• About
  • Contact
Şengün Law
  • Deutsch
  • Français
  • Türkçe
  • Español
  • Italiano
  • Investment Advisory In Türkiye
    • Company Formation
    • Foreign Shareholder
    • Concessions – Incentives
    • Tax Liabilities
    • Insurance
    • Real Estate Purchases
    • Risk, Compliance and Regulation
    • International Logistics
    • ESG
    • Competition
    • Trade Union Consulting
    • Region Selection
    • Digital Transformation
    • Information Technology Consultancy
  • Articles
    • From Nedim Korhan Şengün
    • Entrepreneurship Center
    • Global Green Center
    • Center Of Risk Management And Regulatory Compliance
    • Center of Arbitration, Conciliation, and Mediation
    • Capital Markets and Financial Transactions Center
    • Insurance Center
    • Intellectual Asset Management Center
    • Personal Data Center
    • Competition Law and Practice Center
    • Investment Advisory Center
  • Turkish Citizenship and Immigration
    • Acquisition of Turkish Citizenship
    • Work Permit
    • Residence Permit
    • Family Law for Foreigners
    • Criminal Law for Foreigners
    • Intellectual Property for Foreigners
    • Administrative Practices for Foreigners
  • International Disputes
    • Local and International Dispute Resolution
    • Arbitration/ Recognition /Adjudication
  • Announcements
No Result
View All Result
  • Investment Advisory In Türkiye
    • Company Formation
    • Foreign Shareholder
    • Concessions – Incentives
    • Tax Liabilities
    • Insurance
    • Real Estate Purchases
    • Risk, Compliance and Regulation
    • International Logistics
    • ESG
    • Competition
    • Trade Union Consulting
    • Region Selection
    • Digital Transformation
    • Information Technology Consultancy
  • Articles
    • From Nedim Korhan Şengün
    • Entrepreneurship Center
    • Global Green Center
    • Center Of Risk Management And Regulatory Compliance
    • Center of Arbitration, Conciliation, and Mediation
    • Capital Markets and Financial Transactions Center
    • Insurance Center
    • Intellectual Asset Management Center
    • Personal Data Center
    • Competition Law and Practice Center
    • Investment Advisory Center
  • Turkish Citizenship and Immigration
    • Acquisition of Turkish Citizenship
    • Work Permit
    • Residence Permit
    • Family Law for Foreigners
    • Criminal Law for Foreigners
    • Intellectual Property for Foreigners
    • Administrative Practices for Foreigners
  • International Disputes
    • Local and International Dispute Resolution
    • Arbitration/ Recognition /Adjudication
  • Announcements
No Result
View All Result
Şengün Law
No Result
View All Result
Home Articles

The Right of the Data Subject to Apply to the Data Controller and the Obligations of the Data Controller

18 April 2025
in Articles
Reading Time: 3 mins read
A A
İlgili Kişinin, Veri Sorumlusuna Başvuru Hakkı ve Veri Sorumlusunun Yükümlülükleri
Share on FacebookShare on TwitterShare on Linkedin

Within the framework of the Law No. 6698 on the Protection of Personal Data (KVKK), the responsibilities of employers who are data controllers in the processing of personal data are becoming more and more important. The decisions of the Personal Data Protection Board emphasise the care that data controllers should take when processing personal data, the importance of keeping a data inventory and their obligations to respond to applications made to them.

Pursuant to Article 11 of the LPPD;

Everyone may, by applying to the data controller;

a) To learn whether personal data has been processed,

b) To request information if personal data has been processed,

c) To learn the purpose of processing personal data and whether it is used in accordance with its purpose,

ç) To know the third parties to whom personal data is transferred domestically or abroad,

d) To request correction of personal data in case of incomplete or incorrect processing,

e) To request the deletion or destruction of personal data within the framework of the conditions stipulated in Article 7,

f) To request notification of the transactions made in accordance with subparagraphs (d) and (e) to third parties to whom personal data are transferred,

g) To object to the occurrence of a result to the detriment of the person himself/herself by analysing the processed data exclusively through automated systems,

ğ) In case of damage due to unlawful processing of personal data,

has the right to demand compensation for the damage.

Pursuant to Article 13 of the LPPD, the data subject may apply to the data controller in writing or by other methods determined by the Board in order to exercise his/her rights. The Personal Data Protection Board has determined the application methods with the ‘Communiqué on the Procedures and Principles of Application to the Data Controller’ published in the Official Gazette dated 10 March 2018 and numbered 30356. Accordingly, the application can be made

  • In writing (by hand, by mail),
  • Registered electronic mail (KEP) address,
  • Secure electronic signature, mobile signature,
  • Via the electronic mail address previously notified by the data subject and registered in the system.

The data controller is obliged to evaluate the application received from the data subject effectively and in accordance with the law and good faith. Pursuant to Article 13 of the LPPD, the data controller is obliged to finalise the application within 30 days at the latest.

The response should not be general and superficial and should include the requested information in a detailed and understandable manner. The fact that the response of the data controllers to the applications of the data subjects is general and superficial, and does not clearly reveal which data is processed and for what purpose, constitutes a violation of the principles of transparency and accountability.

