Personal Data Retention And Destruction Policy
Official Policy
Personal Data Retention and Destruction Policy
Vibroser Seramik İnş. San. ve Tic. Ltd. Şti.
This policy outlines how personal data is stored, protected, and destroyed in compliance with KVKK (Law No. 6698).
1. Purpose of the Policy
This policy ensures that personal data is processed and protected in accordance with legal requirements.
2. Storage Environments
Electronic Environments
- Servers and computers
- Cloud storage systems
- Email systems
- Mobile devices
- USB drives
Physical Environments
- Archives
- File rooms
- Folders
3. Reasons for Data Retention
- Legal obligations
- Contractual requirements
- Business continuity
- Employee rights management
4. Data Protection Measures
Technical Measures
- Firewall and antivirus systems
- Encryption
- Access control
Administrative Measures
- Employee training
- Confidentiality agreements
- Periodic audits
5. Data Destruction Methods
- Deletion
- Physical destruction
- Anonymization
6. Retention Periods
| Data Category | Retention Period |
|---|---|
| Identity & Contact | 10 Years |
| Employee Data | 10 Years |
| Legal Records | 5-10 Years |
| Security Cameras | 1 Month |
| Health Data | 15 Years |
7. Periodic Destruction
Data destruction is carried out every 6 months (June and December).
8. Personnel
Authorized personnel manage compliance and reporting processes.
9. Revision
Updates are published on the official website.
10. Enforcement
This policy enters into force upon publication.