NAZALI provides legal and technical services related to data protection, privacy, and cybersecurity in Turkey. The passage discusses Turkey's Personal Data Protection Law no. 6698 and the obligations it places on organizations that process personal data. NAZALI assists companies with compliance activities like conducting data inventories, reviewing policies and contracts, employee training, and responding to data requests or breaches.
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
There is no federal law governing privacy and data security applicable to all US citizens. Rather, individual states and regulatory agencies have created a patchwork of protections that may overlap in certain industries.
This webinar provides an overview of the many privacy and data security laws and regulations which may impact your business, from the state law protecting personal information to regulations covering the financial services industry to state breach notification laws.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-2020/
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
The “Privacy Today” presentation was written for the IAPP by Professor Peter Swire of the Moritz College of Law of the Ohio State University. The materials cover the definition of privacy, ways to protect privacy, privacy harms, and fair information practices. The “Privacy Today” presentation is designed for college and university students.
Licensed under Creative Commons Attribution 3.0 Unported
On the 2nd of February, the Durban Chamber hosted a seminar on, 'Practical advice on how to interpret POPI and how to apply it in your organisation'. This was presented by Verlie Oosthuizen from Shepstone and Wylie
The Protection of Personal Information Act: A PresentationEndcode_org
What does the Protection of Personal information Act mean for business and for cybersecurity? Find out the implications of South Africa's new technology law Act.
Ovations Group - Introducing the Protection of Personal Information (PoPI) ac...OvationsGroup
Ovations Group is ideally positioned to help South African companies implement processes and best practices to ensure compliance with the Protection of Personal Information (PoPI) act.
This presentation outlines the fundamentals of the act and explains how the Ovations Group can assist companies in avoiding the pitfalls PoPI presents.
“Data localisation or data residency laws require data about a nations' citizens or residents be collected, processed, and/or stored inside the country, often before being transferred internationally, and usually transferred only after meeting local privacy or data protection laws, such as giving the user notice of how the information will be used and obtaining their consent.” - Wikipedia
In this presentation, 10 steps (10 P's of POPI) are introduced as essential ingredients of meeting Protection of Personal Information (POPI) requirements. As a privacy law, POPI relies heavily on sound information management principles. The COR Concepts Integrated Information Governance model is also discussed, providing a framework for ensuring that POPI is not treated in isolation, and that it forms part of a cohesive approach to managing enterprise-wide information.
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
The “Privacy Today” presentation was written for the IAPP by Professor Peter Swire of the Moritz College of Law of the Ohio State University. The materials cover the definition of privacy, ways to protect privacy, privacy harms, and fair information practices. The “Privacy Today” presentation is designed for college and university students.
Licensed under Creative Commons Attribution 3.0 Unported
On the 2nd of February, the Durban Chamber hosted a seminar on, 'Practical advice on how to interpret POPI and how to apply it in your organisation'. This was presented by Verlie Oosthuizen from Shepstone and Wylie
The Protection of Personal Information Act: A PresentationEndcode_org
What does the Protection of Personal information Act mean for business and for cybersecurity? Find out the implications of South Africa's new technology law Act.
Ovations Group - Introducing the Protection of Personal Information (PoPI) ac...OvationsGroup
Ovations Group is ideally positioned to help South African companies implement processes and best practices to ensure compliance with the Protection of Personal Information (PoPI) act.
This presentation outlines the fundamentals of the act and explains how the Ovations Group can assist companies in avoiding the pitfalls PoPI presents.
“Data localisation or data residency laws require data about a nations' citizens or residents be collected, processed, and/or stored inside the country, often before being transferred internationally, and usually transferred only after meeting local privacy or data protection laws, such as giving the user notice of how the information will be used and obtaining their consent.” - Wikipedia
In this presentation, 10 steps (10 P's of POPI) are introduced as essential ingredients of meeting Protection of Personal Information (POPI) requirements. As a privacy law, POPI relies heavily on sound information management principles. The COR Concepts Integrated Information Governance model is also discussed, providing a framework for ensuring that POPI is not treated in isolation, and that it forms part of a cohesive approach to managing enterprise-wide information.
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Is Ukraine safe for software development outsourcing? N-iX
Many companies that are looking for a software development outsourcing company in Ukraine wonder if the destination is safe in terms of politics, economy, business climate, and information security.
We’ve completed the guide that covers all these aspects and will hopefully help you make well-weighed conclusions.
What is cyber law?
What is cyber crime?
