Telefon: + 90 384 511 52 10 Eposta: Whatsapp: +90 538 023 6567







We, SIGNATURE GARDEN AVANOS HOTEL & SPA (“Hotel”), are attribute great importance to the personal data of our dear guests, potential guests, website users, suppliers, suppliers’ employees and other third parties in relation with our Hotel; therefore, we take high security measures in order to protect your personal data from unauthorized access. In order to protect your fundamental rights and freedoms, especially the right to privacy, we process your personal data within the scope of the Law on the Protection of Personal Data numbered 6698 (“LPPD”) and secondary regulations enacted based on the same, the Identity Reporting Law numbered 1774, the Tax Procedural Law numbered 213, the Turkish Commercial Law numbered 6102, European Union General Data Protection Regulation (“GDPR”) and other relevant legislations in line with the explanations stated below.


  1. The identity of the Data Controller:

Pursuant to the LPPD, TURMALİN OTELCİLİK VE TURİZM SANAYİ TİCARET ANONİM ŞİRKETİ (“Company”), has the title of “Data Controller”. Our company wish to inform you regarding purpose of processing your personal data, to whom your personal data can be transferred and purpose of transfer of your personal data, the method and legal grounds for collection of your personal data and your legal rights by this Privacy Notice that has been prepared for the purposes of fulfilling our obligation to inform within the scope of the *Obligation of the Data Controller to Inform" under Article 10 of the LPPD and "Rights of the Data Subject" under article 11 of the LLPD, our institution reserves the right to revise this "General Privacy Notice on the Protection of Personal Data" at all times in line with the changes that may occur in the current legislation.


  1. Your personal data which we process;

Your Identity Information: Name-Surname, identification Number, Place of Birth, Date of Birth, Passport Number, Signature

Your Contact Information: Email address, Phone number, Address

Your Customer Transaction Information: Call Centre Records, Order Information, Request Information, Records of your Instructions and Instructions

Physical Environment Security Information: Closed-circuit camera image and sound recording, entrance-exit recording information taken in common areas during Hotel Entry-Exit and stay time

Your Transaction Security Information: Mac address information, access IP Information and data from according to Law 5651

Information about those traveling with you: Name-Surname, ID Number, Passport Number, Date of Birth

Your Financial Information: Credit card information, mail order information, bank account information if required

Your Marketing Data: Surveys

Your Special Categories of Personal Data: Special categories of your health data if you have stated and gave explicit consent (such as allergen information, previous diseases), information on race and ethnicity

Other Information: (including the collected information via communication channels on the website) Information and Records Received About Your Requests About Products and Services, Hotel Entry-Exit Dates, Satisfaction surveys made to you to be used for marketing purposes, Information and Records Collected About Person's Complaints About Products and Services, Special Day Information, Vehicle Plate


  1. The method and Legal Basis for Collection of Personal Data

Your personal data, that you provide in person or indirectly to our institution within the scope of the services that we provide may be collected via oral, written or electronic platforms. Your personal data may be collected during performance of the room reservation process, contacts with tour operators and travel agencies, stages of entering the Hotel and performance of payment transactions, notification of your requests and complaints, process of filling in customer satisfaction and questionnaire forms and participation in trainings, seminars or organizations organized by the Hotel for any purpose. Your personal data can be processed in the following cases as stated under Article 5 of the LPPD;


  • In case it is expressly provided for by the laws.
  • In case it is necessary for the protection of life or physical integrity of the person himself/herself or of any other person, who is unable to explain his/her consent due to the physical disability or whose consent is not deemed legally valid.
  • In case processing of personal data of the parties of a contract is necessary, provided that it is directly related to the establishment or performance of the contract.
  • In case it is necessary for compliance with a legal obligation to which the data controller is subject.
  • In case personal data have been made public by the data subject himself/herself.
  • In case data processing is necessary for the establishment, exercise or protection of any right.
  • In case processing of data is necessary for the legitimate interests pursued by the data controller, provided that this processing shall not violate the fundamental rights and freedoms of the data subject.


Your health data under special categories of personal data, can be processed based on the conditions provided under article 6 of the LPPD) or your explicit consent. Special categories of personal data are the data that may lead to aggrievement in the person in case of disclosure. Data related to the race, ethnicity, political opinion, philosophical belief, religious sect or other beliefs, costume and outfit, association/foundation or union membership, health, sexual life, criminal conviction and security decision together with the biometric and genetic data of such persons constitute special categories of personal data. In principle, as a ruse, special categories of personal data can only be processed based on the consent of the data stilled. Personal data concerning health and sexual life such as blood group, allergen information, information on previous diseases may only be processed, without seeking explicit consent of the data subject, by the persons subject to secrecy obligation or competent public institutions and organizations, for the purposes of protection of public health, operation of preventive medicine, medical diagnosis, treatment and nursing services, planning and management of health-care services as well as their financing.


Adequate measures shall be taken while processing the special categories of personal data. Additionally, our guests can request customized services by sharing their current conditions with our Company and consequently may share their special categories of personal data for this purpose. (In case our guest requests special service by sharing their special categories of personal data, for example, requesting a thin pillow due to neck hernia, requesting a room on the ground floor due to heart disease, requesting us to prepare a dessert without nuts due to peanut allergy, etc.). In order for us to provide customized services to our guests’ needs that they define by sharing their special categories of personal data, our Company will process the special categories of sensitive personal data only by receiving explicit consent from the data subject and only for the collection purposes. 


