This Privacy Policy applies to the website www.awaretour.com (hereinafter referred to as the “Website” ) governs the processing of personal data of users and customers that is collected when using and / or during the online services subject to the agreement.
Aware Tour, SOFIST TURIZM Inc. (hereinafter “ Controller” ) is the owner of the website and is responsible for the data collected through the website. August April 2016). The controller guarantees compliance with the applicable rules for the protection of personal data, namely Regulation of the European Parliament and of the Council of Europe 2016/679 (EU) of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of these data (RGPD) in accordance with the Law dated August 8, 2019 No. 58/2019, which provides that the RGPD is applied in accordance with national law.
Use of the Website constitutes acceptance of this Privacy Policy.
I. Controller contact information:
Aware Tour, SOFIST TURIZM Inc.
- Address: 34746 Atasehir Istanbul, Barbaros district, Bayrak street, 1/5
- Email address: info@awaretour.com
The Controller is based in the United States, the country in which the data collected through the Website will be processed. No decision has been made on compliance with the requirements of the United States, a country whose legal regulations do not provide an adequate level of protection for personal data. However, as noted in previous articles, the Controller agrees and undertakes to comply with the laws of the European Union and the Republic of Turkey regarding data protection. By accepting this Privacy Policy, the User is deemed to have consented to the processing of their data in this country.
II. Applicable data processing principles
The Controller will apply the following principles when processing your personal data that comply with the requirements of applicable data protection regulations:
- Principle of legitimacy, loyalty and transparency: The controller will always carry out data processing, it will have a legal basis, which may have one or more specific purposes and must be communicated with full transparency.
- Data minimization principle: Controller, it will only ask you for data that is absolutely necessary for the purposes of data collection.
- Principle of limited storage: Data will be stored for the period strictly necessary for the purposes of their processing. The controller will notify you of the retention period corresponding to the specified purpose. In the case of a subscription, the Controller must periodically review these lists and remove entries that have been inactive for a long time.
- Honesty and Privacy Policy: The Controller has taken the necessary measures to prevent unauthorized access or misuse of its users' data by third parties.
III. Collection of personal data
When users visit the website for the purpose of sending an email to the Controller, subscribing to its newsletter or signing a contract, they can provide their IP address, first and last name, address, email address, telephone number and nationality, etc. they provide information containing personal data, such as Users especially. They may provide personal data through the Website by following these steps:
- Website browsing
- Communication via contact forms or sending an email.
- Sending comments to an article or page.
- Conclusion of a contract for the services offered by the controller
- Completing a subscription form or newsletter form owned by the Controller via MailChimp.
- MailRelay via filling out a subscription form or a newsletter form owned by the controller.
- Execute a subscription form or a newsletter form owned by the Controller via Blue.
The categories of personal data collected through the Website as a result of these activities include:
- Personal Information. For example: first name, last name, etc. Photos can also be collected during the recording of lectures.
- Demographic data. For example: nationality, gender, etc.
- Contact Information. For example: postal address, email address, fixed phone number and mobile phone number.
- Contract data. For example: to contractual transactions, identity documents, purchased products and services, financial transactions, debts, etc. these relationships.
- navigation data. For example: IP address, device type and ID, browser type, domain through which the website is accessed, browsing data and activity on the website.
IV. Purpose and legal basis for the processing of personal data
The collected personal data and the purpose of processing this data by the Controller differ depending on the data collection methods:
- Contact forms: The controller must provide a first and last name in order to be able to answer questions asking for personal data such as e-mail addresses, telephone numbers and website addresses.
For example, the controller may communicate this data to the user, the information on the website, the services provided by the website, it may use it to respond to messages, requests, complaints, comments or concerns that it sends regarding the processing of personal data, concerns, based on legal documents available on the Website and any additional requests that are the subject of the Website or October terms. The legal basis for data processing is the consent given by the data owner when completing and submitting the contact form. - Content Subscription Forms: The Controller requests the following personal data to manage the subscription list, send newsletters, promotions and special offers: first name, last name, email address, phone number and website address.
- The data that the User submits to the Controller when filling out forms is stored on Amazon Web Services servers located in the United States. The legal basis for data processing is the consent given by the data owner when completing and submitting the contact form.
- Contracting process: The controller can manage the fees and charges for purchases made, etc. when making preliminary contracts or contracts. It may request personal data from users in order to provide products and services, and the legal basis for the processing of this data is a pre-contractual or contractual relationship.
- Satisfaction surveys: The controller may use electronic means (e-mail, SMS, MMS, etc.), may send satisfaction surveys and surveys on the quality of the services it provides, by telephone or by mail. The legitimate basis for the processing of data for the purposes set out in this section is the legitimate interest.
The Controller has other purposes for processing Users' personal data:
- Ensure compliance with the terms and applicable laws set forth in the Disclaimer. This may include developing tools and algorithms that help this Website safeguard the privacy of the personal data it collects. The legal basis for these actions is that the Controller fulfills the obligations incumbent on him.
