Planned amendments within the scope of the Personal Data Protection Law numbered 6698 are explained in the Section 6.7 of the Action Plan on Human Rights and Implementation Calendar, titled Protecting the Private Life in Processing of Personal Data, published in the Official Gazette dated April 30, 2021 and numbered 31470. Accordingly, Turkish Data Protection Law (KVKK), will be brought in conformity with European standards and regulations and parallel regulations to General Data Protection Regulation will enter to our lives. In addition, new regulations regarding the penalties imposed on data controllers by the Personal Data Protection Board are also included in the plan.

As known, it is a legal obligation as of 2018 for all responsible to become compliant with KVKK. Even though new regulations will enter our lives, companies that have been compliant with the general principles of KVKK before the relevant law amendment, will be able to adapt to the amendment of the law. Also, please note that there is still an obligation to comply with the Law and sanctions still continue within this scope.

According to the decision of the Turkish Personal Data Protection Authority ("KVKK") dated 11.03.2021 and numbered 2021/238, the deadlines for registration obligation to Data Controllers' Registry Information System ("VERBIS") have been extended.

With the relevant decision, it has been concluded that,

• For natural and legal person data controllers with more than 50 employees annually or a financial balance of more than 25 million TL annually, the deadline for fulfilling VERBIS registration and declaration obligation to Registry to be extended to 31.12.2021,
• For natural and legal person data controllers resident abroad, the deadline for fulfilling VERBIS registration and declaration obligation to Registry to be extended to 31.12.2021
• For natural and legal person data controllers with less than 50 employees annually and a financial balance of less than 25 million TL annually, and whose main activity is sensitive personal data processing, the deadline for fulfilling VERBIS registration and declaration obligation to Registry to be extended to 31.12.2021,
• For public institutions and organizations, the deadline for fulfilling VERBIS registration and declaration obligation to Registry to be extended to 31.12.2021,

and this decision to be announced at the website of the Authority and to be published in the Official Gazette.

We would like to emphasize that the relevant decision did not bring any changes about the compliance with the Law No. 6698 on the Protection of Personal Data ("KVKK") other than the registration deadline to VERBIS.

In order to protect the fundamental rights and freedoms of individuals, especially the privacy of individuals, natural and legal persons who process personal data are required to complete the compliance processes related to their administrative and technical obligations in processing personal data.

The Regulation on the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector ("Regulation") was published in the Official Gazette dated 4.12.2020 with no. 31324. The Regulation regulated within the scope of Electronic Communications Law Numbered 5809 ("Law"), and sets forth the terms and conditions to be followed by the operators who operate in the electronic communications sector in terms of the data they obtain within the scope of providing electronic communications services, including legal person subscriptions.

The regulation covers companies that provide electronic communication services and/or provide electronic communication networks and operate their infrastructure within the framework of authorization ("Operator"). The featured statements in the Regulation are as follows:

Pursuant to duplicated Article 298 of Tax Procedure Law, revaluation rate has been published in the Official Gazette numbered 31318 and dated 28.11.2020. Revaluation rate announced in the rate of 9,11% (nine comma eleven) for 2020.

According to the rate, the administrative fines in Article 18 of the Turkish Personal Data Protection Law ("KVKK") numbered 6698 shall be imposed in 2021 as in the following amounts: