ARTICLE
22 February 2022

Turkish Data Protection Authority Regulates The Certification Of Data Protection Officers

EA
Esin Attorney Partnership

Contributor

Esin Attorney Partnership logo
Esin Attorney Partnership, a member firm of Baker & McKenzie International, has long been a leading provider of legal services in the Turkish market. We have a total of nearly 140 staff, including over 90 lawyers, serving some of the largest Turkish and multinational corporations. Our clients benefit from on-the-ground assistance that reflects a deep understanding of the country's legal, regulatory and commercial practices, while also having access to the full-service, international and foreign law advice of the world's leading global law firm. We help our clients capture and optimize opportunities in Turkey's dynamic market, including the key growth areas of mergers and acquisitions, infrastructure development, private equity and real estate. In addition, we are one of the few firms that can offer services in areas such as compliance, tax, employment, and competition law — vital for companies doing business in Turkey.
Explore
The Turkish Personal Data Protection Authority has introduced the concept of data protection officers with the Communiqué on the Procedures and Principles Regarding the Personnel Certification Mechanism.
Turkey Privacy
Photo of Ilay Yilmaz
Photo of Can Sozer
Photo of Aybüke Gündel Solak
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

The Turkish Personal Data Protection Authority (DPA) has introduced the concept of data protection officers with the Communiqué on the Procedures and Principles Regarding the Personnel Certification Mechanism ("Communiqué"). With its recent decision, the DPA has stipulated the procedures and principles regarding the certificate of participation that must be obtained by data protection officers.

Recent development

The DPA's Communiqué regarding certification as a data protection officer was published in the Official Gazette dated 6 December 2021; it entered into force on the same date. You may access our legal alert on the Communiqué here. With its decision No. 2021/1296 dated 23 December 2021, the DPA determined the procedures and principles ("Procedures and Principles") regarding the certificate of participation that must be obtained to become a data protection officer. The Procedures and Principles are available online here (in Turkish).

What do the Procedures and Principles cover?

As per the Communiqué, to become a data protection officer, individuals must participate in certain training sessions and obtain relevant certifications. Individuals who meet the training/certification requirements will be entitled to take the exam. Those who successfully pass the exam become data protection officers.

The DPA has specified the details for obtaining a certificate of participation with the Procedures and Principles. Individuals who want to become a data protection officer must undertake a total of 40 hours of training. Following the training, the participants take the exam. Those who score above 70% will be deemed successful. Those who successfully pass the exam will receive a training report and the certificate of participation approved by the DPA.

Conclusion

The regulations on data protection officers have started to gain clarity with the Procedures and Principles. In this respect, all relevant companies that process personal data must follow the DPA's announcements and regulations on data protection officers.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Ilay Yilmaz
Ilay Yilmaz
Photo of Can Sozer
Can Sozer
Photo of Aybüke Gündel Solak
Aybüke Gündel Solak
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More