fbpx

STORAGE AND DESTRUCTION POLICY of PERSONAL DATA

CONTENTS

  1. PURPOSE AND SCOPE OF THE POLICY
  2. DEFINITIONS
  3. DATA RECORDING MEDIUM
  4. EXPLANATIONS ON PROCESSING, STORAGE, ADMINISTRATIVE AND TECHNICAL PRECAUTIONS AND CONDITIONS REQUESTING DESTRUCTION

          4.1 Descriptions on Storage

                        4.1.1 Legal Reasons for Storage

                        4.1.2 Processing Tools for Storage

          4.2 Reasons for Destruction

  1. PERSONAL DATA DESTRUCTION TECHNIQUES

          5.1. Deletion of Personal Data

          5.2 Destruction of Personal Data

          5.3 Anonymization of Personal Data

           5.3.1 Anonymization Techniques

  1. DURATION OF THE STORAGE AND DESTRUCTION OF PERSONAL DATA
  2. PERIODIC DESTRUCTION TIME
  3. FINAL PROVISIONS

 

  1. PURPOSE AND SCOPE OF THE POLICY

This Personal Data Storage and Data Destruction Policy (hereinafter referred to as the “Policy”), The Personal data kept by Petek TATLI MÜLLER as the data controller, in accordance with the Law on Protection of Personal Data No. 6698 (hereinafter referred to as “KVKK” or “Law”) and other legislation containing special provisions, the processes of storing, deleting, destroying and anonymizing personal data in accordance with the Law and the Regulation on the Deletion, Destruction or Anonymization of Personal Data (hereinafter referred to as the “Regulation”) and the relevant legislation, have been prepared in order to determine the procedures and principles about the law and to fulfill the obligations under the Law and related legislation. In this context, personal data and sensitive personal data may be processed with the express consent of the person concerned, in accordance with the procedures and principles set forth in the Law and other relevant legal regulations. Exceptions in legal regulations are reserved. In addition, the services offered by Petek TATLI MÜLLER are provided by applying the rules of Turkish Law within the scope of the Republic of Turkey, and the provisions of the European Union General Data Protection Regulation (“GDPR”) are taken into account for Service Users and related persons who are citizens of the European Union or within the scope of European Union legislation.

In case of conflict in the implementation process of this Policy, the provisions of the Law and the Regulation and the decisions of the Personal Data Protection Authority will be applied in order of priority.

Revisions that may occur in this Policy or the legislation will be added to the policy by specifying the date and subject and will be considered as an integral part of the policy after the necessary announcements are made.

Work and transactions regarding the storage and destruction of personal data are carried out by Petek TATLI MÜLLER in accordance with this Policy which has been prepared in this direction. This Policy applies to all recording media where personal data is processed within Petek TATLI MÜLLER and to all activities related to personal data processing.

  1. DEFINITIONS
Express Consent  The consent is about a specific subject, based on the information and expressed with free will.
Anonymization It is the making of personal data that cannot be associated with an identified or identifiable natural person in any way, even by matching with other data.
Employee Petek TATLI MÜLLER’s Employee
Electronic media These are the environments where personal data can be created, read, changed, and stored with electronic devices.
Non-Electronic media All written, printed, visual, etc. media other than electronic media.
Related Person The real person whose personal data is processed.
Related User Except for the person or unit responsible for technical storage, protection, and backup of the data, they are the persons who process personal data within the organization of the data controller or in line with the authorization and instruction received from the data controller.
Destruction It is the deletion, destruction, or anonymization of personal data.
Law Law No. 6698 on the Protection of Personal Data
Recording Medium It is an environment where personal data is processed wholly or partially, by automated or non-automated means which provided that it is a part of any data recording system.
Personal Data Any information relating to an identified or identifiable natural person.
Processing of Personal Data Obtaining, recording, storing, preserving, changing, rearranging, disclosing, transferring, taking over, making available, classifying or preventing the use of personal data in whole or in part by automatic or non-automatic means provided that it is a part of any data recording system, any operation performed on the data, is considered as the processing of personal data.
Authority It is the Personal Data Protection Board established under the Law on Protection of Personal Data No. 6698.
Board It is the Personal Data Protection Board established under the Law on Protection of Personal Data No. 6698.
Sensitive personal data It is the data about race, ethnic origin, political opinion, philosophical belief, religion, sect or other beliefs, appearance, membership to associations, foundations or unions, health, sexual life, criminal convictions and security measures, and biometric and genetic data of individuals.
Periodic Destruction It is the deletion, destruction, or anonymization process that will be carried out ex officio at repetitive intervals and specified in the personal data storage and destruction policy, in case of all the processing conditions of personal data in the Law are eliminated.
Policy Personal Data Storage and Destruction Policy
Data Processor Natural person or legal entity who processes personal data on behalf of the data controller, based on the authority given by the data controller.
Data Controller Natural persons or legal entities who determine the purposes and means of processing personal data and are responsible for the establishment and management of the data recording system.
Regulation Regulation on the Deletion, Destruction or Anonymization of Personal Data published in the Official Gazette dated 28 October 2017

