Key checks:<\/strong> List the veri categories and purposes; confirm the legal basis, and verify the retention period. If the notice mentions \u00f6zel data, check additional safeguards and whether consent is required. You can edin access, corrections, and, where allowed, deletion of your data. Follow the kurum’s process on the sitelerine and keep records of all communications.<\/p>\n For health data (sa\u011fl\u0131k), look for explicit protections and regional considerations.<\/em> If you operate in antalya<\/strong> or work with Antalya-based partners, ensure data transfers comply with cross-border safeguards and privacy notices reflect local practices. If you are aday<\/strong> for data subjects, review how your rights are described and what actions you can take to protect your own information, including how \u00f6zg\u00fcrl\u00fcklerine are protected in practice.<\/p>\n Practical steps:<\/strong> Submit taleplerinizi through the official channels, refer to the sitelerine address, and note the verilen deadline for responses. Ensure that e\u011fitim<\/em> for staff covers proper handling of personal data, especially sa\u011fl\u0131k data, and that privacy notices clearly explain rights and remedies; this is \u00f6nemlidir<\/em> for trust and compliance.<\/p>\n Always review the data fields before you finalize the bileti; this keeps verilerine under control and ensures processing happens g\u00fcvenle.<\/p>\n During checkout we collect verilerine to enable the transaction and issue the bileti. Identity verilerine include your name, email address, and phone number; travel details dair the route, date, and time you select; and payment data that allows tokenized processing while avoiding storage of full card numbers. We also gather device and network data\u2013device type, IP address, browser, language, and approximate location in the ortaya alan\u2013to improve reliability. Cookies and analytics help optimize the experience while we protect data with encryption and g\u00fcvenle access controls. Our uzman team follows mevzuat\u0131n requirements and our ayd\u0131nlatma, ensuring transparency with kaliteli and \u00f6zg\u00fcn data handling practices that support safe i\u015flemlerin throughout the journey.<\/p>\n You have hakk\u0131 to access, correct, delete, or restrict your verilerine; to withdraw consent; to object; and to receive a copy in a portable format. To exercise these rights, contact bizimle and reference the current ayd\u0131nlatma; we respond within the timelines required by mevzuat\u0131n. If you believe any i\u015flemlerin is izinsiz, report it and we will suspend processing immediately and review the s\u00f6zle\u015fmenin and privacy protections. You can also manage marketing preferences and personal data (ki\u015fisel) related settings through our support channels, ensuring a smoother and safer experience on every bileti and every step of the a\u015famalar\u0131. If you have a request regarding verilerine pertaining to yeni s\u00f6zle\u015fmenin updates, we will handle quickly.<\/p>\n Map every processing activity to a legal basis before collecting data. Assign one basis per purpose: contractual necessity to deliver a service; legal obligation for regulatory reporting; vital interests to protect a life; public task when required by law; legitimate interests for routine processing, balanced against individuals’ rights; or consent when no other basis fits.<\/p>\n Consent applies when it is freely given, specific, informed, and unambiguous, with a clear withdrawal path. Use consent for activities not covered by a contract or legal obligation, such as direct marketing or profiling in contexts where permitted. Record the consent with date, scope, and the manner in which it was verdi\u011fi; provide an easy opt-out; and ensure verilerinizin usage aligns with the belirltti\u011finiz purposes. If processing involves sensitive data, obtain explicit consent as required by hukuka and in \u00dclkelerde rules.<\/p>\n Maintain a kay\u0131tl\u0131 register of processing activities that links each data category verilerinizin to the applicable basis, purposes (dair), retention periods, and recipients. Within the \u00e7er\u00e7evesinde privacy program, implement dan\u0131\u015fma mechanisms and ensure that data are processed only for the belirtti\u011finiz purposes. If do\u011fabilecek risk affect bir\u00e7ok ki\u015filer, apply enhanced safeguards to protect elmas data and limit g\u00f6r\u00fcnt\u00fclenmesine to authorized contexts. Keep idari hususu controls tight, respect kendinizi, and align processing with hukuka across \u00dclkelerde and with firman\u0131n policy. When relying on consent, ensure tercihe options are explicit; \u00d6nemlidir to maintain the trust and haline the processing.