  1. Purpose of processing your personal data

For the purpose of performing room reservation proceedings, fulfilment of legal and regulatory requirements, solving possible legal issues between the parties that may arise in the future, ensuring the management of guest relations, conduction and audit of financial transactions, protection of guests and public health, providing health care services, ensuring occupational safety and physical security; management, monitoring, control of hotel entrances and exits, ensuring the security of the common areas, ensuring administrative management and cyber security of the Internet data network, providing quality improvement activities, ensuring risk management, performing routine inspections arising from laws, conduction of advertising campaign/ promotion activities, conduction of marketing analysis studies, conduction of activities for customer satisfaction, execution of customer relationship management processes, conduction of sale of goods/services processes, conduction of post-sales support service processes for goods/services, conduction of activities regarding ensuring business continuity, receiving and evaluating suggestions with respect to improvement of business processes, carrying out commitment processes to firms/products/services.


  1. Transfer of Personal Data

Your personal data that have been processed within the scope of the indicated purposes may be transferred mainly to our business partners, suppliers, shareholders, third parties that are connected within the scope of brokerage/agency activities, domestic or foreign third parties of which our company provides or receives support services, legally authorized public institutions and private persons in accordance with the fundamental principles stipulated under LPPD and within the scope of the Article 8 and 9 of the law for the requirements of our activities and for the purposes as stated within the purpose of process of personal data section. These persons are not limited to the aforementioned ones but can be counted mainly as transportation companies, accommodation facilities, private insurance companies, private security companies, third party supplier companies providing concierge services, official /administrative authorities. 


Your personal data can be transferred abroad through receiving explicit consent in consideration of the principles stated under Article 4/2 of the LPPD or without seeking the explicit consent of the data subject only in presence of the conditions set forth under Article 5/2 and 6/3 of the LPPD in accordance with the rules under article 9 upon announcement of the countries where sufficient level of protection is provided by the Personal Data Protection Board provided that the personal data will be transferred only to the persons and institutions located within those countries and for the countries where sufficient protection is determined to be not provided on the other hand, your personal data can be transferred provided that the controllers in Turkey and in the related foreign country guarantee a sufficient protection in writing and the Board has authorized such transfer. Your personal data may be disclosed to the public authorities only in case it is requested by the official authorities and in case of presence of obligation to disclose the same as per the imperative provisions of the legislation. Our Company does not use or sell your personal data other than those purposes, scope and activities. All necessary technical and administrative measures are being taken by us for the purpose of prevention of unlawful process and unlawful access and maintaining safe storage of your personal data.


Period of time for Storage of Personal Data

Your personal data shall be erased, destructed or anonymized in case of ex officio by the Company periodically at the latest of at the end of 6 months of periodical terms upon disappearance and cease of purposes which require the process or upon completion of the prescription period for process of personal data set forth under relevant legislation or within 30 days upon your request. All transactions with respect to erasure, destruction and anonymization of your personal data shall be recorded and such records shall be retained for 3 (three) years as of the transaction date for the purpose of submitting to the Ministry when necessary.


Rights of the Data Subject

You have the right to demand the following through applying to our Company as the "Data Controller in accordance with the article 11 of the LPPD:


  • to learn whether his personal data are processed or not, • to request information if his personal data are processed, •) to learn the purpose of his data processing and whether this data is used for intended purposes, • to know the third parties to whom his personal data is transferred at home or abroad, • to request the rectification of the incomplete or inaccurate data, if any, • to request the erasure or destruction of his personal data under the conditions laid down in Article 7, • to request erasure or destruction of his personal data in case of cease of presence of reasons that require process within the scope of the conditions set forth under Article 7 of LPPD, even if it has been processed in accordance with the law • to request notification of the operations carried out with respect to the above-mentioned correction, erasure or destruction to whom his personal data has been transferred, • to object to the processing, exclusively by automatic means, of his personal data, which leads to an unfavourable consequence for the data subject, • to request compensation for the damage arising from the unlawful processing of his personal data.


The Company will keep your personal data for as long as required by the above-mentioned processing purposes. You can send your requests within the scope of the Article 11 of the Law regulating the rights of the data owner to our e-mail address writing “Information Request within the scope of the Law on the Protection of Personal Data” in the subject part of the e-mail and using the Data Owner Application Form available at internet address. You can send it via e-mail after signing the form with the “secure electronic signature” according to the Electronic Signature Law numbered 5070 or to the address ÇAT BELDESİ CUMHURİYET MAH. 50.YIL SK. NO: 3 MERKEZ / NEVŞEHİR by writing “Information Request within the scope of the Law on the Protection of Personal Data,” originally signed personally, by posting or through notary. We will conclude your request shortly depending on the nature of the request and within 30 days at the latest free of charge. However, in case your request requires additional costs, the tariff determined by the Personal Data Protection Board shall be charged from yourselves.


You can access our Personal Data Protection, Processing, Storage and Disposal Policy on for the detailed information about the processes mentioned within the scope of this clarification text.