The Regulation on the Consumer Arbitration Committees (“Regulation”) has been published in the Official Gazette dated 21/09/2022 and numbered 31960. The Regulation regulates the procedures and principles regarding the establishment and functioning of consumer arbitration committees and covers the activities and processes of consumer arbitration committees within this scope. With the Regulation, the Regulation on...

The decision of the Personal Data Protection Board (“Board”) dated 17.03.2022 and numbered 2022/243 (“Decision”) regarding processing of personal data by sending the invoice to the data subject, upon the use of the e-mail address of the data subject by a person with the same name when placing an order on the internet, has been...

The decision of the Personal Data Protection Board (“Board”) dated 02.11.2021 and numbered 2021/1104, regarding the allegation that the unlawful processing of personal data by a bank through sending SMS to the mobile phone number of the data subject (“Decision”) has been published. In the complaint submitted to the Personal Data Protection Authority (“Authority”), the data...

The Regulation Amending the Regulation on Distance Contracts (“Regulation”) has been published in the Official Gazette dated 23/08/2022 and numbered 31932. With the Regulation: The term, intermediary service provider was added to the Distance Contracts Regulation, and the definitions of intermediary service provider and platform were included to the Regulation. A provision has been added...

The Draft Guideline on Processing Genetic Data (“Draft Guideline”) has been published on the official website of the Personal Data Protection Authority (“Authority”) on 24.08.2022. Opinions and evaluations regarding the Draft Guideline can be submitted to the Authority in writing and/or by e-mail to the e-mail address of genetikveri@kvkk.gov.tr ​​until 24.09.2022. The concept of genetic...

The Guideline Regarding Good Practices on Protection of Personal Data in the Banking Sector (“Guideline”) has been published on 05.08.2022 by the Personal Data Protection Authority (“Authority”). The purpose of the Guideline is to guide the data controller banks to carry out their personal data processing activities in accordance with the Personal Data Protection Law...

The decision of the Personal Data Protection Board (“Board”) dated 10.02.2022 and numbered 2022/103 (“Decision”) regarding the allegation of sharing the content of the enforcement proceedings file regarding a company in which the name of the data subject is mentioned in the company title, has been published. Within the scope of the complaint subject to...

The Law Amending the Law on the Regulation of Electronic Commerce (“Law”) has been published in the Official Gazette dated 07.07.2022 and numbered 31889. With the Law, articles and definitions of the Law on the Regulation of Electronic Commerce numbered 6563 (“Law No. 6563”) have been amended and new obligations have been introduced for intermediary service...

The Regulation Amending the Regulation on Fines for Anti-Competitive Agreements, Concerted Practices, Decisions and Abuse of Dominant Position (‘’Regulation’’) has been published in the Official Gazette dated 15.06.2022 and numbered 31867. With the Regulation, the definition of gross annual income in Regulation on Fines for Anti-Competitive Agreements, Concerted Practices, Decisions and Abuse of Dominant Positions’...

Personal Data Protection Board (“Board”) has published the Board Decision (“Decision”), dated 09.12.2021 and numbered 2021/1239, regarding the allegation that the personal data of the data subject is disclosed by the data controller bank by calling the data subject’s family. The following allegations were submitted to the Board in the complaint subjected to the Decision:...