Data Controller
Your personal data is processed as the data controller within the scope of the RawdahBooking platform.
RawdahBooking is a software platform (SaaS) that enables tourism operation processes to be carried out digitally, and also provides its users with transaction infrastructure and operational management services.
Nature of the Service
RawdahBooking provides;
- Software access service (SaaS),
- Tourism operation and reservation management infrastructure,
- Optional operational support services
provides.
The services provided through the platform are commercial in nature and paid, and are invoiced within the scope of the relevant user agreements.
Personal Data Processed
- First name, last name
- Date of birth
- Gender
- Passport number
- Visa / travel reference information
- Reservation and transaction records
- System usage logs
Purposes of Processing Personal Data
Your personal data is processed for the following purposes:
- Execution of tourism operations
- Carrying out reservation and application processes
- Provision and management of platform services
- Execution of billing and accounting processes
- Provision of customer support services
- Ensuring system security
- Fulfillment of legal obligations
- Use as evidence in possible legal disputes
purposes.
Legal Basis
Data is processed based on the following legal grounds:
- Establishment and performance of the contract
- Fulfillment of legal obligations
- Legitimate interest of the data controller
- Explicit consent when required
legal grounds.
Data Collection Method
Data is collected;
- Through direct entry by users
- Via agencies or corporate users
- Via Excel / file uploads
- Automatically during platform usage processes
collected.
Data Responsibility Distinction
Agencies and corporate users may act as independent data controllers with respect to data belonging to their own customers.
Rawdahbooking may act as a data processor in cases where it provides the technical infrastructure of the platform.
Transfer of Data
Personal data may be transferred to;
- Technical service providers necessary for the provision of the service
- Cloud, infrastructure, and payment service providers
- Competent public authorities in case of legal obligation
may be transferred.
Other than this, data is not sold or rented to third parties for commercial purposes.
Data Security
The Company implements the necessary technical and administrative measures for the security of personal data. However, risks arising from user-induced data entry errors and unauthorized access are the responsibility of the relevant user.
Retention Period
Personal data is retained for the period stipulated in the relevant legislation and is deleted, destroyed, or anonymized at the end of this period.
Rights under the GDPR
Within the scope of Article 11 of the GDPR;
- Learn whether data is being processed
- Request information
- Request correction and deletion
- Restrict processing
you have the rights.