Open menu


KVKK & GDPR Compliance and Consultancy Services

CottGroup® is a leading holistic business service provider, that offers tailor made solutions to entities which have presences in Turkey in all field of operations by offering global solutions with the local knowledge and expertise it has. Just as in any other business operations you require assistance with, we are here to provide solutions and become your solution partner for local and global compliancy processes on Turkish Data Protection Law (TDPL / KVKK) and GDPR with our experienced consultant staff; offering the most accurate human – technology integration.

As of April 7, 2016, with the Turkish Data Protection Law being put in practice the entities in Turkey should have met the compliance requirements and be fully compliant with the Law in their operations. Thus, along with the local regulation, the entities in Turkey which are liable to GDPR, shall have met their obligations by May 25, 2018.

Considering the amount of workforce and dedication needs to be put in practice on the compliancy measures, we are here to become your solution partner by allowing you to save time and utilize your workforce in the most efficient way possible, considering the legal requirements were to be met yesterday as per to Laws' effective dates.

Our services can be provided for specific departments or units within your entity or if wished all departments can be unified and the service can be offered as a whole package to your presence in Turkey. Thus, if you are an organization that is also responsible from GDPR compliancy measures, we can offer tailor made solutions; similar to our other outsourcing services.

Our main service solutions are:

  • KVKK (PDPL) compliance consultancy service package
  • GDPR compliance consultancy service package
  • Customized compliance consultancy for your entity outside Turkey
  • KVKK (PDPL) and GDPR compliance consultancy service package

Our service is rendered with cooperation of the CottGroup® Project Team and your entity’s Project Group. The service to be provided includes full legal and technical consultancy along with the measures needs to be taken within the scope of full compliancy along with identifying and outlining policies and procedures on data deletion (anonymization, masking, pseudonymization, etc.), creating; company cookie and privacy policies, data deletion manuals and processes, data transfer and information protocols, consent documents, data inventory preparation, local data records information system (VERBIS) registration.

Once the service is completed, we provide your company a risk audit report and legal compliancy report. With the reports to be provided we guarantee you that your entity has successfully completed the necessary legal measures in regards the data protection regulations and is fully compliant with the either or both GDPR and KVKK regulations.


Our consultancy service includes;

  • Analyzing the current standing of your entity,
  • Preparation and review of company policies and procedures,
  • Outlining the company’s data access and authorization matrix along with data transfer schemes,
  • Preparation of employee trainings and providing the trainings to the employees,
  • Preparation of the data inventory list and conducting the VERBIS (Data Controllers' Registry Information System) registrations,
  • Drafting the relevant contracts on data processing and transfer processes,
  • Drafting the data deletion, anonymization and relevant process manuals and procedures,
  • Completing and signing off the customized Risk Report for your entity on the compliance processes,
  • Preparing and presenting the Evaluation Report, customized for your entity.


GDPR and KVKK regulations, regardless of making it mandatory for compliance, are not clear on how the compliance is to be practiced and therefore leave a gap for the implementation in technical and administrative processes.

CottGroup® stands out from the other consulting agencies and law firms, at the standpoints on knowledge, expertise and technical infrastructure. As most consultants in the sector focus on the legal aspect of the implementation and compliancy, CottGroup® acts as your solution partner with the know-how on both legal and technological means all through the process. On our daily operations, due to the nature of being a BPO (Business Process Outsourcing) vendor, we receive, process and manage great volume of sensitive and personal data. Especially, contrary to the other vendors in the market we chose to manage and maintain our data center internally and we are not willing to outsource it which led us to maximize the data security by precluding any third-party to access data.


  • We have and maintain ISO 27001 Data Security and ISO 22301 Business Continuity Certifications, authorize our capability and mastery on processes,
  • Our group companies are regularly audited, especially on GDPR and KVKK processes, by our global partners and relevant authorities,
  • Our IT and data center maintained inhouse and any third-party access is prohibited,
  • We have TSE Service Quality certification,
  • Our R&S center and own software team grants full support on digitalized custom-made solutions.

Our services are to be rendered in the smoothest operational processes with our expertise and differences mentioned above, especially on whilst forwarding your queries on informatics and relevant processes to our experts. With CottGroup®'s experienced support solutions of our consultant staff, we allow efficiency in the shortest amount of time. Our aim is to enhance and elaborate the principle of transparency and security in the field by sharing our technical knowledge with our clients.

Our Team

Selim Akdağ
Chairman of The Executive Board
Burcu Özel
Managing Partner
Chief Executive Officer (CEO)
Selma Kıy
Münevver Ekşi
Chief Corporate Affairs Officer (CCAO)
Kamil Aydoğan
Network & System Manager
Information Security Consultant


Designing better ways to work through cutting-edge products, premium services and exceptional experiences that enable people to reach their full potential. HR, Talent, Benefits, Payroll and Compliance informed by data and designed for people.

Learn more at

Boss Yönetişim Hizmetleri A.Ş. is proud to be a local payroll partner of ADP in Türkiye.

ADP, the ADP logo, and Always Designing for People are trademarks of ADP, LLC.

Awards for CottGroup® Services

Service Exporters' Association 4th Prize Winner
Ranked 6th among the Human Resources Management Software developers of Türkiye
Ranked 4th as Consultancy Service Provider
Ranked 29th as Service Provider

(*) Services Exporters' Association - 2022
(**) Bilişim 500 - 2022

Let's start
Get a quote for your service requirements.

Would you like to know more
about our services?

Bu web sitesi çerez kullanıyor.

Bu internet sitesinde, kullanıcı deneyimini geliştirmek, verimli çalışmasını sağlamak ve istatistiki verileri takip etmek için çerezler kullanılmaktadır. Sitemizi kullanarak çerezleri kabul etmiş olursunuz. Çerezleri nasıl kullandığımız ile ilgili detaylı bilgi için lütfen Çerezler (Cookies) sayfasını okuyunuz. Bu seçim 30 gün süreyle ya da tarayıcınızdaki çerezleri siz silene kadar geçerlidir.

Çerez Tercihleri Cookie Preferences

Çerezleri Ayarla

Çerezler, web sitelerinin kullanıcı deneyimini daha verimli hale getirmek için kullanabileceği küçük metinlerdir. Kanun, bu sitenin işleyişi için kesinlikle gerekli olan çerezlerin cihazınıza saklanabileceğini belirtir. Diğer tüm çerez türleri için izninize ihtiyacımız var. Bu site, çeşitli türde çerezler kullanmaktadır. Bazı çerezler, sayfalarımızda görünen üçüncü taraf hizmetler tarafından yerleştirilir.

Verdiğiniz izinler aşağıda yer alan web siteleri için geçerlidir: