According to the numbered 2019/265 decision of the Personal Data Protection Board (KVKK) dated 03/09/2019, obligation to register at Data Controllers' Registry ("VERBİS") has been extended until 31.12.2019.

The Circular on Information Security in Public Institutions and Organizations has been published in the Official Gazette

Circular no 2019/12 on Information and Communication Security Measures specifying a serious of measures to ensure the security of data that may have an impact on public order and national safety was published in the Official Gazette No. 30823, dated July 6, 2019. The Circular that consists of 21 articles has aroused interest with many articles contained therein. We may classify the prominent issues in the said publication as below:

In the 28 April 2019 dated and 30758 numbered Official Gazette, certain amendment texts directly related with the law on protection of personal data legislation, have been published. These amendments have been done in legislations of purge/destruction/anonymization of personal data, VERBİS and the obligation to inform, are respectively as follows:

• Regulation on Purging, Destruction and Anonymization of Personal Data
• Regulation on the Data Controllers’ Registry System
• Communiqué on Procedures and Principles to Be Followed in Fulfilling Obligation to Inform

6698 numbered Personal Data Protection Law Article 16 makes the natural person and legal entities who process personal data, obligatory to register Data Responsible Registry Information System (namely “VERBIS” in Turkish) obligatory. As is known, one shall register into the VERBIS through the web-site of the Personal Data Protection Institution by logging-in. It is stated with the 10.04.2019 dated announcement of the Institution that it is possible to login to the VERBIS system via e-government online portal.