The laws on the protection of personal data are being tightened day by day, and both individuals and companies are weighing in on this issue in order to avoid heavy penalties.
First of all, companies need to draw up an inventory in the field of personal data processing. It is important to answer questions such as who processes, stores and transfers this data to third parties within the company regarding personal data. It is necessary that the answers to these questions are very clear because detailed and clean answers will greatly help the firm to more accurately determine the measures to be taken.
Let's talk about what companies have to do to protect personal data together with the “law on personal data protection”, which came into force in 2016.
The collection, processing and storage of personal data is a potential source of liability for companies. Therefore, it is necessary to specify in detail how much personal data is required and how much is processed and stored within the framework of a statutory obligation. For example, if the processing and storage of personal data is not necessary for the company's operations or is not required by law, it is preferable not to receive that data.
Even if it is taken in some form, it is necessary to ensure that the obligations of companies under kvkk do not increase, it is necessary to ensure that it is immediately deleted. Generally speaking, there are 3 types of personal data that companies must retain.
All companies that process personal data are responsible for the establishment and management of the data recording system within the company. As data controller, companies must appoint a natural or legal person as a data processor.
There are several structures in which companies are obliged to set up and be equipped with KVKK 6698 and what the company should do. Among these topics
Examination of the dimension of KVKK with labor law
There are such topics as protection and preservation of personal data in resumes collected for the purpose of job application to know the actions to be taken and what needs to be done if a data breach is detected.
It applies to natural persons who process personal data and natural and legal persons who process such data in whole or in part automatically or in non-automatic ways, provided that they are part of any data recording system,” Kvkk says.
In short, all natural persons who have a right driver's license are covered by the law. But, below are examples where we list companies that fall under kvkk in general.
In general, all these natural and legal persons have obligations to fulfill obligations in relation to the processing of personal data and to meet criminal liability if they do not fulfill them.
Disclaimer: All rights to any articles and content published belong to Efilli Software. All or part of any content, such as text, audio, video, and even if the source is shown or the active link is provided, cannot be used, published, shared or modified.
