Data Protection and the Importance of GDPR

Data protection and privacy laws are becoming increasingly important, as data is now seen as the “oil” of the digital age, they are indispensable assets to every player of the digital market. With globalization and technology advancing, private and personal data collected by big tech companies started to become a real concern, as these tech companies were essentially given a free pass when it came to how such private data can be used. This all started to change with the implementation of GDPR in Europe, which set the tone for a new era for privacy and data protection laws.

Data Protection and Privacy Laws in Turkey

Personal data protection was a controversial topic in Turkey for many years, mainly due to the European Union ascension procedures. To remedy this, Turkey adopted a new law regarding personal data protection, the Law on the Protection of Personal Data No. 6698 (the Law), therefore effectively implementing the GDPR domestically. This Law is seen as a much needed improvement in personal data protection, and sets forth new liabilities to data holders, supervisors and processors to keep such personal data private at all times.

Article 2 of the Law defines personal data as “all information relating to an identified or identifiable natural person”, whereas Article 6 sets forth that “personal data relating to the race, ethnic origin, political opinion, philosophical belief, religion, sect or other belief, clothing, membership to associations, foundations or trade-unions, health, sexual life, convictions and security measures, and the biometric and genetic data are deemed to be personal data of special nature”. Accordingly, any data that fits this description shall be treated as personal data and should therefore be processed and stored in accordance with the provisions set forth in the Law. You can find detailed information regarding the definitions and processing methods for personal data and personal data of special nature in our published article here (also available via Mondaq)

The field of data protection law is a continuously evolving practice and therefore needs an innovative, up-to-date and dynamic approach to fulfill all the needs of our clients. It is imperative that thorough risk assessments are made for each company and project to ensure that they comply with the regulations and avoid any possible penalties from the regulators. As ASY LEGAL we provide consultancy for our clients’ domestic and international data protection compliance projects, as well as giving legal support for their data protection and privacy related issues including collection, processing and transferring of their data to be fully compliant with the relevant data protection regulations.