UniConsent

KVKK Turkey Personal Data Protection Law

KVKK.

FeaturesGet Started

What is KVKK?

KVKK stands for General Data Protection Regulation in Turkey, gives consumers more control over the personal information. Along with other privacy laws, defines the new rules for website tracking and tracking cookies in large scale.

KVKK Summary

Turkey’s Personal Data Protection Law Kişisel Verileri Koruma Kanunu (KVKK) came into force on 7 April 2016.

Explicit consent has been defined as consent that relates to a specified issue, declared by free will and based on information. Explicit consent is required to process personal data.

KVKK Regulator

The Turkish Data Protection Authority (TDPA) was established as a financially and administratively independent supervisory authority in early 2017.

KVKK Requirements for Personal Data Processing

Personal data can be processed in case:

  • The data subject has given his explicit consent
  • It is explicitly provided for by the laws,
  • It is mandatory for the protection of life or to prevent the physical injury of a person, in cases where that person cannot express consent or whose consent is legally invalid due to physical disability,
  • Processing of personal data belonging to the parties of a contract is necessary provided that it is directly related to the conclusion or fulfilment of that contract.
  • It is mandatory for the controller to fulfil its legal obligations.
  • The data is made manifestly public by the data subject.
  • Data processing is mandatory for the establishment, exercise or protection of any right.
  • It is mandatory for the legitimate interests of the controller, provided that such processing shall not violate the fundamental rights and freedoms of the data subjects

KVKK penalties

In case of illegal processing of personal data: 1 up to 3 years sentence to prison, the penalty for sensitive data is increased.

In case of providing or obtaining data illegally: 2 up to 4 years sentence to prison.

In case of non-purging of personal data within the period specified by law: 1 up to 2 years sentence to prison.

KVKK fines cases

KVKK fines Amazon TRY 1,200,000 for consent violations because Amazon’s failures to obtain explicit consent from users for the sending of commercial messages for advertising, campaigns, or promotional purposes as required by Law No. 6563 of 2014 on the Regulation of Electronic Commerce.

KVKK fines bank TRY 210,000 for illegally processing personal data to gain potential customers. The creation of a bank account without the knowledge or consent of an individual using information gained by the bank via a third party.

Comply With Global Privacy Regulations

General Data Protection Regulation (GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the European Union. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

California Consumer Privacy Act (CCPA)

Navigate the intricate landscape of the California Consumer Privacy Act (CCPA) effortlessly. Our CCPA compliance tools ensure that you adhere to the rigorous data protection standards required for California residents.

U.S. State Privacy Laws

Stay ahead of evolving privacy regulations in the United States. Our platform supports a range of state-specific laws, including CCPA, CPRA, CPA, VCDPA, UCPA, and COPPA, ensuring you remain compliant across all jurisdictions.

California Privacy Rights Act (CPRA)

Embrace the future of data privacy with the California Privacy Rights Act (CPRA). As a pioneering state-level legislation, CPRA empowers businesses to enhance their data protection practices and prioritize consumer privacy.

Colorado Privacy Act (CPA)

Prepare for the Colorado Privacy Act (CPA) with UniConsent CMP. Our solutions help you meet the stringent requirements of this forward-thinking state-level privacy law, ensuring the highest level of data security and compliance.

Virginia Consumer Data Protection Act (VCDPA)

Comply confidently with the Virginia Consumer Data Protection Act (VCDPA). UniConsent CMP provides the tools and expertise to ensure your organization aligns with VCDPA's robust data privacy framework, bolstering trust among Virginia residents.

Utah Consumer Privacy Act (UCPA)

Protect user data effectively with the Utah Consumer Privacy Act (UCPA). UniConsent CMP offers solutions that facilitate compliance with this emerging privacy law, ensuring your business is well-prepared for data privacy challenges in Utah.

Connecticut Data Protection Act (CTDPA)

Guard user information and uphold their privacy rights under the Connecticut Data Protection Act (CTDPA). UniConsent CMP's suite of compliance tools empowers you to navigate this state-level law seamlessly and responsibly.

Children’s Online Privacy Protection Act (COPPA)

Prioritize children's privacy with UniConsent CMP's COPPA compliance solutions. Complying with the Children’s Online Privacy Protection Act (COPPA) is simplified, allowing you to provide a safe online environment for young users.

General Data Protection in Thailand (PDPA)

Adhere to the Personal Data Protection Act 2019 (PDPA) in Thailand with UniConsent CMP. Our expertise in PDPA compliance ensures that your organization can operate confidently and securely in the Thai market while respecting user data privacy.

The General Data Protection Law in Brazil (LGPD)

UniConsent CMP facilitates compliance with Brazil's General Data Protection Law (LGPD). Our solutions empower businesses to meet LGPD's stringent requirements, safeguarding the personal data of individuals in Brazil.

China Personal Information Protection Law (PIPL)

Prepare for the China Personal Information Protection Law (PIPL) with UniConsent CMP. As data protection regulations evolve in China, our platform ensures your organization is well-equipped to handle personal information responsibly and securely.

Protection of Personal Information Act in South Africa (POPIA)

The Summary of Protection of Personal Information Act, POPI Act, POPIA, South African Privacy Law.

India’s Personal Data Protection (PDP)

The Personal Data Protection bill for India could require changes to your data management and is not directly solved with GDPR compliance.

Turkey Personal Data Protection Law (KVKK)

The Summary of Turkey’s Personal Data Protection Law: KVKK.

UK General Data Protection Regulation (UK GDPR)

Achieve seamless compliance with the General Data Protection Regulation (GDPR) – the cornerstone of data privacy in the UK. Safeguard user data and build trust with our comprehensive GDPR compliance solutions.

IAB registered consent manager for GDPRIAB TCF V2 registered consent manager for GDPRIAB TCF Canada registered consent managerGoogle-certified CMP
Trusted by 5000+ of global publishers and marketers
  • sej
  • football365
  • sharethrough
  • districtm
  • pf1
  • tower cast

Get started to make your website and application compliant for EU GDPR, US CPRA, CA PIPEDA etc

Sign up