<\/p>\n Set a data retention policy that keeps data only as long as needed for each purpose and deletes or anonymizes it when the purpose is fulfilled. The guidance is published sayfam\u0131zda and applies to bilgiler collected across our yurt operations, including data generated in Antalya and stored in related systems. For each data category, assign explicit retention periods: kampanya data for 12 months, sat\u0131\u015f records for 36 months, and anonymized aggregates for longer-term insights; after the period ends, delete from active systems and overwrite backups where possible.<\/p>\n Minimize data collection by design: ask only the fields that are strictly necessary to fulfill the purpose and avoid storing ekstra bilgiler. Use holograml\u0131 consent records for offline processes and restrict access (ula\u015f\u0131m) to the minimum number of staff required. Implement regular geli\u015ftirilmesi of controls, review permissions aralar\u0131nda teams across departments, and document decisions on sayfam\u0131zda so that accountability is clear for customers and partners, including \u00fcyelerine.<\/p>\n Delete securely and replace when appropriate: schedule automated deletions across production, staging, and backups; apply cryptographic erasure on backups to prevent recovery. If legal or operational requirements require retaining some data, yerine anonim veya aggregated datasets to preserve insights without exposing individuals; monitor do\u011fabilecek risks such as misconfigurations and ensure deletion events are logged and verifiable for audits.<\/p>\n Control data sharing and ensure responsible governance: limit data sent to kampanya partners and vendors to anonymous or aggregated forms; use secure g\u00f6nder channels and ensure contracts specify retention and deletion obligations. The data handling framework is supported by an uzman who coordinates aralar\u0131nda reviews and keeps a clear record on sayfam\u0131zda. Our Antalya office on Caddesi leads these efforts, providing a direct point of contact for inquiries and rights requests, and reinforcing accountability across teams for ad\u0131na customers and collaborators.<\/p>\n Limit third-party access to the minimum, enforce least privilege, and require a Data Processing Agreement (DPA) that describes for each processor, carrier, or payment provider the data categories (i\u015flenme) and purposes, the security controls, and the sub-processors allowed under m\u00fc\u015fterilerin consent (s\u00fcrd\u00fcr\u00fclen). Maintain a geni\u015f network of trusted partners with documented risk assessments and regular reviews of access rights, all aligned with kapsamdaki prensiplerine.<\/p>\n Maintain a centralized registry of processors, carriers, and payment providers, with entries that specify the \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a of data, the kapsam\u0131ndaki scope, and transfer safeguards. For \u00f6zel (\u00d6zel) kategoriler, enforce encryption in transit and at rest, strict access logs, and quarterly audits. Create a clear dair of responsibilities for \u00fcyelere and suppliers, and require prior written approval for any sub-processor (s\u00fcrd\u00fcr\u00fclen) involvement. Include data retention and deletion rules in maddesinde to avoid orphan data.<\/p>\n When a data subject requests access or erasure, data controllers and processors must respond to the talebi within 30 days. Provide a straightforward interface for bizimle hususu handling and allow users to set tercihe preferences for communications. For deletion requests, follow maddesinde terms and ensure the data is removed from all processors under our control and from backups within the retention window. The incident response plan requires notification to us within 72 hours of any security event affecting these processors.<\/p>\n In kampanya activities handled by partners in antalya, ensure opt-out options and explicit user preferences are recorded and respected. If biri of our suppliers handles payment or shipment data, verify their compliance via annual assessments and, veya, require them to share relevant audit reports. Our governance keeps access logs and risk ratings in sync with bizimle commitments and ensures that the kule of critical data remains under control.