Turkey KVKK.
Turkey's KVKK (Kişisel Verilerin Korunması Kanunu) establishes data protection requirements modeled after the EU's previous Data Protection Directive, with registration requirements, explicit consent, and cross-border transfer restrictions.
Maximum penalty
TRY 1.8M + criminal penalties
Source: KVKK Law No. 6698
Key requirements
VERBIS registration (Data Controllers Registry)
Explicit consent for processing
Cross-border transfer restrictions (Board approval)
Data breach notification within 72 hours
+1 more requirements in the complete guide.
Get the full KVKK compliance guide →Enforcement examples
Multiple tech companies
KVKK Board imposing fines for cross-border transfer and consent violations
Various
2024
How Tessera automates KVKK compliance
VERBIS registration management
Consent management
Board approval tracking for transfers
72-hour breach notification
KVKK compliance checklist
Essential steps to achieve and maintain KVKK compliance.
Register with VERBIS
Obtain explicit consent
Seek Board approval for cross-border transfers
+2 more steps in the full checklist.
Get your complete KVKK compliance checklist - free →Industries affected
Calculate your KVKK exposure.
See exactly how KVKK penalties apply to your revenue and industry profile.