TR
/
EN
 

PERSONAL DATA PROCESSING AND PROTECTION POLICY

Dear Customers,

As Merkur International Transport and Aviation we care about the privacy and safety of your personal data.

Any personal data that we receive during a ticket sale on the phone is recorded manually and kept in our computer systems.

We are careful in not sharing your personal data with 3rd parties and act accordingly, therefore we are only able to share the data with the firms that we are receiving service in cases of court order or legitimate purposes (The passport info of our customers is recorded in our ticketing software which is kept under the software company that we are getting this service from.)

These records can be shared within the framework of the Law on the Protection of Personal Data (KVKK) No.6698 and the necessary secondary legislations by being compliant, limited and measured.

The personal data belonging to individual customers that buy ticket from company can be shared:

In cases where they wish to buy tickets, due to the fact that the transaction is directly related to the establishment or performance of the contract between the domestic or foreign airline companies or the agencies selling tickets and the passenger, pursuant to Article 5/2-c of the KVKK, and it is necessary to process the personal data of the parties for the making of the contract,

With our business partner that we receive ticketing software services, our accounting partner Mikro and with the banks that we are collaborating (in cases of request) due to fact that the Data controller has to process the personal data for legitimate purposes by not harming the person’s rights and freedom by staying in line with KVKK Art. 5/2 - f .

The personal data belonging to corporate customers that buy ticket from our company can be shared:

With hotels in case they wish to require accommodation services; with rent a car firms in case they wish to require rent a car services; with domestic or foreign airlines or agencies in case they wish to buy plane tickets; with consulates or agencies that provides visa services in case they need assistance with visa; with firms that offers transfer services in case they wish to require transfer services due to the fact that it is necessary to process the personal data of the parties for the making of the contract by abiding the KVKK Art. 5/2 - c,

With our employees during our firm’s commercial transactions, company managers, our financial, tax and legal advisors and supervisors due to the fact that it is necessary to process the personal data of the parties for the making of the contract by abiding the KVKK Art. 5/2 - f and also by protecting one’s fundamental rights and freedoms,

Transfer of data such as device information, IP addresses, country and city information, browser type and language they use, the times and numbers of our users visiting our website with the foreign cloud company since we receive the website hosting service from abroad, and also due to KVK Law article 5/2- f, “It is mandatory to process data for the legitimate interests of the data controller, provided that it does not harm the fundamental rights and freedoms of the data subject .

Service and partnership agreements with these individuals and organizations includes confidentiality requirement and the prohibition of transferring the information that is obligatory to be transferred to other third parties.

Personal Data Controller: MERKUR INTERNATIONAL TRANSPORT AND AVIATION LTD.
Personal Data Contact Person: Güler FİLİZ

If you have any questions/requests regarding your rights on the issue, you can contact us through cr@merkurholding.com.tr.

Based on Art. 11 of the Law the data owner has the listed rights:
a. To know more about whether the personal data has been processed or not,
b. If they are processed then requesting information regarding this process,
c. To learn more about the purpose of the processing and whether they were used purposefully,
d. To know more about with whom the data was shared both locally/globally,
e. To request correction in cases of misinformation or lack of information,
f. To request deletion or destruction of personal data within the framework of Article 7,
g. To request notification of the 3rd parties that the data was processed within the clauses (d) and (e),
h. To object to any results directly against the person himself that might arise by analysis of the processed data exclusively through automated systems,
i. To request compensation in cases of damage during illegal processing of personal data.