Compare with different regulatory event:
On 24 March 2016, the Personal Data Protection Act, including data protection measures, was adopted by the Grand National Assembly of Turkiye. In particular, the Act would require entities to collect and process data based on legitimate purposes and obtain user consent for collecting personal data. Furthermore, the Act outlines restrictions in regard to the collection and processing of sensitive personal data, such as race, ethnic origin, political opinion, religion or health. Finally, the entities would be required to delete or anonymise it after the purpose for storage expired or they receive a request from the data subject. The Act comes into force 6 months after its publication in the official Gazette.
Original source