Article 22
Duties and powers of the Board
(1) Duties and powers of the Board are as follows:
- a) to ensure that the personal data are processed in compliance with fundamental rights and freedoms.
- b) to conclude the complaints of those who claim that their rights with regard to personal data protection have been violated.
- c) to examine whether the personal data are processed in compliance with the laws, upon complaint, or ex officio where it learns about the alleged violation, and to take temporary measures, if necessary.
- ç) to determine the adequate measures which are necessary for the processing of special categories of personal data.
- d) to ensure that Data Controllers’ Registry is maintained.
- e) to carry out regulatory acts on the matters concerning the Board’s field of duty and operation of the Authority.
- f) to carry out regulatory act to determine obligations related to data security
- g) to carry out regulatory acts on the matters concerning duties, powers and responsibilities of the data controller and of its representative.
- ğ) to decide on the imposition of administrative sanctions provided for in this Law.
- h) to deliver its opinion about draft legislation prepared by other institutions or organizations that contain provisions on personal data.
- ı) to conclude the Strategic Plan of the Authority; to determine the purpose, objectives, service quality standards and performance criteria of the Authority.
- i) to discuss and decide on Strategic Plan and the budget proposal of the Authority which are prepared in compliance with its purposes and objectives.
- j) to approve and publish the draft reports on the performance, financial situation, annual activities and other matters related with the Authority.
- k) to discuss and decide on the recommendations as regards the purchase, sale and lease of immovable properties.
- l) to carry out other tasks provided for by laws.