Featured Practices

Alcedo Atthis

Common Kingfisher (Halcyon smyrnensis), named after İzmir city of Turkey, is mostly observed in the Eastern Mediterranean Region. Destruction of their habitats, wetlands, is the greatest threat to their species.

Data Protection And GDPR Compliance In Turkey For International Corporates

Legal regulations on the Protection of Personal Data, Privacy and Cyber Security have become one of the primary legal agendas of corporates and companies in Turkey in recent years.  For international and multinational corporates doing business in Turkey, multi-jurisdictional aspects of data protection issues create a more complicated regulatory environment.

We are aware that international companies need an in-depth and close legal guidance and know-how enriched by a local experience in order to be fully compliant in Turkish and international data protection and GDPR regulations.

Çukur & Partners Law Firm, which has been providing full range of data protection and GDPR services to international corporates for more than ten years, has created a legal compliance program with the fastest and most comprehensive content in the process as soon as the new personal data protection Code in Turkey is enacted. Our data protection lawyers have implemented this program in dozens of companies and international corporates in the last few years, since the new national regulation. 

Our data protection and privacy law compliance program includes 360-degree legal services within this framework, from establishing a business culture and policy on the protection of personal data in companies, notice and transactions to be made before the Code on the Protection of Personal Data, personal data protection trainings, internal audits, technical measures, and legal management of data breaches and crises.

The legal compliance service program of Çukur & Partners Law Firm’s “Personal Data Protection Regulations” should primarily include the following services.

  • Code on the Protection of Personal Data compliance program services: Coaching, turn-key or continuous legal consultancy services
  • Establishment of corporate data policies in companies, in-house trainings and audits
  • Integration and adaptation or data protection policies and documentation of international and multinational companies into Turkey and Turkish law
  • Compliance of Turkish businesses and entities of international and multinational companies into international GDPR regulations
  • General data protection consultancy services (Contact support, personal data inventory control, Data Controllers’ Registry Information System update support)
  • Code on the Protection of Personal Data technical measures compliance consultancy -Analysis, Revised, Investment Planning Support
  • International data transferring regulations and issues
  • Company-specific activities (after-sales services, corporate communication, customer and supplier channels, advertising and marketing channels, etc.) 
  • Revision of processes and preparation of contracts in recess areas, creation and implementation of necessary procedures and policies.
  • Bringing data protection channels into compliance with the legislation in all contractual and operational relations with data processors
  • Ensuring up-to-date and effective implementation of Clarification/Explicit Consent mechanisms
  • Code on the Protection of Personal Data operation and documentation support in parallel with Covid-19 measures.
  • Data retention and update compliance support in accordance with the storage and destruction regulations.
  • Integration support with other legislation, platforms and standards (ISO, SEDEX etc.)
  • Periodic or immediate (Fake application, internal and external process application control) inspection services
  • Making updates and changes in the field of personal data protection in accordance with the practices, decisions and secondary legislation of the Code on the Protection of Personal Data.
  • Legal consultancy services in data breaches and Code on the Protection of Personal Data review and investigation processes.

Our approach to the personal data and privacy issues is to establish a practical and effective legal system and infrastructure in the companies in this regard, and then to respond the day-to-day practices and requirements in this field through a continuous legal advisory support, update and legal auditing.