In the 28 April 2019 dated and 30758 numbered Official Gazette, certain amendment texts directly related with the law on protection of personal data legislation, have been published. These amendments have been done in legislations of purge/destruction/anonymization of personal data, VERBIS and the obligation to inform, are respectively as follows:

• Regulation on Purging, Destruction and Anonymization of Personal Data
• Regulation on the Data Controllers’ Registry System
• Communiqué on Procedures and Principles to Be Followed in Fulfilling Obligation to Inform

6698 numbered Personal Data Protection Law Article 16 makes the natural person and legal entities who process personal data, obligatory to register Data Responsible Registry Information System (namely “VERBIS” in Turkish) obligatory. As is known, one shall register into the VERBIS through the web-site of the Personal Data Protection Institution by logging-in. It is stated with the 10.04.2019 dated announcement of the Institution that it is possible to login to the VERBIS system via e-government online portal.

The protection of the personal data has become more of an issue day by day with the development of internet technologies and personal data stored digitally. In this manner, the Institution of Personal Data Protection (the “Institution”) is developing the national legislation and publishing additional sources for the practice to sustain both domestic information security needs and integration with the European Union.

The Institution of Personal Data Protection has shared an announcement on the Application to the Data Controller and the Period Calculation of the Claims made to the Institution, on 13.02.2019. The issue of interpretation of the claim durations within the Law has become clear with the said announcement for the Data Subjects who exhaust application avenues to the Data Controller. You may reach the full text of the announcement here.

The subjects to be covered with the announcement are as follows: