Protection of personal data

Corendon Informative Document on the Protection or Personal Data

Contents

Data Controller
Scope, Purpose and Legal Basis of Personal Data Processing
Our Legitimate Interest in Data Processing
1. 1 Corendon Website
2. 2 Viewing the Website and Creating the Log Files
3. 3 Use of Cookies
4. 4 Use of the Services Offered by our Website
Data Processing for Ticket Sales
In-flight Sales
Other Processing Responsibilities
Liability to Identify Personal Data
Period of Processing Personal Data
Sharing the Personal Data with Third Parties
Your Rights as the Owner the Processed Data
Consent
Right of Objection Pursuant to Article 21 of GDPR
Disclaimer and Information on Personal Data Protection

Corendon takes the matter of protecting your personal data seriously. This Informative Document provides a briefing on the type of personal information to be processed when (i) Corendon Website has been visited (Section 3.1.); (ii) tickets have been purchased by way of our company (Section 4).

1. Data Controller

As the Data Controller and pursuant to (Article 4 in GDPR No.7, Article 3 (1) (i) in KVKK),

We will provide you on the processing of your personal data (Article 4 in GDPR No.1, Article 3 (1) (b) in KVKK) in relation to the use of the website https://www.corendonairlines.com („Website“) of our company Turistik Hava Taşımacılık A.Ş. (TR-07200 Antalya, Türkiye, Güzeloluk Mah. 1879. Sok. No: 148, Muratpaşa / Antalya / Türkiye) (hereinafter referred to as “Corendon”), and to the sale of our products and services.

If you have further questions on the personal data protection in relation to our Website or to the services offered by the website, please contact our Data Protection Supervisor:

Turistik Hava Taşımacılık A.Ş. Data Protection Supervisor:

E-mail: [email protected]

Corendon places extreme importance on the confidentiality and protection of your personal data. Accordingly, we have prepared this informative document for you to clarify the reasons why and the manner in which your personal data is processed and the parties with whom such data is shared by Corendon. Corendon will process the personal data that you share by means of our website and the other electronic communication and sales channels in line with this informative document.

2. Scope, Purpose and Legal Basis of Personal Data Processing

The processing of your personal data is performed pursuant to the Law on the Protection of Personal Data no 6698 (“KVKK”) and the General Regulation on Data Protection (Reg. EU 2016/679) (“GDPR”) and, if applicable, the German Law (particularly BDSG 2018) (“Personal Data Protection Legislation”).

In the following cases, personal data is collected directly from our users or from the other sources (listed below) and used for the purposes stated in the related legislation.

3. Our Legitimate Interest in Legal Processing

In case Article 6.(1)(f) of GDPR constitutes the legal basis for data processing, our legitimate interest includes the below listed considerations besides the objectives mentioned above:

Protecting the company against material and non-material damages
Professionalization and improvement (in relation to our products and services)
Cost optimization (control and minimization)

3.1. Corendon Website

3.2. Website Rule and Creating the Log Files

Every time you log into our website as a user, our system automatically requests data and information from the computer system and stores them. In that context, the following data (“technical data”) are collected:

(1) Information about the type and the version of the browser
(2) Operating system of the user
(3) Internet service provider of the user
(4) IP address of the user
(5) Date and time of access
(6) The websites through which the user’s system has reached our website
(7) The websites which the user has reached through our website

These data are also stored in the log files of our system. These data are not stored in combination with the other personal information of the user.

In that sense, we collect this technical information for purposes of (network) security (for instance fighting against cyber attacks), marketing, having a better understanding of our users’ needs, continuously improving our website and ensuring that the website can be viewed from the user’s computer.

The purpose of storage in log files is ensuring the functioning of the website. Also we use the data for optimizing the website and providing the security of our information technology systems. In that sense the data are not analyzed for some kind of marketing purpose. The legal basis for the temporary storage of the data and the log files is Article 6(1) f of GDPR.

