Privacy and Personal Data Protection

Deris has a constantly growing privacy and personal data protection practice. By this way, Deris team tracks the dynamic legislative developments in this area. The team combines the legal expertise with technical knowledge for compliance matters.

Deris has been certified with ISO 27001 and has its inhouse project and audit team for the ISO 27001 certification. The team also prides itself with having the member with CIPP/E certification and IT specialists experienced in information and data security tools. This enables our team to integrate data privacy systems with internationally respected global standards.

We implement privacy by design procedures by establishing user friendly, sustainable systems, policies, and procedures aiming to minimize the risk of any potential data disputes. The litigation experience of our team also enables the management of complex data disputes.

Our team also provides trainings for creating awareness regarding information security and data protection to its clients and their employees through internal Deris Academy with experienced trainers.

The team has substantial experience with local and global TMT, pharma, chemical, e-commerce and entertainment firms.


Compliance projects

ServicesAudit, gap analysis,

ServicesData inventory, data mapping, scope of data protection systems,

ServicesRisk assessment & risk treatment,

ServicesManaging individual’s requests,

ServicesPersonal Data Controller Registry (VERBIS) registration,

ServicesData retention mechanism,

ServicesAwareness building, trainings

ServicesData officer appointment

Data transfers

ServicesObtaining permission from the Authority

ServicesPreparing binding corporate rules or undertakings.

Drafting data protection contracts, consents or notices

ServicesEmployee privacy,

ServicesCustomer privacy,

ServicesCookie policies,

ServicesData Breach Management.

Dispute Resolution

ServicesAdministrative actions and applications,

ServicesCriminal actions,

ServicesObjections against the decisions/fines issued by Turkish Data Protection Authority.

© 2019 Deriş - All Rights Reserved