UAE DATA PROTECTION NOTICE
1. WHO IS THE DATA CONTROLLER?
Nusret Restaurant LLC and D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. (hereinafter also “Nusr-et”, “we”, “us”) wish to inform you below of how your personal data are Processed within the context of our website. We jointly determine themethod and criteria for Processing (as defined below) your Personal Data, for the purposes of certain activities that we undertake in the course of our business, which we have described below. This makes us “Controllers” under the UAE Federal Decree Law No. (45) of 2021 concerning the protection of personal data (the “DP Law”). We are, therefore, required to comply with the DP Law in how we perform this role. Since we perform this role together, we are joint Controllers. Reference in this notice to “Data Controller” refers to us as joint Controllers.
Any personal data (such as your name, voice, image, electronic identifier, identification number, location data, or one or more factors specific to your physical, physiological, economic, cultural or social identity and includes Sensitive Personal Data and Biometric data as those terms are defined in the DP Law) (“Personal Data”) Processed (as defined below) in connection with the activities described below in this Data Protection Notice must be Processed in accordance with the DP Law.
Where the DP Law is silent or a matter is deferred to the Executive Regulations of the DP Law (which are yet to be published), the UAE Federal Law No. (31) of 2021 Promulgating the Penal Code, and the UAE Federal Telecommunications Regulatory Authority’s Regulatory Policy on the Internet of Things issued on 22 March 2018, apply.
We are committed to protecting the privacy and security of your Personal Data as a Data Controller. Therefore, we are committed to ensuring that your Personal Data is handled lawfully, fairly and in a transparent manner in accordance with the principles set out in the UAE DP Laws. This Data Protection Notice explains how we will collect, use, disclose, retain and protect your Personal Data.
2. WHEN DOES THIS DATA PROTECTION NOTICE APPLY?
This Data Protection Notice applies to your Personal Data that we collect, use and Process in connection with the transaction you take when you visit our website www.nusr-et.com.tr as a website visitor, job applicant, customer or potential customer.
“Process” in the context of this Data Protection Notice means any operation or set of operations performed on Personal Data using any electronic means, including processing and other means. This processing includes collecting, storing, recording, organizing, adapting, modifying, circulating, altering, retrieving, exchanging, sharing, using, characterizing, disclosing Personal Data by broadcasting, transmitting, distributing, making available, coordinating, merging, restricting, blocking, erasing or destroying it or creating forms thereof.
3. HOW DO WE COLLECT PERSONAL DATA?
We may obtain your Personal Data from the following sources:
a) from you directly: for example, at the time of subscribing to, or registering for any services offered on our website, including but not limited to email mailing lists, using interactive services, downloading content, or requesting further goods or services);
b) from your device or browser: data that is automatically collected (which will vary depending on your browser settings) by your browser or device, for example, the IP address of your internet service provider, the operating system you use, the name and version of your internet browser. The information provided by your browser does not identify you personally.
c) from correspondence with us (for example, by e-mail or any other digital or electronic form, including social media).
4. CATEGORIES OF PERSONAL DATA AND PURPOSES AND LAWFUL BASIS FOR PROCESSING
We may Process your Personal Data in different ways. In all cases we are committed to protecting your Personal Data. In each of the subheadings listed below, we describe how we obtain your Personal Data and how we treat it.
4.1 Job Applicants
4.2 Customer
4.3 Potential Customer
4.1. JOB APPLICANTS
We may collect Personal Data related to job applicants for positions advertised on our website.
4.1.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, place of birth, ID number/tax number, nationality, driving license, marital status. |
Contact Details: | Telephone number, e-mail address, address information. |
Personnel information: | CV, work/performance details, payroll details, certificate of employment records, professional/personal skills, registration number. |
Professional Experience: | Taken course details, vocational education details, certificates, profession details. |
Visual and Audio Records: | Photograph, voice records, visual records (such as video records, etc.). |
4.1.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Creating an Employee Candidate CV archive | Your prior consent. |
Execution the Employee Candidate online application process | Your prior consent. |
Performing Reference Check | Your prior consent. |
Verification of training certificate records | Your prior consent. |
4.1.3. How long do we keep your Personal Data?
We will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected. If you are successful and we hire you, we will keep your CV as part of your employee record for the duration of your employment with us. We will keep CVs and documents submitted by unsuccessful candidates only if they consent to us doing so and only for a specified period of no longer than 6 months, unless we obtained their consent to keep it for longer.
4.2. CUSTOMER
We may collect Personal Data related to our existing customers.
4.2.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, ID number/ tax number, driving license, signature. |
Contact Details: | Telephone number, e-mail address. |
Personnel information: | Registration number, Education information, certificate of employment records, professional/personal skills. |
Your Professional Experience: | Vocational education details, certificates, profession details. |
Visual and Audio Records: | Photograph. |
Vehicle Details: | License plate information. |
Your Special Categories of Personal Data: | Personal health details, disability details. |
4.2.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable reservation process | Your prior consent. |
Supplier, subcontractor, visitor OHS Basic Requirements Control | Mandatory requirements under Emirate decrees or laws and/ or Municipality regulations mandating the use of surveillance cameras in restaurants in the relevant Emirate. |
Some of the information we collect (such as health information) under the heading of Special Categories of Personal Data may be deemed to fall within the definition of Sensitive Personal Data under the DP Law. These are Personal Data which are afforded additional legal protection due to the sensitive nature of such data. We shall not be prohibited from Processing such data for the specific purpose we have explained to you provided you explicitly consent to the same and we Process such data for a legitimate purpose and in a lawful manner.
4.2.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
4.3. POTENTIAL CUSTOMER
We may collect Personal Data related to potential customers.
4.3.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname. |
Contact Details: | Telephone number, e-mail address. |
Your Special Categories of Personal Data: | Personal health details. |
4.3.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable Reservation Process | Your prior consent. |
Some of the information we collect (such as health information) under the heading of Special Categories of Personal Data may be deemed to fall within the definition of Sensitive Personal Data under the DP Law. These are Personal Data which are afforded additional legal protection due to the sensitive nature of such data. We shall not be prohibited from Processing such data for the specific purpose we have explained to you provided you explicitly consent to the same and we Process such data for a legitimate purpose and in a lawful manner.
4.3.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In Sections 5 and 6 of this Website Data Protection Notice, the following words shall have the following meanings:-
“Affiliate” means in relation to Nusret Restaurant LLC or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş, any other Person directly or indirectly controlling or controlled by or under direct or indirect common control with Nusret Restaurant LLC or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. For the purposes of this definition, “control” when used with respect to either Nusret Restaurant LLC or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş means the power to direct the management and policies of such Person, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise; and the terms “controlling” and “controlled” have meanings correlative to the foregoing.
“UAE MainlandAffiliate” means an Affiliate registered in the UAE mainland;
"Non-UAE Mainland Affiliate” means an Affiliate registered outside the UAE mainland; and
“Person” means any natural person, corporation, limited liability company, trust, joint venture, association, company, partnership, governmental authority or other entity.
We do not sell your Personal Data to third parties.
We may share your Personal Data with Nusr-et’s UAE Mainland Affiliates and Non-UAE Mainland Affiliates because we share the same guest management and IT systems. Such transfers are governed by jurisdiction-compliant agreements between the Affiliates for the integrity and confidentiality of Personal Data.
Service Providers
We may disclose information about you to organisations that provide a service to us, ensuring that they are contractually obligated to keep your Personal Data confidential and will comply with the DP Law, GDPR, and any other relevant data protection laws.
We may share your information with the following types of service providers:
a) technical support providers who assist with our website and IT infrastructure,
b) third party software providers, where the provider hosts the relevant Personal Data on our behalf;
c) professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers;
d) providers that help us generate and collate reviews in relation to our goods and services;
e) our advertising and promotional agencies and consultants and those organisations or online platforms selected by us to carry out marketing campaigns on our behalf (for example, Facebook, Google, Instagram);
f) service providers that assist us in providing our services; and/or
g) our business associates in the UAE mainland and outside the UAE mainland.
