Category: Turkiye

An in-depth look at Nazif Karatas of Nazali Attorney Partnership covering his career path, education, and top projects as a lawyer as well as a few insights about him as a manager at work and as a person outside the office.

Career:

Nazali Attorney Partnership, Partner, 2022-present

Nazali Attorney Partnership, Director, 2017-2021

Private Education Institutions, Lecturer on Constitutional Law, Criminal Law, and Labor Law, 2006-201

Education:

Marmara University, PhD Candidate, 2009-present

Marmara University, LLM Degree, 2008

Marmara University, LLB Degree, 2001

Favorites:

Out of office activity: Traveling and trekking

Quote: “It’s easy to be good, it’s hard to be fair.” – Victor Hugo

Book: Sophie’s World by Jostein Gaarder

Movie: My Father and My Son by Cagan Irmak

Top 5 Projects:

Advising Bosal Turkey on closure, with more than 250 employees, and managing negotiations with the union (2021-2022);

Advising Cargill on its first union authorization and collective bargaining negotiation process by carrying out the company’s best interest in the process (2021-2022);

Advising Duravit Turkey regarding the collective dismissal process of the employees and the execution of this issue before public authorities, upon the decision of the company to cease production in Turkey;

Managing the collective bargaining negotiation processes of Fritolay and Fruko, within Pepsico Turkey (2018-present);

Advising more than 50 large companies located in Turkey, such as Vakko, Eczacibasi Ilac, Ipragaz, or ThyssenKrupp, on the transition processes to the short-time working practice for employees after the closure, reduction, or temporary suspension of activities caused by the COVID-19 pandemic (2020-2021).

What would you say was the most challenging project you ever worked on and why?

Karatas: It was a very difficult period for me and my colleagues when advising our clients as employers regarding the closure decision taken in Turkey due to COVID-19, the measures implemented by the government, and the resulting temporary stoppage of activity in most workplaces, across the country, or the decrease in production, due to the large number of workplaces and workers affected by this process. Considering the size of our clients, the volume of work, and the disinformation about short work, I remember that we had a hard time back then, and we worked overtime to clear our clients’ questions, despite the pandemic.

And what was your main takeaway from it?

Karatas: I learned that we can always encounter unexpected events – and in these situations, it is necessary to take a determined stance, without panic, and by taking calculated risks. I realized the importance of taking all the relevant data into account and then making a decision without delay. Because the worst decision is still better than indecision.

What is one thing clients likely don’t know about you?

Karatas: One of my areas of expertise is criminal law. At Nazali, I am responsible for both labor law and criminal law. However, since I spend a lot of time on labor law projects, I think that the clients I work with may not know about my criminal law expertise.

Name one mentee you are particularly proud of.

Karatas: I am especially proud of Zeynel Sahin. After his university education, he could not find what he wanted in business life. I mentored him and provided direct support on Constitutional law, Criminal law, and Labor law trainings, to prepare him for the exams. He first became a Social Security Inspector, then took the exams and became a Tax Inspector.

What is the one piece of advice you’d give yourself fresh out of law school?

Karatas: I would advise that young man to pursue his dreams without giving up, without fear of making mistakes and failure.

This Article was originally published in Issue 9.8 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.

Dentons and Turkish affiliate Balcioglu Selcuk Ardiyok Keki Attorney Partnership have advised Dutch Development Finance Corporation’s venture capital program FMO Ventures on a EUR 5.5 million subscription for convertible notes and redeemable shares in SolarX. Satis Partners reportedly advised FMO in Mali, Burkina Faso, and Senegal. Ffooks Gokulsing reportedly advised SolarX.

SolarX is a commercial and industrial solar rooftop business active in Mali, Burkina Faso, and Senegal. According to Dentons, it “provides clean, affordable, and reliable power to small and medium-sized enterprises that currently rely on high-cost, high-emission diesel generators, and an unreliable and expensive grid. It specializes in the development, construction, and operation of grid-connected, stand-alone, and hybrid solar PV installations.”

