What to do under the Law on Protection of Personal Data

WHAT IS THE LAW ON PROTECTION OF PERSONAL DATA?

The 2-year harmonization process, which was issued with the Law on the Protection of Personal Data Law No. 6698, which came into force by being published in the Official Gazette on 07.04.2016, has ended and all the provisions of the law have been implemented as of April 2018. As of this date, all small, medium and large-scale companies take serious precautions, otherwise they are likely to face large-scale penalties. Even if there is no obligation to register with Verbis, companies that comply with the law are all commercial enterprises that process personal data.

Especially businesses that process a lot of personal data; hotels, shopping malls, apartment site management companies, factories, companies with customer loyalty card application, companies providing cleaning and security services, sales marketing companies, agencies, private schools and universities, hospitals, medical centers, banks, payment and electronic money institutions , cargo, companies, companies working with electricity, water, natural gas, telephone, internet, satellite, television broadcasting subscription system are primarily businesses that need to be harmonized with the principles of the law. Within the past 2 years after the publication of the law, the Personal Data Protection Authority was established, the relevant institution has also published the relevant regulations outside the law, the KVKK board has been established and the board has started to operate.

As required by law, companies have been obliged to work on the Protection of Personal Data. For this reason, companies immediately take action, training of employees, create a privacy policy for the protection of personal data, consent forehead to the employee, a data manager, the determination of a functioning data, determining their duties and responsibilities, job creation over the data recording system, then conduct the risk analysis responsible for recording the record data, the processing of personal data and the creation of the disposal policy liabilities to companies as required by gelmiştir.ka was born of necessity work on Protection of personal data. For this reason, companies take immediate precautions, training employees, creating a privacy policy for the protection of personal data, obtaining consent from employees, assigning a data officer, a data processor, determining their duties and responsibilities, creating a data recording system in the workplace, and performing related risk analyzes. There are obligations to record in the data responsible register, to process personal data and to form the Destruction policy.

All companies and individuals that companies do business with, all contracts with 3 people and contracts with existing suppliers need to be revised according to the law.

SERVICES WE PROVIDE AD LAW OFFICE AGAINST KVKK LEGISLATION

AD Law & Mediation Office; With its experience in the fields of Business Law, Commercial Law, Expropriation Law, Criminal Law, it is ready to serve your company in the most accurate, effective and practical way within the scope of Personal Data Protection Law.

Services to be provided in this context;

• Presentation to the company management about the law, the importance of the subject and the work to be done.
• Preparing a work plan suitable for the structure by creating the company profile
• Creating a detailed Personal Data Inventory by working separately with all departments,
• Risk analysis after inventory, preparation of action plans of threats and measures to be taken, determination of those responsible,
• Providing awareness training to employees on the subject,
• Receiving consent from employees and personnel,
of all existing labor contracts in the workplace and third party, supplier contracts
harmonization with the law,
• Determination of the technical measures to be taken with the IT department
• Examining all company processes and making them compliant with the law,
• Protection of personal data and creation of data security, privacy and destruction policy,
• To harmonize company processes with the Law within the scope of Personal Data Protection Law and to prepare all necessary procedures
• Performing all necessary transactions and providing consultancy services during the process of registering the Verbis system
We also provide the following privileged services to your company, provided that there is a demand under the project.
• Optimizing KVKK Processes with ISO27001 Information Security Management System
• ISO 9001 Quality Management System
• ISO 14001 Environmental Management System
• ISO 45001 Occupational Health and Safety Management System

Senior Manager Information Training