Abstract
Nowadays increasing and diversifying of personal
data processing activities increase the transparency expectations of individuals
and authorities. Rights given to data subjects and obligations foreseen for
data controllers are fundamental instruments of data protection area.
Information obligation acts as a backbone in order to ensure control over the
personal data of the data subject and to check the legality of the data
processing activity. In addition to this information obligation is a heavy
burden to small enterprises who have no data-driven business models and process
personal data only in daily life. In this study, material and formal elements
of information obligation and exceptions for data controllers’ information
obligation are examined in accordance with European law and Turkish law.