Pursuant to the following provision of the Article 15 of the Law "The Board shall carry out the necessary examination on the matters falling within its task upon complaint or ex officio where it has learnt about the alleged infringement.", complaints reported to the Authority are reviewed by the Board.

Complaints were used to be reported to the Authority via paper mail; as per the announcement of the Board dated 09.01.2020, the complaints can now be reported electronically via online module.

The data subject will be able to report complaint in person via complaint module by logging into the e-government system and the complaints to be reported through the attorney will continue as it is.

As it is known, in accordance with the Board Decision dated 24.01.2019 and numbered 2019/10, in case of a personal data breach, a notification should be made to the Authority by using Data Breach Notification Form as per the Board Decision.

According to the announcement made by the Authority on 06.01.2020, Personal Data Breach Notification that previously expected to be sent by paper mail can now be made on the internet at ihlalbildirim.kvkk.gov.tr.

According to the decision of the Personal Data Protection Authority (“KVKK”) dated 17.12.2019 numbered 2019/387, the deadline for registration obligation to Data Controllers' Registry Information System ("VERBIS") has been extended

In Turkey, the most significant step towards the protection of personal data is the Personal Data Protection Law (KVKK ) numbered 6698 which entered into force after its publication in the Official Gazette dated April 7, 2016. The law includes provisions that grant time period to the real persons whose data are processed and the real and legal persons who process such data, until April 7, 2018 for conducting compliance with the law. Similarly, the European Union General Data Protection Regulation (GDPR) entered into force on May 25, 2018 and constituted an important stage in the improvements made towards protection of personal data in Europe.