According to the firm, “the West African countries in which SolarX operates are highly vulnerable to climate change. FMO’s investment will contribute to increased access to power, reduced cost of electricity, growth in local employment, and a reduction in carbon dioxide emissions.”

The team included Istanbul-based Dentons Partner Nadia Cansun, BASEAK Associates Mert Buberoglu and Ahsen Melda Arabaci, and Dentons lawyers in the Netherlands and Mauritius.

Recently, there have been certain significant developments regarding the data protection practice and some important guidelines have been published by the Turkish Personal Data Protection Authority. Below is an overview on the important points of the relevant developments.

Draft Guideline on Processing of Personal Data in Loyalty Programs

The Turkish Personal Data Protection Authority (“DPA”) has published a Draft Guideline on Processing of Personal Data in Loyalty Programs (“Loyalty Programs Guideline”) on June 16, 2022. The Loyalty Programs Guideline was not published yet and was open to public consultation until July 16, 2022. The draft version is not accessible currently and may change depending on the public consultation.

The Loyalty Programs Guideline mainly provides detailed information on the categories of personal data processed within the scope of loyalty applications, legal grounds for the processing of personal data, the discussion of the personal data processed within the framework of loyalty programs in the context of general principles, issues to be considered within the scope of loyalty practices in fulfilling the obligation of providing information by data controllers, as well as practice cases.

The Loyalty Programs Guideline classifies loyalty programs as: (i) programs rewarding regular customers based on consistency, (ii) programs enabling rewards in an interface where the identity of the customer is determined and their demographic/payment records are directed to the business database, (iii) programs targeting a limited and privileged customer base in return of a subscription fee, (iv) programs targeting many customers with easy and free subscription, (v) programs based on rewarding points in return for purchases, visits, likes on social media pages, downloading application, enlisting to e-mail subscription, etc. (vi) layered loyalty programs based on the spending thresholds that a customer reaches, (vii) paid/VIP loyalty programs, (viii) programs enabling refunds on payments, (ix) programs targeting ethical values such as donations in return for purchases, (x) programs enabling partnership, (xi) loyalty programs provided within a game application, and (xii) combined programs with mixed rewards.

In the Loyalty Programs Guideline, data controllers within the scope of loyalty programs are determined as loyalty program implementers. On the other hand, the Loyalty Programs Guideline, only considers real person customers as a data subject.

The Loyalty Programs Guideline remarks the personal data processed within the scope of loyalty programs, although it varies from application to application. The annexes of the Loyalty Programs Guideline provide a detailed practice example of personal data processed within loyalty programs through Radio Frequency Identification Technology (RFID), as well as categories of personal data.

Within the scope of loyalty programs, it is stated that the legal reason should be determined according to the purpose of processing personal data. If the purpose of the loyalty program is to provide only points/gifts/advantages to the customer in return for shopping within the framework of the determined criteria, the processing of the personal data of the customer in order to obtain this advantage/points/gift may be considered within the scope of the processing of the personal data of the parties to the agreement, provided that it is directly related to the establishment and performance of the agreement. However, in the processing of personal data belonging to the parties of the agreement, which are not directly related to the performance of the agreement, the data controller should evaluate in each case whether it can rely on another legal reason.

In the Loyalty Programs Guideline, the DPA also refers to profiling activities. The DPA states that data processing activities carried out for profiling are not mandatory within the scope of the performance of the agreement and that data controllers cannot rely on the legal reason for the performance of the agreement for such transactions.

The Loyalty Programs Guideline clarifies an approach that is followed in practice and adopted by the DPA. If an explicit consent is not provided, the goods/services may still be provided, however the additional benefits may not be provided. In order to accept that the explicit consent is not provided as a condition of the goods/services offered within the scope of the loyalty program and to be able to talk about the legality of the explicit consent given in this context, the data controller must ensure that the advantage provided with the loyalty program is reasonable and that the data subject does not suffer a significant disadvantage and their free will is not affected

The Loyalty Programs Guideline states that it is known that the contact information, which is in the nature of personal data processed for loyalty programs, is processed within the scope of sending commercial messages to individuals as part of the marketing strategies of the companies and that the consent of the person must be obtained in order to send electronical commercial messages and process personal data in the context of the provisions of the Regulation on Commercial Electronic Messages on the protection of personal data.

