We provide consultancy services on compliance with the Law on Protection of Personal Data in Turkey (KVKK) and General Data Protection Regulation (GDPR), preparation of necessary legal texts and information on legislation.
In this context, we provide support to companies on many issues such as privacy policy, data retention and destruction policy, preparation of the data processing agreement signed between the data processor and the data controller.
New Cybersecurity Management Obligations and Liabilities under NIS2 Directive
The Directive (EU) 2022/2555 on measures for a common level of cybersecurity across the Union (the “NIS2 Directive”) was published…
Artificial Intelligence-Based Services and Security of Company Data
While we talk about the many benefits of AI technology, we should not ignore the data protection and privacy concerns…
New Adequacy Decision for EU-US Data Privacy Framework
The European Commission has adopted an adequacy decision for the European Union – United States (EU-US Data Privacy Framework (DPF).…
Amazon Turkey Decision and its implications on data transfers to third countries
The Turkish Personal Data Protection Board (“Board”) adopted a decision regarding Amazon Turkey at the beginning of this year, on…
Your responsibilities to your customers as a data processor
The Turkish Data Protection Law defines a data controller as “the natural or legal person who determines the purposes and…
Data Processing Agreement (DPA) Under Turkish Data Protection Law
Data controllers who wish to entrust their data processing activity to a third party must appoint such third party as…