Contact
+90 (242) 510-1500
The protection of personal data is among the top priorities of Dilaver Çekiç İnş. Tur. Eml. Otom. İnş. Malz. Petr. Mad. Tic. ve San. A.Ş. (“Company”). This Dilaver Çekiç İnş. Tur. Real Estate, Automotive, Construction Materials, Petroleum, Mining, Trade and Industry Inc. Personal Data Protection and Processing Policy ("Policy") outlines the principles adopted by our Company in the execution of personal data processing activities and the basic principles adopted by our Company in terms of compliance with the regulations set forth in the Personal Data Protection Law No. 6698 (the "Law"). In this way, our Company ensures the necessary transparency by informing personal data owners. With full awareness of our responsibility in this regard, your personal data is processed and protected within the scope of this Policy.
The activities carried out by our Company regarding the protection of our employees' personal data are managed under the Dilaver Çekiç İnş. Tur. Eml. Otom. İnş. Malz. Petr. Mad. Tic. ve San. A.Ş. Employee Personal Data Protection and Processing Policy, which is written in line with the principles of this Policy.
This Policy applies to all personal data processed by automated means or by non-automated means as part of a data recording system, except for our Company employees. Detailed information regarding the owners of such personal data can be found in Appendix 2 ("Appendix 2 - Personal Data Owners") of this Policy.
The relevant legal regulations in force regarding the processing and protection of personal data shall take precedence. In the event of any inconsistency between the legislation in force and the Policy, our Company accepts that the legislation in force shall prevail. The Policy regulates the rules set forth by the relevant legislation by concretizing them within the scope of Company practices.
This Policy, prepared by our Company, is dated November 2025. In the event that the entire Policy or certain articles are renewed, the effective date of the Policy will be updated. The Policy is published on our Company's website at www.asiabeachresort.com and is made available to the relevant persons upon request by the personal data owners.
In accordance with Article 12 of the Law, our Company takes the necessary measures, depending on the nature of the data to be protected, to prevent the unlawful disclosure, access, transfer, or other security breaches of personal data. In this context, our Company takes administrative measures and conducts or commissions audits to ensure the necessary level of security in accordance with the guidelines published by the Personal Data Protection Board ("Board").
Personal data of a sensitive nature is given special importance under the Law due to the risk of causing harm or discrimination to individuals if processed unlawfully. These "special category" personal data include data related to race, ethnic origin, political opinion, philosophical belief, religion, sect, or other beliefs, attire and clothing, membership in associations, foundations, or unions, health, sexual life, criminal convictions, and security measures, as well as biometric and genetic data.
In this context, the technical and administrative measures taken by our Company for the protection of personal data are carefully applied with regard to special category personal data, and the necessary controls are ensured within our Company.
Detailed information regarding the processing of special category personal data is provided in Section 3.3 of this Policy.
Our Company ensures that the necessary training is provided to business units to increase awareness regarding the prevention of unlawful processing of personal data, unlawful access to data, and ensuring the preservation of data.
Our company establishes the necessary systems to ensure that current and new employees are aware of the protection of personal data and works with consultants when needed on this subject. In this regard, our company evaluates participation in relevant training, seminars, and information sessions and organizes new training in line with updates to the relevant legislation.
Personal data is processed in accordance with the general principles of good faith and fairness, in a manner that does not infringe upon the fundamental rights and freedoms of individuals. Within this framework, personal data is processed to the extent required by our Company's business activities and is limited to these activities.
Our Company takes the necessary measures to ensure that personal data is accurate and up-to-date throughout the period it is processed and establishes the necessary mechanisms to ensure the accuracy and up-to-dateness of personal data at specific intervals.
Our company clearly states the purposes for which personal data is processed and processes it within the scope of purposes related to its business activities.
Our company collects personal data only to the extent and in the manner required by its business activities and processes it only for the specified purposes.
Our company retains personal data for the period necessary for the purpose for which it is processed and for the minimum period stipulated in the relevant legislation. In this context, our company first determines whether the relevant legislation stipulates a period for the storage of personal data and, if a period is specified, acts in accordance with that period. If there is no legal period, personal data is stored for as long as necessary for the purpose for which it is processed. At the end of the specified retention periods, personal data is destroyed in accordance with periodic destruction schedules or upon request by the data subject, using the specified destruction methods (deletion and/or destruction and/or anonymization).
Except for the explicit consent of the personal data subject, the basis for personal data processing activities may be only one of the conditions specified below, or multiple conditions may be the basis for the same personal data processing activity. If the processed data is special category personal data, the conditions set out in section 3.3 of this Policy ("Processing of Special Category Personal Data") shall apply.
