Open menu

Different Options Regarding
Compensation and Benefits in Turkey

Salary, which is the main benefit of working, may consist of various elements.
According to local legislation in Turkey, bringing these elements together in a
conscious way can make a difference in terms of both cost and motivation.

Salary and Similar Payments

According to the Article 32 of the Labor Law, the general definition of the salary is: "The cash or non-cash benefits provided by the employer or third parties and paid with money in return for the work." Here, the "work" refers to an action performed by physical and mental human activity and its return is salary. Although the definition in the law is like above, salary refers to the sum of the cash and non-cash benefits that can be measured with the money and money paid to a person in return for the work performed in accordance with the instructions of the employer and in a certain period of time.

On the other hand, in accordance with the Article 61 of the Income Tax Law; it is stated as follows: "Salaries are money and goods given in compensation for services to those who work subject to an employer and in association with a specific place of business, as well as benefits derived which are capable of representation in terms of money. The nature of salary is not changed by the fact that it is paid under such titles as subsidy, compensation, cash compensation (compensation for cashier's responsibility), allocation, raise, fees, per diem, premium, bonus, expense compensation, etc., or by the fact that the earnings are established in the form of a particular percentage (provided they are not in the nature of a partnership)."

The significant point in the Turkish law the fact that whether the salary is paid in cash or non-cash/in-kind is an earning that must be taxed with certain exemptions.

Minimum Wage: It is the name given to the salary paid to employees for a regular working day to meet their essential needs at the minimum level at current prices in a sufficient way, which can be counted as housing, food, clothing, health, transportation, and culture.

Bonus, Additional Payments, and Similar Payments

Bonus: It is a payment added on top of the salary as incentives in cases where the work is done by the employee in a certain period is deemed successful according to various criteria. In order to talk about bonus, these criteria must be measured and evaluated. Bonus payment can be diversified through the employee's performance, per piece as a percentage of the work and according to other certain criteria. Agreement on bonus payment must necessarily be included in the employment contract or in its annexes. Bonus in Turkey is considered as salary, and subject to the taxes by adding it on top of the base salary. Although there are various exceptions, the SSI premium should also be calculated.

Additional Payment: As it is understood from description of salary above, all payments that provide an earning to the employer are considered as a salary, albeit under different names. For example, making one additional salary payment to employees per year or an additional payment based on the turnover made by a sales manager and a calculation made in proportion to the company's total annual income, does not change its nature of being a salary. Therefore, it is added on top of the base salary and subject to tax. Likewise, SSI premium should be calculated over these payments.

Private Insurances

The concept of insurance, which can be defined as the elimination of risks that are likely to occur in the future and the damage of which are is impossible to predict, is subject to a differentiation between mandatory and private in terms of an employment relationship between the employer and the employee. Mandatory insurance appears as a system that meets the essential needs of an employee to benefit from health services provided by the state for the continuity of income during the retirement period and in case of interruption of the salary due to occupational or social risks. In Turkey, pension payment to be made and health care to be provided to employees are predetermined according to what circumstances and quantities to be made, and long and short-term insurance premiums are collected under these conditions. The social security system, which is regulated by the Social Insurance and General Health Insurance Law No. 5510 is presented without the consideration of the one-to-one benefit/cost balance different than the private insurances as a condition of the social state.

In practice, private insurances appear mostly as health insurance and private pension insurance. In addition, life insurance and personal accident insurance applications are sometimes included in the benefit packages of the organizations.

Private Health Insurances: In order to cover the various health risks of an employee, employer or employee may take out private health insurance. There are many regulations regarding the taxation of private health insurance premiums in Turkey. Private health insurance is one of the benefits commonly preferred by employees to benefit from health services and hospitals that are not covered by the mandatory insurance.

Private Pension System (BES): Private pension system, which basically aims to increase personal savings, is divided into two groups. While the first one can be the benefits provided by employees for themselves and/or by employers on behalf of the employee, the second one is the mandatory private pension system (automatic enrollment), which has been introduced by the Law No. 6740 on Amending the Law on Individual Pension Saving and Investment System that entered into force as of 1st January 2017. The system, also called automatic or mandatory private pension (Otomatik BES in Turkish), is a state-subsidized saving system that aims to ensure that employees maintain their living standards both during their active service term and retirement. Failure of the employer to fulfill its obligations in full and on time within this framework will result in administrative fines. Employees can exit the system by using their right of withdrawal within 2 months following the payment of their first contribution.

BES contribution is an amount that corresponds to 3% of the employees' earnings subject to social security premium and is paid monthly. Employees can contribute higher than this rate in line with their demands. The state subsidy is 25% of the contribution amount and the total of the state subsidy can be maximum 25% of the gross minimum wage for a (calendar) year.

Car Allowance

Cars allocated to employees and used for business purposes in Turkey should be handled in two separate categories.

