Article 22 - Duties and powers of the Board

(1) Duties and powers of the Board are as follows:

• a) to ensure that the personal data are processed in compliance with fundamental rights and freedoms.
• b) to conclude the complaints of those claiming that their rights with regard to personal data protection have been violated.
• c) to examine whether the personal data are processed in compliance with the laws, upon complaint, or ex officio where it learnt about the alleged violation, and to take temporary measures, if necessary.
• ç) to determine the adequate measures which are necessary for the processing of the data of special nature.
• d) to ensure that Registry of Controllers is maintained.
• e) to draft regulatory acts on the matters concerning the Board’s field of duty and operation of the Authority.
• f) to draft regulatory acts in order to lay out the liabilities concerning data security.
• g) to draft regulatory acts on the matters concerning duties, powers and responsibilities of the Controller and of his representative.
• ğ) to decide on the administrative sanctions provided for in this Law.
• h) to deliver its opinion about the legislation drafted by other institutions or organizations that contain provisions on personal data.
• ı) to conclude the Strategic Plan of the Authority; to determine the purpose, targets, service quality standards and performance criteria of the Authority.
• i) to discuss and decide on Strategic Plan and the budget proposal of the Authority which are prepared in compliance with its purposes and targets.
• j) to approve and publish the draft reports on the performance, financial situation, annual activities and other matters related with the Authority.
• k) to discuss and decide on the recommendations as regards the purchase, sale and lease of immovable properties.
• l) to carry out other tasks provided for by laws.