The Loyalty Programs Guideline underlines that the processing of personal data for the recognition of the customer for loyalty programs and the “purpose of processing” for the processing of the personal data of the customer in order to send electronical commercial messages are different from each other. In this context, the data controller should carefully evaluate whether the contact information of the loyalty program member can be used to send electronical commercial messages.

Guideline on Use of Cookies

The DPA has published the final version of Guidelines on the Use of Cookies (“Cookie Guidelines) on June 20, 2022. The Cookie Guidelines aim to provide a guidance for and practical advice for all data controllers who operate a website. The Cookie Guidelines cover the processing of personal data through cookies, and notes that those cookies that are not used for processing personal data are not in the scope of the Cookie Guidelines applicable to desktop and mobile websites or web applications.

The Cookie Guideline defines cookies as “a type of text file placed on the user’s device by the website operators and is transferred as part of the HTTP (Hyper Text Transfer Protocol) query”. Cookies are classified according to the (i) duration of use, (ii) their purpose and (iii) their parties. With regard to their duration, cookies are classified as session or persistent cookies. As for their purpose, cookies are classified as strictly necessary cookies, functional cookies, performance – analytic cookies and ad/marketing cookies. Lastly, in terms of their parties, cookies are classified as first party cookies and third party cookies.

Within the scope of Law No. 6698 on the Protection of Personal Data (“Law No. 6698”), data controllers are advised to consider the following criteria when processing personal data through cookies:

– Criterion A: The use of cookies for the sole purpose of transmission of a communication over an electronic communication network,

– Criterion B: The use of cookies that are strictly necessary for providing the information society services that are explicitly requested by the subscriber or user.

As for cases that do not fall under the scope of these two criteria, the below conditions will be applicable for the use of the cookies. The conditions for processing of personal data regarding the cookies within the Scope of the Law No. 6698 are as follows:

– Explicit consent, or

– As a result of the assessment made by the data controller regarding the data processing activity through cookies, other data processing conditions set forth in Articles 5 and 6 of the Law should also be taken into consideration.

Explicit consent needs to be obtained through an active affirmative action, by specifically and separately informing the data subject on processing of personal data. Non-specific statements or consents that are not based on an active action by a data subject cannot be considered as valid explicit consent. Accordingly, merely visiting a website cannot be considered as giving explicit consent for cookie practices. It is important that an explicit consent is specific, informed and freely given. In this regard, besides the elements of explicit consent set forth under the Law, explicit consent must be obtained as an applicable legal ground for processing, before implementation of cookies.

The Cookie Guidelines list each cookie type and assesses them based on the above criteria.

Per the Cookie Guidelines, in cases where the issue of consent to cookies by placing a cookie wall for accessing the website is imposed on the data subject as a prerequisite for the service, the cookie wall may injure the free will of the data subject, and in this case, the explicit consent obtained will not be a valid explicit consent. In cases where third-party cookies are placed on the website, it is emphasized that both the website owner and the third party are obliged to ensure that users are clearly informed about cookies and to obtain their explicit consent when necessary. 

In the event that websites operating in Turkey transfer data abroad by using cookies through companies located abroad, this activity must comply with the provisions of the Law No. 6698 on the transfer of personal data abroad. In this context, it is necessary to obtain explicit consent from the data subject or to have adequate protection in the country to which the transfer will be made, or to submit a letter of undertaking to the DPA.

The Cookie Guidelines also provide illustrative examples of “good practices” and “bad practices” for data controllers to obtain explicit consent when processing personal data through the use of cookies.

Guideline on Protection of Personal Data in the Banking Sector

The DPA and the Banks Association of Turkey, published the Guideline on Protection of Personal Data in the Banking Sector (“Banking Guideline”) on 5 August 2022.

