• TRANSPORTATION AND PARKING
  • CAFE & RESTAURANTS
  • DUTY FREE & SHOPPING
  • SERVICES

Processing of Personal Data Policy

 

PRIVACY POLICY

  1. INTRODUCTION

    Data Subjects:     İstanbul Sabiha Gökçen Uluslararası Havalimanı Yatırım Yapım ve İşletme A.Ş. and SGC Havalimanı İşletmeleri Ticaret ve Turizm A.Ş. resident in Sanayi Mah. Havaalanı İç Yolu Cad. No:1/1 Pendik/İstanbul/Türkiye (“Companies” or “us”).

    This Privacy Policy has been prepared by our Companies within the scope of the Turkish Personal Data Protection Law numbered 6698 ("KVKK") and the relevant legislation to inform you about your personal data, processing purposes, legal bases, third parties to whom your personal data will be transferred, and your rights as a data subject.

    This Privacy Policy includes personal data processing activities regarding the following groups of data subjects:

    • Customers;
    • Potential Customers;
    • Passengers;
    • Visitors;
    • Business Partners;
    • Shareholders, Company Representatives or Proxies;
    • Suppliers and Supplier Representatives;
    • Legally Authorized Persons.

       

  2. PERSONAL DATA WE PROCESS

    We process the following personal data about you:

    Customers:

    • Identity information including name, surname, Turkish Identification Number, citizenship, age, signature, title, photocopy of your identity card, vehicle licence, and registration number;
    • Contact information including phone number, email, fax number, and mobile number;
    • Country of residence and postal code;
    • Professional experience information including your education level;
    • Customer transaction information including your customer ID, request, and complaint details;
    • Flight information including airline, flight gate, flight date and time, airport, transit or connecting flight, destination airport, purpose of travel, flight class, number of airlines used, means of transportation to the airport, PNR number;
    • Financial information including IBAN;
    • Visual and auditory information including your voice recording;
    • Health information including veteran/disability certificate;
    • Your vehicle’s licence plate number.

    Potential Customers:

    • Identity information including your name and surname;
    • Contact information including phone number, email, fax number, and mobile number.

    Passengers:

    • Identity information including name, surname, Turkish Identification Number, passport number, citizenship, signature, photocopy of your identity card;
    • Contact information including phone number, email, and address;
    • Visual and auditory information including CCTV footage, photos, and videos;
    • Financial information including your tax number;
    • Flight information including airline, flight gate, flight date and time, airport, transit or connecting flight, destination airport, purpose of travel, flight class, number of airlines used, means of transportation to the airport, PNR number, BSM code;
    • Health information including the disability and the information about the device or prosthesis used;
    • Your vehicle’s licence plate number.

    Visitors:

    • Identity information including name, surname, Turkish Identification Number, photocopy of your identity card, vehicle licence, driving licence, and signature;
    • Contact information including phone number;
    • Visual and auditory information including CCTV footage, front view biometric photo for permanent entry card holders;
    • Physical security information including entry-exit time and date, permanent entry card number, areas where the card is valid, the institution or organization of the cardholder;
    • Incident detection information including accident details, accident location, and date, driving licence, alcohol test result, driver’s rule violations, vehicle brand, and model;
    • Your vehicle’s licence plate number.

    Business Partners:

    • Identity information including name, surname, Turkish Identification Number, photocopy of your identity card, driving licence, signature, and title;
    • Contact information including phone number, email, and fax number;
    • Personnel file information including social security institution information, company, and position;
    • Legal proceeding information including power of attorney, signature circular;
    • Financial information including tax number;
    • Your vehicle’s licence plate number.

    Shareholders, Company Representatives or Proxies:

    • Identity information including name, surname, Turkish Identification Number, passport number, photocopy of your identity card, signature, and title;
    • Contact information including phone number, address, and email;
    • Personnel file information including social security institution records, payrolls, board membership information, CV, and employment records;
    • Legal proceeding information including tax number, power of attorney, and signature circular;
    • Visual and auditory information including photos, videos, and voice records;
    •  Health information including health reports.

    Suppliers and Supplier Representatives:

    • Identity information including name, surname, Turkish Identification Number, photocopy of your identity card, vehicle licence, driving licence, signature, and title;
    • Contact information including phone number, email, fax number, and mobile number;
    • Personnel file information including social security institution records, the company you work for, registration number, salary, employment start date, leave information, professional training information, diplomas, driving licence information, and certificates;
    • Financial information including financial statements, IBAN;
    • Legal proceeding information including signature circular, power of attorney, and tax number;
    • Health information including health reports, recruitment/periodic examination forms, workplace physician reports, and opinion letters;
    • Your vehicle’s licence plate number.