Law Enforcement or Government Bodies
We may disclose your Personal Data to the required authorities, as permitted by law, in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law.
6. TRANSFERS OF PERSONAL DATA OUTSIDE THE UAE MAINLAND
We share Personal Data with external vendors or service providers or suppliers that we engage to perform services or functions on our behalf and under our instructions. Where these vendors are located within the UAE mainland (i.e. not within a free trade zone such as DIFC or ADGM), we ensure that they are contractually obligated to comply with the DP Law. Where they are located outside the UAE, we shall ensure that your Personal Data shall only be transferred to a jurisdiction outside the UAE mainland if that jurisdiction has proper levels of protection for that type of Personal Data, meaning it has personal data protection legislation which includes the most significant provisions, measures, controls, stipulations and rules relating to the protection of the privacy and confidentiality of a data subject’s Personal Data, and his/her ability to exercise their legal rights. We also ensure in our contracts with these organisations that they only Process your Personal Data fairly, lawfully and transparently, in accordance with our instructions, and in order to provide the agreed services and protect the integrity and confidentiality of your Personal Data entrusted to them.
7. LINKS TO OTHER WEBSITES
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Data Protection Notice. Nusr-et has a presence on social media (Facebook, Twitter, YouTube etc.) and you can interact with us through your existing social media accounts in accordance with their relevant privacy policies.
8. YOUR DATA PROTECTION RIGHTS
You have the following rights in relation to your Personal Data:-
Ø Right to receive information: Individuals have the right to request the information that an organisation holds on them, which includes what Personal Data of theirs is being collected, how it is being used, decisions made based on automated processing, the targeted sectors or establishments inside and outside the UAE with whom their Personal Data will be shared with, the controls and standards for the period of storage and preservation of their Personal Data, protection measures for cross-border Processing, actions to be taken in the event of a breach or misuse of their Personal Data, and how to submit complaints to the UAE Data Office (once it is established).
Ø Right to correction or erasure: Individuals have the right to correct data that is inaccurate or incomplete. In certain circumstances, individuals can ask organisations to erase any Personal Data that is stored with them
Ø Right to request transfer: Individuals have the right to receive their data provided to us in an orderly and machine-readable manner, whenever the Processing is based on their consent or necessary for the implementation of a contractual obligation and it is carried out by automated means. Individuals can also request that organisation transfer any data that it holds on them to another company, provided such transfer does not infringe the rights of any other individuals.
Ø Right to restrict Processing: Individuals can request that an organisation limits the use of and stops the Processing of their Personal Data.
Ø Right to stop Processing: Individuals have the right to object to certain types of Processing, such as direct marketing.
Ø Rights Processing and automated Processing including profiling: Individuals have the right to object to any decision based solely on automated Processing, including profiling, which produces legal consequences concerning him or other seriously impactful consequences and to require such decision to be reviewed manually.
Right to withdraw consent: Individuals may withdraw consent to the Processing of their Personal Data at any time by notifying us
9. HOW CAN YOU WITHDRAW YOUR CONSENT?
If you consent to us Processing your Personal Data, please note that you may withdraw this consent at any time. In order to withdraw the consent, please contact privacy@nusr-et.com.tr Please note that your consent can only be withdrawn for future Processing activities and such a withdrawal does not have any influence on the lawfulness of past Processing activities. In some cases, we may be entitled in spite of your withdrawal to continue to Process your Personal Data on a different legal basis.
10. UPDATING THIS DATA PROTECTION NOTICE
We reserve the right to update this Data Protection Notice at any time. We will let you know about the changes by publishing the updated version of the Data Protection Notice. We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Data Protection Notice.
11. HOW TO GET IN TOUCH WITH US AND HOW CAN YOU EXERCISE YOUR LEGAL RIGHTS?
If you have any questions about our Data Protection Notice , or if you would like to make a complaint about a possible breach of Personal Data or to exercise one of your data protection rights, please contact us as described below.
Contact us;
Company E-mail address: privacy@nusr-et.com.tr
If you have any concerns about how we Process your Personal Data, please feel free to contact our data protection officer, who will investigate the matter and come back to you, by sending an email to privacy@nusr-et.com.tr
If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work.
ADGM Data Protection Notice
1. WHO IS THE DATA CONTROLLER?
Nusret Galeria Restaurant Ltdand D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. (hereinafter also “Nusr-et”, “we”, “us”) wish to inform you below of how your personal data are Processed within the context of our website. We would be considered “Joint Controllers” per the definition in the ADGM Data Protection Regulations 2021. Reference in this notice to “Data Controller” refers to us collectively as “Joint Controllers”.
Any personal data such as your name, identification number, location data, an online identifier, or one or more factors specific to your biological, biometric, physiological, mental, genetic, economic, cultural or social identity (“Personal Data”) Processed in connection with this Data Protection Notice is controlled by Nusr-et, which is considered the “Data Controller” of your Personal Data under the ADGM Data Protection Regulations 2021 (“ADGM DPR”).
We are committed to protecting the privacy and security of your Personal Data as a Data Controller. Therefore, we are committed to ensuring that your Personal Data is handled lawfully, fairly and in a transparent manner in accordance with the principles set out in the ADGM DPR. This Data Protection Notice explains how we will collect, use, disclose, retain and protect your Personal Data.
2. WHEN DOES THIS DATA PROTECTION NOTICE APPLY?
This Data Protection Notice applies to your Personal Data that we collect, use and Process in connection with the transaction you take when you visit our website www.nusr-et.com.tr. as a website visitor, job applicant, customer or potential customer.
“Process” in the context of this Data Protection Notice means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration,
retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. HOW DO WE COLLECT PERSONAL DATA?
We may obtain your Personal Data from the following sources:
a) from you directly: for example, at the time of subscribing to, or registering for any services offered on our website, including but not limited to email mailing lists, using interactive services, downloading content, or requesting further goods or services;
b) from your device or browser: data that is automatically collected (which will vary depending on your browser settings) by your browser or device, for example, the IP address of your internet service provider, the operating system you use, the name and version of your internet browser. The information provided by your browser does not identify you personally;
c) from correspondence with us (for example, by e-mail or any other digital or electronic form, including social media).
4. CATEGORIES OF PERSONAL DATA AND PURPOSES AND LAWFUL BASIS FOR PROCESSING
We may Process your Personal Data in different ways. In all cases we are committed to protecting your Personal Data. In each of the subheadings listed below, we describe how we obtain your Personal Data and how we treat it.
4.1 Web Site Visitors
4.2 Job Applicants
4.3 Customer
4.4 Potential Customer
4.1. WEB SITE VISITORS
We may collect Personal Data related to web site visitors.
4.1.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Personal identification data | First name, last name |
Contact information data | Address, email address |
Technical data | This is data about your computer hardware and software that is automatically collected by us and includes cookie data (for more information please see our Cookie Polic[EY1] y) device type (e.g. mobile, computer, laptop, tablet), browser information (e.g. browser type, language and history), IP address, operating system, access times, settings and referring website addresses. |
4.1.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Provide our website services to website users | Your prior consent (in accordance with Article 5(1)(a) of the ADGM DPR) |
Remembering website users’ preferences | Your prior consent (in accordance with Article 5(1)(a) of the ADGM DPR) |
Marketing and advertising | Your prior consent (in accordance with Article 5(1)(a) of the ADGM DPR) |
Monitor any external security threats to our systems (such as hacks) | Legitimate Interest (in accordance with Article 5(1)(f) of the ADGM DPR). |
4.1.3. How long do we keep your Personal Data?
We will keep your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with your requests via our website or your use of our website.
4.2. JOB APPLICANTS
We may collect Personal Data related to job applicants for positions advertised on our website.