3.3. Use of Cookies

We use Cookies in our website. Cookies are text files stored in the web browser or in the web browser of the user’s computer system. When a user has access to a website, a cookie can be stored in the user’s operating system. This cookie contains a certain sequence of characters which enable the identification of the browser next time the website is accessed.

Cookies are stored in the user’s computer where they have been transferred to our part. As the user you have full control on the use of cookies. You can disable or limit the transmission of cookies by changing the settings of your web browser. You can delete the previously stored cookies any time you want. This operation can be done automatically. If you disable Cookies in our website, it may no longer be possible to make full use of all functions of the website. For more information on the cookies we use, their purposes and legal basis, please see our Cookies Policy.

3.4. Using the Services Offered in our Website

Various services and applications are offered in our website. It is obligatory to collect and process the personal data of the user or our customer to provide these offerings.

Corendon may use your personal data for the following purposes:

Providing you a better website experience,
Providing you the demanded offers and services,
Providing special flight offers and services, Creating, listing, reporting, verifying, analysing and evaluating databases,
Analysing how you use our website and the other communication and sales channels and customizing the communication channels for you which you share with us directly or by way of service providers so that we can serve you better,
Researching and developing our products and services and your possibilities of personal preferences in relation to them, promoting our services or related products, establishing commercial communication to promote the new products, providing you special flight offers, advantageous flight change tariffs and other information you may find interesting,

Based on the express consent you have given pursuant to Article 6(1)(a) of GDPR and Article 5(1) of KVKK;

Providing the offers and services requested by Corendon;
Managing the related data when necessary,

As part of a contractual liability pursuant to Article 6 (1) (b) of GDPR and Article 5(2)(c) of KVKK;

Providing special flight offers and services,
Creating, listing, reporting, verifying, analysing and evaluating databases; generating statistical data,

Analysing how you use our website and the other communication and sales channels and customizing the communication channels for you which you share with us directly or by way of service providers so that we can serve you better,
Researching and developing our products and services and your possibilities of personal preferences in relation to them, promoting our services or related products, establishing commercial communication to promote the new products, providing you special flight offers, advantageous flight change tariffs and other information you may find interesting,
Protecting the flight safety and the lives and properties of Corendon, its employees, Corendon service providers and their employees or Corendon guests,
Preventing fraud, performing internal audits, ensuring security and handling legal and other claims;

AS part of our legitimate interest pursuant to Article 6(1)(f) of GDPR, Article 5(2)(f) of KVKK;

Fulfilling the legal obligations including obedience to the rules that apply to Corendon or performance of a duty for the public interest or execution of the orders of a government authority;

Performing a legal obligation pursuant to Article 6(1)(c) of GDPR, Article 5(2)(a), Article 5(2)(ç) of KVKK.

We can collect the following types of information from you in line with the above mentioned purposes:

Your name, surname, occupation, address, telephone and fax numbers, e-mail address and other contact information,
Identity and passport information,
Ticket and flight reservation details,
Information on invoicing and payment tools,
Your product order information,
Personal areas of interest
Information you have provided in relation to your demands and complaints about our products and services,
Information on your use of our website and other communication channels,
Your preferences for the products and services and your previous experiences.

4. Data Processing for Ticket Sales

When you purchase a flight ticket from Corendon company (in our website or by means of our partners) we process your personal information for the following purposes:

Better fulfilling your travel needs

As part of a contractual obligation pursuant to Article 6 (1) (b) of GDPR, Article 5(2)(c) of KVKK and as part of our legitimate interest pursuant to Article 6(1)(f) of GDPR, Article 5(2)(f) of KVKK;

In addition to the purposes listed in Article 4 above, we can collect the following types of data from you in line with these purposes:

Your name, surname, occupation, address, telephone and fax numbers, e-mail address and other contact information,

Identity and passport information,
Ticket and flight reservation details,
Information on invoicing and payment tools,
Your product order information,
Personal areas of interest
Information you have provided in relation to your demands and complaints about our products and services,
Information on your use of our website and other communication channels,

Your preferences for the products and services and your previous experiences

5. In-flight Sales

In order to be able to provide information about our in-flight services like the sale of in-flight meals & beverages, for the purpose of issuing invoices for these sales and delivering the products to our passengers, the following information is processed on the basis of the contract and legal obligations.

