Privacy Policy

Last Updated: 09.06.2025

1. Introduction

This Privacy Policy explains how MGA SAĞLIK HİZMETLERİ TURİZM VE DANIŞMANLIK TİCARET LİMİTED ŞİRKETİ, operating as Carefree Holiday (“we,” “us,” or “our”), collects, uses, discloses, and safeguards your personal information when you visit our website (carefree-holiday.com), use our services, or participate in our holiday programs.

We are committed to protecting your privacy and handling your data with transparency and care. This policy outlines your rights regarding your personal information and our obligations to you.

2. Information We Collect

2.1 Personal Information You Provide to Us

When you book our services or register for our programs, we may collect:

• Contact information (name, email address, phone number, postal address)
• Identification information (passport details, national ID numbers)
• Payment information (credit card details, bank account information)
• Medical information (health conditions, disabilities, allergies, medications, dietary requirements)
• Special need details relevant to providing appropriate services
• Emergency contact information
• Travel details (arrival and departure information)
• Accommodation preferences
• Biographical information about you and family members traveling with you

2.2 Information We Collect Automatically

When you visit our website, we may automatically collect:

• IP address and geographic location
• Browser and device information
• Browsing activity and patterns
• Cookie data (see our Cookie Policy section)
• Referring websites or sources

2.3 Special Categories of Personal Data

Due to the nature of our services for individuals with special needs, we may collect sensitive personal data, including:

• Health information
• Disability status and details
• Medical history relevant to your care
• Dietary requirements
• Psychological or behavioral needs

We collect this information only with your explicit consent and solely for the purpose of providing appropriate services and ensuring your safety and well-being during your stay.

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Provision

• Processing your bookings and reservations
• Customizing our services to meet your specific needs
• Arranging appropriate accommodations and activities
• Providing necessary care and support during your stay
• Communicating with you about your booking or stay

3.2 Business Operations

• Processing payments and maintaining financial records
• Managing our business operations
• Training our staff to better serve clients
• Improving our services and developing new offerings
• Analyzing usage patterns and preferences

3.3 Communication

• Responding to your inquiries and requests
• Sending booking confirmations and updates
• Providing information about your upcoming stay
• Sending newsletters or promotional materials (with your consent)
• Seeking your feedback through surveys

3.4 Legal Compliance

• Complying with legal obligations
• Responding to legal requests and preventing harm
• Enforcing our terms and conditions

4. Legal Basis for Processing

We process your personal information based on one or more of the following legal grounds:

• Contract Performance: Processing necessary for the performance of our contract with you
• Legitimate Interests: When processing is necessary for our legitimate interests, provided these interests don’t override your fundamental rights
• Legal Obligation: When processing is necessary to comply with our legal obligations
• Consent: When you have given us explicit consent to process your data, particularly for sensitive information

5. Sharing Your Information

We may share your information with:

5.1 Service Providers

• Accommodation providers
• Transportation companies
• Medical professionals or care providers
• Activity and excursion providers
• Payment processors
• IT service providers

5.2 Legal Requirements

• Government authorities when required by law
• Law enforcement agencies when legally obligated
• Regulatory bodies when mandated

5.3 Business Transfers

• In connection with a business transition (merger, acquisition, or asset sale)

We require all third parties to respect the security of your personal data and to treat it in accordance with applicable laws.

6. International Data Transfers

We operate primarily in Turkey and may transfer your data to countries where we operate or where our service providers are located. When transferring data outside of the European Economic Area (EEA) or your country of residence, we ensure appropriate safeguards are in place to protect your information, including:

• Standard contractual clauses approved by the European Commission
• Binding corporate rules for transfers within our company group
• Your consent for certain transfers
• Necessary transfers for the performance of a contract

7. Data Security

We implement appropriate security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data
• Regular security assessments
• Staff training on data protection
• Access controls and authentication procedures
• Secure networks and systems

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including:

• Providing our services
• Meeting legal, regulatory, tax, accounting, or reporting requirements
• Resolving disputes
• Enforcing our agreements

When deciding retention periods, we consider:

• The amount, nature, and sensitivity of the personal data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data
• Whether we can achieve those purposes through other means
• Legal requirements

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right to Access: Request copies of your personal information
• Right to Rectification: Request correction of inaccurate information
• Right to Erasure: Request deletion of your data in certain circumstances
• Right to Restrict Processing: Request limiting the processing of your data
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing of your personal data
• Rights Related to Automated Decision Making: Not be subject to decisions based solely on automated processing
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data

To exercise these rights, please contact us using the details provided at the end of this policy. We may need to request specific information from you to help us confirm your identity.

10. Cookie Policy

Our website uses cookies and similar technologies to distinguish you from other users and enhance your experience.

10.1 Types of Cookies We Use

• Essential Cookies: Required for the operation of our website
• Analytical/Performance Cookies: Allow us to recognize and count the number of visitors
• Functionality Cookies: Recognize you when you return to our website
• Targeting Cookies: Record your visit to our website, the pages you visited, and the links you followed

10.2 Cookie Control

Most web browsers allow control over cookies through browser settings. You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies.

11. Children’s Privacy

Our services are intended for families, including children with special needs. We collect information about children only with parental or guardian consent and solely for the purpose of providing appropriate care and services.

If you believe we have collected information from a child without appropriate consent, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website with a prominent notice or by directly sending you a notification. We encourage you to periodically review this policy for the latest information on our privacy practices.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

• Email: info@carefree-holiday.com
• Phone: +90 546 523 92 35
• Address: Duacı Mah. 9250 Sk. Aykavital Park No: 7 Kepez Antalya, Turkey

Data Protection Officer: You can contact our Data Protection Officer at info@carefree-holiday.com

14. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the supervisory authority in your country of residence or the country in which the alleged infringement occurred. For residents of the European Union, please visit the European Data Protection Board website to find your appropriate national authority.

We would, however, appreciate the chance to address your concerns before you approach a supervisory authority, so please contact us in the first instance.