4.2.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, place of birth, ID number/tax number, nationality, driving license, marital status. |
Contact Details: | Telephone number, e-mail address, address information. |
Personnel information: | CV, work/performance details, professional/personal skills, registration number. |
Professional Experience: | Taken course details, vocational education details, certificates, profession details. |
Visual and Audio Records: | Photograph, voice records, visual records (such as video records, etc.). |
4.2.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Creating an Employee Candidate CV archive | Your prior consent (in accordance with section 5(1)(a) of the ADGM DPR) Some of the information we collect may be deemed to fall within the Special Categories of Personal Data (see above definition). |
Execution of the Employee Candidate application process through the website | Performance of a contract with you or to take steps at your request, before entering a contract/ To comply with its legal obligations as employer (in accordance with sections 5(1)(b) and 5(1)(c) respectively of the ADGM DPR) |
Performing Reference Check | Company’s legitimate interest. (in accordance with section 5(1)(f) of the ADGM DPR) |
Verification of training certificate records | Company’s legitimate interest. (in accordance with section 5(1)(f) of the ADGM DPR) |
4.2.3. How long do we keep your Personal Data?
We will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected. If you are successful and we hire you, we will keep your CV as part of your employee record for the duration of your employment with us. We will keep CVs and documents submitted by unsuccessful candidates only if they consent to us doing so and only for a specified period of no longer than 6 months, unless we obtained their consent to keep it for longer.
4.3. CUSTOMER
We may collect Personal Data related to our existing customers.
4.3.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, ID number/ tax number, driving license, signature. |
Contact Details: | Telephone number, e-mail address. |
Personnel information: | Registration number, Education information, certificate of employment records, professional/personal skills. |
Your Professional Experience: | Vocational education details, certificates. |
Visual and Audio Records: | Photograph. |
Vehicle Details: | License plate information. |
Your Special Categories of Personal Data: | Health data (personal health details, disability details). |
4.3.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable reservation process | Performance of a contract with you or to take steps at your request, before entering a contract (in accordance with section 5(1)(b) of the ADGM DPR). |
Supplier, subcontractor, visitor OHS Basic Requirements Control | Processing is necessary for compliance with a legal obligation to which the Data Controller is subject to under the applicable law (in accordance with section 5(1)(c) of the ADGM DPR). |
Some of the information we collect (such as personal health details, disability details) may be deemed to fall within the Special Categories of Personal Data under the ADGM DPR (in the above example, health information). We are not prohibited from Processing such data if you explicitly consent to the same under Article 7(2)(a) of the ADGM DPR.
4.3.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
4.4. POTENTIAL CUSTOMER
We may collect Personal Data related to potential customers.
4.4.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname. |
Contact Details: | Telephone number, e-mail address. |
Your Special Categories of Personal Data: | Health data (personal health details). |
4.4.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable Reservation Process | Performance of a contract with you or to take steps at your request, before entering a contract (in accordance with section 5(1)(b) of the ADGM DPR). |
4.4.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In Sections 5 and 6 of this Website Data Protection Notice, the following words shall have the following meanings:-
“Affiliate” means in relation to Nusret Galeria Restaurant Ltd or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş, any other Person directly or indirectly controlling or controlled by or under direct or indirect common control with Nusret Galeria Restaurant Ltd or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. For the purposes of this definition, “control” when used with respect to either Nusret Galeria Restaurant Ltd or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş means the power to direct the management and policies of such Person, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise; and the terms “controlling” and “controlled” have meanings correlative to the foregoing.
“ADGM Affiliate” means an Affiliate registered in the ADGM;
"Non-ADGM Affiliate” means an Affiliate registered outside the ADGM; and
“Person” means any natural person, corporation, limited liability company, trust, joint venture, association, company, partnership, governmental authority or other entity.
We do not sell your Personal Data to third parties.
We may share your Personal Data with Nusr-et’s ADGM Affiliates and Non-ADGM Affiliates because we share the same guest management and IT systems. Such transfers are governed by jurisdiction-compliant agreements between the Affiliates for the integrity and confidentiality of Personal Data.
Service Providers
We may disclose information about you to organisations that provide a service to us, ensuring that they are contractually obligated to keep your Personal Data confidential and will comply with the ADGM DPR, GDPR, and any other relevant data protection laws.
We may share your information with the following types of service providers:
a) technical support providers who assist with our website and IT infrastructure,
b) third party software providers, where the provider hosts the relevant Personal Data on our behalf;
c) professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers;
d) providers that help us generate and collate reviews in relation to our goods and services;
e) our advertising and promotional agencies and consultants and those organisations or online platforms selected by us to carry out marketing campaigns on our behalf (for example, Facebook, Google, Instagram);
f) service providers that assist us in providing our services; and/or
g) our business associates based in the ADGM and outside the ADGM.
Law Enforcement or Government Bodies
We may disclose your Personal Data to the required authorities, as permitted by law, in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law.
6. TRANSFERS OF PERSONAL DATA OUTSIDE THE ADGM
We share Personal Data with external vendors or service providers or suppliers that we engage to perform services or functions on our behalf and under our instructions. Where these vendors are located within the ADGM, we ensure that they are contractually obligated to comply with the ADGM DPR. Where they are located outside the ADGM, in accordance with Part V of the ADGM DPR, we shall ensure that your Personal Data shall only be transferred to a jurisdiction outside the ADGM if that jurisdiction has adequate levels of protection for that type of Personal Data and that the conditions of Part V of the ADGM DPR are complied with, including where the data may be subject to further onward transfer. We also ensure in our contracts with these organisations that they only Process Personal Data lawfully, fairly, and in a transparent manner (as required by ADGM DPR), in accordance with our instructions, and in order to provide the agreed services and protect the integrity and confidentiality of your Personal Data entrusted to them.
Some of the vendors/service providers that Nusr-et and Nusr-et Affiliates engage with, are located in jurisdictions where ADGM DPR does not recognise the jurisdictions as locations providing adequate protection for Personal Data. In such cases, we sign the ADGM approved standard contractual clause with the vendor/ service provider to protect your data.
7. LINKS TO OTHER WEBSITES
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Data Protection Notice. Nusr-et has a presence on social media (Facebook, Twitter, YouTube etc.) and you can interact with us through your existing social media accounts in accordance with their relevant privacy policies.
8. YOUR DATA PROTECTION RIGHTS
You have the following rights in relation to your Personal Data in accordance with the provisions of Part 3 of the ADGM DPR;
Ø Right to be informed: upon request organisations must tell individuals what data of theirs is being collected, how it is being used, how long it will be kept and whether it will be shared with any third parties. Individuals also have the right to be informed before Personal Data is disclosed by us for the first time to third parties or used on their behalf for the purposes of direct marketing and be explicitly offered the right to object to such disclosures or uses.
Ø Right of access: individuals have the right to request a copy of the information that an organisation holds on them.
Ø Right of rectification: individuals have the right to correct data that is inaccurate or incomplete.
Ø Right to erasure and right to be forgotten: in certain circumstances, individuals can ask organisations to erase any Personal Data that is stored with them, including on the Internet.
Ø Right of portability: individuals can request that organisation transfer any data that it holds on them to another company, provided such transfer does not infringe the rights of any other individuals.
Ø Right to restrict Processing: individuals can require an organisation to limit the way it uses Personal Data in certain circumstances (Article 16 of the ADGM DPR)
Ø Right to object: individuals have the right to challenge certain types of Processing, such as direct marketing
Ø Rights related to automated decision making, including profiling: Individuals have the right to object to any decision based solely on automated Processing, including profiling, which produces legal consequences concerning him or other seriously impactful consequences and to require such decision to be reviewed manually. Individuals can ask organisations to provide a copy of its automated Processing activities if they believe the data is being Processed unlawfully.
Ø Right to withdraw consent: Individuals may withdraw consent at any time by notifying us.
9. HOW CAN YOU WITHDRAW YOUR CONSENT?
If you consent to us Processing your Personal Data, please note that you may withdraw this consent at any time. In order to withdraw the consent, please contact privacy@nusr-et.com.tr Please note that your consent can only be withdrawn for future Processing activities and such a withdrawal does not have any influence on the lawfulness of past Processing activities. In some cases, we may be entitled in spite of your withdrawal to continue to Process your Personal Data on a different legal basis.
