Open menu
12March2019

Personal Data Institution Updated the VERBIS & Deletion Processes

The protection of the personal data has become more of an issue day by day with the development of internet technologies and personal data stored digitally. In this manner, the Institution of Personal Data Protection (the “Institution”) is developing the national legislation and publishing additional sources for the practice to sustain both domestic information security needs and integration with the European Union.

In this regard, the Institution has published two more additional sources. The document of “VERBIS FAQ” is prepared by the Institution to guide data controllers who shall perform the obligation of register into the data controller registry info system (namely “VERBIS”) mentioned in the Art. 16 of the 6698 numbered Law. You may reach the FAQ document explains details about VERBIS in Turkish here.

In addition, a sample of the “Personal Data Retention and Destruction Policy” (the “Policy”) is published by the Institution on 10.03.2019 for the data controllers that have to register the VERBIS.

The sample Policy starts with explaining the aim, scope and definitions and states the title/unit/job description of the ones who participate the retention and destruction processes. The personal data record mediums are classified as “electronical” (e.g. software, usb etc.) and “non-electronical” with detailing each personal data classification to be recorded.

Both the legal reasons and processing tools that require to keep personal data along with the reasons to destruct personal data shall be determined in the Policy.

As is known, the data controllers are obliged to take all technical and administrative measures to prevent personal data to be processed, accessed illegally according to the Art. 12 of the Personal Data Protection Law. In this manner, the Policy to be prepared shall have technical and administrative measures to be taken.

Besides the data controllers should state “the destruction technics of the personal data” in their Policy. The disposal, destruction and anonymization of the personal data shall be explained separately for each data recording medium. The retention and destruction periods that are already took place in personal data processing inventory and VERBIS, shall also be mentioned in the Policy. These periods which should be determined for each process, shall be updated if necessary.

Our Company is providing consultancy service on the Personal Data Protection Law and General Data Protection Regulation compliance processes by combining best legal and technological substructure. Click for more information.

You may reach the full text of the sample Personal Data Retention and Destruction Policy published by the Institution, in Turkish, here.

Author CottGroup Hukuk ve Mevzuat Ekibi, Category Personal Data Protection Law

  • Notification!

    Contents provided in this article serve to informative purpose only. The article is confidential and property of CottGroup® and all of its affiliated legal entities. Quoting any of the contents without credit being given to the source is strictly prohibited. Regardless of having all the precautions and importance put in the preparation of this article, CottGroup® and its member companies cannot be held liable of the application or interpretation of the information provided. It is strictly advised to consult a professional for the application of the above-mentioned subject.

    For each concrete situation, it is strongly advised to seek guidance from a professional advisor. If you are a customer of ours, please consult with your customer representative before taking any action related to the announcement. If you are not a customer, seek advice from an expert.

About The Author

/tr/mevzuat/item/kvkk-saklama-imha-politikasi-verbis

Other Legislation

Bu web sitesi çerez kullanıyor.

Bu internet sitesinde, kullanıcı deneyimini geliştirmek, verimli çalışmasını sağlamak ve istatistiki verileri takip etmek için çerezler kullanılmaktadır. Sitemizi kullanarak çerezleri kabul etmiş olursunuz. Çerezleri nasıl kullandığımız ile ilgili detaylı bilgi için lütfen Çerezler (Cookies) sayfasını okuyunuz. Bu seçim 30 gün süreyle ya da tarayıcınızdaki çerezleri siz silene kadar geçerlidir.

Çerez Tercihleri Cookie Preferences

Çerezleri Ayarla

Çerezler, web sitelerinin kullanıcı deneyimini daha verimli hale getirmek için kullanabileceği küçük metinlerdir. Kanun, bu sitenin işleyişi için kesinlikle gerekli olan çerezlerin cihazınıza saklanabileceğini belirtir. Diğer tüm çerez türleri için izninize ihtiyacımız var. Bu site, çeşitli türde çerezler kullanmaktadır. Bazı çerezler, sayfalarımızda görünen üçüncü taraf hizmetler tarafından yerleştirilir.

Verdiğiniz izinler aşağıda yer alan web siteleri için geçerlidir:

  • www.cottgroup.com