Personal Data Protection Law (PDPL)


           With the constitutional amendment made in 2010, the protection of personal data has been clearly constitutionally guaranteed by adding a clause such as “Everyone has the right to demand the protection of personal data concerning himself / herself. This right comprises being informed about the personal data about the person, accessing these data, requesting their correction or deletion, and learning whether they are used in accordance with their purpose. Personal data can only be processed in cases stipulated in the Law or with the explicit consent of the person. The principles and procedures regarding the protection of personal data are regulated by law.” to Article 20 of the Constitution, which regulates the privacy of private life.

            The Draft Law No. 6698 on the Protection of Personal Data, which was prepared within the scope of harmonization with the European Union, was dispatched to the Presidency of the Grand National Assembly of Turkey on January 18, 2016. The stated text was accepted and legalised by the General Assembly of the Grand National Assembly of Turkey on March 24, 2016 and entered into force after being published in the Official Gazette dated April 7, 2016 and numbered 29677.

            Within the scope of this law, obligations such as registration and notification are given to

•          Real and legal person data controllers with an annual number of employees of more than 50 or annual financial balance sheet total of more than 25 million TRY,

•          Persons responsible for real or legal persons whose major area of activity is the processing of special personal data, whose annual number of employees is less than 50 and annual financial balance sheet total is less than 25 million TRY,

•          Data controllers of public institutions and organizations.

            In this context, as Cukurova Technopark which has a Data Controller obligation, we carry out our obligations within the scope of the principles we have stated below.

            Our Basic Principles and Values on the Protection of Personal Data;

•          Protecting the right of privacy

•          Respect for fundamental rights and freedoms

•          Objectivity

•          Independence

•          Reliability

•          Compliance with the law and ethical principles

•          Transparency and accountability

•          Quick, accurate and objective decision making

•          Cooperation and participation

             PDPL Unit Activities;

            As Cukurova Technology Development Zone Executive Inc. the PDPL Unit, carries out the following activities within the scope of protection the privacy of private life and fundamental rights and freedoms stipulated in the Constitution and the Law;

•          Ensuring the protection of personal data,

•          To increase the level of consciousness by creating corporate awareness for the protection of personal data,

•          Preparation of data inventory,

•          Preparation of necessary administrative policies and procedures,

•          Preparation of detailed analysis and recommendation reports for technical measures,

•          Preparation of data breach notification procedure,

•          Action plans,

•          Verbis (Registry Information System of Data Controllers) registration,

•          Preparation of legal texts (clarification text, explicit consent, etc.),

•          Examining contracts and ensuring compliance with PDPL.