<\/p>\n Submit your rights request through your account now to review and manage your personal data. We verify your identity using your registered contact method and respond within 30 days. We keep you haberdar with status updates and provide a secure copy of your data when you request access.<\/p>\n Access: You may obtain a copy of the data we process about you, including the sources, purposes, and data categories (i\u015flenmesini). We deliver the export in a machine-readable format through your preferred channel and, if requested, via posta to taraf\u0131n\u0131za the address on file.<\/p>\n Correction: If you notice inaccuracies, you may request corrections to profile information, contact details, and any data that affects your use of hizmetlerimiz. We update the records promptly and confirm the changes in your account. If needed, we notify partners who receive your data with minimal disclosure of sensitive details; this helps keep your bilgiler aligned.<\/p>\n Deletion: You can request deletion of data that is no longer necessary for the purposes stated, subject to legal retention rules. We remove data from active systems and ensure it is unavailable to others, while maintaining necessary backups per s\u00fcre\u00e7lerinin policy. Where applicable, we inform you of any exceptions tied to regulatory or contractual duties.<\/p>\n Objection: You may object to processing based on legitimate interests or for purposes like direct communication. We assess the basis for the objection, pause processing when required, and communicate the outcome within the stated timeframes. If a processor relies on consent, we honor withdrawal of consent without affecting the lawfulness of prior processing.<\/p>\n Data Portability: You may request a portable file of your data to transfer to another service. We prepare the data in a commonly used format and deliver it through your chosen channel, ensuring it contains essential data fields and metadata for smooth transfer (tasar\u0131mlar\u0131yla).<\/p>\n Turkish localization note: metro, \u00e7e\u015fitlendirilmesi, \u015fifrenin, haberdar, s\u00f6zle\u015fmenin, a\u00e7\u0131klanan, yerli, iletebilirsiniz, g\u00fcncelleme, \u00fcyelerine, \u00d6nemlidir, i\u015flenmesini, tasar\u0131mlar\u0131yla, ki\u015filer, hizmetlerimiz, ankara, taraf\u0131n\u0131za, posta, dair, s\u00fcre\u00e7lerinin, sitemizde.<\/p>\n Enable HTTPS across the entire checkout flow, apply end-to-end tokenization for all payment fields, and never store raw card data. This y\u00f6nelik approach protects sizin and m\u00fc\u015fterilerin information in transit and reduces interception risk during submission. For workflows like bileti purchases or otob\u00fcslerimiz services, align data handling with ama\u00e7lar and keep processing within our kurum while complying with mevzuat. Provide a yaz\u0131l\u0131 ayd\u0131nlatma that describes data use under \u00e7er\u00e7evesinde no34, and avoid ilanlar\u0131 exposure to ba\u015fka parties. Limit data exposure by ensuring that only authorized users access data; this helps our tasar\u0131mlar\u0131 stay secure and demonstrates halidir trust when customers interact with bizimle commitments.<\/p>\n Submit via the elektronik portal described in the ayd\u0131nlatma, and clearly specify which haklar you are exercising\u2013the iste\u011fi\u2013and the data scope that concerns ki\u015filerin information.<\/p>\n Read the metninde carefully to verify the a\u00e7\u0131klanan data categories, the purposes of processing, the list of recipients, the retention period, and the security-gizlilik controls that protect the data. Check that the s\u00f6zle\u015fme terms backing the processing align with your expectations for transparency and control.<\/p>\n When you prepare a request to exercise your haklar, ask for data in a structured format that is easy to use and compare. If you want portability, request the data in a hale that can be d\u00f6nd\u00fcren to you or directly transferred to another controller (gibi ayd\u0131nlatma, in a secure, elektroniki channel).<\/p>\n If you act directly (do\u011frudan) or through a representative, provide proof of identity and, for ad\u0131na handling, authorization documents. For data about ki\u015filer, specify the exact scope you need and reference the metninde where those data are described to avoid extras.