Sponsored briefing: Binding corporate rules for transfer of personal data abroad

Eren Can Ersoy of Kılınç Law & Consulting looks at the regulations associated with data protection

The irrepressible rapid development of technology and digitalisation around the world necessitates the processing and transfer of personal data. This evolution has a direct impact not just on individuals but also on the business world. The processing and transfer of personal data abroad necessitates the effective protection of data. Personal data processing and transfers overseas demand robust data protection. The transmission of personal data abroad is regulated by Law No. 6698 on the Protection of Personal Data (the Law), and the primary rule for data transfer abroad is to get the data subjects’ explicit consent. With the existence of one of the data processing conditions specified in the Law, and the recipient being located in one of the countries on the list of safe countries to be published by the Personal Data Protection Authority (the Authority), the data controllers in Türkiye and abroad can undertake adequate protection in writing and the Personal Data Protection Board (the Board) can gain permission as an exception to the rule of obtaining explicit consent.

Your limit of 1 article in 30 days is up. Please login for full access or subscribe.