2.          PEGASUS PRIVACY POLICY (PEGASUS GENERAL RULES SECTION 2)
       

2.1.         General

2.1.1.    Your privacy is very important for Pegasus. We are also aware of the importance of your privacy to you. With this aim, the Pegasus Privacy Policy aims to inform you of how and for which purposes your personal data may be processed and shared with third parties. The personal data you submit to Pegasus through the Pegasus Communication Channels or other communication and sales channels will be used in accordance with the Pegasus Privacy Policy.

2.1.2.    We recommend that you review the Pegasus Privacy Policy each time you visit the Pegasus Website or use the Pegasus Mobile Applications. You will be deemed to have read and accepted the latest version of the Pegasus Privacy Policy each time you use our Website or our Mobile Applications, including any amendments to date. 

2.1.3.    You will also be deemed to have accepted the content of the Pegasus Privacy Policy whenever you purchase or use any product or service offered by Pegasus through any sales channel.

2.1.4.    All disputes relating to the Pegasus Privacy Policy are subject to Turkish law and the exclusive jurisdiction of Istanbul (Anadolu) Courts and Execution Offices.

2.2.     Personal Data

2.2.1.    Pegasus acts as a data controller as per the provisions of the Law No. 6698 on the Protection of Personal Data and other applicable law on the protection of personal data. In this context, your personal data is recorded, updated and maintained to the extent permitted by the purpose of processing, shared with third parties in Turkey and abroad and otherwise processed as stipulated by the law, by Pegasus or on its behalf as the data controller, in each case subject to the following provisions.

2.2.2.    Pegasus may collect the following categories of your personal data, based on your consent or as permitted by the applicable law:

• ·         Your name, surname, profession, address, telephone and fax details, e-mail address and other contact information,
• ·         Identification and passport information,
• ·         Ticketing and flight reservation details (including the HES Code you provide us with),
• ·         Invoicing and payment method information,
• ·         Product order information,
• ·         Information on your personal areas of interest,
• ·         Information submitted to Pegasus as part of your feedback and complaints regarding our products and services,
• ·         Information on your use of our Website, our Mobile Applications and other communication channels,
• ·         Your choices and past experience regarding our products and services.

You can find detailed information regarding the categories of personal data that may be processed by Pegasus or on its behalf as the data controller, on the public Data Controllers Registry operated by the Presidency of the Personal Data Protection Board (https://verbis.kvkk.gov.tr).

2.2.3.    Pegasus may process your collected personal data for the following purposes, based on your consent or as permitted by the applicable law:

• ·         Concluding reservation and Ticketing transactions and managing your flight account,
• ·         Better addressing your travel needs,
• ·         Proposing personalized flight offers and services,
• ·         Creating databases, carrying-out listing, reporting, verification, analysis and evaluations, producing statistical data, undertaking segmentation, profiling, unification and data enrichment activities and to share data with third-party experts, subject to confidentiality,
• ·         Conducting analysis for how you use our Website, our Mobile Applications and other communication and sales channels and to personalize our communication channels for a better service,
• ·         Conducting research and development on our products and services and your personal choice alternatives regarding these products and services,
• ·         Contacting you directly or through service providers for market research purposes, using the contact information provided to us,
• ·         Conducting commercial marketing communication for promoting our products and services, promoting new services, special flight offers and other information we consider that may be of interest to you,
• ·         Ensuring flight safety and security, protecting the lives or the property of Pegasus, Pegasus staff, service providers and their staff or our Passengers, complying with the applicable law in respect of the matters covered in this paragraph, facilitating the travel of our Passengers, carrying out security and risk assessments and complying with legal obligations and requests by authorized administrative bodies.

You can find detailed information regarding the categories of personal data that may be processed by Pegasus or on its behalf as the data controller, on the public Data Controllers Registry operated by the Presidency of the Personal Data Protection Board (https://verbis.kvkk.gov.tr).

