Logo
Bites Logo

Personal Data Retention and Destruction Policy

This policy has been prepared in accordance with the Personal Data Protection Law No. 6698 and related regulations, in order to define the methods and responsibilities regarding the retention, destruction, and anonymization of personal data.

1. Purpose

It is aimed to store the data only for the necessary period, and then to delete, destroy or anonymize them securely.

2. Scope

Personal data processed by BİTES automatically or non-automatically as part of a data recording system are within the scope of this policy.

3. Definitions and Abbreviations

  • Destruction: Deletion, destruction, or anonymization processes
  • Recording Medium: Digital or physical environments where data is stored
  • Periodic Destruction: Automatic destruction processes carried out at certain intervals

5. Recording Medium and Security Measures

Data is stored in environments such as servers, disks, and paper documents. BİTES implements all necessary technical and administrative measures in accordance with standards such as ISO/IEC 27001.

Technical Measures

  • Network and application security
  • Encryption, backup, cybersecurity software
  • Authorization control systems
  • Data masking and log management

Administrative Measures

  • Employee training and confidentiality agreements
  • Corporate policies and procedures
  • Physical security measures
  • Data security audits

6. Retention and Destruction Explanations

Data is retained for periods stipulated by legislation. When the processing purpose ends or the retention period expires, it is deleted, destroyed, or anonymized.

7. Methods of Destruction

  • Deletion: User access is completely blocked
  • Destruction: Physical destruction processes are applied
  • Anonymization: Made irreversible

8. Retention and Destruction Periods

Sample periods:

  • Identity / Contact: 10 years
  • Personnel: 15 years
  • Legal Transaction: 2 years
  • Biometric Data: 1 month
  • Visual Records: 6 months

9. Personal Data Committee

It is the unit that oversees the implementation of the policy.

Relevant questions can be directed to kvkk@bites.com.tr.

10. Update and Compliance

This policy may be updated in line with legal changes and technological developments.