19
December 2019

“Commission Decision 2010/87/EU on standard contractual clauses is valid” says the Advocate General on Schrems II
The long-awaited Advocate General Saugmandsgaard Øe’s opinion on Schrems II case was finally published today. Advocate General Øe said that Commission Decision 2010/87/EU on standard contractual clauses (“SCC”)…


09
December 2019

BOARD’S WARNING SHOT TO CONTROLLERS TO STAY UPDATED WHEN DEALING WITH DATA SUBJECT RIGHTS
The Turkish Data Protection legislation has been constantly updated in light of secondary legislation as well as decisions of the Turkish Data Protection Board. Thus controllers must follow up the changes and u…


18
October 2019

The Data Protection Authority Reminded Data Controllers of their Duty to Notify Data Subjects for Data Breaches and Clarified the Requirements for Due Notification
On 15 October 2019, the Turkish Data Protection Authority (“TDPA”) published its decision on "Minimum Requirements for Data Breach Notifications to be made to Data Subjects" (dated 18 September 2019 and numbere…


10
October 2019

BRANCHES OF FOREIGN COMPANIES IN TURKEY MUST ALSO REGISTER WITH THE DATA CONTROLLERS’ REGISTRY AS DATA CONTROLLER
The Data Protection Board (“Board”) published its decision on 7 October 2019 regarding possible registration obligation of branches and liaison offices of foreign companies in Turkey with the Data Controllers’…


03
October 2019

Turkish DPA fined Facebook for a second time, for 256.222 EUR!
Turkish Data Protection Board (“Board”) fined Facebook for 256.222 EUR with its decision of September 18, 2019. The breach is due to a system deficit causing an attacker reaching profile data of a third party…