10. UPDATING THIS DATA PROTECTION NOTICE
We reserve the right to update this Data Protection Notice at any time. We will let you know about the changes by publishing the updated version of the Data Protection Notice.We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Data Protection Notice.
11. HOW TO GET IN TOUCH WITH US AND HOW CAN YOU EXERCISE YOUR LEGAL RIGHTS?
If you have any questions about our Data Protection Notice , or if you would like to make a complaint about a possible breach of Personal Data or to exercise one of your data protection rights, please contact us as described below.
Contact us;
Company E-mail address: privacy@nusr-et.com.tr
If you have any concerns about how we Process your Personal Data, please feel free to contact our data protection officer, who will investigate the matter and come back to you, by sending an email to privacy@nusr-et.com.tr
If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work.
DIFC Saltbae Restaurant Limited DATA PROTECTION NOTICE
1. WHO IS THE DATA CONTROLLER?
Saltbae Restaurant Limited and D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. (hereinafter also “Nusr-et”, “we”, “us”) wish to inform you below of how your personal data are Processed within the context of our website. We would be considered “Joint Controllers” per the definition in the DIFC Data Protection Law (DIFC Law No. 5 of 2020). Reference in this notice to “Data Controller” refers to us collectively.
Any personal data such as your name, identification number, location data, an online identifier, or one or more factors specific to your biological, biometric, physiological, mental, genetic, economic, cultural or social identity (“Personal Data”) Processed in connection with this Data Protection Notice is controlled by Nusr-et, which is considered the “Data Controller” of your Personal Data under the DIFC Data Protection Law (DIFC Law No. 5 of 2020) (“DIFC DPL”).
We are committed to protecting the privacy and security of your Personal Data as a Data Controller. Therefore, we are committed to ensuring that your Personal Data is handled lawfully, fairly and in a transparent manner in accordance with the principles set out in the DIFC DPL. This Data Protection Notice explains how we will collect, use, disclose, retain and protect your Personal Data.
2. WHEN DOES THIS DATA PROTECTION NOTICE APPLY?
This Data Protection Notice applies to your Personal Data that we collect, use and Process in connection with the transaction you take when you visit our website www.nusr-et.com.tr as a website visitor, job applicant, customer or potential customer.
“Process” in the context of this Data Protection Notice means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage and archiving, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, transfer or otherwise making available, alignment or combination, restricting (meaning the marking of stored Personal Data with the aim of limiting Processing of it in the future), erasure or destruction, but excluding operations or sets of operations performed on Personal Data by:
(a) a natural person in the course of a purely personal or household activity that has no connection to a commercial purpose; or
(b) law enforcement authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security.
3. HOW DO WE COLLECT PERSONAL DATA?
We may obtain your Personal Data from the following sources:
a) from you directly: for example, at the time of subscribing to, or registering for any services offered on our website, including but not limited to email mailing lists, using interactive services, downloading content, or requesting further goods or services);
b) from your device or browser: data that is automatically collected (which will vary depending on your browser settings) by your browser or device, for example, the IP address of your internet service provider, the operating system you use, the name and version of your internet browser. The information provided by your browser does not identify you personally.
c) from correspondence with us (for example, by e-mail or any other digital or electronic form, including social media).
4. CATEGORIES OF PERSONAL DATA AND PURPOSES AND LAWFUL BASIS FOR PROCESSING
We may Process your Personal Data in different ways. In all cases we are committed to protecting your Personal Data. In each of the subheadings listed below, we describe how we obtain your Personal Data and how we treat it.
4.1 Web Site Visitors
4.2 Job Applicants
4.3 Customer
4.4 Potential Customer
4.1. WEB SITE VISITORS
We may collect Personal Data related to web site visitors.
4.1.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Personal identification data | First name, last name |
Contact information data | Address, email address |
Technical data | This is data about your computer hardware and software that is automatically collected by us and includes cookie data (for more information please see our Cookie Polic[EY1] y) device type (eg mobile, computer, laptop, tablet), browser information (e.g. browser type, language and history), IP address, operating system, access times, settings and referring website addresses. |
4.1.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Provide our website services to website users | Your prior consent (in accordance with Article 12 DIFC DPL) |
Remembering website users’ preferences | Your prior consent (in accordance with Article 12 DIFC DPL) |
Marketing and advertising | Your prior consent (in accordance with Article 12 DIFC DPL) |
Monitor any external security threats to our systems (such as hacks) | Legitimate Interest (in accordance with Article 13 of the DIFC DPL). |
4.1.3. How long do we keep your Personal Data?
We will keep your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with your requests via our website or your use of our website.
4.2. JOB APPLICANTS
We may collect Personal Data related to job applicants for positions advertised on our website.
4.2.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, place of birth, ID number/tax number, nationality, driving license, marital status. |
Contact Details: | Telephone number, e-mail address, address information. |
Personnel information: | CV, work/performance details, professional/personal skills, registration number. |
Professional Experience: | Taken course details, vocational education details, certificates, profession details. |
Visual and Audio Records: | Photograph, voice records, visual records (such as video records, etc.). |
4.2.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Creating an Employee Candidate CV archive | Your prior consent (in accordance with Articles 10(a) and 12 of the DIFC DPL) Some of the information we collect may be deemed to fall within the Special Categories of Personal Data (see above definition). |
Execution of the Employee Candidate application process through the website | Performance of a contract with you or to take steps at your request, before entering a contract/ To comply with its legal obligations as employer (in accordance with Articles 10(b) and 10(c) of the DIFC DPL) |
Performing Reference Check | Company’s legitimate interest. (in accordance with Article 10(f) of the DIFC DPL) |
Verification of training certificate records | Company’s legitimate interest. (in accordance with Article 10(f) of the DIFC DPL) |
4.2.3. How long do we keep your Personal Data?
We will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected. If you are successful and we hire you, we will keep your CV as part of your employee record for the duration of your employment with us. We will keep CVs and documents submitted by unsuccessful candidates only if they consent to us doing so and only for a specified period of no longer than 6 months, unless we obtained their consent to keep it for longer.
4.3. CUSTOMER
We may collect Personal Data related to our existing customers.
4.3.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname, date of birth, place of birth, ID number/ tax number, driving license, marital status, signature. |
Contact Details: | Telephone number, e-mail address. |
Personnel information: | Registration number, Education information, certificate of employment records, professional/personal skills. |
Your Professional Experience: | Vocational education details, certificates. |
Visual and Audio Records: | Photograph. |
Vehicle Details: | License plate information. |
Your Special Categories of Personal Data: | Health data (personal health details, disability details). |
4.3.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable reservation process | Performance of a contract with you or to take steps at your request, before entering a contract (in accordance with Article 10(b) DIFC DPL). |
Supplier, subcontractor, visitor OHS Basic Requirements Control | Processing is necessary for compliance with a legal obligation to which the Data Controller is subject to under the applicable law (in accordance with Article 10(1)(c) DIFC DPL). |
Some of the information we collect (such as personal health details, disability details) may be deemed to fall within the Special Categories of Personal Data under the DIFC DPL (in the above example, health information). We are not prohibited from Processing such data if you explicitly consent to the same under Article 11(a) DIFC DPL.
4.3.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
4.4. POTENTIAL CUSTOMER
We may collect Personal Data related to potential customers.
4.4.1. Personal Data that we collect and Process
Category of Personal Data | Personal Data |
Identity Details: | Name, surname. |
Contact Details: | Telephone number, e-mail address. |
Your Special Categories of Personal Data: | Health data (personal health details). |
4.4.2. Why do we collect your Personal Data and what are our lawful bases for it?
Purpose of Data Processing | Lawful Basis |
Opentable Reservation Process | Performance of a contract with you or to take steps at your request, before entering a contract (in accordance with Article 10(1)(b) of the DIFC DPL). |
4.4.3. How long do we keep your Personal Data?
We will Process your Personal Data only for as long as is necessary for the purposes for which it was collected in connection with the provision of service to you, unless we have a legal right or obligation to retain the data for a longer period, or the data is necessary for the establishment, exercise or defence of legal claims.
5. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In Sections 5 and 6 of this Website Data Protection Notice, the following words shall have the following meanings:-
“Affiliate” means in relation to Saltbae Restaurant Limited or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş, any other Person directly or indirectly controlling or controlled by or under direct or indirect common control with Saltbae Restaurant Limited or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş. For the purposes of this definition, “control” when used with respect to either Saltbae Restaurant Limited or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş means the power to direct the management and policies of such Person, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise; and the terms “controlling” and “controlled” have meanings correlative to the foregoing.
“DIFC Affiliate” means an Affiliate registered in the DIFC;
"Non-DIFC Affiliate” means an Affiliate registered outside the DIFC; and
“Person” means any natural person, corporation, limited liability company, trust, joint venture, association, company, partnership, governmental authority or other entity.
We do not sell your Personal Data to third parties.
We may share your Personal Data with Nusr-et’s DIFC Affiliates and Non-DIFC Affiliates because we share the same guest management and IT systems. Such transfers are governed by jurisdiction-compliant agreements between the Affiliates for the integrity and confidentiality of Personal Data.
Service Providers
We may disclose information about you to organisations that provide a service to us, ensuring that they are contractually obligated to keep your Personal Data confidential and will comply with the DIFC DPL, GDPR, and any other relevant data protection laws.
We may share your information with the following types of service providers:
a) technical support providers who assist with our website and IT infrastructure,
b) third party software providers, where the provider hosts the relevant Personal Data on our behalf;
c) professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers;
d) providers that help us generate and collate reviews in relation to our goods and services;
e) our advertising and promotional agencies and consultants and those organisations or online platforms selected by us to carry out marketing campaigns on our behalf (for example, Facebook, Google, Instagram);
f) service providers that assist us in providing our services; and/or
g) our business associates based in the DIFC and outside the DIFC.
Law Enforcement or Government Bodies
We may disclose your Personal Data to the required authorities, as permitted by law, in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law.
6. TRANSFERS OF PERSONAL DATA OUTSIDE THE DIFC
We share Personal Data with external vendors or service providers or suppliers that we engage to perform services or functions on our behalf and under our instructions. Where these vendors are located within the DIFC, we ensure that they are contractually obligated to comply with the DIFC DPL. Where they are located outside the DIFC, in accordance with Part 4 of the DIFC DPL, we shall ensure that your Personal Data shall only be transferred to a jurisdiction outside the DIFC if that jurisdiction has adequate levels of protection for that type of Personal Data unless that jurisdiction falls into one of the approved jurisdictions in the DIFC DPL or is otherwise listed by DIFC on its website from time to time. We also ensure in our contracts with these organisations that they only Process Personal Data fairly, lawfully and transparently (as required by DIFC DPL), in accordance with our instructions, and in order to provide the agreed services and protect the integrity and confidentiality of your Personal Data entrusted to them.
Some of the vendors/service providers that Nusr-et and Nusr-et Affiliates engage with, are located in jurisdictions where DIFC DPL does not recognise the jurisdictions as locations providing adequate protection for Personal Data. In such cases, we sign the DIFC approved standard contractual clause with the vendor/ service provider to protect your data.
7. LINKS TO OTHER WEBSITES
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Data Protection Notice. Nusr-et has a presence on social media (Facebook, Twitter, YouTube etc.) and you can interact with us through your existing social media accounts in accordance with their relevant privacy policies.
8. YOUR DATA PROTECTION RIGHTS
You have the following rights in relation to your Personal Data in accordance with the provisions of Part 6 of the DIFC DPL;
Ø Right to be informed: upon request organisations must tell individuals what data of theirs is being collected, how it is being used, how long it will be kept and whether it will be shared with any third parties. Individuals also have the right to be informed before Personal Data is disclosed by us for the first time to third parties or used on their behalf for the purposes of direct marketing and be explicitly offered the right to object to such disclosures or uses.
Ø Right of access: individuals have the right to request a copy of the information that an organisation holds on them.
Ø Right of rectification: individuals have the right to correct data that is inaccurate or incomplete.
Ø Right to erasure and right to be forgotten: in certain circumstances, individuals can ask organisations to erase any Personal Data that is stored with them, including on the Internet.
Ø Right of portability: individuals can request that organisation transfer any data that it holds on them to another company, provided such transfer does not infringe the rights of any other individuals.
Ø Right to restrict Processing: individuals can require an organisation to limit the way it uses Personal Data in certain circumstances (Article 35 DIFC DPL)
Ø Right to object: individuals have the right to challenge certain types of Processing, such as direct marketing
Ø Rights related to automated decision making, including profiling: Individuals have the right to object to any decision based solely on automated Processing, including profiling, which produces legal consequences concerning him or other seriously impactful consequences and to require such decision to be reviewed manually. Individuals can ask organisations to provide a copy of its automated Processing activities if they believe the data is being Processed unlawfully.
Ø Right to withdraw consent: Individuals may withdraw consent at any time by notifying us.
Ø Non-discrimination: Individuals exercising their rights above may not be discriminated against by us (for example by denying services to the individual or charging different prices for goods or services)
9. HOW CAN YOU WITHDRAW YOUR CONSENT?
If you consent to us Processing your Personal Data, please note that you may withdraw this consent at any time. In order to withdraw the consent, please contact privacy@nusr-et.com.tr. Please note that your consent can only be withdrawn for future Processing activities and such a withdrawal does not have any influence on the lawfulness of past Processing activities. In some cases, we may be entitled in spite of your withdrawal to continue to Process your Personal Data on a different legal basis.
10. UPDATING THIS DATA PROTECTION NOTICE
We reserve the right to update this Data Protection Notice at any time. We will let you know about the changes by publishing the updated version of the Data Protection Notice on www.nusr-et.com.tr . We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Data Protection Notice.
11. HOW TO GET IN TOUCH WITH US AND HOW CAN YOU EXERCISE YOUR LEGAL RIGHTS?
If you have any questions about our Data Protection Notice , or if you would like to make a complaint about a possible breach of Personal Data or to exercise one of your data protection rights, please contact us as described below.
Contact us;
Company E-mail address: privacy@nusr-et.com.tr
If you have any concerns about how we Process your Personal Data, please feel free to contact our data protection officer, who will investigate the matter and come back to you, by sending an email to privacy@nusr-et.com.tr.
If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work.
إشعار حماية البيانات
(1) من هو مراقب البيانات ؟
شركة مطعم نصرت المحدودة، وشركة D المساهمة لتجارة وتسويق اللحوم ومنتجاتها
Nusret Restaurant LLC and D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş.
(يشار إليها فيما يلي أيضًا باسم "Nusr-et" و "نحن" و"لنا") نود إعلامك أدناه بكيفية معالجة بياناتك الشخصية في سياق موقعنا على الويب. نحن نحدد بشكل مشترك طريقة ومعايير معالجة بياناتك الشخصية (كما هو محدد أدناه)، لأغراض بعض الأنشطة التي نقوم بها في سياق أعمالنا الموصوفة أدناه. وهذا يجعلنا " مراقبين" بموجب قانون المرسوم الاتحادي لدولة الإمارات العربية المتحدة رقم (45) لسنة 2021 بشأن حماية البيانات الشخصية (" قانون حماية البيانات"). لذلك، نحن مطالبون بالامتثال لقانون حماية البيانات في كيفية قيامنا بهذا الدور. ونظراً لأننا نؤدي هذا الدور معاً، فنحن مراقبون مشتركون. يشير " مراقب البيانات" في هذا الإشعار إلينا كمراقبين مشتركين.
