Sıfırdan Bilişim Teknolojileri Anonim Şirketi (“Sıfırdan Bilişim”) is the owner and operator of the Plavel application ("Application"), which offers personalized information, recommendations, and services based on your preferences for places to visit, catering locations, accommodations, and entertainment during your travels and enables reservations.
When you use the Application or visit our website, we are committed to respecting your privacy and being transparent about how we use the information you provide with trust. In this context, this Privacy and Clarification Notice ("Notice") explains how your personal data, which you disclose to Sıfırdan Bilişim as the data controller when using the Application and visiting the website, are obtained, processed for what purposes, transferred to whom and for what purposes, and the rights you have and how to use them.
We obtain your personal data through the Application and our website. In order to provide you with personalized information, recommendations, and services tailored to your preferences for places to visit, catering locations, accommodations, and entertainment during your travels, the following data will be processed in accordance with Article 5/2 (c) of the Personal Data Protection Law No. 6698 ("KVKK") for the purpose of establishing and executing the contract: (i) your name, surname, gender, email address, and phone number, when you become a member of the Application, and (ii) your location information, IP information, and log records while using the Application.
However, in order for the route to be prepared in a correct way, if you specify it completely optionally; your data on whether you have children, and if you have children, the number of them, whether you speak English and foreign languages used in the country where you will travel may also be processed for the establishment and performance of the contract in accordance with Article 5/2 (c) of the KVKK. Similarly, if you optionally share information about your travel disability and whether you are allergic to any food, this information shall be processed based on your explicit consent to be obtained in accordance with Article 6/1 of the KVKK.
Personal data related to credit cards and debit cards entered into the Application for membership, product purchases, and information updates are carried out independently of Sıfırdan Bilişim, between you and the bank or card institutions. Information such ascredit card passwords may not be viewed by Sıfırdan Bilişim. Credit or debit card information requested on the payment page is not stored in any way in the Application or on the servers of third-party companies providing services. This ensures that all payment transactions take place between the relevant bank and the device you are using through the Application.
Due to the servers of the Application being located outside of Turkey, your personal data as stated in this Notice will be stored on the servers of the Application located abroad, in accordance with the explicit consent to be obtained as per Article 9/1 of the Personal Data Protection Law ("KVKK").
In order to prepare the route, your data may be transferred to abroad located OpenAI OpCo, LLC, based on your explicit consent to be obtained in accordance with Article 9/1 of KVKK.
Your personal data may be disclosed to official authorities when requested and in cases where it is necessary to make a disclosure in accordance with the mandatory provisions of applicable legislation.
[●]
Sıfırdan Bilişim provides its services to users in various countries. The transfer of your data to countries other than your location will be carried out in the manner specified in this Notice and in compliance with applicable laws.
The services offered by Sıfırdan Bilişim are not intended for children. A "child" is a person who is
(i) 14 (fourteen) years of age or younger, or below the age of consent to privacy in your jurisdiction, or (ii) the age of legal capacity to enter into a contract.
Sıfırdan Bilişim takes the necessary administrative, technical, and physical security measures to protect your data. In this context we take undermentioned security measures.
Network and application security are ensured.
Security measures are taken within the scope of procurement, development and maintenance of information technology systems.
The security of personal data stored in the cloud is ensured.
Training and awareness creating activities on data security are carried out at regular basis for employees.
An authorization matrix has been created for employees.
Access logs are kept on regular basis.
Data masking measures are applied when necessary.
Confidentiality undertakings are made.
The authorizations of employees who change their duties or leave their jobs are removed.
Up-to-date anti-virus systems are used.
Firewalls are used.
Signed contracts contain data security provisions.
Personal data security policies and procedures are defined.
Personal data security issues are reported quickly.
Personal data security is monitored.
Necessary security measures are taken for entry and exit to physical environments containing personal data.
Physical environments containing personal data are secured against external risks (fire, flood, etc.).
Security of environments containing personal data is ensured.
Personal data is minimized as much as possible.
Personal data is backed up and the security of backed up personal data is also ensured.
Log records are kept without the intervention of the User.
Protocols and procedures for the security of sensitive personal data have been determined and implemented.
Intrusion detection and prevention systems are used.
Encryption is performed.
However, we may not guarantee the security of the information in the face of unauthorized access or use, hardware/software failures, or other conditions beyond our control.
Unless applicable laws require a longer retention period, we will keep your personal data for the duration of your membership or as long as it is necessary for the purposes stated in this Notice.
Cookies shall be used as of / / to provide you with the best possible website experience and personalize your visits to our website. Personal data shall be processed through cookies on
our website as of
/ / , and necessary cookies shall be used for the provision of
information society services. Other cookies, when you give your explicit consent, will be used for limited purposes such as conducting advertising/marketing activities for you, improving the functionality of our website, and personalization (except for your privacy preference, remembering your other preferences when you revisit the website). You may manage your cookie preferences as of / / through the Cookie Management Panel, and you may find detailed information in the Cookie Policy.
We declare and undertake that we will protect all the information you have shared with us, especially your personal data, with the utmost confidentiality, ensure their security and take
technical and administrative measures that are no less than the measures we take to protect our own confidential information, not to disclose or reveal them to any third party, except for the performance of the contract and legal obligations. Otherwise, we declare and undertake that we will compensate any direct damages resulting from this, based on a final court decision.
As a data subject, you have the following rights, subject to the rights provided for by the applicable laws, as a data subject, you have the following rights: (i)to learn whether his/her personal data are processed or not, (ii) to demand for information as to if his/her personal data have been processed,
(iii) to learn the purpose of the processing of his/her personal data and whether these personal data are used in compliance with the purpose, (iv)to know the third parties to whom his personal data are transferred in country or abroad, (v) to request the rectification of the incomplete or inaccurate data, if any, (vi) to request the erasure or destruction of your personal data if the reasons requiring their processing have disappeared, (vii) to request reporting of the rectification and erasure operations to third parties to whom your personal data have been transferred, (viii) to object to the occurrence of a result against you by analyzing the data processed solely through automated systems, (ix) to claim compensation for the damage arising from the unlawful processing of your personal data.
For Contact: As a data subject, if you wish to exercise any of the rights mentioned above, you maysend your request to our company with sufficient information and explanation about your identity and the right you want to use through one of the following methods: in person or through a notary public to the address "Fenerbahçe Mah. İğrip Sok. No: 13 İç Kapı No: 1 Kadıköy/İstanbul,", or using secure electronic signature, mobile signature, or your previously notified and registered e-mail address in our system to our e-mail address at support@plavel.app.
We may update this Notice in the future. We recommend checking the page periodically to review the most current version and reviewing this Notice regularly for the latest information about our privacy practices. These changes will become effective as soon as they are announced on the Sıfırdan Bilişim website or through the Application by Sıfırdan Bilişim.
This Notice has been prepared in accordance with the KVKK and will prevail in case of any conflicts with the personal data protection laws of the country in which you reside.