In this context:

  • Which personal data are processed,
  • The purposes of processing this data,
  • The legal basis of the data,
  • To whom the data are transferred and
  • Retention periods should be clearly stated.

It is important for data controllers to create a Data Inventory and keep this inventory up to date in order to be able to easily respond to the answer to be given. As a matter of fact, the inventory will already contain detailed information on the data subject to the application.

Among the basic principles regarding the processing of personal data specified in Article 4 of the LPPD are the principles of ‘compliance with the law and good faith’ and ‘processing for specific, explicit and legitimate purposes’. These principles require the data controller to be open and accountable in its data processing activities.

The care that data controllers should take in the processing of personal data of data subjects and the importance of the responsibility to keep a data inventory are clearly demonstrated by the penalties imposed for inadequate response to applications.

Data controllers must carry out the processing of personal data of data subjects in a transparent and accountable manner, keep data inventories in detail and in accordance with legal regulations, clearly determine the retention periods and respond to the applications of data subjects in detail.

It should be noted that failure to fulfil these responsibilities may result in administrative fines pursuant to Article 18 of the LPPD. In addition, necessary corrections should be made in data processing processes in line with the instructions given by the Board.

As a result, it is of great importance for data controllers to fulfil their responsibilities under the LPPD in order to avoid legal sanctions and to ensure the protection of employees’ personal data.

Director Lawyer Öykü Güldürmez

ShareTweetShare
Previous Post

The Impact of Geopolitical Risks on International Trade Contracts

Next Post

State-Backed Trade Credit Insurance System for SMEs

Related Posts

INVESTMENTS IN VENTURE CAPITAL COMPANIES AND THE ROADMAP TO BE FOLLOWED IN THE INVESTMENT PROCESS

As one can see that investments made in venture capital companies are increasing day by day and have reached an...

Obstruction Of The Competition Board’s On-Site Inspection

The Competition Board has certain inspection powers to facilitate, protect and encourage competition. One of those powers is the authority...

Ticari İşlemlerde Taşınır Rehni Kanunu

Information on the Law on Movable Pledge in Commercial Transactions

This information note has been prepared regarding the Law on Movable Pledge in Commercial Transactions No. 6750 dated 20/10/2016. When...

Taşınamaz Rehin Haklarından İpotek ve Kesin Borç İpoteği

Mortgage and Final Debt (Principle) Mortgage in the Pledge on Immovable Property

1) Purpose, Characteristics, Establishment and Termination of Mortgage Provisions on Mortgages are regulated in Article 881 of Turkish Civil Code...

Cookies concerning Personal Data Protection Law

This article will analyze websites' use of cookies to process personal data concerning the personal data protection law. What are...

Alternatif Bir Çözüm Yöntemi Olarak Arabuluculuk – Singapur Konvansiyonu

Singapore Convention – Mediation As An Alternative Dispute Resolution Method

We live at a time when globalization is pervasive in all aspects of our lives, with unavoidable implications for business...

Next Post
KOBİ’lere Yönelik Devlet Destekli Ticari Alacak Sigortası Sistemi

State-Backed Trade Credit Insurance System for SMEs

Latest Posts

Can the Law Regulate Grocery Prices? Australia’s New Approach

Can the Law Regulate Grocery Prices? Australia’s New Approach

FISA Section 702 and the Ongoing Debate Over U.S. Surveillance Powers

FISA Section 702 and the Ongoing Debate Over U.S. Surveillance Powers

The Rising Role of Central Europe and Şengün & Partners’ New Organization

The Rising Role of Central Europe and Şengün & Partners’ New Organization

Girişimcilik Ekosisteminde Yeni Bir Yapılanma: Şengün Girişim Stüdyosu

A New Initiative in the Entrepreneurial Ecosystem: Şengün Girişim Stüdyosu (Şengün Venture Studio)

“AI Hallucinations” Before the Court

“AI Hallucinations” Before the Court

U.S. Court Reviews Proposed AI Copyright Settlement Involving Anthropic

U.S. Court Reviews Proposed AI Copyright Settlement Involving Anthropic

  • About
  • Contact

© 2024 Şengün Partners

No Result
View All Result
  • Investment Advisory In Türkiye
    • Company Formation
    • Foreign Shareholder
    • Concessions – Incentives
    • Tax Liabilities
    • Insurance
    • Real Estate Purchases
    • Risk, Compliance and Regulation
    • International Logistics
    • ESG
    • Competition
    • Trade Union Consulting
    • Region Selection
    • Digital Transformation
    • Information Technology Consultancy
  • Articles
  • Turkish Citizenship and Immigration
    • Acquisition of Turkish Citizenship
    • Work Permit
    • Residence Permit
    • Family Law for Foreigners
    • Criminal Law for Foreigners
    • Intellectual Property for Foreigners
    • Administrative Practices for Foreigners
  • International Disputes
    • Local and International Dispute Resolution
    • Arbitration/ Recognition /Adjudication
  • Announcements
  • About
  • Contact
  • English
    • Deutsch
    • Français
    • Türkçe
    • Español
    • Italiano

© 2024 Şengün Partners