One of the conditions for processing personal data is the explicit consent of the data subject. The explicit consent of the personal data subject must be specific to a particular matter, based on information provided, and freely given.
Personal data may be processed without the data subject's explicit consent if the following conditions for processing personal data are met.
If the data subject's personal data is explicitly provided for by law, in other words, if there is an explicit provision in the relevant law regarding the processing of personal data, then this condition for data processing may be said to exist.
If it is impossible to obtain the consent of a person who is unable to express their consent due to practical impossibility or whose consent cannot be considered valid, and if the processing of their personal data is necessary to protect their life or physical integrity or that of another person, the personal data of the data subject may be processed.
Provided that it is directly related to the establishment or performance of a contract to which the data subject is a party, the processing of personal data shall be deemed to have fulfilled this condition if it is necessary.
The data subject's personal data may be processed if processing is necessary for the Company to fulfill its legal obligations.
If the data subject has made their personal data public, the relevant personal data may be processed only for the purpose of disclosure.
The personal data of the data subject may be processed if it is necessary for the legitimate interests of our Company, provided that this does not harm the fundamental rights and freedoms of the data subject.
Special category personal data is processed by our Company in accordance with the principles set out in this Policy and by taking all necessary administrative and technical measures, including the methods determined by the Board, and under the following conditions:
In accordance with Article 10 of the Law and secondary legislation, our company informs personal data subjects about who processes their personal data as the data controller, for what purposes, with whom it is shared, by what methods it is collected, the legal basis, and the rights of data subjects regarding the processing of their personal data.
Our company may transfer the personal data and special category personal data of the data subject to third parties (third-party companies, group companies, third-party individuals) in accordance with the Law, taking the necessary security measures for the purposes of processing personal data. In this regard, our Company acts in accordance with the provisions set forth in Article 8 of the Law. Detailed information on this subject can be found in Appendix 4 ("Appendix 4 - Third Parties to Whom Our Company Transfers Personal Data and the Purposes of Transfer") of this Policy.
Even if the data subject does not give their explicit consent, personal data may be transferred to third parties by our Company with due care and by taking all necessary security measures, including the methods prescribed by the Board, if one or more of the conditions listed below are met.
In addition to the above, personal data may be transferred to foreign countries declared by the Board to have adequate protection ("Foreign Countries with Adequate Protection") if any of the above conditions exist. In the absence of adequate protection, personal data may be transferred to foreign countries where the data controllers in Turkey and the relevant foreign country have committed in writing to provide adequate protection in accordance with the data transfer conditions stipulated in the legislation and where the Board's permission has been obtained ("Foreign Country with a Data Controller Committed to Adequate Protection").
Special category personal data may be transferred by our Company in accordance with the principles set out in this Policy and by taking all necessary administrative and technical measures, including those determined by the Board, provided that the following conditions are met:
In addition to the above, personal data may be transferred to a Foreign Country with Adequate Protection if any of the above conditions are met. In the absence of adequate protection, personal data may be transferred to a Foreign Country with Adequate Protection where the data controllers in Turkey and the relevant foreign country have committed in writing to provide adequate protection in accordance with the data transfer conditions stipulated in the legislation.
In accordance with Article 10 of the Law and secondary legislation, relevant persons are informed at our company, In line with our company's personal data processing purposes, personal data is processed in accordance with the general principles specified in the Law, primarily the principles specified in Article 4 of the Law regarding the processing of personal data, based on and limited to at least one of the personal data processing conditions specified in Articles 5 and 6 of the Law. Within the scope of the purposes and conditions specified in this Policy, detailed information about the categories of personal data processed and the categories themselves can be found in Appendix 3 ("Appendix 3 - Personal Data Categories") of the Policy.
Detailed information regarding the purposes of processing personal data is provided in Annex 1 of the Policy ("Annex 1 - Purposes of Processing Personal Data").
Our Company retains personal data for the period necessary for the purpose for which it is processed and for the minimum period stipulated in the relevant legislation. In this context, our Company first determines whether the relevant legislation stipulates a period for the storage of personal data and, if so, acts in accordance with that period. If there is no legal period, personal data is stored for as long as necessary for the purpose for which it is processed. At the end of the specified retention periods, personal data is destroyed in accordance with periodic destruction schedules or upon request by the data subject, using the specified destruction methods (deletion and/or destruction and/or anonymization).
Data subjects have the following rights:
Data subjects may submit their requests regarding the rights listed in Section 6.1 ("Data Subject's Rights") to our Company using the methods determined by the Board. In this regard, they may use the "Dilaver Çekiç İnş. Tur. Eml. Otom. İnş. Malz. Petr. Mad. Tic. ve San. A.Ş. Data Subject Application Form" available at www.asiabeachresort.com.
