KVK KİŞİSEL VERİLERİN KORUNMASI

PROTECTION OF PERSONAL DATA

Within the scope of this explicit consent declaration and the detailed Information Text presented to me at the link http://www.tivitify.com, which I have read and understood, and which I accept and declare;

I consent to the collection, recording and storage of my personal data by the Vocational Qualifications Authority and the certification body authorized by MYK and TIVITIFY within the scope of the relationship between us, in accordance with the principles of the Personal Data Protection Law No. 6698.
I accept and declare that I have read the entire detailed information text and that I have been informed by TIVITIFY regarding the personal data that TIVITIFY will request from me and the methods of collecting this data; the personal data that is related to me and will be stored/recorded and the personal data that is related to me and will be transferred to third parties/institutions; the processing purposes regarding all processing means and the transfer purposes regarding all transfers; and the rights I have pursuant to Article 11 of the Personal Data Protection Law No. 6698.

DELETION, DESTRUCTION AND ANONYMIZATION OF PERSONAL DATA

TIVITIFY OBLIGATION TO DELETE, DESTROY AND ANONYMIZE PERSONAL DATA

As regulated in Article 138 of the Turkish Penal Code and Article 7 of the KVKK, personal data is deleted, destroyed or made anonymous upon our company's own decision or upon the request of the personal data owner, even though it has been processed in accordance with the relevant legal provisions, if the reasons requiring processing are eliminated. In cases where our company has the right and/or obligation to preserve personal data in accordance with the provisions of Article 5, paragraph (2) of the KVK Law, the right not to fulfill the request of the data owner is reserved.

TECHNIQUES FOR DELETION, DESTRUCTION AND ANONYMIZATION OF PERSONAL DATA

Methods for Deleting and Destroying Personal Data The methods for deleting and/or destroying personal data are listed below:
1. Physical Destruction: Personal data can also be processed by non-automatic means, provided that it is part of any data recording system. When such data is deleted/destroyed, a system of physical destruction of personal data is applied in a way that it cannot be used later.
1. Secure Deletion from Software: When deleting/destroying data that is processed by fully or partially automatic means and stored in digital environments, methods are used to delete the data from the relevant software in a way that it cannot be recovered again.
1. Secure Deletion by an Expert: In some cases, TIVITIFY may engage an expert to delete personal data on its behalf. In this case, personal data will be securely deleted/destroyed by the expert in this matter in a way that it cannot be recovered again.
Definition of Anonymization of Personal Data Anonymization of personal data refers to the process of making personal data in a way that it cannot be associated with an identified or identifiable natural person, even when matched with other data. Our Company may anonymize personal data when the reasons requiring the processing of personal data processed in accordance with the law are eliminated. In accordance with Article 28 of the PDP Law; anonymized personal data may be processed for purposes such as research, planning and statistics. Such processing is outside the scope of the PDP Law and the explicit consent of the personal data owner will not be sought. Since the personal data processed by anonymizing will be outside the scope of the PDP Law, “The rights of the personal data owner will not be in question here.
1. Methods of Anonymizing Personal Data The anonymization techniques most commonly used by our Company are listed below.
  1. Masking: Data masking is a method of anonymizing personal data by removing the basic identifier information of personal data from the data set. Example: Transforming the data set into a data set where it becomes impossible to identify the personal data owner by removing information such as name, Turkish ID Number, etc. that allow the identification of the personal data owner.
  1. Aggregation: With the data aggregation method, many data are aggregated and personal data is rendered incapable of being associated with any person. For example: Revealing that there are customers from age X to age Z without showing the ages of the customers one by one.
  1. Data Derivation: With the data derivation method, a more general content is created from the content of personal data and personal data is made in a way that it cannot be associated with any person. For example: Indicating ages instead of birth dates; specifying the region of residence instead of full address.
  1. Data Hashing: Data hashing is used to break the connection between the values and the individuals by mixing the values in the personal data set. Example: Changing the quality of the voice recordings so that the sounds cannot be associated with the data owner.