BDDK sızma testi nedir?

BDDK sızma testi, Bankacılık Düzenleme ve Denetleme Kurumu'nun bankalara ve finansal kuruluşlara yönelik zorunlu kıldığı periyodik güvenlik denetimidir. Bu testler, bankacılık sistemlerinin siber saldırılara karşı direncini ölçer ve regülasyon uyumunu belgeler.

EPDK sızma testi ne sıklıkla yapılır?

EPDK düzenlemelerine göre enerji sektöründeki kritik altyapı işletmecileri yılda en az bir kez sızma testi yaptırmakla yükümlüdür. OT/SCADA sistemlerini kapsayan testler özel metodoloji gerektirir.

SPK sızma testi kim için zorunludur?

SPK düzenlemeleri kapsamında aracı kurumlar, portföy yönetim şirketleri ve diğer sermaye piyasası kuruluşları düzenli sızma testi yaptırmakla yükümlüdür.

TSE 13638 sertifikalı firma olmanın avantajı nedir?

TSE 13638 standardı, sızma testi hizmeti sunan firmaların akredite edilmesi için Türkiye'de uygulanan ulusal standarttır. TSE 13638 sertifikalı firmalarla çalışmak, yasal yükümlülüklerin karşılanmasını ve denetim süreçlerinde belgesel güvence elde edilmesini sağlar.

Sızma testi fiyatı nasıl belirlenir?

Sızma testi fiyatı; testin kapsamına, hedef sistem sayısına, test süresine, regülasyon gereksinimlerine (BDDK, EPDK, SPK, TSE, PCI-DSS) ve raporlama derinliğine göre değişir. Netlore Security ücretsiz ön görüşme ile kurumunuza özel fiyatlandırma sunar.

Home / Privacy Policy

Legal · KVKK & GDPR

Privacy Policy

The security of your personal data is our priority. This page explains what data we process and why, who we share it with, how long we retain it, and your rights.

Data Controller

For the purposes of this privacy policy, the data controller of your personal data is Netlore Security.

Address: Barbaros Mah. Ihlamur Bul. Ağaoğlu My Newwork No:3/15, 34750 Ataşehir/İstanbul
Email: [email protected]
Phone: +90 (216) 606 12 91

Overview

At Netlore Security, we are committed to protecting the privacy and security of your personal data. This policy explains the information we collect, our processing purposes and legal bases, sharing, retention periods, and your rights.

We fulfill all our legal obligations under the Turkish Personal Data Protection Law No. 6698 (KVKK) and the European Union General Data Protection Regulation (GDPR).

Data We Collect

Contact Information: First name, last name, email address, phone number
Company Information: Company name, industry, position
Contact Form Data: Messages and requests you submit via the contact form (stored on Supabase infrastructure)
Technical Information: IP address, browser type, pages visited (only if you have granted analytics cookie consent)
Communication History: Your correspondence and requests with us

Purposes of Processing

Responding to your service requests and providing support
Carrying out contract and project management processes
Developing and improving our services
Fulfilling our legal obligations
Conducting marketing and analytics activities within the scope of your explicit consent

Legal Bases

Your personal data is processed on the following legal bases:

Performance of a contract: Operations required for service delivery and project management (GDPR Art. 6(1)(b))
Legal obligation: Retention and notification duties arising from law (GDPR Art. 6(1)(c))
Legitimate interest: Service security and improvement (GDPR Art. 6(1)(f))
Consent: Analytics cookies and marketing communications (GDPR Art. 6(1)(a))

Sharing with Third Parties

Your data may be shared, to a limited extent, with the following infrastructure and service providers for the provision of the service; your data is never sold to third parties for marketing:

Google Analytics: Website usage statistics — loaded only when you grant analytics cookie consent.
Supabase: Database infrastructure where contact form messages are stored.
Cloudflare: Website hosting, content delivery (CDN) and security infrastructure.

For detailed information about cookies, see our Cookie Policy.

International Transfers

Some of the above service providers may host servers abroad. In such cases, the transfer of your personal data abroad is carried out in accordance with the conditions required by KVKK/GDPR (your explicit consent or the provision of appropriate safeguards).

Retention Period

Your personal data is retained for as long as the processing purpose requires and for the statutory retention periods stipulated in the relevant legislation. At the end of these periods, your data is deleted, destroyed, or anonymized.

Your Rights

Under KVKK Art. 11 and GDPR, you have the following rights:

Learn whether your personal data is being processed
Request information if it has been processed
Learn the purpose of processing and whether it is used accordingly
Know the third parties to whom data is transferred, domestically or abroad
Request correction if processed incompletely or inaccurately
Request erasure or destruction
Request that correction, erasure and destruction be notified to third parties
Object to a result against you arising from automated analysis
Claim compensation if you suffer damages due to unlawful processing

Exercising Your Rights

To exercise the rights above, you can send your requests to [email protected] or our contact page. Your requests will be resolved as soon as possible and within 30 days at the latest.

Data Security

We take industry-standard technical and administrative measures to ensure the security of your personal data:

SSL/TLS encryption
Secure data storage systems
Access controls and authorization
Regular security audits
Employee training and confidentiality agreements

Cookies

In addition to strictly necessary cookies, our website uses functional and analytics cookies only with your explicit consent. You can manage your cookie preferences at any time via the cookie banner on the site. For details, see our Cookie Policy.

Last Updated: June 22, 2026

This privacy policy may change. In case of significant changes, notification will be provided on our website.

Offensive Services

Defensive Services

Training & Consultancy

Security & Compliance

Intelligence & Consulting

Products

Critical Infrastructure

Commercial Sectors