The Banking Guideline states that banks are data controllers for the transactions they carry out within the scope of Article 4 (Operating Subjects) of the Banking Law No. 5411 (“Banking Law”). In addition, the Banking Guideline states that the characteristics of the case will be evaluated in order to determine whether a bank qualifies as a data controller or data processor for operations they conduct as an agency and intermediary organization regarding insurance, private pensions, investment instruments, international fast money transfers and payment for invoices, taxes and fees. The Banking Guideline also states that banks can be a joint data controller.

The Banking Guideline includes guidance on the issues that should be included in the data processing agreements to be made between the data controller and the data processor. Separate referrals are also made for the support services of banks, agreements made with companies and their affiliates, open banking and situations where banks act as agency.

Since the explicit consent to be obtained from the data subjects does not have to be “written”, the bank does not have to provide a written and signed text, but the data controller is responsible for proving that explicit consent has been obtained. In the case of the branch, approval can be obtained for explicit consent texts from the data subjects, by ink signature or other methods (digital signature, e-signature, etc.) prescribed by the legislation to replace it. If the explicit consent is requested from the data subjects from the ATM, the consent for the explicit consent text can be obtained after the person logs into the ATM. When it comes to Internet/mobile banking, boxes/buttons and similar methods that can be ticked by people can be used in order to obtain explicit consent from the data subjects. In the selections made with this box/button and similar methods, the options should not be selected beforehand.

Pursuant to Article 73 (Keeping Secrets) of the Banking Law, information that constitutes a customer secret cannot be transferred in the country or abroad without the customer’s request or instruction, even with the explicit consent of the data subject, except in cases of exception from the obligation to keep secrets. In the Banking Guideline, it is stated that the competent authorities may request information and documents from the banks in cases stipulated by the Law No. 6698, and that providing information within the scope of these requests is limited to answering the questions asked by the authorities on related issues in accordance with Article 73 and 159 of the Banking Law. In this context, banks will be able to transfer data to the competent authorities, provided that it is limited to the answers to information requests. 

In terms of data transfers abroad, the Banking Guideline refers to the conditions stipulated in paragraph 6 of Article 9 of the Law No. 6698 and reminds that the provisions of other laws are reserved. The Banking Guideline also underlines that the provisions of the Banking Law regarding the transfer of customer secret data have special provisions according to Law No. 6698. These may not necessarily mean that cross-border personal data transfer is free of cross-border transfer conditions under the Law No. 6698 as long as it is allowed under the Banking Law. While assessing a cross-border transfer situation, both laws should be carefully assessed and applied together, when possible. 

In the Banking Guideline it is also stated that the each bank will be able to create its own notice texts in accordance with its own operation and systems, within the scope of personal data categories, data collection method, processing purposes and legal justifications, and the parties to which personal data is transferred. On the other hand, the information to be given to the data subject within the framework of the obligation to notify must be compatible with the information disclosed in the Data Controllers Registry Information System (VERBIS). Since the bank has a large number of data processing purposes, it would be appropriate for banks to prepare the notice texts themselves. The Banking Guideline assesses specific situations banks may encounter and guides the banks on how to perform their transparency obligation. The Banking Guideline, considering, the banking practice, gives general advice on certain acceptable transparency methods such as providing a layered transparency notice i.e. first providing a summary explanation by directing the data subjects to a more detailed compliant transparency notice or by informing that their personal data are collected by providing an explanation as character limits in the banking technologies e.g. internet banking, ATMs allow.

On the other hand, banks are obliged to notify the real persons (staff, visitors, etc.) whose data they process. It is recommended in the Banking Guideline that additional information should be provided to the data subject at the stages of obtaining personal data within the scope of banking activities. For instance, specific notice can be made on issues such as the use of biometric data in identity verification or products/processes that may affect large audiences and where new technologies are used, or participation in contests/lottery. As a rule, the obligation to notify must be fulfilled by the data controller at the stage of obtaining personal data.