  1. Allocation of a car owned by or rented for the company, to the employee: In this case, a car registered in company's assets, or leased and billed monthly by the company, and, that is allocated to the employee by issuing an asset delivery form. In this process, if the car is allocated as a requirement of the work, there is no element related to the total earnings of the employee. Therefore, there will be no process affecting the payroll, income tax and insurance premium. When allocating the company car to the employee, one of the main points to be considered is tracking the private/personal use of the car within the scope of occupational health and safety. In addition, there are different opinions regarding to the private use. In case the employee uses the company car for personal purposes, the requirement to include fuel costs and depreciation amounts into the payroll by grossing up with the income tax bracket along with the value added tax for the relevant kilometer always comes as a matter of discussion. On the other hand, the use of the company car by the employee for personal purposes without a permission although it is clearly stated in the company procedures, provides the employer with the right to terminate the employment with a valid reason. The relevant decision of the Supreme Court is as follows: "In the second paragraph of the Article 25 of the Labor Law No. 4857, the situations like immoral, dishonorable or malicious conduct or other similar behaviors are listed and the employer has the right to terminate the employment contract in the presence of the specified situations. In addition, it is stated in the sub-paragraph of the mentioned paragraph (e) that, if the employee commits a dishonest act against the employer, such as a breach of trust, theft or disclosure of the employer's trade secrets, the employer has the right to terminate the employment contract in the presence of the specified situations. As it is seen, the cases in the Law are not limited in number, and in general, the words and behaviors that contradict the duty of loyalty, give the employer the right to terminate.
  2. Employee's use of his/her own car: In some situations, employers occasionally pay employees to rent a car rather than allocating cars for them. In this case since the expenses of this car will not be deemed as company expenses; both the cost paid for this car and the fuel cost should be considered as regular benefit to the employee and grossed up on the payroll. In other words, expenses of cars, which are not registered in the company's assets or not leased on behalf of the company, cannot be considered in determining the net profit and these payments are considered as salary. If the employee rents out his/her car to the company with a rental agreement, fuel and other expenses can be considered as expenses in determining the net profit along with the rental car. In this case, it does not need to be considered as salary. In case of renting a personal car, it should be noted that withholding tax should be calculated over the rental payments and reverse charge Value-Added Tax should be paid. Furthermore, the maintenance and insurance costs of the car will need to be covered in proportion to the work-related use in the rental of the employee's own car.

Meal Allowance

Within the scope of the Labor Law, it is not a legal obligation for the employer to pay for meal allowance; yet, if payment is to be made, this matter shall be specified in the employment contract. According to the Article 23 of the Income Tax Law No. 193 as amended with the Article 16 of the Law No. 4108, the benefits occurring from providing meal to the employee by the employer will be exempted from income tax. In this article, with the provision given in brackets, it is exempted from income tax within certain limits if it is done through a catering company (which is a taxpayer in Turkey) who provides food service to the employee (this amount varies every year) and the amount staying above this exception limit is taxable. Also, this exempted amount is not subject to social security employee and employer premiums. If the employer pays the allowance to the employee in cash, except through a catering company, or by providing the meal in the workplace, the meal allowance is taxable. In-cash meal allowance is subject to social security employee and employer premiums with certain exemptions.

Transportation Allowance

Within the scope of the Labor Law, it is not mandatory for the employer to provide transportation allowance to the employee. This allowance should be agreed between the employer and employee and specified in the employment contract or procedures. In practice, it is seen that transportation allowance is applied in different ways. One of these methods is the provision of shuttle service by the employer. Another method is to provide it in the form of public transportation card, ticket or payment means to be used for this purpose. In case of providing transportation allowance in this way, tax is exempted in the amount of up to a daily transportation cost per working days, which is determined by the ministry every year. In case it exceeds the exemption amount, the exceeded amount should be processed as salary/additional benefit and income tax should be calculated over that. For example, if the employee is provided with "Istanbul Kart" (the public transportation card provided by Istanbul Metropolitan Municipality and can be used throughout Istanbul), the amount to be obtained by multiplying the daily number of exemptions announced by the ministry for the days worked will be exempted from income tax. It is also a common practice to pay transportation allowance to the employee in-cash. In this case, it should be included in the tax calculation without any tax exemptions. Transportation allowance payment in-cash is also subject to social security employee and employer premiums.

Bonus and Reward Payments, Benefits In-Kind, Supply and Food Benefit

By company policy, various additional benefits can be provided to reward the employee for his/her high performance, overachievement in a project or duty or for completing a certain work period. While these benefits can sometimes come as a rise in the salary, they can also come as in cash or in-kind benefits.

In accordance with the Article 80/b of the Law No. 5510;

  • Benefits in kind and funeral, birth and marriage benefits, duty travel allowances, mobile duty compensation,
  • Severance pay, dismissal pay or collective payment in the form of severance pay,
  • Investigation fees (for legal issues), retirement bonus, pay in lieu of notice or cash compensation, and food, child and family increments of which amount will be determined by the Ministry in years,
  • Private health insurance premiums and personal retirement contribution fees, not exceeding 30% of the monthly total minimum wage, paid by the employers to private health insurances and personal retirement system for insurance holders shall not be included in the earnings subject to premium.

