Within the scope of the regulations in the Constitution and the regulations in the Law on the Protection of Personal Data No. 6689 ("KVKK"), there are regulations for applying to the data controller and Complaint to the Turkish DPA.

According to the announcement published by the Personal Data Protection Authority; as of 27th March 2023, the "Complaint Module" system on the website of the Authority has been updated so that lawyers can also submit their complaints to the Turkish DPA by power of attorney.

Within the scope of election activities; political parties defined within the framework of the Law No. 2820 (In Turkish) on Political Parties should be considered as "Data Controller" in accordance with the KVKK.

With the information note published, political parties; it has been reported that data processing activities are carried out in the establishment notices and documents of political parties, in the political party register, in the stage of holding elections, in the notification of those working in the organs to the public authorities, in the identification of the nomination and party voter list, in the storage of the pre-election documents.

Conditions for the processing of personal data are regulated various fields in Turkish Law. First of these, article 20 of the Constitution of the Republic of Türkiye, titled "Privacy of Private Life" states that "Personal data can only be processed in cases stipulated by the law or with the explicit consent of the person." statement is included.

In addition to the Constitution, in article 5 of the Turkish Personal Data Protection Law ("KVKK") No. 6698, titled "Conditions for Processing ofSpecial categories of personal data" and in article 6 titled "Conditions for the Processing of Sensitive Data". However, while auditing the compliance of the data processing activity with the law, article 4 of the KVKK titled "General Principles" should also be taken into account.

With the application number 2018/6161 and dated June 28, 2022 Constitutional Court Decision has been published in the Official Gazette No. 32049 on December 20, 2022, it has been concluded that the right to effective remedy, which is a positive obligation that must be carried out and assumed by the public authorities, has been violated.

The applicant had applied to the relevant telecommunication company for internet data, log records, IMEI information, hot spot date information and IP numbers received jointly with other subscribers belonging to his telephone line and containing a certain date range to be given to himself, and the request was not accepted by the relevant company. In the suit filed thereon, the local court decided to dismiss the case from the procedure, no positive results have been obtained from the legal remedy applied.