REGISTRATION DEADLINE TO DATA CONTROLLERS REGISTRY HAS BEEN EXTENDED
Registration obligation (“Obligation”) to Data Controllers Registry (“Registry”, in Turkish, “VERBIS”) has been issued as a legal obligation for both natural and legal person data controllers as per Article 16 of the Turkish Personal Data Protection Code numbered 6698.
As noted in our previous Newsletter dated December 2019, the registration deadline had already been extended to 30 June 2020 by the Personal Data Protection Authority (“Authority”).
Lastly, the deadline of this obligation has been extended by the Authority once again with the decision numbered 2020/482 dated 23 June 2020 due to the COVID-19 outbreak.
Accordingly, the new deadlines are as follows:
| Data Controllers | Previous Deadline | New Deadline |
| Data controllers whose number of employees exceeds 50 or whose annual balance sheet total (total assets on the balance sheet) exceeds TRY 25 million | 30.06.2020 | 30.09.2020 |
| Data Controllers residing abroad | 30.06.2020 | 30.09.2020 |
| Data controllers whose number of employees lower than 50 or whose annual balance sheet total (total assets on the balance sheet) is lower than TRY 25 million | 30.09.2020 | 31.03.2021 |
| State Institutions and Organizations | 31.12.2020 | 31.03.2021 |
As it can be clearly seen from these charts, data controllers who have not yet completed the necessary steps of registration to the Registry shall have an additional extension period to ensure the compliance and fullfill this obligation.
Our Law Firm remains at your disposal for any further clarifications you may need.