surname of the dependents of the employee;
2.2.8. Contact information of the data subject regarding the emergency person;
2.2.9. Educational status and foreign language knowledge, copies of diplomas/vocational certificates
2.2.10. Presentation, training, meeting, seminar, animation etc. photo and video recordings taken at
events and recorded for security reasons;
2.2.11. Various information on criminal convictions and security measures, including criminal record;
2.2.12. Workplace entry and exit records of employees and face scanning;
2.2.13. Social Security Institution number;
2.2.14. The license plate number was;
2.2.15. Any official document confirming the signature of the data owner;
2.2.16. Website login, logout and browsing information, password and password information, IP
address;
2.2.17. Room number with the person staying with