All payments other than these exceptions, regardless of the name under which they are made, are subject to premium. To sum up, apart from the exceptional cases, all cash payments are subject to SSI premium, while in-kind payments are not. Although in-kind benefits such as fuel, supplies and furniture are subject to income tax, they are not subject to SSI premium.

If a reward is given to the employee in gold, it should be considered as a cash payment and both income tax and social security premium should be calculated on it. Therefore, it is important to consider the commentary that the delivery of valuable gifts (watch, gift card etc.) to the employee that can be converted into cash can be subject to social security premium, even if they are given as in-kind benefit. Since the main point in gifts is the sentimental value, the higher will be the material value, the stronger will become the comment that they will be subject to income tax. The reward should never be more than of a sentimental value.

For example, if an employee is to be rewarded with a tablet computer due to his/her superior performance, the entire amount paid for this device must be grossed up on the employee's payroll (including Value Added Tax). In other words, the income tax of this reward must be paid. However, since this is not a benefit in-cash, social security premium will not be calculated. The fact that these payments can be performed as net (without grossing up) in various countries, raises different questions. Apart from exceptional circumstances, practices in Turkey do not allow gifts to be added on top of the payroll without grossing them up.

Leave Types

Annual Leave

The entitlement of annual leave is regulated by the Labor Law No. 4857. The conditions, durations and right of leave are specified in detail in the Law.

One of the fundamental rights of the employee is the right to have rest and vacation from the work. These rights are regulated by the law with rest breaks, annual leave, weekends, and other similar provisions. These rights are untransferable and inalienable. In other words, it is a legal requirement to use annual leave.

The employee is entitled to annual leave (including probationary period) one year after the employment. In practice, it is common that, employees, who have not yet completed their first year, are also given annual leave to be deducted from their entitlement in the form of advance leave.

The annual leave periods according to service term (seniority) are as follows.

Duration of Service Term in the Company Duration of Leave
1-5 Years (5th year is included) 14 Workdays
5-15 Years (15th year is not included) 20 Workdays
15 Years and more 26 Workdays

The statement "5th year is included" should be considered in the calculation in the following way: For example, an employee with a service term of 5 years and one day will be entitled to 14 workdays, while an employee with a service term of 6 years and a day will be entitled to 20 workdays.

The paid annual leave should not be less than 20 days for employees under the age of eighteen and over fifty. The duration of paid annual leave can be increased by employment contracts and collective labor agreements.

Annual leave cannot be paid as a salary, but if the employment contract of the employee is terminated, the unused leaves will be added on top of the payment.

Unpaid Leave and Other Leave Types

Unpaid leave rules of the employees are regulated by the Labor Law under certain criteria. There are no specific provisions set forth in the Labor Law regarding employees' use of unpaid leaves due to any needs.

It is regulated by the law that employees who will spend their annual leave far from the workplace can be given unpaid leave for travel of up to four days. On the other hand, after the legal maternity leave, it is required to give unpaid leave of up to six months upon the request of the employee. Other leaves given by the employer are specified in the Article 55 of the Labor Law.

You can find the leave types effective in Turkey sorted out in the following table.

01 (PAID) ANNUAL LEAVE From the day they start working at the workplace, employees who complete their one-year working period, including the probationary period, are entitled to paid annual leave. Employees gain annual leave rights when their employment term within the company reaches one full year.

Annual leave entitlements based on the employment term:
a. 1-5 years of employment; minimum 14 days of paid leave/annually.
b. 5-15 years of employment; minimum 20 days of paid leave/annually.
c. 15+ years of employment; minimum 26 days of paid leave/annually.

