[email protected]

Areas of Activity

Personal Data Protection Law Consultancy

  1. Home
  2. »
  3. Practice Areas
  4. »
  5. Personal Data Protection Law Consultancy

Personal Data Protection Law and All You Need to Know

The Personal Data Protection Law is a legislation that aims to protect the rights of individuals regarding the processing of their personal data. GDPR focuses on key objectives such as ensuring the lawful and fair processing of personal data, protecting the confidentiality and integrity of such data, securing the rights of data subjects and determining the obligations of data controllers.

The purpose of this law is not only limited to the protection of personal data, but also to raise public awareness and to establish a fair balance between data processors and data subjects. In addition to enabling individuals to move around safely in the digital environment, GDPR also encourages businesses to adopt a more responsible attitude towards data security. In this way, by creating a more solid and reliable ground for the protection of personal data, the interests of both individuals and businesses are taken into consideration.

GDPR Lawyer Consultancy Service

Derya Yurteri Çetin, the founder of DYC Legal Consultancy, holds the title of Data Protection Officer (DPO), which is held by only a few people in the European Union, as well as ISO/IEC 27001:2013 Information Security Management System Lead Auditor and ISO/IEC 27701:2019 Personal Data Management System Lead Auditor certificates.

Derya Yurteri Çetin, the founder of DYC Legal Consultancy, holds the title of Data Protection Officer (DPO), which is held by only a few people in the European Union, as well as ISO/IEC 27001:2013 Information Security Management System Lead Auditor and ISO/IEC 27701:2019 Personal Data Management System Lead Auditor certificates.

The main services provided by DYC Legal Consultancy in this context are as follows:

  • Performing risk analysis with GDPR check-list
  • Following the risk analysis, the presentation of the report, which will determine the Company’s road map, and the creation of the action list
  • Creating a personal data inventory specific to the Company
  • Carrying out data analysis of personal data inventories and distinguishing between general and special categories of personal data
  • Fulfilment of the obligation to register to VERBIS
  • Establishment of a personal data protection committee
  • Establishment of policies, disclosure and explicit consent texts
  • Carrying out storage and destruction processes
  • Organising personal data subject application forms and carrying out the processes regarding how to respond to these application forms
  • Creation of confidentiality agreements and data transfer undertakings between the data controller and the data processor regarding data transfer
  • Establishment of contracts regarding data transfer abroad
  • Revising company policies within the framework of compliance with the protection of personal data
  • Organising trainings for people who are involved in all kinds of activities related to the processing of personal data, especially those who are in the GDPR committee, in order to create an in-house culture regarding the protection of personal data
  • Revising contracts within the framework of compliance with personal data protection
  • Taking all technical and administrative measures to protect personal data
  • Establishment of confidentiality agreements between data controllers regarding data transfer.

In addition, DYC Legal Consultancy provides regular monthly GDPR consultancy services upon request following the completion of the compliance project.

The main services provided by DYC Legal Consultancy within the scope of monthly Personal Data Protection Consultancy are as follows;

  • Following the completion of the harmonisation project, to carry out periodic follow-up and audit of the GDPR process
  • To ensure the revision of the GDPR process regarding the innovations and changes that may occur within the scope of the legislation
  • To chair the meetings to be organised by the Personal Data Protection Committee
  • To follow up legal correspondence processes with the Personal Data Protection Authority
  • To respond to applications to be made by data subjects

Basic Principles of Personal Data Protection Law