Schedule a Meeting
Next4biz Legal
Privacy
Commitment to the Personal Data
Protection Law & Regulations

COMMITMENT TO THE PERSONAL DATA PROTECTION LAW & REGULATIONS

Next4biz declares to comply with Turkish Law No. 6698 on the Protection of Personal Data (“KVKK”) and other applicable laws and regulations such as General Data Protection Regulation (“GDPR”) when we process personal data in the European Union region and California Consumer Privacy Act (“CCPA”) when we process personal data in the USA. 

I. PURPOSE OF PROCESSING PERSONAL DATA

Next4biz offers online services and products in the digital environment by providing licenses to the software it develops for process management, customer relations, and customer services. Therefore, Next4biz processes personal data only in case of necessity  for its software to function as a platform that helps organizations design and manage their customer relations and business processes. The personal data is processed only within the scope of purposes described in the contract and protected by Next4biz in accordance with Law No. 6698 in Türkiye (VERBIS – Personal Data Metadata and Pattern Definition Legal Platform) and in accordance with GDPR and CCPA as well. In the event that the purpose for processing personal data no longer exists, Next4biz destroys the personal data. Next4biz destroys personal data upon formal request of the data subject and the data controller as well. Save for legal exceptions mentioned in the law such as the data  processor’s obligations to keep the data for a limited period of time.

II. ENSURING INFORMATION SECURITY

Next4biz implements various administrative and technical measures to prevent unauthorized access to personal data and to comply with Law on the Protection of Personal Data (no. 6698) in Türkiye   and to comply with GDPR and CCPA. 

We ensure to take necessary technological, physical, and administrative measures in means of information security components. Next4Biz carefully develops security policies and apply standards for information security management complied with ISO27001 and ISO27701 and standards for personal data protection complied with BS10012. Next4biz manages the information security management system and undertakes activities to control, prevent, and monitor.

Next4biz is in direct contact with its corporate customers (data controllers) using its products and services. However, no direct contact occurs between Next4biz and data subjects/ end users benefiting from the Next4biz products and services through next4biz’s corporate customers. If these data subjects request to access, alter or erase information stored on our products, they should directly contact their data controllers.

All employee contracts at Next4biz include particular clauses on information security and privacy. We take care to recruit reliable, competent, and customer-oriented people who are aware and capable of fulfilling privacy and legal requirements.

III. STORAGE AND TRANSFER OF PERSONAL DATA

As part of the customer services, customer relations, and process management software that Next4biz provides, the personal data of data subjects who are clients to our corporate customers is stored and processed in a digital environment. Instead of being stored in the headquarters, the data is kept in digital format in highly secure data centers where the services are provided.

In line with the aforementioned purposes and scope, Next4biz may transfer the processed personal data within the conditions described in the law and/or the consent of the data subjects to third parties if the processing is required for the customer’s benefit, for the fulfillment of the requested level of service, for on-site R&D activities, and for data troubleshooting and relevant support activities.

IV. PROCESSING OF SPECIAL CATEGORIES OF PERSONAL DATA

Next4biz does not process special categories of  personal data of third parties (including the data subject’s race; ethnicity; political opinions; philosophical beliefs; religion or other beliefs; appearance or clothing; memberships to associations, foundations or trade unions; medical conditions; sexual life; criminal convictions and security measures; and biometric and genetic data) unless clear consent is provided in compliance with relevant laws.

Next4biz software is a product that offers Customer Relations, Customer Services, and Business Process Management features. We implement and update all necessary administrative and technical precautions to ensure the protection of personal data. However, next4biz is not a product developed to process special categories of personal data.

We highly recommend our customers not to load and process special categories of personal data and give detailed reasons for that in the document named: Article 8 of the Important Notices on the Management of Personal Data When Adapting and Using the next4biz Product.  

V. DESTRUCTION OF PERSONAL DATA

Our Company retains the personal data it collects and stores it for the duration of its legal obligations set forth in the relevant Law or for the duration of its legal obligations arising from any contract and from protecting our legitimate interests.  

If this purpose and execution is fulfilled or eliminated, or through our corporate customer or directly upon the request of the person concerned, destruction/anonymization processes are carried out in accordance with the time and processing methods defined in Verbis, ensuring that the integrity of the data is protected.

Within the scope of periodic destruction, for the data which Next4Biz has the status of data controller, anonymization/destruction processes are carried out with a digital report, within the scope of the personal data determined as a result of the scanning processes, complying with the periods and processes defined in Verbis.  

For the status of data processor, the relevant data controller will be responsible for data destruction/anonymization. Periodic scanning and destruction processes are carried out in accordance with the periods and processes defined in Verbis, within the scope of personal data with the status of data processor and whose corporate service contract has terminated.

VI. RESPONSIBILITIES OF NEXT4BIZ

Next4biz is responsible for fulfilling  this commitment to protect personal data and privacy as part of  its services and products. Accordingly, we act in compliance with the Law on the Protection of Personal Data.

  • Our employees are informed about their obligation to refrain from  disclosing any personal data they obtained as part of their jobs to any third parties. They are also aware of the rule that forbids using personal data outside of its intended purpose, and they understand that they remain liable even after the termination of their employment contract.
  • All necessary administrative and technical precautions are implemented to prevent the illegal processing of and access to personal data, and to ensure the security of information.
  • Our Company takes all available and necessary technological precautions to process personal data, to store it in safe environments, and to prevent its loss or modification.
  • In compliance with relevant laws , our Company conducts internal audits regularly and obtains the services of independent cyber security companies to conduct penetration tests on the safety measures in place.
  • In the event that any personal data processed by our Company is obtained illegally by others despite all the necessary precautions implemented by us, we inform the data subject and the data controller of the situation.
  • If the data subjects wish to use their rights granted in Article 11 of Law No. 6698, or to get information about their personal data, request its destruction or other action from us, they must send their written and signed requests to Next4biz Bilgi Teknolojileri A.Ş. Sahrayı Cedit Mahallesi Halk Sokak Pakpen Plaza No.: 40/4 , or send an email to [email protected] or to our registered email address [email protected] with a secure electronic signature. Requests are only processed following the verification of identity of the data subject.

Next4biz Bilgi Teknolojileri A.Ş.

We use cookies in accordance with legal regulations to improve our services and your experience on our site. By clicking "I Understand" button, you accept our cookie policy. You can go to settings to edit your cookie preferences.
Our Cookie Policy and Your Privacy

Necessary Cookies

Always enabled
Necessary cookies enable the basic functions of the website to ensure that it operates as intended. The website cannot function properly without these cookies.
Our Cookie Policy Our Privacy Policy

Functionality and Analytics Cookies

Functionality and analytics cookies aim to provide a more functional usage experience in future visits based on users' past use of the website. These cookies enable websites to offer personalized services such as language and region preferences by processing statistics and activity data.
Our Cookie Policy Our Privacy Policy

Targeting and Performance Cookies

Targeting and performance cookies are cookies that anonymously collect visitors' usage information and preferences related to the website, thereby enhancing the website's performance and improving user experiences based on visitor preferences.
Our Cookie Policy Our Privacy Policy

Advertising Cookies

Advertising cookies are third-party cookies used on websites to track visitors' behaviors. The purpose of these cookies is to display advertisements that are relevant and appealing to the visitors' needs.
Our Cookie Policy Our Privacy Policy