*Employees aged 18 years or younger and those who aged 50 or over cannot have less than 20 days of paid annual leave.
02 MATERNITY LEAVE As of the 32nd week of the female employee's pregnancy, she has a right to have her maternity leave. The beginning of the leave can be delayed until the 37th week with the doctor's approval. Maternity leave period is 16 weeks in total. (8 weeks prior to the birth and 8 weeks after the birth). In multiple pregnancy cases, the pre-birth leave period is set as 10 weeks.
03 MARRIAGE LEAVE Employees gain marriage leave rights following their marriage. 3 days of paid leave is provided.
04 PATERNITY LEAVE Male employees gain paternity leave rights if their spouse gives birth. 5 days of paid leave is provided.
05 DEATH LEAVE Employees gain death leave rights in cases where first-degree relatives (mother, father, spouse, children, sibling) pass away. 3 days of paid leave is provided.
06 SHARED PARENTAL LEAVE FOR DISABLED CHILD Employees gain rights to this leave type in cases of having a 70% disabled child or in cases of having a child with a chronic disease. Only 1 parent shall be able to have the right of leave within the scope of this leave. 10 days (at once or spread over time) of paid leave are provided.
07 MATERNITY HEALTH CONTROL LEAVE Pregnant employees have the right to take leave for physician controls regarding maternity health during the pregnancy period. Time period is not provided within the scope of the leave. Paid leave shall be provided to the employee by the employer when required.
08 BREAST-FEEDING LEAVE Female employees gain the right to take leave for breastfeeding purposes. The leave entitlement is valid until the child/children reach(es) 1 year of age. 1.5 hours of nursing leave per working day shall be provided to the actively working employee.
09 CHILD ADOPTION LEAVE The employee gains right of leave in cases of child adoption. 3 days of paid leave is provided.
One parent of the adopted child is given 8 weeks of leave under the name of "maternity leave" when the child is at or below the age of 3; as of the date when the adoption process is legally finalized.
10 JOB SEEKING LEAVE Employees who are serving their notice period have the right to seek new employment. 2 hours for each workday is provided.
Upon the request of the actively working employee, the employer shall provide the leave period as a bulk.
11 CASUAL LEAVE Casual leave rights that are given to the employees through the employer's initiative. The employer is not legally obliged to provide casual leave rights, though these can be arranged through the contracts and agreements with the employees.
12 ½ DAY PARENTAL LEAVE This leave is provided to the employees, in cases of when their maternity leave period is over. Upon the demand of the either one of the parents of the adopted child, who is younger than the age of 3. The length of this leave is dependent on the number of the children:

-60 days for the birth of the first child,
-120 days for the birth of the second child,
-180 days for the birth of the third child,

shall be given to the employee.


Contents provided in this article serve to informative purpose only. The article is confidential and property of CottGroup® and all of its affiliated legal entities. Quoting any of the contents without credit being given to the source is strictly prohibited. Regardless of having all the precautions and importance put in the preparation of this article, CottGroup® and its member companies cannot be held liable of the application or interpretation of the information provided. It is strictly advised to consult a professional for the application of the above-mentioned subject.

Please consult your client representative if you are a customer of CottGroup® or consult a relevant party or an expert prior to taking any action in regards to the above content.

Designing better ways to work through cutting-edge products, premium services and exceptional experiences that enable people to reach their full potential. HR, Talent, Benefits, Payroll and Compliance informed by data and designed for people.

Learn more at

Boss Yönetişim Hizmetleri A.Ş. is proud to be a local payroll partner of ADP in Turkey.

ADP, ADP logo and the slogan "Always Designing for PeopleTM" belong to the registered trademark of ADP, LLC.

Awards for CottGroup® Services

Service Exporters' Association 3rd Prize Winner
Ranked 4th among the Human Resources Management Software developers of Turkey
Ranked 7th as Consultancy Service Provider
Ranked 38th as Service Provider
Service Exporters' Association 3rd Prize Winner
Ranked 4th among the Human Resources Management Software developers of Turkey
Ranked 7th as Consultancy Service Provider
Ranked 38th as Service Provider

(*) Services Exporters' Association - 2019
(**) Bilişim 500 - 2019

Let's Get Started.
Get a Quote for Your Service Needs.

I accept to receive newsletters, legislation, current news, new service suggestions, advertisements and announcements.

I have explicit consent to the processing of my data within the framework of Personal Data Protection Policy and Privacy Policy.*

*Required Field


Privacy Policy

CottGroup® companies network ("CottGroup®") includes independent companies with separate legal entities that provide various sections of this website and other websites in the CottGroup® member network; and this Personal Data Protection and Processing Policy applies separately for each CottGroup® member company.

This website you visited is affiliated with Boss Yönetişim Hizmetleri A.Ş. one of the CottGroup® member network companies.

Thank you for visiting our web site and reading our privacy and security statement.

Basic Information About Our Approach To Data Security And Privacy

CottGroup®’s network of companies (CottGroup®) has dedicated itself to ensuring the security of your personal data in all of its information systems. For CottGroup®, privacy and security matters form the basis of the relation between us and our customers. CottGroup® understands your particular concern about your confidentiality and security and place utmost importance on that matter.

CottGroup® consists of multiple independent members which provide various sections of the websites in CottGroup®’s network of members. Please click here to see our current member companies. New members to be added to the CottGroup®’s network of members in future will also be viewable by clicking the same link.

Information that you will be disclosing when using this web site may also be controlled by any other firm among the members of CottGroup®’s network in order to enable us to secure the control, inspection and security of the said data at the utmost level. Each independent member shall be legally liable for any data controlled and inspected by it.

CottGroup® Privacy Statement is applicable to all data processed by CottGroup®, including Personal Data collected or transmitted via our websites in CottGroup®’s network, our software and self-service applications, mobile applications or social media accounts and other online or off-line channels.

