GDPR in the European Union and KVKK (Personal Data Protection Law No. 6698) in Turkey bring important obligations for data privacy and obtaining, recording, storing, preserving, changing or disclosing personal data. In cases of violation, a fine of up to TRY 2,000,000 and a prison sentence of up to 3 years are foreseen. Services we offer in this context:

  • Risk assessment and defining the scope of personal data
  • Determination of data flows, preparation of data inventory, assignment of responsibilities
  • Defining all necessary measures regarding data protection processes and establishing an end-to-end data security infrastructure
  • Determination and registration of the DPO – Data Protection Officer
  • Conducting audit and evaluating controls for the safekeeping of personal data
  • Establishment of customer complaint-request response mechanism
  • Governance, monitoring and auditing in the context of data privacy