The European Union General Data Protection Regulation (GDPR), one of the most comprehensive legal frameworks on data protection, is a strong game changer for organizations not just within the EU, but all over the world. Meritlex, with CIPP/E certified expert attorney and counsels, offers high quality consulting services on compliance to GDPR and Turkish Personal Data Protection Law numbered 6698, related Directives and secondary regulation. In this scope, Meritlex covers the entire spectrum of data protection work, including but not limited to; the material and territorial scope of GDPR, principles and lawfulness of processing, privacy notices, consent, special categories of data, rights of data subjects (right of access, right to be forgotten etc.), requirements for controller and processors, local and international data transfers, data breach notifications, and more specifically rules on cookies, search engines, cloud services, social networking services,  online behavioral advertising and data protection in employment relationships.

Meritlex provides practical and integrated legal advice for clients' data protection compliance owing to its attorneys’ and counsellors’ international and multidisciplinary perspectives. In this regard, Meritlex has provided legal advice on data protection laws of Turkey, the EU and UK to clients, including one of the biggest multinational e-commerce platforms, and on cross-cutting issues involving banking and data protection to one of the leading global cybersecurity companies.

Meritlex also represents clients in preliminary investigations conducted by Data Protection Supervisory Authorities, litigation and alternative dispute resolution processes due to infringements of Data Protection Law. Meritlex provides legal services on applications to data controllers and Supervisory Authorities and also pursues compensation for victimized data subjects.