Maxx Royal Resorts

Personal data of the employees may be processed without obtaining consent to the extent of requirements of health insurance and business relations. However, “Voyag Turizm, MRA Turizm” hereby undertakes the protection and confidentiality of the data of the employees.

Data are obtained from Kariyer.net for job applications and candidate procurement and management of human resources and these data are registered in the system within the scope of candidate assessment process.

Processing as per Legal Obligations

“Voyag Turizm, MRA Turizm ” may also processes the personal data of the employees without obtaining a separate consent to fulfill a legal obligation stipulated in the legislation or in case it’s explicitly specified in the legislation. This case is limited to the obligations arising from the Law.

Processing special categories of personal data

Since we are in direct contact and interaction with our guests, our company is obliged to process the information of our employees about Covid-19 in order to protect public health. For this reason, employee data on the Covid-19 disease, vaccination ID card information (including vaccination dates or non-vaccination info) will be kept in the personnel files during the pandemic and for 5 years after the pandemic.

Pursuant to the Law, race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, clothes, membership of association, foundation or union, health, sexual choice, juridical sentence and data regarding safety measures and biometric and genetic data are among the special quality data. Besides the consent of the relevant person, “Voyag Turizm, MRA Turizm” also takes adequate measures determined by the Board for the processing of special quality data. Special quality data may be processed limited to and related to the cases permitted by the Law without the consent of the person. The quality data obtained from the employees shall only be used for the corresponding purpose to allow them to benefit from the insurance and health services.

Data processed with automatic systems

The data processed regarding the employees with automatic systems may be used for in-house promotions and performance assessments. The employees reserve the right to appeal to the results against them and they should perform this process in compliance with the internal procedures. Appeals of the employees shall be evaluated again within the company.

Telecommunication and internet

The computers, telephone, e-mail and other applications allocated to the employees within the company shall only be used for business purposes. The employee cannot use any of these means allocated to himself/herself by the company for private purposes or communication. The company may continue to control and monitor the data on these means for a maximum of 1 year even after the employee leaves the company to ensure the sustainability of intercompany relations, contracts and commercial communications. The employee undertakes not to keep any data or information apart from the business purposes on the computer, telephones or other means allocated to himself/herself as of his/her employment date.

It’s the user’s responsibility to be careful when using mobile devices (mobile phone, portable computer, tablet etc.) at open public spaces, in meeting rooms and other unprotected areas. Mobile devices should be also protected physically against theft in places like automobiles and other transportation vehicles, hotel rooms, conference centres and meeting rooms. You should immediately inform Information Technologies Department in case of theft or loss of any mobile device.

TRANSFERRING OF THE PERSONAL DATA DOMESTICALLY AND INTERNATIONALLY

Your personal data may be shared with business and solution partners by Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş. and MRA Turizm ve Otel İşletmeciliği A.Ş. for the purpose of offering accommodation, transfer, ticketing, invoicing, surveys, marketing notifications, and loyalty card sending services.
Your personal data may be transferred to foreign countries ("Countries with Adequate Protection") declared to have sufficient protection by the Personal Data Protection Board. In the absence of adequate protection, your personal data may be transferred to foreign countries ("Adequate Countries with Data Controllers Committing Adequate Protection"), where data controllers in Türkiye and the relevant foreign country have committed to providing sufficient protection in writing and have obtained permission from the Board. The transfers will be carried out meticulously, ensuring that the data security commitments in the respective country are thoroughly examined, using only the necessary information and up-to-date data protection methods.

Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş. and MRA Turizm ve Otel İşletmeciliği A.Ş. may transfer personal data to the individuals and institutions listed below for specific purposes:
a) Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş. and MRA Turizm ve Otel İşletmeciliği A.Ş.'s business partners, within the scope of the established business partnership, for the purpose of offering services (transfer planning, ticketing, pre-flight hospitality services).
b) Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş. and MRA Turizm ve Otel İşletmeciliği A.Ş.’s suppliers, to offer services necessary for the company's commercial activities that are sourced externally from the supplier (server, storage, archiving, GSM services, hosting, IT support, legal and similar consultancy firms),
c) Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş., MRA Turizm ve Otel İşletmeciliği A.Ş., Ets Ersoy Turistik Servisleri A.Ş., and other solution partners, limited to ensure the execution of our company's commercial activities requiring the participation of subsidiaries (loyalty card discounts, ticketing, transfer, guide services).
d) The potential employers requesting references or requesting information within the scope of occupational health and safety, with the consent of our former employees limited to sharing the necessary documents within the scope of relevant legislation,
e) Institutions or organizations established in compliance with specific conditions determined by the relevant legislation and continuing their activities within the framework defined by the law (independent audit firms, international accredited institutions).

Voyag Turizm Otelcilik İşletmesi ve İnş. San. Ticaret A.Ş. and MRA Turizm ve Otel İşletmeciliği A.Ş. ensure full compliance with the Personal Data Protection Law No. 6698 and related legislation when transferring your data domestically and internationally. Additionally, your Personal Data may be transferred to state institutions, judicial bodies, and foreign missions established by international agreements (embassies, consulates, etc.) in accordance with legal obligations and when deemed necessary.

CONFIDENTIALITY PRINCIPLE

The data of the employees and other persons within “Voyag Turizm and MRA Turizm” are confidential. Nobody can use, copy, reproduce, transfer these data for other purposes apart from the business purposes.

PROCESS SECURITY

All necessary technical and administrative measures are taken to protect the personal data received by “Voyag Turizm and MRA Turizm ” and to prevent the retention of them by unauthorized persons and to prevent the damage on our customers and potential customers. Within this framework, it’s ensured that the software complies with the standards, third parties are selected with care and data protection policy is followed within the company.

CHANGES TO BE MADE IN PERSONAL DATA PROTECTION AND PRIVACY POLICY:

“Voyag Turizm and MRA Turizm ” reserves the right to make changes on the declarations here. In case of any significant change in the declaration, a link will be attached on the homepage of the website to access the up-to-date declaration. Guests registered for any of our products or services may be informed regarding this issue through the communication channel he/she has provided to the properties. When the last time this declaration was updated and update number are given at the end of this text. Each change made on the declaration becomes effective upon the publication of the changed declaration on the website. By using the website or any of our products and services following such changes, you accept the changed declaration that is effective at that time.
Policy Update: 5 September 2023 rev. 1.8