Value of personal data is currently the most important factor in economies. It is now possible to sell personal data called ‘Big Data’ in exchange of money and the importance of the businesses that own Big Data increase day by day in the economic trend.
In the topic of legislation of personal data protection, Law number 6698 on Protection of Personal Data which was prepared by the European Union based on European Union Directive No. 95/46/AB entered into force in April 7th 2016 by being published on Official Gazette.
The code has established definitions such as data processing, data subject, data contoller and data processor and regulatory structures such as Data Protection Institution and Data Protection Board and in parallel, has imposed rights to the real person data subject and liabilities and sanctions to real or legal person data controller and data processor.
Among these liabilities and sanctions are;
- Liability to register to the Data Controllers Registry
- Liability to inform the real person data subject
- Liability to reply to the applications of the real person data subject
- Liability to inspect the data processor
- Liability to take the necessary precautions in order to assure data security
And also, due to the principle of individual criminal responsibility, there are sanctions such as IMPRISONMENT BETWEEN 1 TO 4 YEARS for the related crimes and FINES BETWEEN 5.000 TL AND 1.000.000 TL for the related misdemeanors.
Mert VAN Law and Consultancy Firm has determined Law on Protection of Personal Data as a current working field. Our law firm has conducted the necessary co-operations in the aspect of Project Management and Information Technologies regarding the Compliance Period and it is able to provide you any service you need in this subject.
The course of action that needs to be followed in the processes of Compliance Project and Permanent Compliance that, even though there may be differences in the duration due to the scale of the company, last 2 to 4 months; is shortly as below:
1. Project Preparation Stage
This is the stage of designing the project process with the participation of the related departments’ representatives after determining the company’s needs by making a presentation that explains the importance of the issue to the upper administration of the company.
2. Current Situation Analysis
This encompasses the detection of the current situaiton by determining the personal data categories processed in every department/unit of the company and creating a Personal Data Activity Inventory.
3. Difference Detection Stage
In the direction of the outcomes of the current situation analyses and bearing in mind the current processing style of every personal data group, with the aim of compliance with the related code and regulations, deficincies are determined.
For suggestions with alternatives, the agreement is made by shaking hands with the upper mamagement of the company.
4. Forming A Course of Action and Applying It
The necessary course of action that is needed for the completion and realization of the detected deficits and created suggestions in the direction of the related Code and Regulations is created. The necessary support is provided to the company at the stage of execution of the course of action in accordance with the necessity.
In order to recieve support regarding Law on Protection of Personal Rights and Compliance Period, you can mail This email address is being protected from spambots. You need JavaScript enabled to view it. veya This email address is being protected from spambots. You need JavaScript enabled to view it..
For more information: http://www.kvkk.gov.tr