22 February 2019
Data Protection Board Announces Decision on Data Security Breaches:
“Data Protection Board has recently announced its decision on the management of data security breaches and notifications to the DPB and data subjects. Data Protection Board also announced another decision on the calculation of the time periods for applications to data controllers and complaints to the DPB in order to “harmonize the difference in the interpretation of the periods.”
01 November 2018
Data Protection Board’s Latest Resolution Stipulates Administrative Fines up to 1 Million TRY for Unauthorized Advertisements and Calls:
According to the latest resolution of the Data Protection Board, data controllers who illegally transmit advertisement notices to e-mail addresses and mobile phones of the data subjects via e-mail messages, SMS or calls and data processors who use these data on behalf of the data controller without the explicit consent of the data subjects shall be fined for an amount ranging from 15.000 TRY to 1 million TRY.
03 October 2018
REGISTRATION OBLIGATIONS HAVE STARTED: CONTROLLERS HAVE 12 MONTHS TO REGISTER:
As our readers may recall from our earlier coverage of the data controllers’ registry, Data Protection Board (“DPB”), with its decision numbered 2018/88 (“Decision”), had previously determined the timeline for data controllers’ obligation to register with the data controllers’ registry system, “VERBIS”. According to the DPB’s Decision, registration obligations for the data controllers below have started.
10 September 2018
DATA PROTECTION BOARD PUBLISHES THE LATEST ENFORCEMENT ACTIONS: CONTROLLER RECEIVES TRY 200,000 FINE:
The Turkish Data Protection Board (“DPB”), the decision making body of the Turkish Data Protection Authority (“DPA”), has recently published on its website a number of enforcement actions it has taken against the data controllers for the breach of the Turkish Personal Data Protection Law (“Data Protection Law”).