DISCLOSURE STATEMENT ON THE LAW OF THE PROTECTION OF PERSONAL DATA
The Law no 6698 on the Protection of Personal Data (the “Law”) was published in the Official Gazette dated April 7, 2016 and has entered into force with all of its provisions as of October 7, 2016 after the expiration of the specified 6 months period
The purpose of this Law is to protect fundamental rights and freedom of persons, particularly the right to privacy, with regard to processing of personal data, and to set forth obligations, principles and procedures which shall be binding upon natural and legal persons who process personal data
Accordingly, under the circumstances, any and all relevant corporations, institutions and organizations processing “personal data” as described in the Law are required to properly design and organize their processes and define their responsibilities in a detailed manner to duly perform their respective obligations as provided for in the Law.
Natural and legal persons, who process personal data, are required to be registered with the “Data Controllers Registry” to be developed by the Personal Data Protection Board which has been established under the Law on the Protection of Personal Data prior to starting to process personal data.
Institutions and organizations which are responsible for ensuring data security and privacy are obliged to ensure data security and privacy as follows:
- Designing and developing their access strategy including without limitation defining and classifying access authorizations for the access to data
- Merging and analyzing the data and logs received from information departments, intelligence units and news desks
- Monitoring user activities on a 24/7 basis
- Creating strong passwords
- Performing periodic penetration testing
Our company offering solutions in the areas of data classification and data destruction with regard to the applications which are subject to penal and/or criminal sanctions also provides services in legal dimensions and aspects of these applications in their data compliance processes
You may follow the relevant legislation, law(s) and regulations to be introduced regarding the Law on Protection of Personal Data and all related developments from the official website at www.kvkk.gov.tr
It would be very possible for your organization to prevent data breach and fraud and to achieve and maintain data security through the digital forensics and cybersecurity solutions that we offer as EMT against the theft and manipulation of personal data, particularly data breaches caused by insider threats such as the theft, fraud and manipulation of personal data which is of a sensitive nature and that may critically affect the business lives of companies. You may contact us for more and detailed information on LPPD.