Name, surname, address, phone and fax number, email address, and any other contact information
ID and passport information
Ticket and booking details
Order information

6. Other Processing Responsibilities

Your personal data may be processed pursuant to legal statutes (Commerce Law, Law of Liabilities, Taxation Law and other related Laws) in order to meet the retention liabilities or to fulfill the requirements of security laws.

7. Liability to Identify Personal Data

In our website, the boxes in which the person is obligated to enter information are identified on the basis of the stipulations in the laws or in the contracts. By completely fulfilling these boxes, Corendon becomes enabled to provide the customer the contractual service as requested.

8. Period of Processing Personal Data

Your personal data may have to be retained during the (legal) period in which legal actions can be initiated against Corendon. Also the personal data shall be kept to the extent and during the time which Corendon is legally obliged to keep them. Documentation and retention liabilities are based commercial, taxation and money laundering laws. Such periods of retention can be extended up to 30 years based on local arrangements. However, Corendon keeps such retention times to the minimum to the extent allowed by legal statutes.

9. Sharing the Personal Data with Third Parties

In order for us to offer our products and services in line with our contractual obligations or legitimate interests, your personal data can be shared within the corporate Corendon or with third party receivers. These receivers may include the following:

Other Corendon subsidiaries
Service Providers
- Transportation
- Marketing
- IT
- Payment Services
- Credit Organizations
- Customer Feedback Services
- “Other Service Providers
- Government Authorities

Accordingly, personal data can be forwarded to other countries or international organizations. For the protection of you and your personal data, such data transfer is dependent upon taking the necessary precautions or upon an adequacy decision issued by the EU Commission pursuant to and in line with legal requirements (particularly with the application of the EU standard contractual provisions) (GDPR Article 45).

For information on the EU standard contractual clauses, visit http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:EN:PDF.

The EU Commission has provided the following link for information on the current adequacy decisions https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en#dataprotectionincountriesoutsidetheeu.

A copy of the security measures in practice can be requested from [email protected].

We also have the liability to provide personal data to the German and international authorities (pursuant to local and international arrangements and contracts and Article 6 (1) c of GDPR).

10. Your Rights as the Owner of Processed Data

Corendon aims to perform fair and transparent data processing. For us, it is important for the related people to exercise their right to objection as well the rights listed below on the condition that legal requirements have been met:

Right of access
Right to correct
Right to delete (“anonymization right”)
Right to restrict processing
Right to data portability
Right to object as mentioned above

Said rights are governed by the Law no 6698 on the Protection of Personal Data and the General Data Protection Regulation (Regulation no AB 2016/679), if any, and the German Laws (particularly BDSG 2018) if applicable (“Data Protection Legislation”).

You may send an e-mail to [email protected] to exercise your rights. Remember that we have to process your personal data pursuant to legal obligations to fulfill your requests and identify who you are.

Also, you may file a complaint to the official authorities that Corendon is associated with (Article 77 of GDPR, Article 14, 15 of KVKK):

Kişisel Verileri Koruma Kurumu
Nasuh Akar Mah. Ziyabey Cad. 1407. Sok. No: 4
06520 Balgat-Çankaya/Ankara

Telefon: +90 312 216 5050
Anasayfa: http://www.kvkk.gov.tr

11. Consent

If you give consent to our part for processing your personal data, you may withdraw such consent anytime you want.

Please feel free to contact, [email protected] in all other situations or when you have difficulty in canceling your consent given to this website.

Withdrawal of consent will be applicable forwardly only and will not affect the legitimacy of the data processing having been done in the past. In some cases, in spite of your withdrawal, we may have the right to continue processing your personal data on a different legal basis (payment of the contractual debt).