Cybercrimes areas
what law relating to
Data protection and privacy
Software Licensing Issues
IT acts
Policy Versus Law
Codes of Ethics and Professional Organizations
Presentation at Data protection in the Western Balkans and the Eastern Partnership Region. High-level exchange and learning week organised by SIGMA, GIZ, RCC and ReSPA.
Protection of Personal Information Bill (POPI)Robert MacLean
A short presentation that focuses on the proposed POPI law, how it impacts businesses, technology, IT depts & the cloud. It was based on a draft so some aspects may have changed.
Asia Counsel Vietnam summarises the long awaited Decree 13 on data protection. We provide useful steps to get prepared and comply with the new provisions which will take effect on 1 July 2023.
OVERVIEW OF NIGERIA DATA PROTECTION ACT 2014UsmanMAmeer
This slide dive into Nigeria Data Protection Act 2014 to understand the right and roles of people that deals with Data, from Data Subject, Data Protection Officer to Data Compliance Officers.
Israel Privacy Protection Regulations - Duty To Report A Severe Security EventBarry Schuman
One of the most significant recent developments in data protection in Israel has been the publication of the Privacy Protection Regulations (Data Security) in May 2017. These significant regulations came into effect in May 2018.
The regulations were enacted after extensive consultation with the Israeli public, and in particular the stake holders that would be effected by the regulations. The regulations apply to both private and public sectors and establish organizational mechanisms aimed at making data security part of the management practices of all organizations processing personal data.
It is anticipated that the regulations will considerably advance the level of data security in Israel. They are both flexible, tangible and precise to a degree that offers organizations regulatory certainty and practical tools that are unpretentious to implement.
Responsibilities of the office bearers while registering multi-state cooperat...Finlaw Consultancy Pvt Ltd
Introduction-
The process of register multi-state cooperative society in India is governed by the Multi-State Co-operative Societies Act, 2002. This process requires the office bearers to undertake several crucial responsibilities to ensure compliance with legal and regulatory frameworks. The key office bearers typically include the President, Secretary, and Treasurer, along with other elected members of the managing committee. Their responsibilities encompass administrative, legal, and financial duties essential for the successful registration and operation of the society.
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
ALL EYES ON RAFAH BUT WHY Explain more.pdf46adnanshahzad
All eyes on Rafah: But why?. The Rafah border crossing, a crucial point between Egypt and the Gaza Strip, often finds itself at the center of global attention. As we explore the significance of Rafah, we’ll uncover why all eyes are on Rafah and the complexities surrounding this pivotal region.
INTRODUCTION
What makes Rafah so significant that it captures global attention? The phrase ‘All eyes are on Rafah’ resonates not just with those in the region but with people worldwide who recognize its strategic, humanitarian, and political importance. In this guide, we will delve into the factors that make Rafah a focal point for international interest, examining its historical context, humanitarian challenges, and political dimensions.
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
DNA Testing in Civil and Criminal Matters.pptxpatrons legal
Get insights into DNA testing and its application in civil and criminal matters. Find out how it contributes to fair and accurate legal proceedings. For more information: https://www.patronslegal.com/criminal-litigation.html
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
Agrarian Reform Policies in the Philippines: a quiz
Personal Data Protection Law
1. “Grows Along With Knowledge”
NAZALI have been serving Advocacy and Legal Counselling
services in the matters of Data Protection and Privacy, Internet
Law, Technology and Telecommunication Law, Intellectual Property
Law, Cyber Crimes and White-Collar Crimes which require technical
expertness as well as Legal Knowledge thanks to its experienced
team insisting of Attorneys whom served as public officers in the
different positions at public institutions along with innovative and
experienced technical staff.
Compliance Period
After Personal Data Protection Code no. 6698 came in force at 7th
of April 2016; obligations established in regard to real persons and
legal entities which will be considered as data controller” or “data
processor”, principals and regulations set up in regard to personal
data processing required a rapid compliance period in the system.
The Term of “Personal Data”
Any information related to an identified or identifiable real person.
òò Personal Data
Phone numbers, CV, social security numbers, voice records,
(active) IP addresses etc.
COMPLIANCE SERVICES
PROVIDED BY NAZALI
IN ACCORDANCE
WITH PERSONAL DATA
PROTECTION LAW NO.6698
òò Sensitive Data
Racial/Ethnic origin, religious/philosophical beliefs, political
opinions, membership of society/charity/organization, health,
sexual life, criminal conviction/security measures, etc.
Why is Data Classification Important?
