Protection of Personal Data and Privacy Policy

Website Confidentiality Agreement

How to use and protect the information we obtain about you and the services you request while you visit this website and benefit from the services we provide through this site are subject to the conditions set forth in this “Privacy Policy”. By visiting this website and requesting to benefit from the services we offer through this website, you accept the terms set forth in this “Privacy Policy”.

I. Purpose of personal data protection and processing policy

Due to the sensitivity of the work we have been dealing with as TOGA, the data received from our customers or prospective customers have been kept confidential and have never been shared with third parties. Protection of personal data is the basic policy of our company. Even before there was any legal regulation, our companies and affiliates attached great importance to the privacy of personal data and adopted this as a working principle and gave their employees working instructions in line with this principle. As TOGA, we undertake to comply with all responsibilities brought by the Law on the Protection of Personal Data. Our company’s principles regarding the protection of personal data also cover our subsidiaries.

II. Scope and modification of the personal data protection and processing policy

This Policy, prepared by our company, has been prepared in accordance with the Law on the Protection of Personal Data No. 6698 (“KVKK”). The law has entered into force with all its provisions as of today. The data obtained from you with your consent or in accordance with other laws listed in the Law will be used to improve the quality of the services we provide, to improve the services offered to you and our quality policy. Again, some of the data we have is depersonalized and anonymized. These data are data used for statistical purposes and are not subject to Law enforcement and our Policy. TOGAK’s Personal Data Protection and Processing Policy aims to protect the automatically obtained data of our customers, prospective customers, employees and companies working in solution partnership with us, their employees or other persons, and includes regulations regarding these.

Our company has the right to change our policy and our Regulations, provided that they comply with the law and that personal data is better protected.

III. Basic rules regarding the processing of personal data

a) Compliance with the law and the rules of honesty: TOGA questions the source of the data it collects or receives from other companies and attaches importance to obtaining them in accordance with the law and within the framework of honesty rules. In this context, it makes necessary warnings and notifications to third parties (agencies and other intermediary institutions) that sell the services offered by TOGA in order to protect personal data.

b) Being accurate and up-to-date when necessary: ​​TOGA attaches importance to the fact that all data within the institution are correct, do not contain false information, and finally, if there is a change in personal data, they are updated if they are communicated to it.

c) Processing for specific, clear and legitimate purposes: TOGA processes data only for the purposes it offers and for which it receives approval from individuals during service. It does not process, use and make use of data other than for business purposes.

d) Being connected, limited and measured for the purpose for which they are processed: TOGA only uses the data for the purpose for which they are processed and to the extent required by the service.

e) Retention for the period stipulated in the relevant legislation or required for the purpose for which they are processed: TOGA retains the contractual data as long as the conflict periods of the Law and the requirements of commercial and tax law. However, when these purposes disappear, it deletes or anonymizes the data.

It should be noted that, whether TOGA has collected or processed the data with consent or in accordance with the law, these principles listed above still apply.

According to article 11 of the Personal Data Protection Law, you have the following rights. To facilitate these rights, an application form has also been prepared by TOGA for you.

Persons whose personal data are processed, by applying to our contact announced on our website by TOGA, regarding their own data;

a) Learning whether your personal data is processed or not,

b) If personal data has been processed, requesting information about it,

c) Learning the purpose of processing personal data and whether they are used in accordance with its purpose,

ç) To know the third parties to whom personal data is transferred in the country or abroad,

d) Requesting correction of personal data in case of incomplete or incorrect processing,

e) Requesting the deletion or destruction of personal data within the framework of the conditions stipulated in the law,

f) Requesting notification of the transactions made pursuant to subparagraphs (d) and (e) to third parties to whom personal data has been transferred,

g) Objecting to the emergence of a result against the person himself by analyzing the processed data exclusively through automated systems,

ğ) In case of loss due to unlawful processing of personal data, it has the right to demand the compensation of the damage.

However, individuals do not have a right to anonymized data within the Company. TOGA may share personal data with relevant institutions and organizations in order to exercise the legal powers of a judicial duty or state authority in accordance with the business and contractual relationship.

IX. Privacy Policy

Whether employees or other people’s data in TOGA is confidential. No one can use, copy, reproduce, transfer to others, use this data for any other purpose without compliance with the contract or the law.

X. Transaction security

All necessary technical and administrative measures are taken to protect the personal data collected by TOGA, to prevent it from falling into the hands of unauthorized persons and to prevent our customers and prospective customers from being victims. In this framework, it is ensured that the software complies with the standards, that the third parties are carefully selected and that the data protection policy is complied with within the company. Safety measures are constantly being renewed and improved.

XI. Audit

TOGA carries out the necessary internal and external audits on the protection of personal data.

XII. Notice of Violations

When TOGA is notified of any breach of personal data, it takes immediate action to remedy the breach. It minimizes the harm of the person concerned and compensates the damage. When personal data is obtained by unauthorized persons, it immediately notifies the Personal Data Protection Board.

Applications can also be made according to the procedures specified at togaholiday.com/tr address regarding the notification of violations.

Communication

For your questions and requests regarding the confidentiality agreement, after printing out and filling out the form below, you can send a registered letter with return receipt to the address below.

TOGA HOLIDAY

Address: AHMEDİYE MAH. AYIN SK. EKSI NUMNE HAN NO: 17 INTERIOR DOOR NO: 25 ÜSKÜDAR/ İSTANBUL

Last Update: May 12, 2022