 

  1. DATA RECORDING MEDIUM

Personal data is stored securely in accordance with the law in the environments listed in the table below.

Electronic media Non – Electronic media
·       Servers (email, website)

·       Software (Office software)

·       Information security devices (Firewall, antivirus)

·       Mobile devices (phone, tablet)

·       Optical discs (CD, DVD)

·       Personal computers (laptop)

·       Removable memories (USB, Memory card,flash disk.)

·       Printer, scanner, photocopier

·       Paper

·       Manual data recording systems (Service Recipient file, personnel file)

·       Written, printed and visual media

 

  1. EXPLANATIONS ON PROCESSING, STORAGE, ADMINISTRATIVE AND TECHNICAL PRECAUTIONS AND CONDITIONS REQUESTING DESTRUCTION

In Article 4 of the Law, it is stated that personal data should be related to the purpose for which they are processed, limited and measured, and should be kept for the period required for the purpose for which they are processed or stipulated in the relevant legislation; in Articles 5 and 6, the processing conditions of personal data are listed.

Within the scope of our service purposes provided by Petek TATLI MÜLLER, within the scope of the services we provide, including the use of the site https://www.yeswecanhealtogether.com/   in general, in order to maintain the services, fulfill the legal obligations, operate the processes with business partners, securely in physical or electronic media, Personal data is processed within the limits specified in the Law and relevant legislation.

Personal data related to health and sexual life, however, can be processed without seeking the express consent of the person concerned or authorized institutions and organizations for the purpose of protecting public health, preventive medicine, conducting a medical diagnosis, treatment and care services, planning and managing health services and financing.

 

In cases regulated by the law, we also process sensitive personal data other than health and sexual life without express consent.

 

We process all your other private and sensitive personal data with your express consent. In this context; your health data, sexual life data, and genetic data in your health data which is related to service will be processed with your express consent.

 

Our purposes for processing personal data are detailed within the scope of the Petek TATLI MÜLLER Personal Data Protection and Processing Clarification Text.

  • Descriptions on Storage

Personal data processed within the framework of our activities are stored for a period of time stipulated in the relevant legislation or suitable for our processing purposes.

The explanation and information regarding the technical and administrative measures that we have taken as Petek TATLI MÜLLER to store personal data securely and to prevent unlawful processing and access are detailed in Petek TATLI MÜLLER’s Clarification Text on the Protection and Processing of Personal Data.                  

4.1.1. Legal Reasons for Storage

Personal data processed within the framework of our activities are kept for the period stipulated in the relevant legislation.

In this case; within the scope of

  • Law No. 6698 on the Protection of Personal Data
  • Turkish Code of Obligations No. 6098
  • Law No. 6502 on the Protection of Consumers
  • Labor Law No. 4857
  • Other relevant regulations and other secondary regulations in force under these laws;

personal data are kept until the end of the storage periods stipulated in the framework.

4.1.2. Processing Tools for Storage

Both the sensitive personal data and the general personal data you share can be processed for the following purposes;

  • Fulfilling our legal obligations Law No. 6502 on the Protection of Consumers and other relevant regulations,
  • Preserving your data within the scope of our contractual responsibilities,
  • Providing online service
  • Preserving information about your health data, which must be kept within the scope of the relevant legislation
  • Sharing the requested information with the Ministry of Youth and Sports and the Ministry of Health and other public institutions and organizations when deemed necessary in accordance with the relevant legislation
  • Being able to provide information to prosecution offices, courts, and relevant public officials on matters related to public security and legal disputes, upon request and in accordance with the legislation.
  • Finance planning and management for service providing
  • Taking all necessary technical and administrative measures within the scope of data security
  • Development of services, making analysis, risk management and evaluation of quality processes, management of legal processes
  • Being able to inform you about the appointment if you make one
  • Monitoring and preventing abuse and unauthorized transactions
  • Issuing self-employment receipts in return for our services
  • Verification of your identity
  • Being able to answer all your questions and complaints about the service
  • Measuring and improving satisfaction, training and developing our employees
  • Performing risk management and quality improvement activities
  • Providing information by the Marketing, Media and Communication departments, designing and transmitting special content, tangible and intangible benefits in web and mobile channels
  • Reasons for Destruction