Only data protected by Personal Data Protection Code is “personal
data”. In this context, personal data identified as “any information
related to an identified or identifiable real person” by Code should
be distinguished from other information which shall be protected by
Company. Any real person and legal entity which are considered as
data controller are obliged to apply mentioned classification in order
to comply with Code.
Mentioned classification shall be applied studiously and pursuant
to characteristics of industry which data controller is operating.
Hereby subject is very important especially for industries which
personal data is processed densely such as health, banking,
internet, telecommunication, electronic payment systems, human
resources, transportation and accommodation.
Why is Data Classification Important?
òò Intangible Asset Values became an Important Factor for
Companies
òò Behavioral Advertising
òò Cyber Attacks
òò Social Media Use
òò Protection of Trademark and Commercial Reputation
òò Electronic Surveillance Methods
òò Cloud Computing
òò Industry 4.0
The Term of “Data Processor”
Real Person or Legal Entity processing personal data on behalf of
Data Controller, in accordance with the authorization provided by Data
Controller.
2. Necessity of Inspection in Regard to Providing Data Security
Data controller is obliged to conduct or procure the required
inspections at its own Institution or establishment in order to ensure
the enforcement of Code. Those who failed to fulfill mentioned
obligation might be subjected to administrative fine between fifteen
thousand and one million Turkish Liras.
How to Provide Data Security?
òò Limitation of employees’ access to personal data
òò Password protection
òò Encryption of data
òò Multi-layered security programs
òò Firewalls and anti-virus programs
òò Updates
òò Remote wiping software
òò Selecting a trusted cloud provider
òò Backing up files
òò Keeping trade secrets and sensitive data out of the cloud
òò Privacy by Design/Default
òò Privacy Enhancing Technologies
Our Services
Our legal and technological services in this regard are as follows;
òò Separation of personal data from company data
òò Forming of personal data processing inventory
òò Reviewing of Company contracts and execution of contract
negotiations between the parties if necessary
òò Constitution of mechanisms in order to ensure data security
òò Reviewing of employment contracts
òò Complying the usage of electronic surveillance methods at
company such as surveillance via camera, electronic and
biometric access and time specification, electronic positioning
(GPS) and monitoring of electronic communication.
òò Forming/reviewing of Privacy Policy, Cookies Policy,
Cybersecurity Policy
òò Legal conformity assessment on Domestic / Abroad Transfer
of Personal Data and drafting required Contracts in this scope.
òò Formation of mechanisms in order to distribute the liability
between “data controllers” and “data processors” within the
context of Company Law
òò Informing and training company employees on Protection
of Personal Data and Confidentiality in light of the relevant
legislation,
òò Execution of necessary proceedings before Personal Data
Protection Board and providing legal consultancy on the
relevant administrative process,
òò Providing litigation services on Civil, Criminal and Administrative
cases regarding infringement of personal data rights,
òò Providing consultancy and litigation services in the fields of
cyber security and cybercrime
òò Providing legal consultancy on Data Management, Data
Destruction and Data Anonymization for ensuring legal
protection as stipulated under Personal Data Protection Law
no.6698 and the relevant legislation.
Ersin NAZALI
Managing Partner, Former Tax
Inspector, Attorney at Law,
Sworn in CPA
enazali@nazali.av.tr
Hatice ZÜMBÜL
Director,
Litigation and Dispute Resolution,
Attorney at Law
hzumbul@nazali.av.tr
OUR TEAM
www.nazali.av.tr
İSTANBUL OFFICE
19 Mayıs Cad. Dr. İsmet Öztürk Sok. No: 3 Elit Residence
Kat 10/28 - 29/60 Şişli 34360 İstanbul, Turkey
Phone: +90 212 380 0640 - Fax: +90 212 217 1890
İZMİR OFFICE
Adalet Mah. Manas Bulvarı Folkart Towers B Kule
No 47/2209 Bayraklı, İzmir, Turkey
Phone: +90 232 290 0998 - Fax: +90 232 290 0999
ANKARA OFFICE
Kızılırmak Mah. 1450 Sok. Ankara Ticaret Merkezi (ATM)
B Blok No: 1/29 Kat 5 Karakusunlar, Çankaya, Ankara, Turkey
Phone: +90 312 286 1006 - Fax: +90 312 286 1007
BURSA OFFICE
Odunluk Mah. Akademi Cad. Zeno Center C Blok
No: 2/14 Kat 3 Nilüfer, Bursa, Turkey
Phone: +90 224 441 1950 - Fax: +90 224 441 1951