Change your consent | Withdraw your consent

12. Right to Object

Right to Objection Pursuant to Article 21 of GDPR

You have been entitled to object to the processing, including profiling, of your personal data at any time, based on private reasons, within the scope of paragraphs (e) and (f) in 6 (1).

Data controller may not process your personal data, unless giving a powerful justification which is beyond the interests, rights and freedom of the data owner or is related to the establishment, use or defense of a legal request.

In cases where personal data is processed for direct marketing purposes, you have the right to object to data processing for marketing, including profiling to the extent it is associated to direct marketing.

If you object to data processing for purposes of direct marketing, your personal data may no longer be processed for such purposes.

In the context of the use of information society services and not restricted with the Directive no 2002/58 / EC, you may exercise your right to object via automatic tools using technical specifications.

13. Disclaimer

The information provided here is applicable only to the https://www.corendonairlines.com web site.

Cookie Policy

Cookie and Tracking Tool Policy

Contents

Data supervisor

Definition

Retention Period

Purposes

Further information on the cookies used in our websites

Essential Cookies

Analysis Cookies

Social Media Cookies

Targeted Advertisement Cookies

Cookie management & deletion and withdrawal of consent

Cookies information

Nonliability

How to protect personal confidentiality?

In the following pages,

TURİSTİK HAVA TAŞIMACILIK A.Ş. (Güzeloluk Mahallesi 1879 Sokak No :148 Antalya-TÜRKİYE) (hereinafter referred to as “Corendon Airlines”, “we”), we will provide information on the use of our website Cookies, Tracking Tools and Social Media Extensions.

2. Definition

Our websites use “Cookies”. Cookies are small text files transferred from our web sites to the hard disk of your computer or mobile device and stored there when you visit our web site. Thus, your actions and your preferred settings are saved during your browser session or to be used when you visit our web site next time. In your next visit to our website, this information will be returned to the server by way of which your computer or your mobile device is automatically re-identified and your preferred settings are reloaded. This eliminates the need to make the same settings every time you visit our website, which is an advantage. We can use Cookies for tracking your preferences, so that we can improve the content, graphics and technology of our offers, internet visibility and advertisements in line with your needs, and for making statistical analysis of the website use data. In our websites we can use techniques such as pixels or conversion monitoring. For purposes of coherence, all such techniques shall hereinafter be referred to as Cookies.

Cookie Types

Various cookies are in use in our websites:

First Party Cookies: We use Cookies placed by and controlled by ourselves.

Third Party Cookies: Third party cookies are also in use in our websites. We may not be knowing all of the third parties who place Cookies in our web sites. We may also not know all of the Cookies placed in our web sites by third parties. Except for the analytical Cookies we use in order to evaluate our websites, we do not keep track of the use of these third party cookies.

2.1. Retention Period

Cookies are retained for different periods of time:

Session Cookies: Session Cookies are retained only during the period of your visit to our website, therefore Cookies are used only during your current visit to one of our websites or to a browser session.

Permanent Cookies: Permanent Cookies are retained in the hard disk of your computer or your mobile device after you have ended your visit to our website or your browser session. It is thus made possible to recognize you in your next visit to our website and to facilitate your use of the website.

2.2. Purposes

Cookies are used for the following purposes:

Fulfilling certain functions of websites: The Cookies used help the operation of our website and its certain functions by automatically identifying your browser.

Analysis and statistics: By using cookies we can observe, among other things mentioned above, the number of people visiting our website, the way these visitors navigate through our website, and therefore, the functions they make use of. Furthermore, Cookies can collect information to be used for statistical purposes.

Advertising / (Remarketing) marketing: Our website also accommodates (third party) Cookies for advertising or marketing purposes. These help you customize the display of the content viewed according to your preferences and also help us show you in the websites the advertisements of our business partners.

3. Further information on the cookies used in our websites

In the following sections you will be given further information on the cookies used in our websites.

