KVKK kişisel veri koruma bildirimi.

LyDian acts as data controller on behalf of authorised civil-protection agencies. For Türkiye operations, the controller is registered with the VERBIS data controller registry as required by KVKK Nº 6698 Article 16.

• Operator identity: name, e-mail, role scope, session tokens.
• Authentication signals: device key pair hash, login timestamps.
• ICE data: blood type, allergies, chronic conditions, emergency contacts — encrypted at rest.
• Incident metadata: coordinates, timestamps, severity, narrative text.
• Communication logs: operator-to-operator messages scoped to incidents.

• Contractual necessity (KVKK Art. 5/2-c): processing required for the engagement agreement.
• Explicit consent (KVKK Art. 5/1): ICE health data is collected only with citizen consent.
• Vital interests (KVKK Art. 5/2-e): emergency processing to protect life.

• Learn whether your data is processed.
• Access and request a copy of your data.
• Request correction of inaccurate data.
• Request deletion under KVKK Art. 7 conditions.
• Object to automated individual decisions.
• File a complaint with the Personal Data Protection Board (KVKK Kurulu).

AiA is sovereign-hostable. Cross-border data transfers are governed by the engagement agreement and comply with KVKK adequacy decisions, GDPR Standard Contractual Clauses (SCCs), or US privacy frameworks as applicable.

Personal data is retained only as long as necessary for the service mandate and applicable legal obligations. ICE profiles are deleted upon citizen request. Incident data follows civil-protection archival requirements.

All data is protected by a zero-trust security posture: authenticated channels only, isolated encryption core, role-based access control (RBAC), and immutable audit logs. Implementation details are proprietary.

AiA is a proprietary platform. Technical implementation — frameworks, databases, infrastructure — is not published. Authorised partners receive signed technical packets as part of the engagement agreement.