expertise

Data Protection And Cyber Security

DATA PROTECTION AND CYBER SECURITY

 

Zumbul Attorneys-at-Law; with its experienced team, provides compliance, consulting, and training services in the field of personal data protection, cybersecurity and other related branches of information technologies. Since the date of Personal Data Protection Law No. 6698 came into force in Turkey, it has been providing those services to many national and international companies, in Turkish-English-German and French languages. 

Zumbul Attorneys-at-Law contributes to the practical implementations in Turkey by interpretation and the compliance of the European Union legislation (acquis communautaire)  in parallel with the judicial decisions in the EU. In this context, some of the services offered by Zumbul Attorneys-at-Law are as follows:

  • Implementation of compliance projects and providing consultancy services within the framework of Personal Data Protection Law No. 6698 and the other relevant legislation;
  • Preparation of personal data processing inventory
  • Establishing security measures to ensure the safety of the transfer of personal data to third parties
  • Evaluation of maximum periods determined regarding the data processing for the specified purpose and preparation of the table that showing the storage and destruction deadlines
  • Designing technical and organizational mechanisms for the disposal of personal data that has already served the purpose and no longer necessary or exceed the period for storage stipulated in related legislation
  • Revision of the Company's contracts and, if necessary, execution of the negotiations between the contracting parties on the relevant issues and the preparation of additional protocols
  • Providing consultancy services on the lawfulness of the use of electronic surveillance methods such as camera surveillance, electronic and biometric admittance and time control, electronic location (GPS) and electronic communication monitoring
  • Providing legal advisory services within the scope of the General Data Protection Regulation (GDPR) in areas where the company's situation is required
  • Assessment regarding the lawfulness of the transfer of personal data both at home and abroad and drawing up / reviewing / revising of data transfer contracts
  • Providing consultancy services regarding Privacy Policy, Cookies Policy, Cyber Security Policy and drawing up / reviewing / revising of such texts
  • Briefing the employees of the company and providing trainings within this framework
  • Providing legal services with regard to setting up mechanisms as to the division of responsibilities stipulated for companies as “data controller/data processor”
  • Filing lawsuits before civil and criminal courts relating to the protection of personal data and resolution of disputes in the field of cybersecurity
  • Carrying out due-diligence processes and providing consultancy services during mergers and acquisitions.
  • Carrying out the necessary administrative procedures before the Personal Data Protection Authority and providing consultancy services in relation to these administrative procedures