ARTICLE
22 January 2026

Public Announcement On Push Notifications Sent Via Mobile Applications

MA
Moroglu Arseven

Contributor

Moroglu Arseven logo
“Moroglu Arseven is a full-service law firm, with broadly demonstrated expertise and experience in all aspects of business law. Established in 2000, the firm combines a new generation of experienced international business lawyers, who hold academic, judicial and practical experience in all aspects of private law.”
Explore Firm Details
The Personal Data Protection Authority ("Authority") published the Public Announcement on Push Notifications Sent via Mobile Applications ("Announcement") on 14 January 2026 via its official website.
Turkey Privacy
Cansu Özgüven and Ayşegül Dağhan
Your Author LinkedIn Connections
Moroglu Arseven are most popular:
  • within International Law topic(s)

The Personal Data Protection Authority ("Authority") published the Public Announcement on Push Notifications Sent via Mobile Applications ("Announcement") on 14 January 2026 via its official website.

The Announcement clarifies the legal nature of complaints received by the Authority regarding push notifications sent via mobile applications under the Protection of Personal Data No. 6698 ("DP Law").

The Authority's assessment may be summarized as follows.

  • Personal data processing activities carried out by data controllers through push notifications sent via mobile applications must comply with the general principles set out under Article 4 of the DP Law and the lawful grounds for processing regulated under Article 5; accordingly, any consent mechanisms relating to the content of such notifications must be structured in full compliance with the applicable legislation.
  • Upon examination of the complaints addressed in the Announcement, it was determined that the relevant data controllers obtained push notification permissions through a single consent mechanism encompassing multiple purposes, without differentiating between campaign and advertising notifications and service-related operational notifications (e.g. order tracking).
  • The Authority concluded that requiring users to accept marketing-related push notifications as a condition for accessing the service is incompatible with the requirements of explicit consent, namely that consent must be (i) specific, (ii) informed, (iii) and freely given.
  • In this context, conditioning access to the service on the acceptance of marketing-related notifications was found to violate the principle of "granularity of consent", which requires separate and independent consent for each distinct processing purpose; accordingly, obtaining approval for multiple purposes through a single consent statement does not constitute a valid legal basis for data processing.

Consequently, it was emphasized that approval mechanisms for push notifications must be structured in line with the principles of granularity and specificity of consent, and that the application architecture should be designed accordingly.

Click here to access the full text of the announcement (only in Turkish).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Cansu Özgüven
Cansu Özgüven
Photo of Ayşegül Dağhan
Ayşegül Dağhan
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More