    Legally Authorized Persons:

    • Identity information including name, surname, Turkish Identification Number, and signature;
    • Contact information including phone number and email;
    • Physical security information including permanent entry card number, areas where the card is valid, the institution or organization of the cardholder;
    • Legal proceeding information including signature circular, tax number, and registration number.
  3. OUR PURPOSE FOR PROCESSING

    We process your personal data solely for the following purposes.

    Customers:

    We process the personal data of Customers to:

    • Ensure that Customers benefit from our services, conduct sales processes, and provide the purchased products or services to customers;
    • Create customer account records and conduct customer relationship management processes;
    • Carry out activities for customer satisfaction and loyalty, and improve our service quality;
    • Conduct advertising, marketing, and promotion activities and develop commercial strategies;
    • Carry out after-sales processes and follow-up requests and complaints;
    • Ensure and monitor physical space security;
    • Carry out finance and accounting processes, create customer cards, issue an invoice and refund fees;
    • Provide parking services to Customers and issue parking subscriber cards;
    • Provide free parking for veteran or disabled customers;
    • Conduct communication activities;
    • Provide lost and found and baggage deposit services;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Potential Customers:

    We process the personal data of Potential Customers to:

    • Inform potential corporate customers about our products and services and conduct communication activities;
    • Conduct advertising, marketing, and promotion activities and develop commercial strategies;
    • Conduct market research, statistics, and analysis studies;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Passengers:

    We process the personal data of Passengers to:

    • Ensure life and property safety and security at the airport terminal;
    • Ensure that flight operations can be carried out in an orderly manner;
    • Monitor flight processes and generate flight statistics reports;
    • Carry out activities for passenger satisfaction and loyalty and improve our service quality;
    • Contact the passengers who won a gift;
    • Plan and execute events and organizations;
    • Conduct advertising, marketing, and promotion activities and develop commercial strategies;
    • Take measures to facilitate the entry and exit of passengers with reduced mobility to and from airports and their access to transportation services;
    • Conduct Passenger communication activities;
    • Ensure baggage tracking and security, and provide lost and found services;
    • Follow-up Passenger requests and complaints;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Visitors:

    We process the personal data of Visitors to:

    • Obtain temporary entry permit for visitors;
    • Follow-up requests and complaints;
    • Carry out contract processes with valet companies;
    • Notify the insurance companies of claims for bodily and material damage incurred by third parties in the terminal;
    • Compensate for material damages, if any, caused to the Company;
    • Recording parking lot entrances and exits, and performing security checks;
    • Ensure baggage tracking and security, and provide lost and found services;
    • Ensure physical space security, keep visitor records, and conduct archive activities;
    • Inspect and approve materials that enter or exit to and from the terminal and airport;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Business Partners:

    We process the personal data of Business Partners to:

    • Establish and maintain relationships with Business Partners and negotiate proposals and contracts;
    • Obtain temporary entry permits for Business Partners;
    • Ensure that flight operations can be carried out in an orderly manner and ensure business continuity;
    • Monitor flight processes and generate flight statistics reports;
    • Carry out finance and accounting processes, issue invoices, and open current accounts for business partners;
    • Plan and execute events and organizations;
    • Provide lost and found services;
    • Contact with airline companies and conduct corporate communication activities;
    • Receive licence applications of the companies and tenants that will work in the terminal;
    • Ensure life, property safety, and security at the airport terminal, and ensure physical space security;
    • Supervise subcontractor employees within the scope of occupational health and safety regulations and conduct occupational health and safety activities;
    • Conduct strategic planning and risk management processes;
    • Follow-up Business Partner requests and complaints;
    • Carry out inventory process and archive activities of companies;
    • Conduct audit/ethics activities;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Shareholders, Company Representatives or Proxies:

    We process the personal data of Shareholders, Company Representatives, or Proxies to:

    • Conduct management activities and ensure business continuity;
    • Issue power of attorney on behalf of the members of the Board of Directors and execute assignment processes;
    • Execute and supervise business activities;
    • Plan and execute events and organizations;
    • Obtain signatures and approvals for the execution of contracts;
    • Make tax declarations and carry out tax processes;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Suppliers and Supplier Representatives:

    We process the personal data of Suppliers and Supplier Representatives to:

