In the age of the Internet, no one’s personal data is safe in principle; we all need to face this fact. ‘We trust our data’data controllers‘, that is to say any person/institution/company (legal entity) that receives this data from us and is legally obliged to protect it, can be attacked at any timeIf attackers manage to bypass the security level of this setting by using an attack method, they will have access to some or all of our data.

Well, when the people/legal entities whose services we benefit from cannot protect our data, that is, our information when captured or our data by data controllers when abused what should we do? In fact, the answer to this question is quite limited under the current circumstances. However, to shed light on the answer to this question that people have been struggling with lately, Dutch Data Protection Authority And Law for the protection of personal information We have clarified the matter as much as possible by obtaining resources.

First of all, let us remind you of some obligations of data controllers:

We cannot obtain precise information about when our data is transferred. In this respect, the controllers may also be at the same point as us. However, in accordance with Article 12, paragraph 5, of the Personal Data Protection Act, the controller is not responsible for this situation if the data is obtained illegally by others. It is mandatory to inform the persons concerned and the Board as soon as possible.. ‘As soon as possible’, in accordance with decision no. 2019/10 of KVKK Defined as 72 hours.

In addition, the controller must ensure that persons affected by the data breach are informed of the situation, directly if they are reachable, or via their own website if they are not reachable. is obliged to give appropriate notice.

However, as the owner of the data, we can request information about the situation without waiting for the explanation of the controller, and if we find the answer inadequate, we can file a complaint directly with the Dutch Data Protection Authority. How does it work?

According to Article 11 of the Personal Data Protection Act, every individual, by contacting the data controller and

• Learn whether or not personal data is being processed,
• Requesting information if personal data has been processed,
• Learn what the purpose of processing personal data is and whether it is used for the intended purpose,
• Knowing the third parties to whom personal data is transferred at home or abroad,
• Requesting correction of personal data if it is incomplete or incorrectly processed,
• Requests for deletion or destruction of personal data,
• Requesting notification to third parties to whom personal data has been transferred,
• Object to the occurrence of a result unfavourable to the individual by analysing the processed data solely by automated systems,
• In the event of damage resulting from unlawful processing of personal data, the damage will be compensated. have the right to request.

As data owner, we have the right to send requests regarding the implementation of the KVKK in writing to the controllers. Data controllers also make this request within 30 days at the latest is obliged to complete this free of charge (If the process involves costs, the data controller may charge a fee to the data owner.) If the controller accepts/rejects the request, it will inform the data owner thereof in writing or electronically.

If your application is denied, you feel the response is insufficient, or your application is not responded to within 30 days, You can file a complaint with the Dutch Data Protection Authority within 60 days of the date of your application.. But there is something to remember:

• IMPORTANT: In accordance with Article 13(1) and Article 14(2) of the Act, you must submit an application to the controller before submitting an application to the Authority. In other words, you do not have the right to lodge a complaint directly with the Authority before trying to reach the data owner. Complaints submitted to the controller 60 days after registration will not be assessed by the Authority. After your application to the controller, you must wait 30 days for a response. However, if you do not receive a response or if you find the response insufficient for the above reasons, you can file a complaint.

In this context, we as data owners are legally required to first submit a request to the data controller and then to KVKK. However, we will soon use a method where this is not mandatory: Take the case to court. Let us now explain how you can file a complaint after you have filed a complaint with the data controller, provided that the necessary conditions are met.

I asked the controller if my data had been compromised, or I told them that it had been compromised and provided evidence. However, I did not find the answer I received sufficient/did not receive an answer. How can I file a complaint with the Dutch Data Protection Authority?

After reaching the controller, you can contact the Dutch Data Protection Authority for the reasons stated above and if you do not receive a response. You can file a complaintTo file a complaint, follow these steps:

• KVKK’s’Complaints module‘ page to this link reach by clicking.
• ‘Click to loginPress the option ‘and log in to the platform with e-Government. If you are logging in for the first time, follow the next step Complete your profile.

• ‘Attorney, parent/guardian applications are not received electronically..’ taking into account the warningGet onClick ‘. If you are the people mentioned in the warning, Log out of the platform.

• Click on the ‘Complaints’ page in the left menu and on the page that opens click on ‘Create new complaintPress ‘.
• ‘Have you submitted an application within the scope of the law to the controller regarding your request?‘ Answer the question. (As we said, if you haven’t signed up before, you can do so now.) The complaint is considered invalid..)

• Check the boxes in the form that opens after you respond. fill in the requested information.
• The fields marked with are mandatory.After you have completed the required fields for your complaint, click on ‘To rescuePress ‘. Then by checking the information on the opened page, click ‘Confirm and send

Click ‘.If you receive new information after your complaint that you need to pass on, you will find this information on the complaints page.Add details/document

You can add it by clicking on ‘. The Dutch Data Protection Council will do this if you file a complaint or if it becomes aware of an alleged data breach. To investigate whether the processing is in accordance with the law

and is responsible for taking interim measures in this regard when necessary.

kvk judiciary We, as data owners, We have the right to bring the matter before the court without submitting a request to the controller.

In other words, you can take any breach of your data directly to court, without having to contact the data controller first. Finally, as a data owner, you can file a lawsuit to recover damages suffered in the event of a data breach.You can claim compensation

.

• You can never completely prevent your data from being compromised/misused. However, there are precautions you can take to make this situation more difficult or minimize the damage:
• Never open emails that you do not recognize, that look suspicious, or that appear suspicious.
• Make sure your devices are running the latest version.
• Create and use complex strong passwords with upper and lower case letters, numbers and special characters.
• Use two-factor authentication on every possible platform.
• Research the addresses of the websites you visit and stay away from suspicious addresses.
• If the website address does not begin with “https://” in the address bar, avoid providing your information to these websites.

When downloading files, be alert for suspicious downloads. If you do not want your data to be intercepted in any way,you are not allowed to use the internet