1. NTFS Permission Perspective (Access Control Module)

GDPR & KVKK Contribution:

Ensures access control to personal data. Supports the principles of "Data Minimization" and "Prevention of Unauthorized Access". Allows monitoring and logging of access requests.

Supported Articles:

GDPR Article 5 (Principles relating to processing of personal data) GDPR Article 25 (Data protection by design and by default)

KVKK Article 4 and 12 (Data security obligations)

Concrete Scenarios:

An employee only has access to their own department folders.

Temporary access is granted during an assignment and is automatically revoked afterwards.

Access requests are recorded and auditable.

2. Audit Perspective (Monitoring Module) GDPR & KVKK Contribution:

Records who accessed which data and when.

Provides fast response and reporting in case of data breaches.

Supports the GDPR and KVKK principles of "transparency" and "accountability".

Supported Articles:

GDPR Article 30 (Records of processing activities) GDPR Article 33 (Notification of a personal data breach) KVKK Article 12 (Obligations regarding data security)

Concrete Scenarios:

You can instantly answer the question: “Who deleted the file X and when?”

Suspicious access events can be immediately notified to administrators.

3. File Type Perspective (File Type Analysis Module) GDPR & KVKK Contribution:

Enables classification of files based on the likelihood of containing personal data.

Allows detection and removal of idle, unnecessary, or risky files.

Supports compliance with data minimization and retention policies.

Supported Articles: GDPR Article 5 (Data minimization, storage limitation) KVKK Article 4 and 7 (Avoiding unnecessary data retention)

Concrete Scenarios:

Detecting and deleting Excel files containing ID numbers that haven’t been opened in 5 years.

Categorizing .docx files that contain personal data.

4. File Server Anomaly Detection (Anomaly & Security Module)

GDPR & KVKK Contribution:

Provides real-time alert and response to ransomware or suspicious user activities.

Takes automatic actions in case of breach to reduce the risk of data loss or leakage.

Supported Articles:

GDPR Article 32 (Security of processing) GDPR Article 33 (Notification of a personal data breach) KVKK Article 12 (Technical measures for data security)

Concrete Scenarios:

If a user deletes 100 files within 1 minute, the account is automatically locked.

Generating alerts when more than 10 deletions occur in a critical folder within 5 minutes.

5. Secure File Share (Secure File Sharing Module)

GDPR & KVKK Contribution:

Ensures personal data is shared only with authorized parties, in a controlled and logged manner.

Unauthorized or external sharing can be prevented.

Supported Articles:

GDPR Articles 44–50 (International data transfers)

GDPR Articles 5 and 32 KVKK Articles 8 and 9 (Provisions on data transfer)

Concrete Scenarios:

Generating "one-time access link" for file sharing.

Automatically canceling access after the expiration time.

 Logging who downloaded the shared file and when.

General Overview Module GDPR Support KVKK Support

Permission Perspective Article 5, 25 Article 4, 12

Audit Perspective Article 30, 33 Article 12

File Type Perspective Article 5 Article 4, 7

Anomaly Detection Article 32, 33 Article 12

Secure File Share Article 5, 32, 44–50 Article 8, 9, 12