Personal data is deleted, destructed or anonymized by Petek TATLI MÜLLER or upon the request of the person concerned, in the following cases:

  • Amendment and repeal of the provisions of the relevant legislation, which are the basis for the processing, storage, and destruction of personal data
  • The disappearance of the purpose that requires the processing or storage of personal data
  • In cases where the processing of personal data takes place only on the condition of express consent, the relevant person withdraws his/her consent.
  • When the request for the deletion or destruction of the personal data of the person concerned within the framework of legal rights is reviewed and approved by the data controller
  • In cases where the data controller rejects the application made to him by the data subject with the request of deletion, destruction or anonymization of his personal data, or applicant’s answer is found to be insufficient or he does not respond within the period stipulated in the Law; Complaining to the Board and approval of this request by the Board
  • Although the maximum period for storing personal data has passed, when there is no requirement to store personal data for a longer period of time.

 

  1. PERSONAL DATA DESTRUCTION TECHNIQUES

Petek TATLI MÜLLER preserves personal data only for the stipulated period of time in the relevant legislation or for the purpose for which they are processed. In this context; first of all, it is determined whether a period is foreseen for the storage of personal data in the relevant legislation. If a period is determined, it is acted in accordance with this period; if not determined, personal data is stored for the period required for the purpose for which they are processed. In case of expiration of the period or the disappearance of the reasons requiring its processing, in accordance with this Policy, Petek TATLI MÜLLER deletes, destruct, and anonymizes personal data ex officio or upon the application of the person concerned.

All transactions related to the deletion, destruction, and anonymization of personal data are recorded and these records are kept for at least 3 (three) years, excluding other legal obligations.

5.1 Deletion of Personal Data

Deletion of personal data is the process of making personal data inaccessible and non-reusable in any way. Deleted data cannot be accessed and used by the relevant users, except for the data controller. A relevant person is all other employees except for those who are responsible for storing, archiving, and backing up data. Deletion is the process of rendering the relevant user unable to perform any of the personal data processing activities such as not being able to access, take any action on, correct or change, delete, transfer, see and read or share personal data in any way. Shortly, deletion is not a direct deletion; but the keep, storage, backup and archiving of processed personal data for protection purposes.

Petek TATLI MÜLLER takes technical and administrative measures to prevent this business unit (the relevant user) from processing the relevant personal data, after the purpose and storage period required for the processing of personal data of the relevant business unit within its own organization has expired. Relevant personal data cannot be deleted, destroyed, or anonymized before the end of the processing purposes and storage periods required for the same personal data of other business units within the Petek TATLI MÜLLER organization.

If the existence of personal data is related to possible claims arising from contractual, commercial, legal, administrative transactions, Data is retained during the statute of limitations for the mentioned transaction. If a conflict arises between the request and our policy in this regard, a written application is made to the Authority in order to resolve the conflict, and action is taken in line with the policy decision.

By using an access authorization and control matrix or a similar system, the relevant users are identified for each personal data, and the authorizations and methods of the users such as access, retrieval, and reuse are determined. Subsequently, the process regarding the closing and elimination of the access, return, re-use authorization, and methods of the relevant users within the scope of personal data is carried out.

If the deletion of personal data will result in the inability to access and use other data that do not need to be deleted within the system;

Provided that:

  1. Archiving personal data by making it anonymous or,
  2. Taking all necessary technical and administrative measures to ensure that personal data is not accessible to any other institution, organization or person and that only authorized persons can access it,

personal data will be deemed deleted.

