COMPLYING WITH THE LAW ON PERSONAL DATA PROTECTION (LPDP)
With the implementation of the Law on Personal Data Protection No. 6698 back in 2016, new rules and obligations were imposed to data controllers and data processors. The LPDP further stipulated serious monetary fines and prison sentences to those who violate these obligations.
Unfortunately, most data controller/processors in Turkey failed to grasp the potential liabilities arising from the LPDP provisions. One of the more common mistakes among data controllers/processors is that they tend to believe the LPDP provisions are only applicable to those required to register to the Data Controllers Registry (VERBIS). This assumption is, of course, false as the VERBIS registration requirement is a separate requirement/obligation and is not tied to the applicability of the LPDP provisions. Therefore, it is extremely important for all companies (or individuals) that process personal data to comply with the rules and procedures set forth at the LPDP, independent from VERBİS registration obligation.
To Read more, Click here
Partner, ASY Legal