أيٌّ من بياناتك الشخصية (مثل اسمك أو صوتك أو صورتك أو معرفك الإلكتروني أو رقم التعريف أو بيانات الموقع أو واحد أو أكثر من العوامل الخاصة بهويتك المادية أو الفسيولوجية أو الاقتصادية أو الثقافية أو الاجتماعية، وتشمل البيانات الشخصية الحساسة والبيانات البيومترية، وفق تعريف هذه المصطلحات في قانون حماية البيانات) أي (" البيانات الشخصية")؛ يجب معالجتها (كما هو محدد أدناه) فيما يتعلق بالأنشطة الموضحة أدناه في إشعار حماية البيانات هذا وفقا لقانون حماية البيانات.
في المسألة التي لم يرد لها ذكر في قانون حماية البيانات، أو تم تأجيلها إلى اللائحة التنفيذية لقانون حماية البيانات (التي لم يتم نشرها بعد)، يتم تطبيق القانون الاتحادي لدولة الإمارات العربية المتحدة رقم (31) لعام 2021 الذي يصدر قانون العقوبات، والسياسات التنظيمية للهيئة الاتحادية لتنظيم الاتصالات في دولة الإمارات العربية المتحدة بشأن إنترنت الأشياء الصادرة في 22 مارس 2018.
نحن ملتزمون بحماية خصوصية وأمن بياناتك الشخصية كمراقب للبيانات. لذلك، نحن ملتزمون بضمان التعامل مع بياناتك الشخصية بشكل قانوني وعادل وشفاف وفقًا للمبادئ المنصوص عليها في قانون الإمارات العربية المتحدة لحماية البيانات. يشرح إشعار حماية البيانات هذا؛ كيفية جمع بياناتك الشخصية، واستخدامها والإفصاح عنها، والاحتفاظ بها، وحمايتها.
(2) متى يتم تطبيق إشعار حماية البيانات هذا؟
ينطبق إشعار حماية البيانات هذا على بياناتك الشخصية التي نجمعها ونستخدمها ونعالجها في سياق المعاملة التي تقوم بها عند زيارة موقعنا الإلكتروني www.nusr-et.com.tr كزائر لموقع الويب أو طالب عمل أو عميل أو عميل محتمل.
" العملية" في سياق إشعار حماية البيانات هذا تعني أي عملية أو مجموعة من العمليات التي يتم إجراؤها على البيانات الشخصية باستخدام أي وسيلة إلكترونية، بما في ذلك المعالجة وغيرها من الوسائل. تتضمن هذه المعالجة جمع البيانات الشخصية أو تخزينها أو تسجيلها أو تنظيمها أو تكييفها أو تعديلها أو تعميمها أو تغييرها أو استرجاعها أو تبادلها أو مشاركتها أو استخدامها أو توصيفها أو الكشف عنها عن طريق بثها أو نقلها أو توزيعها أو إتاحتها أو تنسيقها أو دمجها أو تقييدها أو حظرها أو محوها أو تدميرها أو إنشاء أشكال منها.
(3) كيف نجمع البيانات الشخصية؟
يمكننا أن نحصل على معلوماتك الشخصية من المصادر التالية:
أ) منك مباشرة: على سبيل المثال، في وقت الاشتراك، أو التسجيل في أي خدمة من الخدمات المقدمة على موقعنا الإلكتروني، بما في ذلك على سبيل المثال لا الحصر؛ قوائم البريد الإلكتروني، أو استخدام الخدمات التفاعلية، أو تنزيل المحتوى، أو طلب المزيد من السلع أو الخدمات.
ب) من جهازك أو متصفحك: البيانات التي يتم جمعها تلقائيًا (والتي ستختلف اعتمادًا على إعدادات متصفحك) بواسطة متصفحك أو جهازك، على سبيل المثال؛ عنوان IP لمزود خدمة الإنترنت الخاص بك، ونظام التشغيل الذي تستخدمه، واسم متصفحك للإنترنت وإصداره. المعلومات التي يقدمها المتصفح الخاص بك لا تحدد هويتك شخصيًا.
ج) من المراسلات معنا: على سبيل المثال، عن طريق البريد الإلكتروني، أو أي شكل رقمي أو إلكتروني آخر، بما في ذلك وسائل التواصل الاجتماعي.
(4) فئات البيانات والأغراض الشخصية والأساس القانوني للمعالجة:
يمكننا أن نقوم بمعالجة بياناتك الشخصية بطرق مختلفة. ونحن في جميع الحالات ملتزمون بحماية بياناتك الشخصية وخصوصياتك، في كل من العناوين الفرعية المدرجة أدناه، نصف كيفية حصولنا على بياناتك الشخصية وكيفية تعاملنا معها.
(4-1) المتقدمين للوظائف
(4-2) العميل
(4-3) العميل المحتمل
(4-1) المتقدمين للوظائف:
يجوز لنا جمع البيانات الشخصية المتعلقة بالمتقدمين للوظائف المعلن عنها على موقعنا الإلكتروني.
(4-1-1) البيانات الشخصية التي نجمعها ونعالجها:
فئة البيانات الشخصية | البيانات الشخصية |
تفاصيل التعريف: | الاسم واللقب وتاريخ الميلاد ومكان الميلاد ورقم الهوية / الرقم الضريبي والجنسية ورخصة القيادة والحالة الاجتماعية. |
بيانات المتصل: | رقم الهاتف وعنوان البريد الإلكتروني ومعلومات العنوان. |
المعلومات الشخصية: | السيرة الذاتية، تفاصيل العمل / الأداء، تفاصيل كشوف المرتبات، سجلات شهادة التوظيف، المهارات المهنية / الشخصية، رقم التسجيل. |
الخبرة المهنية: | تفاصيل الدورة المأخوذة وتفاصيل التعليم المهني والشهادات وتفاصيل المهنة. |
التسجيلات المرئية والصوتية: | الصور الفوتوغرافية والتسجيلات الصوتية والسجلات المرئية (مثل تسجيلات الفيديو وما إلى ذلك). |
(4-1-2) لماذا نجمع بياناتك الشخصية وما هي أسسنا القانونية في ذلك؟
الغرض من معالجة البيانات | الأساس القانوني |
إنشاء أرشيف السيرة الذاتية للمرشح للتوظيف | موافقتك المسبقة. |
تنفيذ عملية تقديم طلب الموظف المرشح عبر الإنترنت | موافقتك المسبقة. |
التحقق من أداء المرجع | موافقتك المسبقة. |
التحقق من سجلات شهادات التدريب | موافقتك المسبقة. |
(4-1-3) ما هي المدة التي نحتفظ فيها ببياناتك الشخصية؟
سنحتفظ ببياناتك الشخصية ونعالجها فقط طالما كان ذلك ضروريًا للأغراض التي تم جمعها من أجلها. إذا كنت ناجحًا وقمنا بتوظيفك، فسنحتفظ بسيرتك الذاتية كجزء من سجل الموظف الخاص بك طوال فترة عملك معنا. لن نحتفظ بالسير الذاتية والمستندات المقدمة من قبل المرشحين غير الناجحين، إلا إذا وافقوا على ذلك، ولمدة محددة لا تزيد عن ستة أشهر، والاحتفاظ بها لمدة أطول مرهون بموافقتهم.
(4-2) العميل:
يمكننا أن نقوم بجمع البيانات الشخصية المتعلقة بعملائنا الحاليين.