2.2.4.    Pegasus may transfer your personal data for the purposes stated herein to the third parties categorized below that may be located in Turkey and abroad, based on your consent or as permitted by the applicable law:

• ·         Business partners,
• ·         Pegasus employees, Pegasus group companies, service providers, authorized travel agents and other airlines under alliance and cooperation schemes,
• ·         Authorized administrative bodies in Turkey and abroad, subject to the applicable air transportation rules, and other relevant persons and entities, subject to applicable legal obligations,
• ·         Authorized administrative bodies on the grounds of public order and flight security and to fulfill legal obligations arising from the applicable law where we operate flights.

You can find detailed information regarding the categories of personal data that may be processed by Pegasus or on its behalf as the data controller, on the public Data Controllers Registry operated by the Presidency of the Personal Data Protection Board (https://verbis.kvkk.gov.tr).

2.2.5.    Pegasus may collect your personal data through the Pegasus Website, the Pegasus Mobile Applications, the Pegasus Call Center, Airport Ticket Sales Offices, Check-in desks and Boarding gates, authorized Travel Agents and other sales channels operating online and maintain such personal data to the extent necessitated by the purposes stated in the Pegasus Privacy Policy.

2.2.6.    You can always apply to Pegasus to: (a) understand if your personal data is processed; (b) request information on the processing of your personal data, (c) understand the purpose of processing for your personal data and whether these are used in line with this purpose; (d) know third parties to whom your personal data is transferred in Turkey and abroad and to inquire about the appropriate safeguards implemented for cross-border personal data transfers; (e) correct your incomplete or incorrect personal data processed and maintained; (f) request the destruction or anonymization of your personal data subject to the purposes for the processing of your personal data being fully exhausted; (g) have third parties notified of the transactions covered in items (e) and (f), (h) object to the results of any analysis of your personal data exclusively through automatic systems. Your applications can be submitted to us in writing  and signed, addressed to the Data Protection Officer, at our business headquarters located at Aeropark, Yenişehir Mahallesi, Osmanlı Bulvarı No: 11/A Kurtköy 34912 Pendik İstanbul, Türkiye or through the Contact Us section of the Pegasus Website or any other communication channel indicated in that section. 

2.2.7.    By using the Pegasus Website, the Pegasus Mobile Applications and any other Pegasus Communication Channels or by purchasing or using any of our products or services through any sales channel you are deemed to have accepted the terms of the Pegasus Privacy Policy and to have provided your consent to Pegasus in respect of the matters covered herein.

2.2.8.    If you transact with Pegasus for another Passenger or user of services, Pegasus may process the personal data provided by you regarding yourself and the person on whose behalf you are carrying out a transaction. In this case, Pegasus may communicate with the Passenger directly about their flight.

2.3.     Electronic Marketing Communication

2.3.1.    Commercial electronic marketing communication will be carried out based on your contact permissions provided during Ticketing, Pegasus BolBol membership registration or any other applicable medium. In this respect and subject to your consent, you accept to receive commercial electronic marketing communication regarding the promotion of products and services offered by Pegasus and Pegasus’ business partners, new products and services, special flight offers, other information regarding your trip or information Pegasus may consider to be in your interest. You can always choose not to receive such communication for the future on all or some of your contact details through following the options provided in the relevant marketing communication. 

2.4.     Corrections

2.4.1.    If you believe that Pegasus has incorrect or incomplete information on your personal data, please contact us as soon as possible. Pegasus will correct the information that is incorrect or incomplete.

2.4.2.    You can access or modify your personal information regarding your Pegasus BolBol membership though the “EDIT PROFILE” tab under the Pegasus BolBol page through the Pegasus Website or the Pegasus Mobile Applications.

2.5.     Security

2.5.1.    The protection of your privacy is important for Pegasus. All forms through which you submit information to us are protected by 128 Bit SSL (Secure Sockets Layer), an encrypted communication tool, during communication. When the relevant information reached us, they are maintained in accordance with our security and privacy standards. To benefit from SSL, your web browser must support SSL and your browser options should enable the use of SSL.

