Privacy and Personal Data Protection
Deris has a constantly growing privacy and personal data protection practice. By this way, Deris team tracks the dynamic legislative developments in this area. The team combines the legal expertise with technical knowledge for compliance matters.
Deris has been certified with ISO 27001 and has its inhouse project and audit team for the ISO 27001 certification. The team also prides itself with having the member with CIPP/E certification and IT specialists experienced in information and data security tools. This enables our team to integrate data privacy systems with internationally respected global standards.
We implement privacy by design procedures by establishing user friendly, sustainable systems, policies, and procedures aiming to minimize the risk of any potential data disputes. The litigation experience of our team also enables the management of complex data disputes.
Our team also provides trainings for creating awareness regarding information security and data protection to its clients and their employees through internal Deris Academy with experienced trainers.
The team has substantial experience with local and global TMT, pharma, chemical, e-commerce and entertainment firms.
Services
Compliance projects
Audit, gap analysis,
Data inventory, data mapping, scope of data protection systems,
Risk assessment & risk treatment,
Managing individual’s requests,
Personal Data Controller Registry (VERBIS) registration,
Data retention mechanism,
Awareness building, trainings
Data officer appointment
Data transfers
Obtaining permission from the Authority
Preparing binding corporate rules or undertakings.
Drafting data protection contracts, consents or notices
Employee privacy,
Customer privacy,
Cookie policies,
Data Breach Management.
Dispute Resolution
Administrative actions and applications,
Criminal actions,
Objections against the decisions/fines issued by Turkish Data Protection Authority.