3.1. Essential Cookies

In our websites we use cookies that ensure proper functioning of the websites. Said cookies are used for the purposes listed below:

Saving the permission the user has given for cookies in the context of domain name

Saving whether or not the user has disabled JavaScript in the browser

Saving preferences such as language, location and the search results to be displayed.

Reading your browser settings so that our website can be optimally displayed on your screen

Loading the websites equally so that they remain accessible

Optimizing our websites in real time depending on how you use the websites

3.2. Analysis Cookies

In our websites we use cookies that help us measure the way our websites are used. Cookies are used for the following purposes:

Tracking the number of visitors in our website

Saving the exclusive digital identity used for creating statistical data about the way the visitor uses the websites

Tracking the time each visitor spends in our website

Optimizing the websites

Deciding on the parts of our websites that need to be improved

3.3. Social Media Cookies

We use Cookies in our websites for sharing the website content over the social media, therefore enabling the selected social media users to directly share and like certain content of our website.

It is possible that these social media channels use your personal data for their own business. For more information on the personal information collected and the Cookies identified by the social media parties, please review the confidentiality and Cookies policies of the related party:

https://en-gb.facebook.com/about/privacy (Facebook)

https://policies.google.com/privacy?hl=gb (GooglePlus and Youtube)

https://www.linkedin.com/legal/privacy-policy (LinkedIn)

https://help.instagram.com/155833707900388 (Instagram)

https://policy.pinterest.com/de/privacy-policy (Pinterest)

https://privacy.xing.com/en (XING)

https://twitter.com/en/privacy (Twitter)

https://foursquare.com/legal/privacy (FourSquare)

3.4. Targeted Advertisement Cookies

We use Cookies to display targeted advertisements and content in our websites. We are trying to get an idea of your possible areas of interest based on your visits to and your navigation habits in our websites and in third party websites so that we can adjust the information and the advertisements according to your level of interest. We do profiling based on your areas of interest and then we adopt the content and the advertisements in our websites to various customer groups.

Targeted advertisement cookies are used for the following purposes:

Saving and having access to your areas of interest

Tracking the number of visitors who click the advertisements

Using third party services in order to display the advertisements that are fit for your needs, interest areas and preferences

In cases where an advertisement seen in a device triggers an action in another device (“M2M Tracking”), linking multiple devices (e.g. telephone, tablet, desktop computer) to a visitor

Sending marketing e-mails customized to your interest areas

4. Cookie management & deletion and withdrawal of consent

When you visit our websites, a heading comes up giving you information about the use of Cookies in our websites. Clicking the Close (X) button means giving consent to the use of Cookies in our websites.

You may withdraw your consent anytime by changing your browser settings, disabling the Cookies settings and deleting the previously adjusted Cookies.

If you wish to withdraw your consent given to third party cookies, please contact with the provider of the related Cookies. Further information may be obtained in the data protection principles or Cookies notification of the related provider. Please use the links given above for access.

Most browsers give automatic consent to the use of Cookies. You may use your browser settings to manage the use of Cookies. If you do not want the Cookies to be automatically saved in your device, you can change your browser settings accordingly and disable the Cookies settings. By way of browser settings, you may also adjust your preferences for when you want to get informed about the use of Cookies when a website is making use of them. For details on how to change your browser settings, please see the directions or the support page in your browser.

Remember that you may still visit and use our website even after disabling Cookies by changing the browser settings. However, under certain conditions, disabling the Cookies may mean becoming unable to make full use of the functions of our website.

5. Information about Cookies

This website uses Google Analytics and Google Tag Manager product which is the web analysis service of Google Inc. (“Google”) company. Google Analytics and Google Tag Manager make use of text files, called “Cookies”, which are stored in your computer and which allow for analyzing the way you use the website. The information related to how you use this website, which is collected by way of Cookies, are, as a rule, transferred to and stored in one of Google’s servers in the United States.