 

Data Recording Medium Explanation
Personal Data on Servers The system administrator removes the access authorization of the relevant users and deletes the personal data on the servers for those whose period of time has expired
Personal Data in Electronic Media Among the personal data in the electronic environment, the ones whose period of time has expired are rendered inaccessible and non-reusable for other employees, except for the database manager. It is deleted by using the delete commands it provides (such as del, remove-item, rm) or by using software that implements these commands. It is sufficient to delete the relevant user.
Personal Data in Physical Media and Personal Data in Paper Media For those whose period of time has expired from the personal data kept in the physical environment; it is made inaccessible and not reusable in any way for other employees, except for the unit manager responsible for the document archive. It should be stored in archive/storage/storage areas or in the relevant parts of these areas, where the relevant user cannot access and examine. Relevant users should not enter these storage areas and should not take any action on the personal data contained therein. Or, in certain parts of the storage/storage/archive areas, deletion should be carried out by keeping them in locked areas that cannot be accessed by anyone except the archive responsible.
Personal Data in Portable Media For those whose period of time has expired from the personal data kept in flash-based storage media; It is stored in secure environments with encryption keys encrypted by the system administrator and only the system administrator is authorized to access it.
Personal Data in the Cloud Environment Personal data stored in the cloud operating system can be deleted by using the delete commands (such as del, remove – item, rm) provided by the cloud operating system, similar to the deletion of personal data in electronic media, or by using software that implements these commands. By changing the encryption key used for accessing the cloud environment, deletion can also be performed by removing users’ access to the mentioned environment.

 

In terms of Service Recipients and related persons who are within the scope of GDPR, taking account of the principle of proportionality of the right to be forgotten, which is related to the right to deletion within the scope of GDPR provisions; It will be evaluated with the issues related to the purpose and necessity of collecting and processing the relevant personal data, whether it is a legitimate reason, unlawful data processing, and sensitive groups such as children.

In addition, In terms of the Service Recipients who are within the GDPR application area and related persons, there are also conditions for the right to restrict data processing and also when possible in terms of KVKK, data restriction may be requested in the following cases.

These situations are:

  • In cases where he/she objects to the accuracy of personal data, during the examination period of the relevant objection,
  • In cases where the processing activity is illegal when the person requests the restriction of the data, not the deletion of the data
  • In cases where the relevant personal data is no longer needed for the purpose of processing, but the person concerned needs this data for a legal claim,
  • When the data subject has an objection, the legitimate reason of the data controller and the legitimate reason of the person concerned are evaluated as much as this evaluation process

In terms of the Service Recipients who are within the GDPR application area and related persons, Within the scope of the GDPR provisions, by taking into account of the right to data portability proportionality principle, It will be evaluated according to concrete demand. In cases where Petek TATLI MÜLLER has a legitimate interest as a data controller or in cases where a legal obligation is fulfilled, the right to data portability will not be enforced.

The explanations regarding the right to be forgotten, the right to data restriction, and the right to data portability within the scope of GDPR also apply to the sections of data destruction and anonymization.

  • Destruction of Personal Data

Destruction of personal data is the process of rendering personal data inaccessible, irretrievable or non-reusable by anyone, in any way.

Data Recording Medium Explanation
Personal Data in Physical Environment The data for those whose period of time has expired from the personal data kept in the paper media is irreversibly destroyed in the paper clipping machines. If the papers are scanned and transferred to the electronic environment, the destruction process is carried out by choosing the appropriate method of magnetization, physical destruction, or overwriting according to the electronic environment conditions they are in. In addition, the process of blackening is applied by drawing/painting / wiping in a way that cannot be read. The blackening process is done by cutting the personal data on the relevant document when possible; and in cases where it is not possible, making it invisible to the relevant users by using fixed ink, which cannot be read by means of technological solutions
Personal Data in Optical / Magnetic Media For those whose period of time has expired from the personal data kept in optical media and magnetic media, The physical destruction of the personal data, such as melting, burning or pulverizing, is applied. In addition, magnetic media is passed through a special device and the data on it is rendered unreadable by exposing it to a high magnetic field.
Personal Data in Electronic Media Among the personal data in the electronic environment, the ones whose period of time has expired are deleted by using the delete commands it provides (such as del, remove-item, rm) or by using software that implements these commands. It is sufficient to delete the relevant user.

 

  • Anonymization of Personal Data

Anonymization of personal data makes it impossible to associate personal data with an identified or identifiable natural person in any way, even if it is matched with other data. In order for Petek TATLI MÜLLER to anonymize personal data; by the data controller, the recipient or groups of recipients; Personal data must be rendered unrelated to an identified or identifiable natural person, even by using appropriate techniques for the recording medium and the relevant field of activity, such as returning the data and matching the data with other data.

The circumstances under which personal data will be anonymized and which method will be chosen for the anonymization process are determined by the data controller according to the characteristics of the transaction and necessary technical measures are taken accordingly.

