Collecting and Storing Information Automatically
The Ministry of Finance (MoF) collects and stores information related to visiting its website. The ministry does not define any user, it collects and stores the following information automatically:
Surfing field
Kind of the surfer and the operating system used to enter the website
Time and date of entering the website
Time and date of entering the website
The MoF website contains many external links to other networks and websites. The ministry does not assume any responsibility for these links because they are considered as being provide for informational purposes only. The user is responsible for assessing the content and usefulness of information obtained. Once a user visits the MoF website, he will be subject to the website’s Information Security and Privacy Policy.
Changes in Privacy Statement
MoF has the right to modify the privacy statement at any time. In case of applying such changes, the ministry will inform stakeholders and their clients about them.
Cookies
Cookies Definition: A text file (not a program or encrypted software) that does not need a password. The website will find it through cookies put in the hard disk on the first visit.
How to Prevent Receiving Cookies: User should prepare the browser before saving any cookies on the hard disk. To do so, you should follow certain technical and technological steps. It is allowed to refuse receiving a cookies file (the text file) or remove it from the browser by using the privacy options provided by the browser.
Information Security
MoF applies various regulative and security precautions to protect its website data from manipulation or destruction. These precautions also prevent any unauthorised person from accessing this data. MoF encrypts data to protect it from exploitation by any other party. It constantly reviews data in line with modern technological developments.
Use Purposes: Data is used to provide the user and the visitor with services requested, in addition to giving approvals if it is laid down in laws or legislations.
Security Definitions
We see it as being important to add these following security definitions:
Availability of Information
Ensuring access to information and using it in a reliable and timely manner.
Adequate Protection
This is necessary to provide protection commensurate with the risks and the extent of damage caused by information loss, misuse, modification, or illegally accessing them.
Ratification
A comprehensive assessment of administrative and functional security controls in governmental services. This helps to adopt information security determining the accuracy level of implementing controls and operating according to the plan. This also secures getting out with the result required in respect of meeting the requirements needed to face risks seen by government services.
Confidentiality
It is important to maintain licensing restrictions on access to information and disclosure. This includes means of protecting personal privacy and information privacy.
Information Security
Protects information systems and information from illegal misuse, hacking, disclosure, destruction and modification. It aims to provide confidentiality and accuracy and availability of information.
Malicious Code
This is a program meant to perform undesirable, usually criminal, acts. This will negatively affect the confidentiality, accuracy and availability of information in systems.
Privacy
Information related to a particular person or group. They monitor and manage information even after exchanging it voluntarily with a third party to avoid its disclosure. Disclosure can lead to devastating consequences. Information security must include the implementation of controls of private information. It includes best practices that can provide a justification for the need to use information, instead of using an alternative plan of identification.
Risks
It is important to know the effect of threats and the possibility of their occurrence on governmental services, properties or persons.
Risks Treatment
It includes choosing a series of procedures meant to decrease risks, in addition to implementing these procedures.