Turkiye: Adopted Guidelines for protecting privacy in mobile applications

On 22 December 2023, the Turkish Personal Data Protection Authority (KVKK) published the ‘Guidelines for protecting privacy in mobile applications’. The Guidelines provide advice on meeting the appropriate legal standards for personal data protection in mobile applications, aimed at data controllers. As such, they outline examples of relevant personal data, special categories, and set out who is legally considered as data controller and processor. Further, the Guidelines provide recommendations for personal data processors, including compliance with the general principles of data protection, ensuring transparency, data processing conditions, and data security. The Guidelines recommend incorporating Privacy by Design principles in the design of mobile applications and ensuring security throughout the applications. The Guidelines also recommend conducting security tests before the launch of mobile applications.