Law numbered 6698 on Protection of Personal Data (Law), which sets forth the provisions regarding the protection of personal data, and under which conditions the data belonging to the individuals -in legalese the real persons regardless of their age- shall be handled by corporations, has entered into force after being published on the Official Gazette dated April 7th, 2016 and numbered 29677. The Law has been prepared under significant influence of European Union Data Protection Directive EU/95/46 EC, but also contains provisions in accord with European Union General Data Protection Regulation (GDPR), which has replaced the aforementioned EU Directive.
Due to being the first enacted Law on the protection of personal data, the Law has introduced many obligations and liabilities to any real person or legal entity that access, store, use or transfer, -which collectively referred in the Law as “processing”- personal data. Non-fulfilment of the obligations and liabilities stipulated in the Law may result in administrative fines up to 1.000.000 TL and legal sanctions up to four years of imprisonment, therefore it is vital for companies to demonstrate rapid and complete compliance to the legislation.
In order to fulfill their legal obligations, in particular for legal entities, (limited liability and joint stock companies, associations, foundations, profession societies, etc.) ILHANLI/BAŞER Law Firm, establishes tailor made action plans regarding their legal and administrative needs that varies according to the fields of activity and business processes, and conducts the compliance process from start to finish.
Demostrating compliance to KVKK is not a one-off activity, but rather a process which information technology, administrative policies and legal counselling are carried out together. Data protection should become a culture in every institution that processes personal data and in the digital age it has become necessary for every institution to ensure the personal data they handle are protected. We are at your disposal to provide you with the training necessary to establish the data protection awareness in your institution and to find the right solutions for your needs in information technology aspect as well, thanks to our business partners that offer the most effective software infrastructures up to date.

Please feel free to contact us from for your queries.

Personal Data Protection Checklist:

  • Revising of the contracts used in daily business activities
  • Preparation of the Privacy Notice
  • Management of Data Subject Applications
  • Preparation of Personal Data Inventory
  • Establishment of Administrative and Technical Process Management Policies
  • Management of Registration and Declaration to the Data Controllers Registry
  • Preparation of Personal Data Retention and Destruction Policy
  • Providing In-House Personal Data Awareness and Compliance Trainings