Places To See
Profile
menu icon Login
Other
 

Privacy Policy

Your privacy and data protection are our top priorities

Last Updated: August 19th, 2025

Welcome to istanbul.com!

ALOHA VENTURES LTD, a company registered in England and Wales with its registered office at 2 Eliot Gardens, SW15 5NB London – UK ("Aloha Ventures", "we", "us", "our"), operates istanbul.com and is the controller of your personal data.

We are committed to protecting your privacy and handling your data in an open and transparent manner, in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (EU GDPR). This Privacy Policy explains how we collect, use, share, and safeguard your personal data when you use our services.

1

Data We Collect

We collect the following categories of personal data:

Identity Data

Name, surname, nationality, date of birth (if required for a booking).

Contact Data

Email address, phone number, WhatsApp number.

Booking Data

Details of tickets, passes, tours, and other products purchased, dates, preferences.

Payment Data

Billing address, payment card details (processed securely by Stripe; we do not store full card numbers).

Technical Data

IP address, browser type, device information, cookies, location data.

Communications Data

Interactions with our support team, marketing consents, review requests.

2

How We Use Your Data

We process your personal data for the following purposes and legal bases:

Performance of Contract

To process bookings, issue tickets, deliver products, provide customer support.

Legal Obligation

To comply with tax, accounting, fraud prevention, and consumer protection laws.

Legitimate Interests
  • To improve our services and user experience
  • To request reviews or feedback
  • To inform you about similar products or services you have purchased
  • To protect against misuse or fraud
Consent

To send you marketing communications via email or WhatsApp, including offers, promotions, and review requests.

3

Sharing of Data

We may share your personal data with:

  • Suppliers/Partners: tour operators, attractions, and service providers, to deliver your booking.
  • Payment Provider: Stripe, for secure payment processing.
  • IT & Marketing Providers: hosting, analytics, communication tools (email and WhatsApp).
  • Group Companies: other Aloha Ventures entities, including Istanbul Tourist Pass, for marketing and customer relationship purposes (always subject to the same safeguards and your opt-out rights).
  • Authorities: where required by law, regulation, or court order.

Important: We do not sell your personal data to third parties.

4

International Transfers

As a UK company, we may transfer your personal data outside the UK or EEA (e.g., to suppliers in Türkiye). Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or UK authorities.

5

Data Retention

We retain your personal data only as long as necessary:

7 Years: Booking and financial records (for legal and tax compliance).
Until Unsubscribe: Marketing data (until you withdraw consent or unsubscribe).
Up to 3 Years: Customer support communications (unless longer period required).
6

Your Rights

Under UK GDPR and, where applicable, EU GDPR, you have the following rights:

 
Access: To obtain a copy of your data.
 
Rectification: To correct inaccurate or incomplete data.
 
Erasure: To request deletion of your data ("right to be forgotten").
 
Restriction: To limit processing in certain circumstances.
 
Portability: To receive your data in a structured, commonly used format.
 
Objection: To processing based on legitimate interests or for direct marketing.

Withdraw Consent: At any time where processing is based on consent (e.g., marketing via email or WhatsApp).

If you wish to exercise these rights, please contact us at [email protected].

7

Cookies

We use cookies and similar technologies to:

  • Enable website functionality
  • Analyse traffic and usage
  • Personalise content and marketing

You can manage cookies through your browser settings. For more details, please see our Cookie Policy.

8

Security Measures

We use industry-standard technical and organisational measures to protect your personal data, including encryption, access controls, and secure hosting.

However, no method of transmission over the internet is entirely secure, and we cannot guarantee absolute security.

9

Children

Our services are not directed at children under 18. We do not knowingly collect data from children under 13 in the UK, or under the applicable age of digital consent in other jurisdictions.

If we learn that we have collected data from a child without appropriate consent, we will delete it.

10

Data Protection Officer and Representative

We are not currently required to appoint a Data Protection Officer under UK GDPR.

If we become subject to such a requirement, or if EU GDPR Article 27 requires us to appoint an EU Representative for EEA customers, we will publish the details on our website.

11

Complaints

If you have concerns about our use of your personal data, please contact us first at [email protected]. We will seek to resolve your complaint promptly.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK, or with your local data protection authority in the EEA.

12

Updates to this Policy

We may update this Privacy Policy from time to time. Changes will be posted on istanbul.com with the updated date.

If we make material changes, we will notify you by email or a notice on our Platform.

13

Contact Information

For any questions, requests, or complaints regarding your data, please contact us:

Get in touch

[email protected]