On 27 May 2024, the Personal Data Protection Board (PDPB) closes the public consultation on the Draft Binding Corporate Rules Application Form for Data Processors. The binding corporate rules were issued following the release of the regulation implementing Article 9 of the Personal Data Protection Law No. 6698, amended by Law No. 7499, which specifies the mechanisms data processors can use to transfer data to other jurisdictions. The draft outlines the information that has to be included and submitted to the PDPB for approval. Furthermore, the draft specifies that the approval of binding corporate rules by PDPB does not guarantee that each data transfer abroad complies with all requirements of Article 9 of Law No. 6698. Group Members must ensure compliance with all obligations under the Law and binding corporate rules for each transfer. The draft specifies that if the Group's headquarters is located in Turkey, the form should be filled out and submitted by this organisation or another organisation based in Turkey to whom the responsibilities for the protection of personal data have been delegated under specific conditions. If the headquarters are outside of Turkey, a Turkish-based Group entity designated as the authorised group member must submit the application.
Original source