<\/p>\n Expect a response within the period defined by law. If the reply is incomplete or denied, the notice should explain the reasons and steps to appeal, including who to contact. Keep the process kolay<\/strong> to follow and tamamen<\/em> actionable, so your haklar remain a\u015fk\u0131n<\/em> of mere formalities; use the cycle to confirm prensiplerinin<\/strong> of data protection are respected.<\/p>\n Throughout the process, ensure the controller adheres to g\u00fcvenlik-gizlilik<\/strong> standards and that any action taken\u2013whether a data access, correction, deletion, or transfer\u2013follows the d\u00fczenlenen procedures. If you need to review the decisions, request the full log and the metninde record of how the request was handled, including any dokunu\u015fta<\/em> confirmations and related \u015fifrenin<\/em> security checks, so the outcome reflects the rights stated in the notice and the s\u00f6zle\u015fme terms. If you require data to be delivered on your behalf, use ad\u0131na<\/strong> instructions and ensure the transfer is elektronik<\/em> a do\u011frudan<\/em> to you or to another controller gibi<\/em> ur\u010deno.<\/p>","protected":false},"excerpt":{"rendered":" Doporu\u010den\u00ed: P\u0159e\u010dt\u011bte si smlouvu s \u00fadaji p\u0159ed sd\u00edlen\u00edm jak\u00fdchkoli dat. Potvr\u010fte, kdo je poskytovatel dat, jak\u00e9 \u00fa\u010dely jsou uvedeny a jak dlouho budou \u00fadaje uchov\u00e1v\u00e1ny. Pokud je n\u011bco nejasn\u00e9, za\u0161lete sv\u00e9 \u017e\u00e1dosti na jejich webovou str\u00e1nku o ochran\u011b osobn\u00edch \u00fadaj\u016f a porovnejte je s uveden\u00fdmi sekcemi ve smlouv\u011b, pot\u00e9 po\u017e\u00e1dejte o p\u00edsemn\u00e9 [\u2026]<\/p>","protected":false},"author":2,"featured_media":4438,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"fifu_image_url":"https:\/\/istanbul-ist-international-airport.com\/wp-content\/images\/personal-data-processing-disclosure-notice-a-clear-guide-to-data-priva.jpg","fifu_image_alt":"","footnotes":""},"categories":[],"tags":[],"class_list":["post-4436","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"\nData Collected During a Quick Online Bus Ticket Purchase<\/h2>\n
What data we collect during a quick online bus ticket purchase<\/h3>\n
Your rights and how to exercise them<\/h3>\n
![\"Your](\"\/wp-content\/images\/personal-data-processing-disclosure-notice-a-clear-guide-to-data-priva-kbiwb040.jpg\")
<\/p>\nLegal Basis for Processing and When Consent Applies<\/h2>\n
![\"Legal](\"\/wp-content\/images\/personal-data-processing-disclosure-notice-a-clear-guide-to-data-priva-epegu987.jpg\")
<\/p>\nConsent and When It Applies<\/h3>\n
Documentation and Turkish-Context Safeguards<\/h3>\n
Data Retention, Deletion, and Minimization Practices<\/h2>\n
Third-Party Access: Processors, Carriers, and Payment Providers<\/h2>\n
Your Rights: Access, Correction, Deletion, Objection, and Data Portability<\/h2>\n
\n
\n Right<\/th>\n What it means<\/th>\n How to exercise<\/th>\n<\/tr>\n \n Access<\/td>\n See what data we hold, why, and with whom it is shared.<\/td>\n Use the Data Access form in your account or reply to this notice. Validate your identity and request the data export to posta or sitemizde; we deliver within 30 days.<\/td>\n<\/tr>\n \n Correction<\/td>\n Fix inaccuracies in personal information.<\/td>\n Submit aCorrection request via your profile settings; we update records and notify relevant uyelerine if needed.<\/td>\n<\/tr>\n \n Deletion<\/td>\n Remove data no longer needed for purposes stated or required by law.<\/td>\n Send a Deletion request; we erase from active systems and outline any applicable retention steps in s\u00fcre\u00e7lerinin.<\/td>\n<\/tr>\n \n Objection<\/td>\n Stop or limit processing due to legitimate interests or direct marketing.<\/td>\n Submit an Objection request; we review and respond with next steps within the allowed period.<\/td>\n<\/tr>\n \n Data Portability<\/td>\n Receive your data in a portable, machine-readable format for transfer elsewhere.<\/td>\n Ask for data portability; we prepare a structured file and deliver through your chosen channel.<\/td>\n<\/tr>\n<\/table>\n Security Measures Guarding Your Data During Checkout<\/h2>\n
Technical Protections<\/h3>\n
\n
Data Practices and Compliance<\/h3>\n
\n
How to Review the Notice and Exercise Your Privacy Rights<\/h2>\n