Protection of Personal Data

CottGroup® acts in the capacity of a data controller in line with KVKK no. 6698 and provisions of any other legislation applicable to the protection of personal data. Accordingly, personal data shall be processed only by CottGroup® personnel authorized to implement any privacy and security policy as well as services falling within the scope of duty of CottGroup®’s management office and the personnel named in the privacy and security authorization matrices, and those natural/legal persons authorized by CottGroup® for such purpose by fulfilling the condition of informing the data subjects. For details, please click the Personal Data Protection and Processing Policy.

Electronic Messages

Subject to communication consents provided by you during your communication with us regarding electronic (e-mail) messages and through any other CottGroup® channel, you will be deemed to have accepted to receive e-mail messages through your contact details, for the promotion of services offered by CottGroup® and its business partners, information on new products and services, announcements on issues regarding legislation, and other matters that may be of interest for you. In this respect, you may contact CottGroup® to request that messages are no longer sent to you through one or more than one communication channel.

Log Data, Cookies and Web Beacons

Cookies are program bits that are usually in the form of text files that may be embedded in laptops, desktop PCs and mobile devices, which collect various data.

Cookies may be used to collect the following data:

  • Internet Protocol (IP) address,
  • Domain name of the computer that you use for connecting to the website,
  • Date and time of your connection and the time you spend on the website.
  • Link of the page over which you connect our web site or the address of another CottGroup® website
  • Information about your computer, your browser’s brand, your operating system, Java support, flash version, your screen definition and connection speed and similar data,
  • Details of the page on the computer that is used for connection when a request is made from our web site,
  • Volume of the data in bytes, transferred on our website,
  • Contents of traceable cookies,
  • CottGroup® websites use temporary session cookies to render your online activities secure and to enhance the website performance;
  • Areas such as Login time, Username and User ID that are necessary for our software and self-service applications ("Applications");
  • Details of the URL over which the User has transmitted his last request through the Applications
  • Your browser’s language

Please click Cookie Policy for details.

Purpose of Using Your Data

We may use your personal data which we record during your visits to our website, via automated or non-automated means, or which you may disclose to us in communication forms, e-mails or via other electronic transactions, primarily for the purpose of satisfying your requests and subsequently for ensuring improvement of the services offered to you. Overall purposes of use of such data may be listed as follows:

  • To contact you,
  • To enable your access to the website or self-service options, by performing operations regarding your online account, including but not limited to the provision of a username and password,
  • To answer questions received from you,
  • To provide information about legislative changes and other important matters,
  • To ensure the administration of our website,
  • To improve our service quality.

Please do not disclose such data that you would not want us to collect for the purposes above. Please remember that unless you provide such data, we will be unable to contact you, and that your certain data may still be collected by means of cookies during your visit to this website.

Data Security

CottGroup® places utmost importance on the security of your data. CottGroup® places utmost importance on the security of your data. We take measures conforming to sector standards to prevent unauthorized collection and use of your data. Exchange of information on the İnternet is not generally secure. Therefore, we recommend you to exercise due care by user when exchanging information through our websites and online systems. If you don't take this care, CottGroup cannot guarantee you about security of your information and communication on the web-site or capture them by third parties.

When your information arrives at CottGroup®, it is protected in accordance with our security and privacy standards. Your data are stored for the purposes set out above and only for the durations required by the needs of our business process or as prescribed by law.

Data Transfer

We may transfer the personal information we collect about you to other countries different from the country we collect the data, as we use their services of the internet service providers, hosting companies, e-mail providers, domain providers (for example: Microsoft 365). Data protection laws and regulations applied in these countries may differ from the laws applicable in Turkey.

Hereby, we will protect your information in accordance with the applicable law as described in this Privacy Policy while transferring to other countries.

Protection for Children’s Online Activities

We support parents willing to supervise and control online activities of their children. In no event do we ask children on purpose to share their personal data. If we come to know that a person whose personal data are collected by us is younger than 13 years old, we may use such data to try to promptly inform his/her parents. This rule shall be applicable for age 16 under the European Union General Data Protection Regulation (GDPR).

Designing New Processes in Line With Privacy Rules

CottGroup® takes the most appropriate technological and organizational measures to ensure confidentiality when developing new systems and applies necessary developments for the processing of personal data in line with their intended purposes (Privacy by design).

Should you have any queries about this Privacy Policy, please click the link.

CottGroup® website:

Personal Data Protection Policy

1. Purpose and Scope

CottGroup® companies network ("CottGroup®") includes independent companies with separate legal entities that provide various sections of this website and other websites in the CottGroup® member network; and this Personal Data Protection and Processing Policy applies separately for each CottGroup® member company.

You may access our group companies within the CottGroup® Member Companies Network via following link.

The website you visited is affiliated with Boss Yönetişim Hizmetleri A.Ş., one of the CottGroup® member network companies.

The main objective of this Personal Data Protection Policy (the "Policy") is to provide explanations regarding the personal data processing activities carried out by the Company pursuant to the law and the systems adopted for the protection of personal data and, in this context, to provide transparency by informing the people whose personal data is being processed by our company.

This Policy applies to all activities managed by the Company regarding the processing and protection of personal data by the Company along with the relevant detailed data procedures.

2. Definitions

KVKK: Personal Data Protection Law numbered 6698

GDPR: EU General Data Protection Regulation

Data Processor: The natural person or legal entity that process data on behalf of the data controller with the authority given by the data controller

Data Controller: the one who defines the purpose and the means of processing personal data and responsible of the data recording system management

Data Subject: a natural person, includes but not limited to an employee, customer, business partners, stakeholders, authorities, leads, candidate for recruitment, intern, visitors, suppliers, employee of business partners, third parties of the Company and its affiliates with whom they have a commercial relationship, whose data is processed.

Explicit Consent: consent that is related to a specific issue based on information and expressed with free will.

Personal Data: any information related to a natural person whose identity is known or could be identified.

Sensitive Personal Data: Biometric and genetic information related with race, ethnicity, political or philosophical opinions, religion, sect or other believes, appearance, union memberships, health, sex life, convictions and security measures etc.

Processing of Personal Data: Any kind of operation performed on data such as obtaining, recording, storing, preservation, modification, reorganization, disclosure, transfer, takeover, making available, classification or preventing the use of personal data in fully or partially automated or non-automated ways, provided that it is part of any data recording system

Anonymization of Personal Data: to render data in such a way that it can no longer be associated with an identified or identifiable person even when the personal data is matched with other data.

Deleting Personal Data: to delete or to render personal data in such a way that it is no longer accessible or reusable for the users

Destroying Personal Data: rendering the personal data to make it inaccessible, unrecoverable and not useable by anyone

Company: Data controller CottGroup® companies.

KVK Board: Turkish Personal Data Protection Board

KVK Authority: Turkish Personal Data Protection Authority

3. Policy

The Company has different policies that cover protection of personal data along with the information security as regards certain work activities and functions. Unless this Policy has additional provisions or higher standards for the protection of personal data, the other different data protection provisions of the company shall prevail.

The relevant regulation provisions shall be first to apply in processing and protecting personal data; and if there happens any contradiction between the articles of this Policy and the legislation, then current legislation clauses shall prevail.

Herein this Policy is prepared in accordance with the rules and procedures foreseen in KVKK and related law for the protection of personal data. In his context, as Data Controller is also liable to prevent illegal processing of personal data and access and protect the personal data from being accessed illegally in accordance with KVKK, he/she must take all necessary technical and administrative measures.

4. Principles To be Followed While Processing Data

Our Company acts in accordance with the following general principles in all of its Personal Data Processing activities:

  • Personal data must be processed lawfully, fairly and transparently,
  • Personal data can only be collected for specific, explicit and legitimate purposes,
  • Personal data must be adequate, relevant and limited to what is necessary for processing,
  • Personal data must be accurate and kept up to date with every effort to erase or rectify without delay,
  • Personal data must be kept in a form such that the data subject can be identified only if is necessary for processing,
  • Personal data must be processed in a manner that ensures the appropriate security,

5. Personal Data Collected

Your personal data collected by our company varies according to the quality of the relationship with our company and the legal obligations. Your personal data collected can be listed as follows:

  • Identity Information (liable to amendments as per to requirements, ID number, name, surname, passport number, if the ID card shared, the information on the card, photo, etc.)
  • Contact Information (E-mail address, phone number, mobile phone number, address etc.)
  • Client Information (client number, client income information, client profession information, vehicle registration plate, training information etc.)
  • Family members and Proximity Information (identification, contact information and professional, training information of the Data Holder’s children, spouses, in particular in relation to employee candidates, etc.)
  • Customer Transaction Information (CDR (call detail record), call center records, credit card balances and extracts, payment receipts, client bank orders, and relevant information taken under record in regards; these are directly related to natural persons and the orders)
  • Physical Security Information (enter-exit records, visit information, camera records etc.)
  • Process Security Information (website password and password information, etc.)
  • Risk Management Information (associated with Data Subject, address register system records, IP address tracking records etc.)
  • Financial Information (in case of legal follow-up, credit card debt, loan amount, loan payments, debt balance, receivable balance in line with the information by the authorities etc.) and accounting information with related records.
  • Employee Candidate Information (CV, interview notes, personality test results etc.)
  • Legal Procedures and Compliance Information (data on the documents such as court and administrative authority decisions etc.)
  • Audit and Inspection Information (Information on any record and transaction relating to the legal pursuit and our rights associated with the Data Subject)
  • Sensitive Personal Data (data on health, data on criminal convictions and security measures,)
  • Claim/Complaint Management Information (information and records about the demands and complaints made to our Company regarding our services related to the person etc.)
  • Reputation Management Information (information collected in order to protect the commercial reputation of our company etc.)
  • Audiovisual Data (photos, camera records, auditory recordings etc.)
  • The Personal Data types listed do not include all your processed data and personal data similar to the data listed by our company may be processed.

