Open menu

Personal Data Protection Law

21January2022

Decision of Turkish Data Privacy Authority Relating with Automobile Renting Industry

It is stated that as a result of the investigation of the Authority within the scope of the notices submitted to the Authority, the software provided by the software firms to the automobile renting companies and the negative experiences of the rent holders during their automobile rental period and the comments of the automobile rental companies for the next renting processes can be viewed by another automobile renting companies in the rental situation, and the lessor is not aware of the processing of this knowledge.

It is stated that once an evaluation is made case-by-case basis between the fundamental rights and freedoms of the person and the legitimate interests of the data controller, the blacklist application is applicable within the data controller company, but if the processed personal data is shared with the other firms, the fundamental rights and freedoms of the data subject will be violated, and commitment to the purpose, limitation and it has been evaluated that is incompatible with the principle of proportionality. In the Decision, it is also stated that the processing of personal data within the scope of the blacklist will prevent the data subject from exercising their rights since they cannot know other automobile renting companies that their personal data were shared with it.

Written by Seda Sallı, Posted in Personal Data Protection Law

03January2022

Have You Completed Your VERBIS Registration?

Certain periods and deadlines stipulated in Turkish Data Protection Law (KVKK) for VERBIS registration with the decision dated 19.07.2018 and numbered 2018/88. Afterward, these periods were extended 4 times, and the deadlines were postponed for various reasons.

With the decision numbered 2018/88, the deadline for VERBIS registration was determined as 30.09.2019 for data controllers with an annual number of employees over 50 and for data controllers residing abroad.

With the decision numbered 2019/265, the deadline for the above-mentioned data controllers was determined as 31.12.2019; with the decision numbered 2019/387 it was extended as 30.06.2020; with the latest decision numbered 2020/482, it was determined 30.09.2020 and lastly, it was determined as 31.12.2021 with the latest decision numbered 2021/238.

Written by Öykü Selenay Solmaz, Posted in Personal Data Protection Law

29November2021

Administrative Fine Amounts in KVKK for 2022

Pursuant to duplicated sub-article (B) of Article 298 of Tax Procedure Law, the revaluation rate has been published in the Official Gazette numbered 31672 and dated 27.11.2021. Revaluation rate announced in the rate of 36,20% (thirty-six commas twenty) for 2021.

Written by Şeyma Nur Kaplan, Posted in Personal Data Protection Law

03November2021

China Personal Information Protection Law Has Entered into Force on November 1, 2021

The long-awaited China Personal Information Protection Law (hereinafter referred to as "Law") was passed by the Standing Committee of the National People’s Congress of the People’s Republic of China on August 20, 2021, to enter into force on November 1, 2021. The law mainly regulates how personal data will be collected, used, processed, shared, and transferred abroad by companies operating in the People’s Republic of China (hereinafter referred to as "China"). The Law, which determines the legal framework in these areas, complements the local data protection regime previously established by the China Cybersecurity Law (hereinafter referred to as "CSL") and national regulations. When the current legal structure of China is examined, it is seen that the legal and technical measures regarding the protection of personal data and data security are implemented through various laws, secondary regulations, and guidelines containing compliance standards. Herein, the Law possesses the title of the first comprehensive and national level regulation regarding personal data. It is crucial as it contains various legally binding compliance standards rather than the guidelines and secondary regulations.

Written by Onur Saygın, Posted in Personal Data Protection Law

1 2 3 4 5  >>  
This website is using cookies.
In this website, we use cookies to develop your user experience, obtain efficient work and track statistical data. You are agreeing to our use of cookies by browsing our website. Please review Çerezler (Cookies) page for detailed information of how we manage the cookies. This choice is valid for 30 days until you delete the cookies in your web browser.
x