Our Company takes the necessary administrative and technical measures to process applications made by data subjects in accordance with the Law and secondary legislation.
If the data subject submits their request regarding the rights listed in section 6.1. ("Data Subject's Rights") to our Company in accordance with the procedure, our Company will process the request free of charge as soon as possible and within 30 (thirty) days at the latest, depending on the nature of the request. However, if the process involves additional costs, a fee may be charged in accordance with the rates determined by the Board.
| MAIN PURPOSES (PRIMARY) | SUB-PURPOSES (SECONDARY) |
Planning and implementation of our Company's human resources policies and processes
| Planning human resources processes |
| Conducting personnel recruitment processes | |
| Planning and execution of intern and student recruitment, placement, and operational processes | |
| Conducting the necessary work by our relevant business units and executing the related business processes for the commercial activities carried out by the company | Planning and execution of corporate communication activities |
| Event management | |
| Planning and execution of corporate management activities | |
| Planning and execution of business activities | |
| Monitoring of finance and accounting tasks | |
| Establishing and managing information technology infrastructure | |
| Planning and execution of production and operational processes | |
| Planning and execution of activities to analyze the effectiveness/efficiency and appropriateness of business activities | |
| Planning information security processes | |
| Ensuring that our business units carry out the necessary work to enable relevant individuals to benefit from the products and services offered by the company and executing the relevant business processes | Tracking contract processes and legal claims |
| Tracking customer requests and complaints | |
| Planning and execution of product and service sales processes | |
| Planning and execution of the Company's commercial and business strategies | Implementation of strategic planning activities |
| Management of relationships with business partners and suppliers | |
| Planning and execution of customer satisfaction activities | |
| Planning and execution of reporting activities | |
Planning and execution of activities necessary to customize and recommend products and services offered by the company to relevant individuals based on their preferences, usage habits, and needs
| Planning and execution of market research activities for the sale and marketing of products and services |
| Designing and executing advertising, promotion, and marketing activities in digital and other media | |
| Designing and executing personalized marketing and promotion activities | |
| Planning and execution of marketing processes for products and services | |
| Identifying and evaluating individuals who will be the subject of marketing activities based on consumer behavior criteria | |
| Planning and execution of data analytics studies for marketing purposes | |
| Planning and execution of activities aimed at improving and developing the user experience related to products and services | |
| Ensuring the legal, technical, and commercial-business security of the Company and individuals in a business relationship with the Company | Planning and execution of internal audit and investigation processes |
| Following up on legal matters | |
| Conducting corporate and partnership law transactions | |
| Planning and execution of Company audit activities | |
| Ensuring the security of the Company's premises and facilities | |
| Planning and execution of corporate financial risk processes | |
| Planning and execution of operational activities necessary to ensure that company activities are conducted in accordance with company procedures and relevant legislation | |
| Ensuring the security of company operations |
| PERSONAL DATA SUBJECT CATEGORIES | DESCRIPTION |
| Customer | Real persons who use or have used the products and services offered by our company, regardless of whether they have any contractual relationship with our company |
| Potential Customer | Real persons who have expressed an interest in or requested to use our products and services, or who have been assessed as potentially interested in accordance with commercial customs and rules of good faith. |
| Visitor | Real persons who have entered our physical premises for various purposes or visited our websites |
| Third Party | Real persons who are third parties related to the aforementioned parties in order to ensure the security of commercial transactions between our company and the aforementioned parties or to protect the rights and secure the interests of the aforementioned persons (e.g., guarantors, family members, and relatives) or other individuals not covered by this Policy and the Yörükoğlu Milk and Dairy Products Industry and Trade Inc. Employee Personal Data Protection and Processing Policy |
| Job Applicant | Natural persons who have applied for a job at our company in any way or who have made their resume and related information available for review by our company |
| Company Shareholder | Natural persons who are shareholders of our company |
| Company Official | Members of our company's board of directors and other authorized individuals |
| Employees, Shareholders, and Authorized Representatives of Institutions We Collaborate With | Natural persons who are employees, shareholders, and authorized persons of institutions with which our company has any kind of business relationship (such as business partners, dealers, authorized service providers, suppliers, etc., but not limited to these) |
| PERSONAL DATA CATEGORIES | DESCRIPTION |
| Identity Information | Data containing information about the person's identity: documents such as driver's license, identity card, and passport containing information such as name and surname, Turkish ID number, nationality, mother and father's name, place of birth, date of birth, gender, as well as information such as tax number, SGK number, vehicle license plate, etc. |
| Contact Information | Phone number, address, email, fax number |
| Location Data | Information that identifies the location of the personal data subject while using our products and services, or the location of employees of institutions we collaborate with while using our Company's vehicles |
