KVKK Compliance

KVKK Compliance

The KVKK aims to protect the fundamental rights and freedoms of people, particularly their privacy and the processing of their personal data.  It controls how particular information is used by organizations who maintain an office, branch or agency in Turkey, as well as all extraterritorial businesses who collect and process the data of Turkish citizens. This law is already in effect and fines for non-compliance will begin on 7 April 2018. 

Personal data is defined as any information related to a natural person or ‘Data Subject’, which can be used directly or indirectly to identify the person.  It can be anything from a name, a photograph, an email address, bank details to financial information or a computer IP address.

It’s crucial for business leaders to understand the KVKK and the implications for non-compliance. This will allow them to minimize risk to their data, business and avoid heavy fines and even imprisonment.  


    • Safe-T has been designed with compliance as a top priority. Safe-T’s solution prevents unauthorized access to data services, networks, or APIs; this prevents data exfiltration, leakage, malware, ransomware and fraud. Safe-T ensures your customers’ data is not compromised, thereby enabling enterprises to achieve KVKK compliance.


    • The directive of the KVKK is to ensure that companies collecting or processing personal data do not compromise that data. To achieve this, companies must follow strict Authentication, Access Control, Encryption, Integrity, and Audit standards.


    • Safe-T has controls in place to ensure that only authorized users will have access, it can encrypt information in transit and at rest using SSH and SSL protocols, has connectors to Anti-virus and DLP scanning solutions and provides event and action logging to achieve strict auditing compliance.