Data Protection Law

Data Protection Law, reflecting the most global part of the law, takes a very important role in the modern age and constantly changing and developing technologies and has dynamic structure and multinational rules in the practice. One of the most important issues brought by digitalization with the developing technology is the collection and use of endless personal data and the taking advantage of this data in certain ways. The regulations introduced in this context have gained a global structure in recent years and the practices in countries and regions have converged. There are intense personal data violations in Turkey as well, and the sanctions for this have reached a serious level nowadays. For this reason, the need for legal consultancy in this field has increased, especially for large-scale companies that have to process data intensively and multinational companies that need to transfer data abroad due to their global structure.

Our company provides consultancy and litigation services in this field to its domestic and foreign clients by considering the legislation and regulations regarding personal data and the current practice in the field. In this context, we provide all kinds of legal consultancy that our clients need while processing and/or transferring data in their daily business as well as representing our clients in potential disputes.

In this context, we provide our national and international clients with consultancy services for all kinds of compliance projects, loyalty checks for compliance projects, training given at regular intervals, the reflections of the changes that have to be implemented in daily business as a result of the decisions of public bodies on the processing of personal data and the consequences thereof, penal sanctions given by the Personal Data Protection Authority, assessing the disputes to take action against the decisions of the Authority and taking such actions in a proper way. Our services in these fields include the following main titles:

• Preparation of a Special Personal Data Inventory;
• Drafting privacy and explicit consent texts;
• Drafting retention and destruction policies;
• Drafting privacy policies for the protection of personal data;
• Drafting confidentiality agreements between the data controller and data processor concerning the data transfer;
• Drafting agreements for cross border data transfer and informing about the risks it bears,
• Revision of the company policies for compliance with personal data protection;
• Constructing of the processes for compliance with E-commerce Law, and delivery of commercial electronic messages and activities of the company;
• Revision of the contracts for compliance with the protection of personal data;
• Adoption of all measures regarding protection of personal data;
• Fulfilment of the obligation to register with the Data Controllers’ Registry (VERBİS);
• Drafting of the confidentiality agreements between data controllers while data transfer.