6. The Purposes of Processing Personal Data

Our company informs data subjects during obtaining personal data due to KVKK and related legislation. In this context, the Company makes a notification/information regarding the purpose of data processing, transfer of the data and to whom the data shall be transferred, the method of collecting personal data and the legal purpose of collecting personal data.

The purpose of processing personal data information varies according to the relationship between the company and personal data subject and legal nature of the business.

The purposes of processing personal data by the Company are as follows:

  • Within the scope of the company based commercial activities, planning and business development tasks, etc.
    • Realization of legally required transactions, performance of obligations,
    • Declarations made to official institutions,
    • Activities related to the establishment and execution of contracts
    • Managing, conducting, planning and improving client relations.
    • Activities for the realization of post-contract services
    • Monitoring, planning and execution of consultancy activities
    • Monitoring, planning and execution of financial and accounting activities
    • Planning and execution of information technologies and data security activities
    • Planning and execution of physical and electronic / network security activities
  • Increasing brand awareness;
    • Planning and execution of actions aimed at increasing the level of perception about corporate activities and brand
    • Planning, management and execution of organizations, meetings, invitations and events
    • Managing the client satisfaction processes during and/or following the completion of service offering processes
    • Activities for receiving, evaluating and finalizing demands and complaints,
    • Realization and follow-up of transactions and activities to fulfill the obligations arising from the contractual relationship
  • Within the scope of planning, execution and management of corporate relations;
    • Managing, conducting, planning and developing relations with suppliers / business partners
    • Building and conducting corporate managerial communication activities
    • Building and conducting external trainings
  • Within the scope of legal, technical and commercial security measures among parties in relation with the Company data is processed under;
    • Notifying the relevant authorities / institution and/or conducting responsibilities within the audit processes
    • Assuring security measures on physical and electronic environments for the parties the Company is involved with
    • Keeping records as per to commercial security measures and organizing, conducting and auditing these measures for the parties the Company is involved with
    • Assuring the applicable activities are being conducted in regard with data accuracy and making sure the data is up to date
    • Planning and/or conducting the Health & Safety processes
    • All guest entrances – exits are recorded within the legal requirements and applicable to the legislation

7. Methods of Processing Personal Data and Its Legal Ground

Personal data can be obtained/received by parties who are data subject and/or third parties who have explicit consent from the data subject.

The obtained personal data can be processed by collecting, saving, editing, configuring, storing, adapting, changing, using, transferring, deleting, destroying and anonymizing.

Personal Data may be processed by one or more of the above methods without the explicit consent of the data subject in the presence of one the legitimate reasons listed in Article 5 of KVKK:

  • Explicitly prescribed in laws and any relevant legislation.
  • Being legally mandatory for the person cannot grant consent due to physical incapability or legally forbidden to grant consent in regards with other’s living rights
  • Requirement on processing personal data of the parties subject to a contract / agreement, due to the execution of a contract / agreement.
  • Legally being mandatory for the data controller to fulfil the legal liability.
  • Publicized by the relevant person directly.
  • Legally being mandatory to be processed for a granted right to be conducted, used and/or protected
  • Processing personal data for legitimate purposes without contracting the basic rights and freedom of the relevant person.

8. Retention and Destruction of Personal Data

  • Our company takes into account the law and legislation that is in place during processing the personal data. Within this scope, the retention and period of limitations are taken into account on Personal Data Protection activities. In case the processing activity is disposed, and there is no further legal ground to store personal data, relevant data is to be deleted, destroyed and/or anonymized. The personal data shall be subject to retention, disposal or anonymization upon the demand of the data subject and/or the Company’s periodic control in which the Company realizes the reason to process the data is no longer available, due to the Article 7 of KVKK and other related legislation.
  • The personal data transmitted to us by mistake in any way or in cases where it is understood that the will of the data subject is not directed to give explicit consent, is immediately destroyed by our Company by methods in accordance with the Law.
  • Our company will not keep personal data for longer than necessary, in connection with the reason for the collection of the data, so as to allow identification of the data subject.
  • Our company can only store personal data longer than advised, in order to protect the rights and freedoms of the data subject in line with applying technical and organizational precautions only to serve public welfare, scientific or historic research or statistical research.
  • Including the retention period for each category of personal data and the legal obligations that the Company has to store data, the criteria used in identifying this period are specified in our Company's Personal Data Retention and Destruction Policy and will be applied in all cases.

9. Transfer of Personal Data

a. Local Transfers

Personal data is not transferred to any third party without an explicit consent, unless it is legally required due to KVKK, relevant legislation and cases where it is mandatory to be shared with the external parties due to administrative / juridical cases. However, as per to the Article 5 and Article 6 of KVKK, in case legal grounds are present and it is legally required, on third party transferred, consent / explicit consent will not be observed.