2.5.2.    Each Pegasus BolBol member will have a username and a password. “Username” is unique for each member and cannot be assigned to another user. The “password” is created by and is known only to the member. Members can always change their passwords. Creating and maintaining password security is the obligation of the user. Pegasus does not assume any responsibility in respect of the misuse of passwords.

2.5.3.    Likewise, it is the Passenger’s or his/her agent’s responsibility to maintain the privacy of the PNR produced uniquely for your transactions through different communication and sales channels. Others may access your reservation details if your PNR information is disclosed to third parties.

2.5.4.    Your data is maintained only to the extent necessitated by our business processes or legal obligations. The details of your credit cards are not maintained on our servers.

2.6.     Links

2.6.1.    The Pegasus Website contains several links to third-party websites, allowing you to access content prepared by third-parties by hyperlinks. Pegasus has no authority on the linked third-party websites and does not assume any responsibility for third-party content. The terms and conditions applicable to the Pegasus Website will not apply to your access and use of third-party websites.

2.6.2.    You are fully responsible for your access, content, use and communication to or through the linked third-party websites. All personal data transfer to be carried out through the linked third-party websites will be subject to the information, other notifications and rules determined and published by the third-party operating the website and acting as the data controller under applicable law.

2.7.     Cookies and Digital Marketing

2.7.1.    Cookies are small information files that are stored on your computer through your web browser when you visit a website. When there is a connection between the web browser and the server, the website uses cookies to remember you. The cookies aim to make life easier for website users.

2.7.2.    There are four different categories of cookies based on their purpose: Session Cookies, Performance Cookies, Functional Cookies, and Publicity and Third-Party Cookies. Session Cookies are temporary cookies that are stored on the user’s browser until the user exits the Pegasus Website. Other cookies are cookies that remain on the user’s browser for as long as the user does not delete them. The cookies’ lifespan varies, depending on the user’s browser settings.

2.7.3.    Pegasus uses Session Cookies, Performance Cookies, Functional Cookies and Publicity and Third-Party Cookies on the Pegasus Website.

a)      Session Cookies: This type of cookies is necessary for the smooth functioning of the Pegasus Website. These cookies make it possible to visit the Pegasus Website and to benefit from its features. Session Cookies are used to store the information in the web pages and to avoid the need to re-enter your details.

b)      Performance Cookies: These cookies store information about how often the website is visited, any relevant error messages received, the duration of the visit and the user’s use of the website. This information is used to improve the website performance.

c)      Functional Cookies: These cookies remember the choices the user has made on the website (e.g., city and flight date selections) and facilitates the use of the website by the user. These cookies make it possible for the user to benefit from sophisticated internet features.

d)      Publicity and Third-Party Cookies: For using certain functions, third-party suppliers’ cookies are used on the Pegasus Website (e.g., cookies comprising sharing devices on social media on flight destinations and promotional pages). The Website also contains the cookies of the firms carrying-out advertisement tracking.

2.7.4.    In general, internet browsers are pre-defined to automatically accept cookies. Browsers can be adjusted to disable cookies or to alert users when a cookie has been sent to their device. Because cookie management varies from browser to browser, further information can be obtained from the relevant browser’s information website. For details on how to delete or disable cookies or for general information on cookies, please see www.allaboutcookies.org.

2.7.5.    You can accept or reject cookies. You can enable or disable cookies by changing the settings of your internet browser. For information on how to change your browser settings and how to delete cookies please see your browser’s instructions. Please bear in mind that when cookies are disables, some of the website’s features will change. Please refer to the websites below for information about disabling third-party cookies:

• ·        Mozilla Firefox
• ·        Internet Explorer
• ·        Google Chrome
• ·        Opera
• ·        Safari
• ·        iOS