I – OBJECTIVE
The objective of this policy is to protect personal data processed by APASAS TRAVEL within the scope of the Turkish Personal Data Protection Act No. 6698 (“PDPA”), published in the Official Gazette dated April 7, 2016 No. 29677, and the General Data Protection Regulation (“GDPR”) dated May 25, 2018, which is applicable both within and outside the borders of the European Union.
This policy has been prepared in accordance with current national and international legislation.
In order to fulfill our contractual obligations related to the services we provide, APASAS TRAVEL collects and processes personal data to deliver faster, higher-quality, and reliable services. When necessary, personal data may be shared with our business partners and suppliers, provided that all required security measures are taken and only the minimum necessary data is shared.
APASAS TRAVEL is fully aware that personal data protection is a fundamental constitutional right and commits to processing personal data securely, lawfully, and strictly for its intended purpose.
II – SCOPE
These terms regulate the principles of processing and protecting all personal data managed by APASAS TRAVEL.
Personal data covered by this policy includes:
Data provided directly by you during communication, reservations, or applications
Data generated during the performance of our services
Data transmitted to us by third parties such as employers or payment service providers, even if the source is not directly visible to us
All personal data within this scope is collected based on your explicit and verifiable consent. Data belonging to third parties cannot be collected or shared without lawful grounds.
This policy provides clarification on the following matters:
What personal data is collected
Why personal data is collected
How personal data is collected
For what purposes and under which conditions data is shared
Exceptions to data sharing without consent
How you can access and control your personal data
Your right to be forgotten
Measures taken against unlawful processing
III – TERMS OF USE
Which personal data do we collect?
APASAS TRAVEL does not collect special category personal data.
Only the following data is collected with your consent:
Name and surname
Contact information (phone number, e-mail address)
Location information (only when required for service delivery)
Why do we collect this data?
Personal data is collected in order to:
Provide requested travel services
Communicate with customers
Inform customers about services, offers, or updates (where consent is given)
How do we collect personal data?
Personal data may be collected when you:
Fill out contact or inquiry forms
Subscribe to newsletters
Contact us via e-mail or messaging platforms
Participate in surveys, campaigns, or promotions
Visit and interact with our website www.apasastravel.com
For what purposes and under what conditions do we share personal data?
Personal data is processed to fulfill contractual obligations and legal requirements under PDPA and GDPR.
Pursuant to Article 5/2 of PDPA, personal data may be processed without explicit consent in the following cases:
a) Clearly stipulated by law
b) Necessary to protect life or physical integrity where consent cannot be obtained
c) Directly related to the establishment or performance of a contract
d) Required for the data controller to fulfill legal obligations
e) Data made public by the data subject
f) Necessary for the establishment, exercise, or protection of a legal right
g) Necessary for the legitimate interests of the data controller, provided that fundamental rights are not harmed
In such cases, the data subject does not have the right to request deletion until the lawful reason for processing ceases to exist. Once such reasons no longer apply, deletion or destruction may be requested.
Requests can be submitted to APASAS TRAVEL via the communication channels listed below.
How can you access and control your personal data?
APASAS TRAVEL processes personal data only for as long as necessary and restricts access to authorized personnel only. All administrative and technical measures required by law are implemented.
Information regarding data controllers is registered with the Turkish Data Controllers’ Registry (VERBIS), which is publicly accessible at www.kvkk.gov.tr
.
Do you have the right to request data erasure?
Yes. While receiving services from us, you may request the deletion of your personal data at any time via the designated communication channels.
What measures are taken against unlawful processing?
APASAS TRAVEL is responsible for ensuring data security and storage in accordance with PDPA and GDPR.
DATA CONTROLLER INFORMATION
Data Controller:
APASAS TRAVEL
Licensed Travel Agency – Türkiye
Contact E-mail:
📧 info@apasastravel.com
Website:
🌐 www.apasastravel.com
OTHER PROVISIONS
In the event of any inconsistency between this policy and PDPA, GDPR, or other applicable legislation, the relevant legal provisions shall prevail.
This Personal Data Protection and Use Policy has been prepared by APASAS TRAVEL management.
Disclosure Notice
By filling out this form, you agree that the personal data you provide to us will be processed in accordance with the Personal Data Protection Law No. 6698 and related legislation.
Your personal data will be processed solely for responding to your application, evaluating your requests, and fulfilling legal obligations; it will not be shared with third parties.
For detailed information, you can review our Privacy Policy.
By submitting the form, you acknowledge and consent to the processing of your personal data for the purposes specified above.
