Law: Law on Protection of Personal Data No. 6698 ('the Law')
Regulator: Personal Data Protection Authority ('KVKK')
Summary: The Law outlines a similar framework to the European Data Protection Directive (Directive 95/46/EC). Secondary legislation in Turkey, in the form of regulations and communications, has been evolving in line with the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). The Law establishes the KVKK and the Board as the supervisory authorities responsible for its enforcement. The KVKK serves a mostly administrative role, while the Board is the decision-making organ within the KVKK. The KVKK was established as an independent regulatory authority with institutional and financial autonomy and is responsible for ensuring personal data protection and raising awareness in this respect.