- Maintain and improve the services offered by this website. The legal basis for this transaction is the legitimate interest of the Controller.
- make transactions on social networks, since the controller is present on said networks. If the User must follow the profiles of the Moderator's social networks, the processing of personal data will be governed by the terms of use, privacy policies and rules for access to this social network, as well as the provisions of this Privacy Policy, if the User has previously agreed to them. The legal basis for this action is the consent given by the data owner when he is a page subscriber.
The privacy policies of the major social networks are available at the following links: - YouTube
-
a) Service providers:
-
The controller may be used, for example, for web platform services, email delivery, etc. for example, it may provide access to personal data to contract service companies if this is necessary to achieve the purposes described in this Privacy Policy. These providers must process data in accordance with the conditions set by applicable regulations, in accordance with a third party data processing agreement, under which all necessary obligations must be fulfilled to ensure satisfactory processing of data.
Some of these providers are based in the United States, a country that does not guarantee an adequate level of personal data protection and where no compliance decisions have been made. Users are informed of the risks associated with the processing of their data in this country and agree to this Privacy Policy allowing such transactions.
The controller will, in particular, provide access to personal data to the following providers:
- Zoom Video Communications, Inc., which processes this data for the purpose of recording live sessions with controller clients.
- These data, SalesForce, which operates in the context of the advertising services provided by the Controller and other services, as well as those related to the final services provided to the Controller's customers.
- Zuora Inc., which will process personal data in connection with the provision of payment services to the controller.
- Amazon Web Services, USA, which processes the data in the context of data hosting services provided to the Controller.
-
b) Compliance with other third parties and legal obligations:
Controller, including that such communication is lawful or is being communicated to competent authorities, judges and courts. It may communicate your personal data to third parties where this is necessary to comply with a legal obligation, including:
- Request for access to stored data.
- Request for correction or deletion of data.
- Request to restrict processing.
- Data transfer request.
- Objection to processing.
The controller, satisfactorily managing its presence in social networks, its activities, it will process the personal data of the User in order to provide information about its products or services, as well as for other purposes permitted by the rules of social networks.
The controller will under no circumstances use the pro
B. Security of personal data
The Controller has taken all reasonable steps to protect the User's personal data to prevent its loss, misuse, improper access, disclosure, alteration or destruction, and has followed industry best practices.
The website is hosted on Amazon Web Services servers in the United States.
Data security is guaranteed as all necessary security measures are taken for this purpose. For more information, you can read the privacy policy.
VI. Content from other websites
Pages on this website may contain links to content on other websites (eg videos, images, articles, etc.).
These websites may collect user data, use cookies, contain additional third-party tracking code, and track interactions using this code. The processing of personal data collected by these websites is subject to the provisions of their privacy policy.
VII. Cookie Policy
This website uses cookies that allow you to operate and provide the services offered on it. Information about the types, purposes of use and configurations of cookies can be found in the Cookie Policy.
VIII. Storage of personal data
Personal data provided by Users to the Controller will be kept for as long as necessary to achieve the purposes of collection, provided that Users do not exercise their rights of deletion.
The data will be deleted in general, with the exception of cases where their processing must be temporarily continued to comply with the legal situation, if it is no longer necessary to achieve the purposes of collection.
Similarly, except where one of the exceptions provided by law, personal data, applies, It will also be deleted if users withdraw their consent.
IX. Recipients of personal data
The Controller may transfer or allow access to personal data collected through the Website to the following recipients:
X. Accuracy and reliability of personal data
The User undertakes that the data provided to the Controller is accurate, complete, true and reliable, and that they are properly updated.
As a user of the Website, the User is solely responsible for the accuracy and validity of the data provided, which releases the Controller from any liability in this regard.
XI. User rights
The controller grants the user, he informs that he has the following rights in relation to his personal data:
These rights must be exercised by the natural person and therefore must be granted directly to the Owner of the Data it must be exercised by the controller through a request; this means that the customer, subscriber or employee who provided the user data can never contact the Controller or request information about the stored user data or how it was obtained, can not request the correction of said data, can not request the transfer of data, not may object to the processing of data and cannot restrict the use of this data, nor can it request that this data be deleted from the Controller's files, which means that it cannot.
Users, access, rectification, deletion, in order to exercise the portability rights or file an appeal, it must send an email to the following address: info@awaretour.com
If users also consider that the processing of personal data by the Company violates applicable data protection regulations, they may apply to a supervisory authority, in this case the National They may file a complaint with the Data Protection Commission.
XII. Changes to the Privacy Policy
The Controller reserves the right to amend this Privacy Policy in order to adapt it to legal or legal developments as well as industry practice.
This Privacy Policy will remain in effect until duly modified by another published policy.