Privacy and Personal Data Protection

Deris has a constantly growing privacy and personal data protection practice. By this way, Deris team tracks the dynamic legislative developments in this area. The team combines the legal expertise with technical knowledge for compliance matters.

Deris has been certified with ISO 27001 and has its inhouse project and audit team for the ISO 27001 certification. The team also prides itself with having the member with CIPP/E certification and IT specialists experienced in information and data security tools. This enables our team to integrate data privacy systems with internationally respected global standards.

We implement privacy by design procedures by establishing user friendly, sustainable systems, policies, and procedures aiming to minimize the risk of any potential data disputes. The litigation experience of our team also enables the management of complex data disputes.

Our team also provides trainings for creating awareness regarding information security and data protection to its clients and their employees through internal Deris Academy with experienced trainers.

The team has substantial experience with local and global TMT, pharma, chemical, e-commerce and entertainment firms.

Compliance projects

Audit, gap analysis,

Data inventory, data mapping, scope of data protection systems,

Risk assessment & risk treatment,

Managing individual’s requests,

Personal Data Controller Registry (VERBIS) registration,

Data retention mechanism,

Awareness building, trainings

Data officer appointment

Data transfers

Obtaining permission from the Authority

Preparing binding corporate rules or undertakings.

Drafting data protection contracts, consents or notices

Employee privacy,

Customer privacy,

Cookie policies,

Data Breach Management.

Dispute Resolution

Administrative actions and applications,

Criminal actions,

Objections against the decisions/fines issued by Turkish Data Protection Authority.