(4-2-1) البيانات الشخصية التي نجمعها ونعالجها:
فئة البيانات الشخصية | البيانات الشخصية |
تفاصيل التعريف | الاسم واللقب وتاريخ الميلاد ورقم الهوية / رقم الضريبة ورخصة القيادة والتوقيع. |
بيانات المتصل | رقم الهاتف وعنوان البريد الإلكتروني. |
المعلومات الشخصية | رقم التسجيل ومعلومات التعليم وشهادة سجلات التوظيف، والمهارات المهنية / الشخصية. |
خبرتك المهنية | تفاصيل التعليم المهني والشهادات وتفاصيل المهنة. |
التسجيلات المرئية والصوتية | صورة فوتوغرافية. |
تفاصيل المركبة | معلومات لوحة المركبة |
فئات بياناتك الشخصية | البيانات الصحية (التفاصيل الصحية الشخصية، تفاصيل الإعاقة. |
(4-2-2) لماذا نجمع بياناتك الشخصية وما هي أسسنا القانونية في ذلك؟
الغرض من معالجة البيانات | الأساس القانوني |
عملية الحجز المفتوح | موافقتك المسبقة. |
مراقبة المتطلبات الأساسية للصحة والسلامة المهنية للمورِّد والمقاول من الباطن والزائر | المتطلبات الإلزامية بموجب مراسيم أو قوانين الإمارات و / أو لوائح البلدية التي تفرض استخدام كاميرات المراقبة في المطاعم في الإمارات المعنية. |
|
قد تعتبر بعض المعلومات التي نجمعها (مثل المعلومات الصحية) تحت عنوان الفئات الخاصة من البيانات الشخصية ضمن تعريف البيانات الشخصية الحساسة بموجب قانون حماية البيانات. هناك بيانات شخصية يتم منحها حماية قانونية إضافية بسبب الطبيعة الحساسة لهذه البيانات. لن يتم منعنا من معالجة هذه البيانات للغرض المحدد الذي أوضحناه لك شريطة أن توافق صراحة على ذلك، ونقوم بمعالجة هذه البيانات لغرض مشروع وبطريقة قانونية.
(4-2-3) ما هي المدة التي نحتفظ فيها ببياناتك الشخصية؟
سنقوم بمعالجة بياناتك الشخصية فقط طالما كان ذلك ضروريا للأغراض التي تم جمعها من أجلها فيما يتعلق بتوفير الخدمة لك، ما لم يكن لدينا حق قانوني أو التزام بالاحتفاظ بالبيانات لفترة أطول، أو كانت البيانات ضرورية لإنشاء أو ممارسة أو دفاع عن المطالبات القانونية.
(4-3) العميل المحتمل:
يمكننا أن نقوم بجمع البيانات الشخصية المتعلقة بعملائنا المحتملين.
(4-3-1) البيانات الشخصية التي نجمعها ونعالجها:
فئة البيانات الشخصية | البيانات الشخصية |
تفاصيل التعريف | الاسم واللقب |
بيانات المتصل | رقم الهاتف وعنوان البريد الإلكتروني. |
فئات بياناتك الشخصية | التفاصيل الصحية الشخصية. |
(4-3-2) لماذا نجمع بياناتك الشخصية وما هي أسسنا القانونية في ذلك؟
الغرض من معالجة البيانات | الأساس القانوني |
عملية الحجز المفتوح | موافقتك المسبقة. |
قد تعتبر بعض المعلومات التي نجمعها (مثل المعلومات الصحية) تحت عنوان الفئات الخاصة من البيانات الشخصية ضمن تعريف البيانات الشخصية الحساسة بموجب قانون حماية البيانات. هناك بيانات شخصية يتم منحها حماية قانونية إضافية بسبب الطبيعة الحساسة لهذه البيانات. لن يتم منعنا من معالجة هذه البيانات للغرض المحدد الذي أوضحناه لك شريطة أن توافق صراحة على ذلك، ونقوم بمعالجة هذه البيانات لغرض مشروع وبطريقة قانونية.
(4-3-3) ما هي المدة التي نحتفظ فيها ببياناتك الشخصية؟
سنقوم بمعالجة بياناتك الشخصية فقط طالما كان ذلك ضروريا للأغراض التي تم جمعها من أجلها فيما يتعلق بتوفير الخدمة لك، ما لم يكن لدينا حق قانوني أو التزام بالاحتفاظ بالبيانات لفترة أطول، أو كانت البيانات ضرورية لإنشاء أو ممارسة أو دفاع عن المطالبات القانونية.
(5) مع من تتم مشاركة البيانات الخاصة بك؟
في البندين (5) و(6) من إشعار حماية بيانات موقع الويب هذا، يكون للكلمات التالية المعاني التالية: -
" المنتسب" تعني فيما يتعلق شركة مطعم نصرت المحدودة وشركة D المساهمة لتجارة وتسويق اللحوم ومنتجاتها، (Nusret Restaurant LLC or D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş) أي شخص يتحكم أو يتم التحكم به بشكل مباشر أو غير مباشر، أو يسيطر أو يخضع لسيطرة الرقابة عليه بشكل مباشر أو غير مباشر، مع أي من الشركتين بشكل مشترك أو غير مشترك. " التحكم" الذي يتعلق بأي من الشركتين (Nusret Restaurant LLC أو D Et ve Et Ürünleri Gıda Pazarlama Tic. A.Ş) في هذا التعريف تعني سلطة توجيه إدارة وسياسات هذا الشخص، بشكل مباشر أو غير مباشر، سواء من خلال ملكية السندات المالية التي لها حق التصويت، أو بموجب عقد أو غير ذلك. ومصطلحات " السيطرة" و " الخضوع للرقابة" لهما معاني مرتبطة بما سبق. " الشركة التابعة لسوق البر الرئيسي لدولة الإمارات العربية المتحدة" تعني شركة تابعة مسجلة في سوق البر الرئيسي لدولة الإمارات العربية المتحدة. " الشركة غير التابعة لسوق البر الرئيسي لدولة الإمارات العربية المتحدة" تعني شركة تابعة مسجلة خارج سوق البر الرئيسي لدولة الإمارات العربية المتحدة. " الشخص" يعني أي شخص طبيعي أو مؤسسة أو شركة ذات مسؤولية محدودة أو صندوق استئماني أو مشروع مشترك أو جمعية أو شركة أو شراكة أو سلطة حكومية أو كيان آخر.
نحن لا نبيع بياناتك الشخصية إلى أطراف ثالثة.
قد نشارك بياناتك الشخصية مع الشركات التابعة لسوق البر الرئيسي لدولة الإمارات العربية المتحدة، وغير التابعة لسوق البر الرئيسي لدولة الإمارات العربية المتحدة؛ لأننا نتشارك نفس أنظمة إدارة الضيوف وتكنولوجيا المعلومات. عمليات النقل والمشاركة هذه تخضع لاتفاقيات متوافقة مع الاختصاص القضائي بين الشركات التابعة لسلامة وسرية البيانات الشخصية.
مزودي الخدمة:
يجوز لنا الكشف عن معلوماتك للمؤسسات التي تقدم خدمة لنا، مما يضمن أنها ملزمة تعاقديا بالحفاظ على سرية بياناتك الشخصية وسوف تمتثل لقانون حماية البيانات الشخصية، والنظام الأوروبي العام لحماية البيانات GDPR، وأي قوانين أخرى ذات صلة بحماية البيانات.
قد نشارك معلوماتك مع الأنواع التالية من مقدمي الخدمات:
أ) مقدمو الدعم الفني الذين يساعدون في موقعنا الإلكتروني وبنيتنا التحتية لتكنولوجيا المعلومات.
ب) مقدمو البرامج الخارجيون، حيث يستضيف المزود البيانات الشخصية ذات الصلة نيابة عنا.
ج) المستشارون المحترفون مثل المحامين والمحاسبين والمستشارين الضريبيين ومدققي الحسابات ووسطاء التأمين.
د) مقدمو الخدمات الذين يساعدوننا في إنشاء وتجميع المراجعات فيما يتعلق بسلعنا وخدماتنا.
ه) وكالاتنا الإعلانية والترويجية ومستشارونا والمنظمات أو المنصات عبر الإنترنت التي اخترناها لتنفيذ حملات تسويقية نيابة عنا (على سبيل المثال، فيسبوك وغوغل وإنستغرام).
و) مقدمو الخدمات الذين يساعدوننا في تقديم خدماتنا.
ز) شركاؤنا التجاريون في البر الرئيسي لدولة الإمارات العربية المتحدة وخارج البر الرئيسي لدولة الإمارات العربية المتحدة.