    • Purchase goods or services from suppliers, conduct commercial relations and contract processes with suppliers;
    • Calculate monthly severance and vacation liabilities of supplier employees;
    • Obtain work permits for supplier employees to work at Company terminals;
    • Obtain temporary entry permits for suppliers;
    • Issue invoices and carry out finance and accounting processes;
    • Add supplier employees to the SAP system to fulfil their obligations under the contract and arrange their access authorizations;
    • Carry out auction processes;
    • Manage supplier relations and execute corporate communication activities;
    • Provide lost and found services;
    • Carry out finance and accounting processes, make payments, issue invoices, and open current accounts for suppliers;
    • Supervise supplier employees within the scope of occupational health and safety regulations;
    • Conduct field inspections;
    • Measure X-ray device performance criteria of personnel;
    • Ensure business continuity, manage supply chain, and conduct logistics activities;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

    Legally Authorized Persons:

    We process the personal data of Legally Authorized Persons to:

    • Meet the requests received from public institutions;
    • Issue parking lot entrance cards to people from the governorship and administration;
    • Obtain consultancy services;
    • Carry out contract processes;
    • Verify the accounting records with the uniform chart and confirm the corporate tax payable according to the profit and loss statements;
    • Assess the reviews made by the tax office and make correspondences;
    • Make tax declarations, carry out tax processes, and follow-up finance and accounting processes;
    • Defend the Company in a possible dispute or lawsuit;
    • Carry out the Company activities in accordance with the law and inform the public authorities.

     

  4. COLLECTION METHOD OF YOUR PERSONAL DATA

    We collect your personal data via the following methods using automatic or non-automatic means:

    Customers:

    • Email, SMS,
    • Telephone,
    • Call center,
    • CCTV,
    • Cookies and similar technologies,
    • Physical and online forms,
    • Our website,
    • Postal, shipping or courier services,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Potential Customers:

    • Email, SMS, business cards,
    • Telephone,
    • Call center,
    • CCTV,
    • Cookies and similar technologies,
    • Physical and online forms,
    • Our website,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Passengers:

    • Email,
    • Telephone,
    • Call center,
    • CCTV,
    • Cookies and similar technologies,
    • Physical and online forms,
    • Our website,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Visitors:

    • Email, SMS,
    • Telephone,
    • Call center,
    • CCTV,
    • Physical form,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Business Partners:

    • Email, SMS, business cards,
    • Telephone, fax,
    • CCTV,
    • Company systems,
    • Physical and online forms,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Shareholders, Company Representatives or Proxies:

    • Email, SMS,
    • Telephone, fax,
    • CCTV,
    • Company systems,
    • Physical and online forms,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Suppliers and Supplier Representatives:

    • Email, SMS, business cards,
    • Telephone, fax,
    • CCTV,
    • Company systems,
    • Physical and online forms,
    • Face-to-face meetings,
    • Other physical and electronic media.

    Legally Authorized Persons:

    • Email, SMS, business cards,
    • Telephone, fax,
    • Turkish Revenue Administration systems,
    • CCTV,
    • Physical and online forms
    • Face-to-face meetings,
    • Other physical and electronic media.
  5. LEGAL BASES FOR PROCESSING

    We process your personal data by relying on the following legal bases:

    Customers:

    Potential Customers:

    Passengers:

    Visitors:

    Business Partners:

    Shareholders, Company Representatives or Proxies:

    Suppliers and Supplier Representatives:

    Legally Authorized Persons:

  6. TRANSFER OF YOUR PERSONAL DATA

    Your personal data may be transferred solely for the purposes specified above and under Articles 8 and 9 of the KVKK. We may share your personal data with business partners, group companies, and suppliers that are located in Turkey and abroad, legally authorized persons, authorized public institutions, and the public.

    For example, your personal data may be transferred to third parties in the following processes:

    Customers:

    • We may share your personal data with airlines and ground handling companies to charge for services you provide.
    • We may share personal data related to your requests and complaints with business partners to carry out and improve business activities within the scope of contractual relations.
    • We may share your personal data with our hosting service providers and suppliers located abroad to ensure that your data is safely stored and backed up and to receive software support.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.

    Potential Customers:

    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and plan commercial strategies.

    Passengers:

    • We may share your personal data with our customers and the public to announce and organize events, competitions, and organizations, and announce the passengers who won prices.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.
    • We may share your personal data with Business Partners to ensure life and property safety and security at the airport terminal.
    • We may share your personal data with our suppliers to deliver the lost items to their owners.
    • We may share the personal data of passengers with reduced mobility with business partners to assist them in entering and exiting the airport and benefiting from transportation services.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.

    Visitors:

    • We may share your personal data with the insurance company to facilitate the performance of claims under the contract concluded with them.
    • We may share personal data related to your requests and complaints with business partners to carry out and improve business activities within the scope of contractual relations.
    • We may share your personal data with our hosting service providers and suppliers located abroad during the guest internet access process.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.