Our Company fulfills its obligation to inform the Data Subject regarding this transfer. Accordingly, the institutions, organizations and / or persons that can be transferred are listed below.

b. Transfers to Abroad

The Company may transfer the personal data abroad by obtaining explicit consent of the data subject along with taking appropriate and necessary security measures foreseen in KVKK and related legislation. For the situations in which the explicit consent of the data subject is not sought, it is considered whether the country that the data will be transferred, is in "adequate country" stature and has enough protection or not. If the Authority considers that the transferee country is not in adequate country statute, the Authority approval should be taken, and a data transfer protocol should be signed to guarantee enough protection.

c. Parties Conducting the Transfers

  • Within the scope of the Labor Law, Obligations Law, Income Tax Law and Procedures, Commercial Law , Private Employment Agencies and relevant legislations,
    • Related public institutions and organizations,
    • Competent authority,
    • Tax offices work place inspector, İşKur, regional labor and SGK can be share with administrative institutions and organizations.
  • Apart from these, our Company shall not disclose your personal data in accordance with Articles 8 and 9 of KVKK and take all security measures specified in the relevant legislation;
    • Cott Group Companies, (Here you can find current list of CottGroup® Companies.)
    • To business partners, suppliers, business partners that we cooperate with at local and/or abroad,
    • Data can be transferred to externally supported law offices, courts and other official and judicial authorities upon request.

10. Measures Regarding the Provision of Data Security

Our company takes technical and administrative measures to prevent data breaches to ensure the security of personal data. In this context, our Company;

  • Administrative measures;
    • It conducts a risk audit to identify existing risks and threats.
    • Awareness studies for employees are conducted periodically.
    • There are personal data security policies and procedures.
    • It works to minimize personal data as much as possible by adopting the concept of data minimization.
  • Technically;
    • Ensuring cyber security,
    • Monitoring of personal data security,
    • Ensuring the security of environments containing personal data,
    • Storing personal data in secure areas and cloud computing systems,
    • Information technology systems procure, develop and maintain the necessary software and hardware measures, taking personal data in accordance with the conditions required by the law.

11. Data Protection Officer (DPO)

  • The Data Protection Officer have specific responsibilities in respect of procedures and is the first point of call for Employees/Staff seeking clarification on any aspect of data protection compliance.
  • Data Protection Officer, who Board of Directors considers to be suitably qualified and experienced, has been appointed to take responsibility for Company’s compliance with this policy on a day-to-day basis and, in particular, has direct liability for ensuring that Company complies with KVKK and GDPR, as the authorized person of the Company does in respect of data processing that takes place within their area of responsibility.

12. Data Inventory

CottGroup® has established a data inventory as part of its approach to address risks and opportunities throughout its KVKK and GDPR compliance project.

CottGroup®’s data inventory determines:

  • business processes that use personal data,
  • processed personal data,
  • processed sensitive personal data,
  • data subject,
  • collection method of personal data-source of personal data
  • purpose of processing personal data,
  • legal reason for processing personal data,
  • retention period of personal data
  • mediums where personal data stored
  • destruction methods of personal data,
  • any kind of data transfers,
  • recipients/recipient groups to whom personal data transferred,
  • method and purpose of transfer,
  • technical and administrative measures.

13. Rights of The Data Subject

Within the scope of Article 11 of KVKK the data subject has the following rights and if he/she wishes, he/she can use his/her rights by reaching the data controller in the methods determined by him/her:

  • To learn whether personal data is being processed,
  • To make requests regarding the nature of information held and to whom it has been disclosed,
  • To learn the processing purpose of personal data and whether it is used in accordance with this purpose,
  • To be informed about the third parties that the personal data is transferred in local or abroad and to make notification as regards the transactions made,
  • To demand correction for the personal data that is processed as deficient or incorrect and to notify third parties about this,
  • To demand deletion or annihilation of the personal data of which reason to process is no more available, even if the data is processed in accordance with the related law,
  • To object any result against the data subject,
  • To demand compensation in case of any damage caused by illegal processing of the personal data.

14. Exercises of Rights of Data Subject

In accordance with KVKK regulations; in cases you have inquiries on your rights, mentioned hereinbelow, by completing the Data Subject Application Form you can send it to the address; Astoria Towers Kempinski Residences Büyükdere Caddesi No:127 B Kule Kat:8 34394 Şişli-İstanbul/Türkiye along with ID verification documents either by hand or via postage services or by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it.. All queries will be answered within 30 days of receipt.

If the transaction requires an additional cost, the tariff set by KVKK will be charged.

CottGroup® website:

This website is using cookies.
In this website, we use cookies to develop your user experience, obtain efficient work and track statistical data. You are agreeing to our use of cookies by browsing our website. Please review Çerezler (Cookies) page for detailed information of how we manage the cookies. This choice is valid for 30 days until you delete the cookies in your web browser.
Our services continue..

Due to the Covid-19 Coronavirus pandemic to secure the health of our employees our business operations are held remotely until further notification. CottGroup® will have its business processes carried out efficiently and smoothly thanks to our BCP plans and strong technological infrastructure. As always, our customers and business partners will be able to reach us via our phones and e-mails.