It is stated that as a result of the investigation of the Authority within the scope of the notices submitted to the Authority, the software provided by the software firms to the automobile renting companies and the negative experiences of the rent holders during their automobile rental period and the comments of the automobile rental companies for the next renting processes can be viewed by another automobile renting companies in the rental situation, and the lessor is not aware of the processing of this knowledge.

It is stated that once an evaluation is made case-by-case basis between the fundamental rights and freedoms of the person and the legitimate interests of the data controller, the blacklist application is applicable within the data controller company, but if the processed personal data is shared with the other firms, the fundamental rights and freedoms of the data subject will be violated, and commitment to the purpose, limitation and it has been evaluated that is incompatible with the principle of proportionality. In the Decision, it is also stated that the processing of personal data within the scope of the blacklist will prevent the data subject from exercising their rights since they cannot know other automobile renting companies that their personal data were shared with it.

Certain periods and deadlines stipulated in Turkish Data Protection Law (KVKK) for VERBIS registration with the decision dated 19.07.2018 and numbered 2018/88. Afterward, these periods were extended 4 times, and the deadlines were postponed for various reasons.

With the decision numbered 2018/88, the deadline for VERBIS registration was determined as 30.09.2019 for data controllers with an annual number of employees over 50 and for data controllers residing abroad.

With the decision numbered 2019/265, the deadline for the above-mentioned data controllers was determined as 31.12.2019; with the decision numbered 2019/387 it was extended as 30.06.2020; with the latest decision numbered 2020/482, it was determined 30.09.2020 and lastly, it was determined as 31.12.2021 with the latest decision numbered 2021/238.

Pursuant to duplicated sub-article (B) of Article 298 of Tax Procedure Law, the revaluation rate has been published in the Official Gazette numbered 31672 and dated 27.11.2021. Revaluation rate announced in the rate of 36,20% (thirty-six commas twenty) for 2021.

The long-awaited China Personal Information Protection Law (hereinafter referred to as "Law") was passed by the Standing Committee of the National People’s Congress of the People’s Republic of China on August 20, 2021, to enter into force on November 1, 2021. The law mainly regulates how personal data will be collected, used, processed, shared, and transferred abroad by companies operating in the People’s Republic of China (hereinafter referred to as "China"). The Law, which determines the legal framework in these areas, complements the local data protection regime previously established by the China Cybersecurity Law (hereinafter referred to as "CSL") and national regulations. When the current legal structure of China is examined, it is seen that the legal and technical measures regarding the protection of personal data and data security are implemented through various laws, secondary regulations, and guidelines containing compliance standards. Herein, the Law possesses the title of the first comprehensive and national level regulation regarding personal data. It is crucial as it contains various legally binding compliance standards rather than the guidelines and secondary regulations.