    Business Partners:

    • We may share the personal data with authorized public institutions to apply for a licence on behalf of our tenants.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.
    • We may share your personal data with other business partners to contact airline companies and conduct corporate communication activities.
    • We may share your personal data with authorized public institutions to obtain temporary entry permits for Business Partners.

    Shareholders, Company Representatives or Proxies:

    • We may share your personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.
    • We may share your personal data with company shareholders in Malaysia to obtain signatures for board resolutions.
    • We may share your personal data with our group companies to conduct management, audit, reporting, inspection, and investigation activities, ensure business continuity, and keep accounting records.

    Suppliers and Supplier Representatives:

    • We may share the personal data of supplier employees with supplier companies due to our contractual relationship.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.
    • We may share your personal data with authorized public institutions to obtain temporary entry permits.

    Legally Authorized Persons:

    • We may share photocopies of identity cards and licences from authorities such as the governorship and administrative bodies with authorized institutions to obtain access cards for them.
    • We may share personal data with Legally Authorized Persons to carry out the Company activities in accordance with the law.
    • Due to our Company’s corporate structure, we may share personal data with our group companies to conduct audit, reporting, inspection, and investigation activities and keep accounting records.
  7. RETENTION AND DISPOSAL OF YOUR PERSONAL DATA

    Your personal data will be processed for the purposes set out in this policy. They will be retained and disposed of under the KVKK and the Regulation on Erasure, Destruction, or Anonymization of Personal Data. The Company retains your personal data, in accordance with our Personal Data Retention and Disposal Policy, for legal periods or, if no legal period is stipulated, for reasonable periods determined according to our purpose of processing. We dispose of your personal data upon expiration of these periods. You can request our Personal Data Retention and Disposal Policy via the contact form on our website to learn about the measures we take to securely retain and dispose of your personal data and the retention and disposal periods we have set.

  8. YOUR RIGHTS REGARDING YOUR PERSONAL DATA AND APPLICATION
  • Article 5/1 of the KVKK: Obtaining your explicit consent.
    • For example, we process your personal data to send you messages, newsletters, and other publications about our campaigns and promotions.
    • For example, we share your personal data with our hosting service providers and suppliers located abroad to ensure that your data is securely stored and backed up and to receive software support.
  • Article 5/2(a) of the KVKK: Processing is expressly provided for by the laws.
    • For example, under the Turkish Law on Identity Reporting, the Company keeps the identity and entry-exit information of hotel customers and makes it available upon request of the officials.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data for engaging in sales transactions for goods/services, providing parking lot subscriptions, carrying out receivable management and follow-up, invoicing, meeting customer demands, performing after-sales support services, and opening customer accounts.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, the Company processes personal data to fulfil its obligation to ensure the safety of vehicles left in the parking lot under Article 579 of the Turkish Code of Obligations.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data for keeping records of customer requests and support services.
    • For example, we process your personal data to ensure the security of physical spaces.
    • For example, we process your personal data to provide baggage deposit services.
  • Article 5/1 and 6/2 of the KVKK: Obtaining your explicit consent.
    • For example, we process your personal data to send you messages, newsletters, and other publications about our campaigns and promotions.
    • For example, we share your personal data with our hosting service providers and suppliers located abroad to ensure that your data is securely stored and backed up and to receive software support.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data for meeting with Potential Customers to engage in sales transactions for goods/services and inform Potential Customers about our products and services.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data for conducting communication activities.
  • Article 5/1 and 6/2 of the KVKK: Obtaining your explicit consent.
    • For example, we process your personal data for sending messages, newsletters, and other publications about our campaigns and promotions.
    • For example, we process your personal data to assist passengers with reduced mobility when entering and exiting the airport and benefiting from transportation services.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data to keep passenger records and ensure that flight operations are carried out in accordance with the contract and as planned.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data to ensure life and property safety and security at the airport terminal.
    • For example, we process your personal data to ensure baggage tracking and security and carry out the lost/found item process in accordance with the Terminal Management Implementation Principles Instruction by the Directorate General of Civil Aviation (SHT-33B-Terminal).
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data to conduct activities for passenger satisfaction and loyalty and increase our service quality.
    • For example, we process your personal data to ensure physical space security.
  • Article 5/1 of the KVKK: Obtaining your explicit consent.
    • For example, we process your personal data to send you messages, newsletters, and other publications about our campaigns and promotions.
    • For example, we share your personal data with our hosting service providers and suppliers located abroad during the guest internet process.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data to conduct contract processes with valet companies.
    • For example, we process your personal data to follow up on requests and complaints.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data to issue temporary entry permits.
    • For example, we process your personal data to notify insurance companies of claims for bodily and material damage incurred by third parties in the terminal.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data for keeping records of customer requests and support services.
    • For example, we process your personal data to ensure security for physical spaces and keep visitor records.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data for conducting commercial relations and contract processes with Business Partners, carrying out receivable management and follow-up, invoicing, and opening Business Partner accounts.
    • For example, we process your personal data to ensure that flight operations can be carried out in an orderly manner.
    • For example, we process your personal data to receive licence applications from the companies and tenants that will work in the terminal.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data to obtain temporary entry permits for Business Partners.
    • For example, we process your personal data for supervising subcontractor employees within the scope of occupational health and safety regulations and conducting occupational health and safety activities.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data to monitor flight processes and generate flight statistics reports.
    • For example, we process your personal data to ensure security for physical spaces.
  • Article 5/1 and 6/2 of the KVKK: Obtaining your explicit consent.
    • For example, we transfer your personal data to Malaysia to obtain signatures for the board resolutions.
  • Article 5/2(a) of the KVKK: Processing is expressly provided for by the laws.
    • For example, we process your personal data for conducting processes related to the board of directors in accordance with the Turkish Commercial Code.
    • For example, we process your personal data for keeping and maintaining commercial records in accordance with the Turkish Commercial Code.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data to obtain signatures and approvals for the execution of contracts.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data for making tax declarations and carrying out tax processes.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data for planning and executing events and organizations.
  • Article 5/2(a) of the KVKK: Processing is expressly provided for by the laws.
    • For example, we process the identity information of suppliers to issue a shipment receipt form according to Civil Aviation legislation.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process your personal data to purchase goods or services from suppliers, conduct commercial relations and contract processes with suppliers, and make payments.
    • For example, we process your personal data for auction processes.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data to calculate supplier employees’ monthly severance and vacation pay.
    • For example, we process your personal data for obtaining work and temporary entry permits for supplier employees to work at Company terminals.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data for managing supplier relations and executing corporate communication activities.
  • Article 5/2(c) of the KVKK: Processing is necessary for the establishment or performance of the contract.
    • For example, we process the personal data of Legally Authorized Persons within the scope of the contract to receive services.
  • Article 5/2(ç) of the KVKK: Processing is necessary for compliance with a legal obligation to which the Company is subject.
    • For example, we process your personal data for tax and accounting processes.
    • For example, we process your personal data for meeting the requests received from public institutions.
  • Article 5/2(d) of the KVKK: Personal data have been made public by the data subject.
    • For example, we process personal data made public by a sole proprietorship in the Turkish Trade Registry Gazette to make the value-added tax declaration.
  • Article 5/2(e) of the KVKK:Processing is necessary for the establishment, exercise, or protection of the Company’s rights.
    • For example, we retain your personal data for the statute of limitations to defend the Company in a possible dispute or lawsuit.
  • Article 5/2(f) of the KVKK: Processing is necessary for the Company’s legitimate interests.
    • For example, we process your personal data to issue parking lot entrance cards to authorities from the governorship and administration.

As a data subject under Article 11 of the KVKK, you are entitled to:

  • Learn whether your personal data is processed or not;
  • Request information as to if your personal data have been processed;
  • Learn the purpose of the processing of your personal data and whether these personal data are used in compliance with the purpose;
  • Know the third parties to whom your personal data are transferred in-country or abroad;
  • Request the rectification of the incomplete or inaccurate data and request notification of this rectification activity to the third parties to whom your personal data is transferred.
  • Request the erasure or destruction of your personal data if their legal basis is no longer valid, although it has been processed under the provisions of Law No. 6698 and other relevant laws, and request notification of these erasure or destruction activities to the third parties to whom your personal data is transferred;
  • Object to the occurrence of a result against you by analysing the data processed solely through automated systems;
  • Claim compensation for the damage arising from the unlawful processing of your personal data.

You may exercise any of the above rights by contacting us at kvkk@sgia.aero.

Your application will be fulfilled free of charge. However, if the requested transaction requires an additional cost, we may request that you pay the fees determined by the Turkish Personal Data Protection Board.

Your applications will be answered in writing or electronically, as soon as possible and within thirty days at the latest, depending on the nature of the request. If your request is rejected, we will explain the reasons in our answer.

© 2018 - Istanbul Sabiha Gokcen International Airport. All rights reserved. Unauthorized use of content and images is prohibited.
X