ARTICLE
5 July 2022

Data Protection Newsletter - July 2022

EA
Esin Attorney Partnership

Contributor

Esin Attorney Partnership logo
Esin Attorney Partnership, a member firm of Baker & McKenzie International, has long been a leading provider of legal services in the Turkish market. We have a total of nearly 140 staff, including over 90 lawyers, serving some of the largest Turkish and multinational corporations. Our clients benefit from on-the-ground assistance that reflects a deep understanding of the country's legal, regulatory and commercial practices, while also having access to the full-service, international and foreign law advice of the world's leading global law firm. We help our clients capture and optimize opportunities in Turkey's dynamic market, including the key growth areas of mergers and acquisitions, infrastructure development, private equity and real estate. In addition, we are one of the few firms that can offer services in areas such as compliance, tax, employment, and competition law — vital for companies doing business in Turkey.
Explore
In June, the most significant developments in the field of personal data protection were the Personal Data Protection Authority's ("Authority")...
Turkey Privacy
Photo of Can Sozer
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

In June, the most significant developments in the field of personal data protection were the Personal Data Protection Authority's ("Authority") publication of the Guideline on the Use of Cookies and the Draft Guideline on Loyalty Programs for public consultation.

We set out summaries of the developments in June in Turkey and around the world below.

Draft: Authority's Guideline on Loyalty Programs Opened For Public Consultation

On 16 June 2022, the Authority published the Draft Guideline on Processing of Personal Data in Loyalty Programs ("Draft Guideline") for public consultation. Stakeholders can convey their opinions to the Authority by 16 July 2022.

The Draft Guideline defines loyalty programs as:

programs that aim to increase the sales and profitability of the company while providing benefits to the customer through the implementation of all or some of the strategies, such as providing the customer with points/gifts/advantages within the framework of various criteria in return for shopping by processing the customer's personal data that will enable them to be specific or identifiable in terms of the business, monitoring the customer's shopping habits, and providing personalized product/service offers by analyzing the processed personal data.

The Draft Guideline exemplifies the personal data processed through loyalty programs, analyzes the legal grounds on which these data processing activities can be based and sets out the rules for fulfilling the notice requirement and the principles regarding the use of radio frequency identification technology (RFID) within the scope of marketing activities

The Draft Guideline is available here (in Turkish). You can also click here to read our legal alert for further details.

Guideline: The Guideline on Use of Cookies has been published

On 20 June 2022, the Authority published the Guideline on Use of Cookies ("Cookie Guideline").

With the Guideline, the Authority aims to bring forward recommendations to ensure compliance with cookie usage procedures followed by data controllers regarding the Personal Data Protection Law ("Law"). The Cookie Guideline sets forth cookie types, the relationship between the Electronic Communications Law No. 5809 and the Law, various cookie implementation cases, explicit consent and informing mechanisms and the analysis of the Authority's decision dated 27 February 2020 numbered 2020/173 from a cookie usage perspective, and further elaborates on cross-border data transfers through cookies. The Cookie Guideline also provides a checklist for the use of cookies in its attachment and provides examples of different uses of cookies.

The relevant decision is available here, whereas the Cookie Guideline is available here. You can also click here to read our legal alert on the Cookie Guideline.

Significant developments from around the world

  • EU: The Data Governance Act is published
    On 3 June 2022, the Data Governance Act (DGA) was published in the Official Journal of the European Union. The DGA entered into force on 23 June 2022 and will be applicable to companies 15 months later. The adopted text is available here. You can read our legal alert here for further details.
  • EU: EDPB adopted the guidelines on certification for cross-border data transfers
    On 16 June 2022, the European Data Protection Board (EDPB) announced on its website that it has adopted a guideline regarding the certification mechanism for cross-border data transfers. Although not yet published, the EDPB is expected to explain how this mechanism can be used in practice. Approved certification, a new transfer mechanism introduced by the GDPR, is a new tool enabling the transfer of personal data from EU to third-party countries in the absence of an adequacy agreement.
  • Thailand: Thailand's first piece of legislation about data protection entered into force
    On 1 June 2022, Thailand's new Personal Data Protection Act (PDPA) entered into force. The PDPA is modeled after the GDPR and it applies to both data controllers in Thailand and those abroad that process personal data for the provision of products/services in Thailand.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.

Authors
Photo of Can Sozer
Can Sozer
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More