When choosing the anonymization method; the nature of the data, the size of the data, the structure of the data in the physical environment, the diversity of the data, the desired benefit/purpose of processing from the data, the frequency of processing the data, the reliability of the party to which the data will be transferred, the meaningful effort to make the data anonymized, the magnitude of the damage that may arise if the anonymity of the data is broken, domain, distribution/centrality ratio of the data, access authorization control of the users to the relevant data, the possibility of the effort to be spent to construct and implement an attack that will disrupt anonymity are taken into account.

  • Anonymization Techniques

a) Masking

It is making the person unidentifiable by the deletion or starring of certain areas of personal data. As a sample; Starring part of the TR ID number (19**********).

b) Aggregation / Cumulative Data Creation

It refers to cumulating the data and then reflecting its total values. As a sample; The number of female patients who applied was X and 30% of the number had a university degree and 70% had a master’s degree.

c) Data Derivation

It is the obtaining of more general data by changing the existing detailed data. As a sample; Such as writing the date of birth as an age range (20-25 years) instead of day/month/year details.

d) Data Mix

It means mixing the values in the data set and then destroying the ability to detect people without damaging the total benefit. As a sample; In a community where the average age is desired, the values showing the age of the people are exchanged with each other and the data is mixed and the access to that person is eliminated.

  • DURATION OF THE STORAGE AND DESTRUCTION OF PERSONAL DATA

When determining the retention period of personal data, obligations brought by legal regulations are taken into account. Except for legal regulations, the storage period is determined by taking into account the purposes of processing personal data. In the case of the purpose of data processing disappears; if there is no legal reason or basis that allows the data to be kept; the data is deleted, destroyed, or anonymized.

If the purpose of processing personal data has ended and If the storage periods determined by the relevant legislation and Petek TATLI MÜLLER have also come to an end; Personal data can only be stored to provide evidence in possible legal disputes or to assert the right related to personal data or to establish a defense. With the statute of limitations for asserting the right mentioned in the establishment of the periods herein, despite the statute of limitations, Storage periods are determined on the basis of the examples in the precedent requests made before on the same subjects. These times are shown in the table below. After these periods expire; personal data is deleted, destructed, or anonymized.

In the event of the period stipulated in the legislation regarding the storage of the subject personal data has expired or no period has been stipulated in the relevant legislation regarding the storage of the subject data; The data is deleted, destroyed or anonymized by the data controller in 6-month periods.

Unless a contrary decision is taken by the Authority, Petek TATLI MÜLLER chooses the appropriate method of deleting, destructing, or anonymizing personal data.

When the person concerned applies to Petek TATLI MÜLLER to request the deletion or destruction of his/her personal data, the relevant request is evaluated according to whether the conditions for processing personal data have been lifted or not. If the processing conditions for personal data are completely eliminated, Petek TATLI MÜLLER deletes, destruct, or anonymizes the personal data subject to the request. If the processing conditions of personal data are not completely eliminated, the relevant request is rejected by explaining the reason. In any case, requests are finalized within 30 days and notified to the relevant person.

 

DATA TYPE DETAILS STORAGE PERIOD DESTRUCTION TIME
Regarding the Service Recipient (name, surname, ID No or passport No, date of birth, health data, genetic data related to health data, sexual life data, e-mail, address, marital status / partner information, in online service; image, voice, data within the scope of the interview) 20 years from the end of the legal relationship with the Service Recipient. At the first periodic destruction time following the end of the storage period.
Payment Instruments Information Regarding Service Recipient and Billing (IBAN, Credit Card Data, Billing Data)

 

10 years from the end of the legal relationship with the Service Recipient At the first periodic destruction time following the end of the storage period
Data Regarding the Service Recipient Candidate (name and surname, telephone, e-mail) If an appointment is not given to the service recipient candidate until the result of the appointment evaluation, all records are deleted. At the first periodic destruction time following the end of the storage period

 

  • PERIODIC DESTRUCTION TIME

Petek TATLI MÜLLER has determined the destruction period as 6 months. Accordingly, periodic destruction is carried out on a regular basis in June and December each year.

 

  • FINAL PROVISIONS

This Policy was approved on 28.10.2021 It will be valid and binding as of this date. Announcement and execution of this policy will be carried out by data.

 

Version Release date Change Description
1 28.10.2021

 

Prepared by  

Reviewed by

 

Approved by