Can Data Compliance Processes Be Managed with Non-Automatic Methods?

Personal data refers to all kinds of information about a natural person whose identity is specific or identifiable. In the Personal Data Protection Law, “processing of personal data” defined as any operation which is performed on personal data, wholly or partially by automated means or non-automated means which provided that form part of a data filing system, such as collection, recording, storage, protection, alteration, adaptation, disclosure, transfer, retrieval, making available for collection, categorization, preventing the use of personal data provided that they are part of any data recording system. 

As it is known, with the entry into force of the Law, many public institutions and organizations, legal entities and individuals have been faced with a number of obligations. One of these obligations is that data controllers who meet the necessary conditions are registered in the Data Controllers Registry (“VERBIS”). In accordance with paragraph (ç) of paragraph 1 of Article 5 of the Regulation on the Data Controllers Registry, data controllers who are obliged to register with the Data Controllers Registry are obliged to prepare a Personal Data Processing Inventory.

The first step in the process of compliance with the Law should be to prepare an inventory. With this inventory, all the information that will be necessary during the compliance phase with the Law, especially what the personal data processed within the data controller are, who's personal data are processed, how long they are stored in which environments, who they are transferred to domestically or abroad, what are the administrative and technical measures taken to protect personal data, are revealed in detail.

Within this scope, the inventory should analyze the structure of the data controller in accordance with reality and should be prepared with attention to detail. When data controllers prepare their inventories on the “excel” document, they have difficulty executing the process and lose time. In this context, inventories should be prepared by automatic methods within software prepared from a professional point of view that is suitable for the technological age. The data controller will be able to make the process more practical, reliable and up-to-date through automatic software, as well as be able to respond more easily to questions received during a possible audit by the Board and feel safe.  

To prepare an inventory in accordance with the regulations in the Law and to carry out the compliance process with the Law in an easier, faster, safer way and to explore the DCP Trust platform; you can contact us via [email protected] güvenli bir şekilde yürütmek ve DCP Trust platformunu keşfetmek için [email protected] adresinden bize ulaşabilirsiniz.

We use cookies so that you can make the most of our services. For detailed information, you can review the DCP Trust Privacy Policy and Cookie Policy .