ARTICLE
12 December 2025

Personal Data Protection Authority's Principle Decision On The Recording Of Turkish ID Card Photocopies In The Tourism And Hospitality Sector

GT
Gen Temizer

Contributor

Gen Temizer logo
Gen Temizer is a leading independent Turkish law firm located in Istanbul's financial centre. The Firm has an excellent track record of handling cross-border matters for clients and covers the full bandwidth of most complex transactions and litigation with its cross-departmental, multi-disciplinary and diverse team of over 30 lawyers. The Firm is deeply rooted in the local market with over 80 years of combined experience of the name partners while providing the highest global standards of legal services.
Explore Firm Details
The Personal Data Protection Authority published its Principle Decision regarding the recording of photocopies of Turkish ID cards belonging to individuals receiving accommodation services in the tourism and hospitality sector ...
Turkey Privacy
Ebru Temizer,Sinan Abra,Seray Apak
+2 Authors
 Your Author LinkedIn Connections

The Personal Data Protection Authority ("Authority") published its Principle Decision regarding the recording of photocopies of Turkish ID cards belonging to individuals receiving accommodation services in the tourism and hospitality sector on 09.12.2025 on its official website and in the Official Gazette dated 09.12.2025 and numbered 33102.

Due to the nature of the services provided, the tourism and hospitality sectors are among the industries in which personal data is processed most extensively. Following complaints and notices submitted to the Authority regarding the practice of collecting photocopies of Turkish ID cards from guests at accommodation facilities, the Authority conducted an assessment within the scope of the Law No. 6698 on the Protection of Personal Data ("KVKK"). As a result of its evaluation, the Authority determined that obtaining identification information consisting of name, surname, and Turkish ID number for the purpose of verifying the identity of the individual presenting the document is compliant with the legislation under the Identity Reporting Law No. 1774. However, taking and storing photocopies of such identification documents constitutes excessive data processing and lacks a legal basis.

As a result of this assessment, the Authority resolved that:

  • Data controllers operating in the tourism and hospitality sector must cease the practice of collecting photocopies of Turkish ID cards from individuals accommodated at their premises, and
  • Data controllers who, prior to publication of the Authority's Principle Decision, recorded photocopies of Turkish ID cards belonging to individuals staying for accommodation purposes must destroy such documents in accordance with Article 7 of the KVKK.

The Authority emphasized that the Principle Decisions once published in the Official Gazette and on the Authority's website, are binding in practice for all sectors. In the event of non-compliance, the Authority has the power to impose administrative sanctions pursuant to Article 18 of the KVKK.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Ebru Temizer
Ebru Temizer
Photo of Sinan Abra
Sinan Abra
Photo of Irmak Seymen Varat
Irmak Seymen Varat
Photo of Seray Apak
Seray Apak
Photo of Efe Özpehlivan
Efe Özpehlivan
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More