Personal Data Protection Board of Türkiye (“Board”), in its public announcement dated January 20, 2026, regarding the data controller’s breach notification, stated that the duration for which the breach notification will remain visible on the Institution’s website shall be in accordance with the Decision dated December 25, 2025, numbered 2025/2451, pursuant to Article 12-f.5 of...

The Personal Data Protection Authority (“Authority”) has published a public announcement, stating that, as a result of the findings and assessments reached following examinations conducted within the scope of similar complaints submitted to the Authority regarding push notifications sent to users via mobile applications, there is a need to inform the public about the compliance...

Pursuant to Article 16(2) of the Law No. 6698 on the Turkish Personal Data Protection Law (“KVKK”), natural and legal persons who process personal data are required to register with the Data Controllers’ Registry Information System (“VERBİS”) prior to commencing data processing activities. However, the Personal Data Protection Board (“Board”) may introduce exemptions to this...

On January 7, 2026, Competition Authority (“CA”) has published the 2025 Mergers and Acquisitions Overview Report (“Report”). The merger and acquisition overview report, published regularly each year by the CA, provides a comprehensive assessment of the relevant year, including statistical data such as transaction values and the distribution of investors by country for mergers and...

With the Presidential Decree on the Amendment of the Presidential Decree on the Cybersecurity Presidency, published in the Official Gazette dated 25 December 2025 (“Presidential Decree No. 192”), substantial amendments have been introduced to the Presidential Decree on the Cybersecurity Presidency (“Presidential Decree No. 177”). Expansion of the scope of duties of the Cybersecurity Presidency...

Law No. 7566 on Amendments to Tax Laws and Certain Laws and Decrees with the Force of Law, introducing certain changes in tax and social security matters, entered into force upon its publication in the Official Gazette on December 19, 2025. This Legal Brief summarizes the provisions of Law No. 7566 that are of particular...

Provisional Article 67 of the Income Tax Law contains provisions regarding the taxation of income earned from the disposal or holding of securities and other capital market instruments, as well as deposit interest, repo income, and income earned from participation banks. The most fundamental feature of this regulation is that such income is taxed at...

The draft law amending Law No. 5651 on the Regulation of Publications on the Internet and Combating Crimes Committed Through Such Publications, which aims to reorganise the application and protection mechanisms available to individuals whose personal rights are violated through publications on the internet, was submitted to the Grand National Assembly of Türkiye on 27...

The Personal Data Protection Authority published the Guide on Generative Artificial Intelligence and the Protection of Personal Data (“Guide”) on November 24, 2025.  The Guide aims to assess the potential impacts of Generative Artificial Intelligence (“ÜYZ”) systems in the context of personal data protection, promote the development of ÜYZ systems, encourage an approach that respects...

Regulation on Amendments to the Private Health Insurance Regulation (“Regulation”) is published in the Official Gazette dated 20.10.2025 and numbered 33053. The Regulation will enter into force on 01.01.2026.  Pursuant to the Regulation prepared by the Insurance and Private Pension Regulation and Supervision Agency (“SEDDK”), amendments to the Private Health Insurance Regulation published in the...