In the digitalizing world, "data" is the new oil. However, protecting this valuable resource is both a legal obligation and a matter of reputation for companies. Travel processes are an area where extremely sensitive data such as passport photocopies, ID numbers, credit card information, and travel routes are processed. The circulation of this data in email attachments or insecure Excel files is a serious crime under GDPR (General Data Protection Regulation). Kurumsal.pro protects your data with military-grade encryption.
Sensitive Data Management and Risks
An employee's passport photo or visa documents falling into the hands of malicious people can lead to Identity Theft. The leakage of your company's travel plans can give trade secrets (such as which client is being visited) to your competitors.
In traditional methods (Email, WhatsApp), data is copied and stored uncontrolled. It is impossible to know who accessed which data and when.
Legal Sanctions
In case of GDPR violations, companies may face administrative fines amounting to millions. Also, the cost of reputation loss is immeasurable.
Kurumsal.pro Security Architecture
Our system adopts a multi-layered security approach to protect your data:
End-to-End Encryption
Your data is encrypted with SSL/TLS while traveling from your browser to our servers. It is stored encrypted in the database in AES-256 standard (Encryption at Rest).
Access Management (RBAC)
Not everyone can see every data. With role-based access control, only authorized personnel are ensured to access relevant data. For example, a sales person cannot see the passport of a person in another department.
Masking and Anonymization
Only certain digits of credit card numbers and ID numbers are shown (e.g., **** **** **** 1234). The full number is used by the system only at the time of transaction.
Audit Log
Who viewed or changed which data in the system and when? All transactions are logged. It is possible to trace back in case of a possible security breach.
International Standards
Kurumsal.pro holds the ISO 27001 certificate, the world's most respected standard for information security. In addition, our PCI-DSS compliance for payment systems security is complete. Your credit card information is not stored on our servers, but in the secure vaults of banks.
Frequently Asked Questions
Where is our data stored?
Your data is stored in redundant servers in Tier-3 certified data centers within the borders of Turkey in accordance with GDPR/KVKK.
Is there two-factor authentication (2FA)?
Yes. For your account security, you can mandate the SMS code sent to your mobile phone or email verification (2FA) in addition to your password when logging into the system.
What happens to the data when an employee leaves?
You can deactivate the account of an employee who leaves with a single click. Due to the "right to be forgotten" under GDPR, personal data can be anonymized or deleted upon request.