The Draft Regulation on Data Controllers' Registry which we expect to be enacted within the summer of 2017, sets out certain requirements for data controllers.
You may visit our relevant post to learn about the general requirements as we will only focus on one interesting requirement at this post; the obligation to appoint a data controller representative.
This requirement, which is stipulated under Article 11 p.2 of the Draft Regulation, is specific to data controllers with no presence (physical & legal) in Turkey. Therefore any real or legal person who collect personal data from Turkey and do not have any presence in Turkey must appoint a Data Controller Representative.
Pursuant to the relevant Article 11 the representative must have the following powers;
- To accept notices or correspondence sent by the Board or the Authority on behalf of the Data Controller,
- To respond correctly to the requests made by the Board or Authority on behalf of the Data Controller,
- To accept and respond to data subject requests on behalf of the Data Controller and,
- To manage the Registry operations on behalf of the Data Controller.
Therefore we recommend everyone who collect personal data from Turkey to get ready to appoint a Data Controller Representative.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
