A cookie is a small text file that a website stores on your computer or mobile device when you visit the site.

Institutions and organizations must obtain the “explicit consent” of the users in order to use cookies effectively on their websites. Users can set and change their preferences regarding the use of cookies. Some institutions and organizations reserve the right to request the deletion of cookies to visitors in their cookie policies.

The principle of open consent, which is an innovation introduced by the GDPR, is also applicable in Turkish law by data controllers in the form of notification and disclosure to individuals in accordance with the KVKK numbered 6698. According to the Personal Data Protection Law, people should be informed before explicit consent for the use of cookies, and express consent must be given freely by individuals. Explicit consent should not be positioned as a precondition to provide a service.

You can see the importance of the Cookie Policy in terms of KVKK in the “Decision No. 2020/173, dated 27/02/2020. According to the decision;

The data controller says in the “Privacy Statement” text, “You can choose not to provide certain information, but in this case you will not be able to use most Amazon Services.” or “If you block or decline our cookies, you will not be able to add items to your shopping cart, proceed to the purchase phase, or use any Amazon services that require you to log in.” Obtaining explicit consent to the processing of personal data as a condition of service, and imposing explicit consent as a condition of membership and service, hence the contract; In case of existence of other personal data processing conditions, it is considered that the data controller will misuse the right by the data controller due to the misleading and misdirection of the data subject, and also the purpose of complying with the law and the rules of honesty and processing in Article 4 of the law, considering that the service is subject to explicit consent. It was evaluated to be in violation of the principles of being bound with, limited and proportionate.

As a result of the evaluations of the institution, it was decided to impose an administrative fine of 1,100,000 TL to the institution.

In case institutions and organizations provide services to EU countries, the rules of both KVKK and GDPR regarding the use of cookies should be applied.


Types of Cookies;

1-) According to the purpose it serves:

Statistics cookies, strictly necessary cookies, marketing cookies, preference cookies have been counted.

Statistics cookies;

It stores data on how the website is used and makes the website more functional.

Strictly necessary cookies;

Cookies that allow items on e-commerce sites to be kept in the shopping basket. Although it is not necessary to obtain consent for these cookies on an e-commerce site, the necessity of the cookie and why it is used should be explained to the user.

Marketing Cookies;

These are cookies that can be stored permanently. Cookies that enable advertisers to serve ads to the interest of users, from whom the data of the ad statistics encountered by users are accessed.

Preference cookies;

Cookies that provide automatic login to websites.

2-) According to their sources;

First party cookies and third party cookies.

First party cookies are cookies set by the website you are visiting. Only this website can read them. A website may potentially use external services that also set its own cookies, known as third-party cookies.

3-) According to the time the data is kept confidential;

Temporary cookies are created when you visit the website and are only valid until you close your browser. Permanent cookies are created when you visit the website and remain until you delete them or expire. Permanent cookies are used for processes such as providing a personalized experience compatible with your settings.

Purpose of cookies;

It helps the site remember information about your visit, save time and provide a better internet experience. This can provide convenience and make the site more useful when you visit the site again.

For example, a cookie is started to be used as soon as the “Remember Me” option is selected in the membership logins to the websites.

Cookies are used to remember your preferred language, to show you more relevant ads, to determine how many visitors to a page, to help you register for services, to protect your data and to remember your ad settings.

Users while granting permissions for cookies when they enter websites, the Cookie and Privacy policy on the website should be read.

If you think that a cookie other than the cookies specified in the cookie policy is received, the relevant persons can make a notification to the Personal Data Protection Authority because the cookies are within the scope of personal data.

Users can manage and block cookies in their browsers. Users who want to prevent the use of cookies can delete cookies from their browsers or applications.

In terms of cookie management, users can get help from the table below;

Google Chrome You can allow or block cookies from the “cookies” tab by clicking the “lock sign” in the address section of your browser.
Opera You can manage cookies from the “cookies” section by selecting “Advanced” in the “Preferences” section of your browser.
Mozilla Firefox Click on the “open menu” tab in the upper right corner of your browser. You can manage cookies by clicking the “Options” image and using the “Privacy and Security” button.
Internet Explorer You can manage cookies in the form of “allow” or “do not allow” by clicking the security tab in the “Tools” section in the upper right part of your browser.
Safari You can select the “safari” tab from the “Settings” section of your phone, and manage all your cookies from the “Privacy and Security” section.



KVKK, ISO 270001, Bilgi ve İletişim Güvenliği Rehberi, ISO 27701, Bilgi Güvenliği, Siber Güvenlik ve Bilgi Teknolojileri konularında destek ve teklif almak için lütfen

Previous PostNext Post