There have been important changes implemented on applications of e-Ledger, e-Invoice, e-Archive with the Communiqué dated 19.10.2019 and published in the Official Gazette numbered 30923 in regard to amending General Tax Procedural Law Communiqué with the item number 509 and General Electronic Ledger Communiqué with the item number 3.

With the amendments, in addition to the documents such as e-Invoice, e-Archive, e-Dispatch Note, e-Ledger, e-Producer Receipt, e-Self Employment Vouchers and e-Ticket; taxpayers who issue e-Insurance Certificate, e-Expense Voucher, e-Receipt and e-Exchange Receipt are also included in scope of the legislation.

In the Paragraph 5 of the Article 12 of the Turkish Personal Data Protection Law (“KVKK”) No.6698, in the event that the personal data processed is obtained by third parties by illegal means as a result of a data breach, the data controller shall inform the data subject and the Board as soon as possible. In case it is found necessary, the Board may announce the details of the breach on its website and/or in any other way that is considered appropriate.

Due to the activities on personal data processing in Türkiye, legal persons which are located abroad;

Legal persons residing abroad,

The branches of legal persons residing abroad,

The liaison offices of legal persons residing abroad

the Turkish Data Protection Board announced a decision no: 2019/225 (“Decision”) in regards with the personal data protection Law numbered 6698, as a result of the examination whether these entities are to be considered as data officers and whether there is an obligation for these entities to submit a record to the Data Responsible Register (“Registry”).

In the event that some or all of the personal data is transferred to the founder / partner foreign company located abroad and the foreign company uses this data for its own purposes, there is an obligation to register with the Data Controller’s Registry Information System (“VERBIS”). These transfers, in general, consist of recordings of all or part of the data of the employees, suppliers and customers of the legal entity in Türkiye to a registration system which is provided and managed by foreign partner. However, keeping only personal data in a registration system by the foreign partner does not constitute VERBIS registration obligation and the foreign partner should use this data for their own purposes.