هيئات إنفاذ القانون أو الهيئات الحكومية
يجوز لنا الكشف عن بياناتك الشخصية للسلطات المعنية، على النحو الذي يسمح به القانون، من أجل التحقيق في الأنشطة غير القانونية أو الاحتيال المشتبه به أو انتهاك حقوق الملكية الفكرية الخاصة بنا أو المواقف التي تنطوي على تهديدات محتملة للسلامة الجسدية لأي شخص أو انتهاك الشروط والأحكام أو الاتفاقيات الأخرى أو منعها أو اتخاذ إجراء بشأنها، وفقا لما يقتضيه القانون.
(6) نقل البيانات الشخصية خارج سوق البر الرئيسي لدولة الإمارات العربية المتحدة
نحن نشارك البيانات الشخصية مع البائعين الخارجيين أو مقدمي الخدمات أو الموردين الذين نتعامل معهم لأداء الخدمات أو الوظائف نيابة عنا وبموجب تعليماتنا. عندما يكون هؤلاء البائعون موجودين داخل البر الرئيسي لدولة الإمارات العربية المتحدة (أي ليس داخل منطقة تجارة حرة مثل مركز دبي المالي العالمي DIFC أو سوق أبو ظبي العالمي)، فإننا نضمن أنهم ملزمون تعاقديا بالامتثال لقانون حماية البيانات. عندما تكون موجودة خارج دولة الإمارات العربية المتحدة، سنضمن نقل بياناتك الشخصية فقط إلى ولاية قضائية خارج البر الرئيسي لدولة الإمارات العربية المتحدة إذا كانت تلك الولاية القضائية لديها مستويات مناسبة من الحماية لهذا النوع من البيانات الشخصية، مما يعني أن لديها تشريعات لحماية البيانات الشخصية تتضمن أهم الأحكام والتدابير والضوابط والأحكام والقواعد المتعلقة بحماية خصوصية وسرية البيانات الشخصية لموضوع البيانات، وقدرته على ممارسة حقوقه القانونية. كما نضمن في عقودنا مع هذه المنظمات أنها تعالج البيانات الشخصية فقط بشكل قانوني وعادل وبطريقة شفافة، وفقا لتعليماتنا، ومن أجل توفير الخدمات المتفق عليها وحماية سلامة وسرية بياناتك الشخصية الموكلة إليها.
(7) روابط لمواقع إلكترونية أخرى
قد يحتوي موقعنا على روابط لتمكينك من زيارة مواقع أخرى ذات أهمية بسهولة. ومع ذلك، بمجرد استخدامك لهذه الروابط ومغادرة موقعنا، يجب أن تلاحظ أنه ليس لدينا أي سيطرة على هذا الموقع الآخر. لذلك، لا يمكننا أن نكون مسؤولين عن حماية وخصوصية أي معلومات تقدمها أثناء زيارة هذه المواقع، ولا تخضع هذه المواقع لإشعار حماية البيانات هذا. لدى Nusr-et وجود على وسائل التواصل الاجتماعي (فيسبوك وتويتر ويوتيوب وغيرها) ويمكنك التفاعل معنا من خلال حساباتك الحالية على وسائل التواصل الاجتماعي وفقا لسياسات الخصوصية ذات الصلة.
(8) الحقوق المترتبة على حماية بياناتك الخاصة:
لديك الحقوق التالية فيما يتعلق ببياناتك الشخصية:
× الحق في الحصول على المعلومات: يحق للأفراد طلب المعلومات التي تحتفظ بها المؤسسة عنهم، والتي تشمل البيانات الشخصية الخاصة بهم التي يتم جمعها، وكيفية استخدامها، والقرارات المتخذة بناء على المعالجة الآلية، والقطاعات أو المؤسسات المستهدفة داخل وخارج دولة الإمارات العربية المتحدة التي سيتم مشاركة بياناتهم الشخصية معها، والضوابط والمعايير الخاصة بفترة تخزين بياناتهم الشخصية والحفاظ عليها، تدابير الحماية للمعالجة عبر الحدود، والإجراءات التي يتعين اتخاذها في حالة حدوث خرق أو إساءة استخدام لبياناتهم الشخصية، وكيفية تقديم الشكاوى إلى مكتب البيانات في دولة الإمارات العربية المتحدة (بمجرد إنشائه).
× الحق في التصحيح أو المحو: يملك الأفراد الحق في تصحيح البيانات غير الدقيقة أو غير المكتملة. في ظروف معينة، يمكن للأفراد أن يطلبوا من المؤسسات محو أي بيانات شخصية مخزنة تتعلق بهم.
× الحق في طلب النقل: يحق للأفراد تلقي بياناتهم المقدمة إلينا بطريقة منظمة وقابلة للقراءة آلياً، طالما أن المعالجة تستند إلى موافقتهم، أو كانت ضرورية لتنفيذ التزام تعاقدي، ويتم تنفيذها بوسائل آلية. يمكن للأفراد أيضاً أن يطلبوا من المؤسسة نقل أي بيانات تحتفظ بها عنهم إلى شركة أخرى، شريطة ألا ينتهك هذا النقل حقوق أي أفراد آخرين.
× الحق في تقييد المعالجة: يمكن للأفراد أن يطلبوا من المؤسسة الحد من استخدام بياناتهم الشخصية وإيقافها.
× الحق في إيقاف المعالجة: يحق للأفراد الاعتراض على أنواع معينة من المعالجات، مثل التسويق المباشر.
× معالجة الحقوق والمعالجة الآلية بما في ذلك التنميط: يحق للأفراد الاعتراض على أي قرار يعتمد فقط على المعالجة الآلية، بما في ذلك التنميط، والذي ينتج عنه عواقب قانونية تتعلق به، أو عواقب أخرى ذات تأثير خطير، والمطالبة بمراجعة هذا القرار يدوياً.
× الحق في سحب الموافقة: يجوز للأفراد سحب الموافقة على معالجة بياناتهم الشخصية في أي وقت عن طريق إخطارنا.
(9) كيف يمكن سحب موافقتك؟
إن كنت توافق على معالجتنا لبياناتك الشخصية، يرجى ملاحظة أنه يمكنك سحب هذه الموافقة في أي وقت. من أجل سحب الموافقة، يرجى الاتصال عبر privacy@nusr-et.com.tr ويرجى ملاحظة أنه لا يمكن سحب موافقتك إلا لأنشطة المعالجة المستقبلية، وليس لهذا السحب أي تأثير على قانونية أنشطة المعالجة السابقة. في بعض الحالات، قد يحق لنا على الرغم من انسحابك الاستمرار في معالجة بياناتك الشخصية على أساس قانوني مختلف.
(10) تحديث إشعار حماية البيانات
نحن نحتفظ بالحق في تحديث إشعار حماية البيانات هذا في أي وقت. سنخبرك بالتغييرات من خلال نشر الإصدار المحدث من إشعار حماية البيانات. نحن ملتزمون بحماية خصوصيتك واحترامها، وسنواصل القيام بذلك في أي تغييرات مستقبلية نجريها على إشعار حماية البيانات هذا.
(11) كيف تتواصل معنا وكيف يمكنك ممارسة حقوقك القانونية؟
إن كانت لديك أسئلة حول إشعار حماية البيانات الخاص بنا، أو إن كنت ترغب في تقديم شكوى حول خرق محتمل لبياناتك الشخصية، أو ممارسة أحد حقوق حماية البيانات الخاصة بك، يرجى الاتصال بنا كما هو موضح أدناه.
تواصل معنا:
عنوان البريد الإلكتروني للشركة: privacy@nusr-et.com.tr
إن كانت لديك أي مخاوف بشأن كيفية معالجتنا لبياناتك الشخصية، فلا تتردد في الاتصال بمسؤول حماية البيانات لدينا، وهو بدوره سيحقق في الأمر ويعود إليك عن طريق إرسال بريد إلكتروني إلى privacy@nusr-et.com.tr
إن كنت لا تزال غير راض بعد ردنا، أو تعتقد أننا لا نستخدم معلوماتك الشخصية بما يتماشى مع القانون، يحق لك أيضا تقديم شكوى إلى منظم حماية البيانات في البلد الذي تعيش أو تعمل فيه.