| Customer Information | Information obtained and generated about the relevant person as a result of our commercial activities and the operations carried out by our business units within this framework |
| Family Members and Close Relatives Information | Information about the family members and relatives of the data subject obtained within the scope of our Company's operations and in relation to the products and services we offer, or for the purpose of protecting the legal and other interests of the Company and the data subject |
| Customer Transaction Information | Information clearly belonging to an identified or identifiable natural person and stored in the data recording system; records related to the use of our products and services, as well as instructions and requests necessary for the customer to use the products and services |
| Physical Premises Security Information | Personal data relating to records and documents obtained upon entry to the physical location and during stay within the physical location, which clearly belong to an identified or identifiable natural person and are stored in the data recording system; camera recordings, fingerprint records, and records obtained at security points, etc. |
| Transaction Security Information | Personal data processed to ensure our technical, administrative, legal, and commercial security while conducting our commercial activities (e.g., log records) |
| Risk Management Information | Personal data processed using methods that comply with generally accepted legal, commercial customs, and rules of good faith in these areas, enabling us to manage our commercial, technical, and administrative risks |
| Financial Information | Personal data processed that clearly belongs to an identified or identifiable natural person, processed partially or fully automatically or non-automatically as part of a data recording system; personal data processed relating to information, documents, and records showing any financial results created according to the type of legal relationship established by our company with the personal data owner, as well as bank account number, IBAN number, credit card information, financial profile, asset data, income information, etc. |
| Personal Information | Any personal data processed for the purpose of obtaining information that will form the basis of the personal rights of real persons who have a working relationship with our company |
| Employee Candidate Information | Personal data processed in relation to individuals who have applied to become employees of our company or who have been evaluated as job applicants in accordance with commercial customs and rules of good faith in line with our company's human resources needs, or individuals who have an employment relationship with our company. |
| Special Category Personal Data | Data related to individuals' race, ethnic origin, political opinion, philosophical belief, religion, sect, or other beliefs, attire, membership in associations, foundations, or unions, health, sexual life, criminal convictions, and security measures, as well as biometric and genetic data |
| Marketing Information | Personal data processed at for the purpose of marketing our products and services tailored to the usage habits, preferences, and needs of the personal data owner, and the reports and evaluations created as a result of this processing |
| Request/Complaint Management Information | Personal data related to the receipt and evaluation of any requests or complaints directed to our company |
| Visual and Audio Data | Data clearly belonging to an identified or identifiable natural person; photographs and camera recordings (excluding recordings falling under Physical Premises Security Information), voice recordings, and data contained in documents that are copies of documents containing personal data |
| Audit and Inspection Information | Personal data processed during internal or external audit activities within the scope of our company's legal obligations and compliance with company policies. |
| Legal Proceedings and Compliance | Personal data processed in the context of determining and pursuing our legal claims and rights, fulfilling our obligations, and complying with our legal obligations and company policies. |
Our Company may transfer customers' personal data to the following categories of persons in accordance with Articles 8 and 9 of the Law:
The scope of the above-mentioned persons to whom data is transferred and the purposes of data transfer are specified below.
| Persons to Whom Data May Be Transferred | Definition | Purpose of Data Transfer |
| Business Partner | Investors and other parties with whom our company has established a business partnership for purposes such as the sale, promotion, and marketing of our company's products and services, after-sales support, and the implementation of joint customer loyalty programs while conducting our company's commercial activities | For the limited purpose of ensuring that the objectives of the business partnership are fulfilled |
| Consultant/Service Provider/Supplier | Parties providing services to our company in accordance with our company's data processing purposes and instructions within the scope of conducting our company's commercial activities | Limited to ensuring that the services necessary for our Company to carry out its commercial activities are provided to our Company, which are sourced externally by our Company's Consultant/Service Provider/Supplier |
| Legally Authorized Public Institutions and Organizations | Public institutions and organizations authorized to obtain information and documents from our Company in accordance with the relevant legislation For example; Trade Registry Directorate, CMB, EPDK, Competition Authority, etc. | Within the scope of the legal authority of the relevant public institutions and organizations, limited to the purpose requested |
| Legally Authorized Private Legal Entities | This refers to institutions or organizations established in accordance with specific conditions determined by law and continuing their activities within the framework defined by law (e.g., banks, independent auditors). | Personal data is shared on a limited basis for matters falling within the scope of the activities carried out by the relevant private institutions and organizations. |
| Company Board Members | Company Board of Directors Members | Limited to the execution of Company Board of Directors activities |
Free Email Signature Generator
Contact
+90 (242) 510-1500Hi there, How can I help you today?