BG7

Sonotek Information Technology Policies

As Sonotek Information Technologies; we position information security, personal data protection, service quality and customer satisfaction at the centre of all our business processes. In the services we offer to our customers, we adopt a transparent and sustainable management approach that complies with national and international standards.

With the policies and practices we have established in this context; we are committed to ensuring the security of information assets, protecting personal data in accordance with the legislation, continuously improving our service quality and maximising customer experience. The shared policies clearly and understandably set out our responsibilities towards our customers and our working principles.

Information Security Policy

Purpose and Scope

Sonotek Information Technologies' information security policy has been established to ensure the security of business processes and customer information, to protect information assets and to ensure full compliance with information security standards.

This policy covers all departments, employees and business partners and protects all information assets including customer information, business processes and technological infrastructure.

Compliance with Information Security Standards

  • Full compliance with information security standards in the MSP sector
  • Compliance with national and international regulations

Customer Information Security

  • Protecting the confidentiality and security of customer information
  • Sharing information only with authorised persons
  • Regular updating of access controls

Employee Training and Awareness

  • Regular trainings on information security
  • Programmes to raise security awareness

Management of Information Assets

  • Identification and categorisation of all information assets
  • Careful protection of sensitive customer information
  • Implementation of risk-based protection strategies

Access Controls

  • Access only for authorised personnel
  • Periodic review of access levels

Encryption and Secure Communication

  • AES-256 and TLS 1.2/1.3 encryption protocols
  • Security measures in data transmission and storage

Incident Management

  • Incident management process for information security breaches
  • Rapid detection, notification and response plans

Physical Security

  • Office and data centre security measures
  • Access control systems and monitoring mechanisms

KVKK (Personal Data Protection Law) Policy

Purpose and Scope

To protect customer and employee personal data effectively, to ensure full compliance with KVKK and to ensure data security.

Basic Principles

Personal Data Processing Conditions

  • Processing within the scope of explicit consent, contract or legal obligation
  • Data processing in accordance with the rules of public morality
  • Necessary procedures for the establishment, utilisation and protection of rights

Fair and Accountable Processing

  • Data processing for legitimate purposes
  • Transparent process management
  • Commitment to the principle of accountability

 

Data Security

  • Technical and organisational safety measures
  • Rapid detection and prevention of data security breaches

Related Person Rights

  • Right to information, rectification, erasure
  • Right to object to processing
  • Respect for all rights recognised under the LPPD

Data Breach Notification

  • Notification to relevant organisations within 72 hours
  • Regular review of breach results

Quality Policy

Purpose and Scope

To ensure customer satisfaction by providing high quality service, to adopt a culture of continuous improvement and to implement the best practices in the sector.

Basic Principles

Customer Satisfaction Orientation

  • Understanding and exceeding customer expectations
  • Continuous improvement based on feedback
  • Proactive service approach

High Service Quality

  • Compliance with industry standards and best practices
  • Full compliance with SLA (Service Level Agreements) commitments

Continuous Improvement

  • Regular review of business processes
  • Investment in staff training and development
  • Systematic evaluation of opportunities for improvement

Technological Innovation

  • Follow-up and application of new technologies
  • Innovation-oriented working environment
  • Presenting current solutions to customers

Teamwork and Human Resources

  • Promoting a culture of co-operation
  • Support for continuous development of staff
  • Evaluation of the contribution of each employee

Business Continuity and Security

  • Regular updating of business continuity plans
  • Continuous improvement of information security measures

Customer Service Policy

Purpose and Scope

To increase customer satisfaction, ensure effective communication and promote transparency in customer service.

Principles and Practices

Fast and Effective Response

  • Minimising the first contact time
  • Solution orientated approach
  • 24/7 support accessibility

Professionalism and Courtesy

  • Use of professional language in all communications
  • Compliance with the rules of respect and courtesy

Transparency

  • Clear and concise information about services
  • Transparency in pricing and contract terms

Proactive Service Approach

  • Pre-detection of potential problems
  • Preventive maintenance and monitoring services

Customer Training

  • Regular trainings on the services provided
  • Documentation and sourcing

Feedback Management

  • Systematic collection of customer feedback
  • Improvement plans based on feedback
  • Continuous improvement of customer experience
We use cookies to serve you better.