The obligation of deletion, destruction and anonymization of personal data in the Banking Guideline is processed under three headings: (i) storage of banking information, (ii) elimination of the purpose of processing and (iii) destruction methods. Banks are responsible for preparing inventory and keeping it up to date. Within the scope of these obligations, the Banking Guideline included guidance for banks by referring to the legislative items regarding the retention periods of data. In addition, there are guiding tables on the destruction methods of banks in the Banking Guideline. Banks must comply with both the data security obligations listed in the banking legislation and the data security obligations stipulated in accordance with the Law No. 6698. The Guide explains in detail the data security obligations of banks, which they are subject to in their legislation, and in which legislation they are included. Each bank also determines its storage and disposal policies in accordance with its assessment. 

Draft Guideline Regarding the Issues to be Considered in the Processing of Genetic Data

DPA has published the Draft Guidelines Regarding the Issues to be considered in the Processing of Genetic Data (“Genetic Data Guideline”) for the execution of the processing activities of genetic data, which is considered as special categories of personal data, in accordance with the Law No. 6698. The Guidelines was open to public consultation from August 24, 2022 to September 24, 2022. Genetic Data Guideline has not been published yet and may change depending on the consultation.

Genetic Data Guideline indicates that for genetic data to be definable or informative, it must be analyzed. First, DNA and RNA output is created, then this DNA/RNA sample is processed based on the targeted study and raw data become analyzable. However, the Genetic Guideline emphasizes that raw data is still valuable and meaningful before analysis and have the potential to make an individual identifiable and if a DNA/RNA sample is requested, entire genomic data of the individual can be accessed, provided that sample was preserved properly. Therefore, all data controllers collecting biological samples must maintain all administrative and technical measures to provide security to the samples.

Genetic Data Guideline also refers to anonymization issue of the genetic data. Genetic Data Guideline emphasizes that whichever method is used, DNA samples provide a unique data about a data subject, hence it is impossible to sever the link between the data subject and the collected data. Therefore, instead of “anonymization”, the term “de-identification” is used. Generally, genetic data is “de-identified” after process, through re-tagging with unique identifiers (x, y, z etc.) that are different from the assigned identifiers e.g. birthdate, location etc. when they were collected, then encrypted in a way to make it impossible to link the data subjects to their genetic material without the required key, however, people who have the relevant decryption, this link can be reformed (re-identification)

Genetic Data Guideline emphasizes that genetic data is only health data when they are processed for medical diagnosis and treatment and when they are not health data, they may be processed when there is an applicable processing condition under the Law No. 6698.

Genetic Data Guideline indicates that genetic data can be sent abroad voluntarily or when it is mandatory such as performing of a limited number of tests that are not available in Turkiye e.g. advanced cancer profiling, MRD. Genetic Data Guideline.

Genetic Data Guideline states that all individuals and legal entities that Genetic Disease Evaluation Centers are in relation with e.g. Ministry, university, legal entity etc. are data controllers. In a similar sense, cloud systems, where the genetic data are stored might be considered as data processors.

Genetic Data Guideline reiterates the explicit consent rules under the Law No. 6698 with a focus on genetic data and emphasizes that explicit consent must not be precondition for providing a service e.g. making food intolerance test mandatory to provide a nutritionist service. Genetic Data Guideline also indicates that sometimes, genetic data can be processed commercially, without a purpose of medical diagnosis and treatment such as identification of lineage, determining inclination to sportive activities or certain talents. In such cases, when the personal data will be processed with explicit consent, data subject must be properly informed not by indicating the risks that data subjects may encounter but also the risks involving the persons who are tied to their parentage.

Genetic Data Guideline also focuses on the matter of processing for scientific purposes and indicates that Regulation on Processing Personal Health Data underlines the conditions for using health data on scientific purposes. Genetic Data Guideline emphasizes that for a singular genetic data to be unassociated with an identifiable individual is only possible when such data is transformed into cumulative variant frequency lists achieved through combining multiple data of the same kind belonging to other individuals (genome aggregation data). Processing such data is only possible after obtaining ethical board permissions within the scope of a scientific research and complying with the relevant laws. Doing this, data controllers must minimize the personal data risks by using methods de-identifying the person as much as possible with methods such as pseudonymisation.

Genetic Data Guideline further indicates data controller obligations under the Law No. 6698, suggests administrative and technical measures and finally provides a section of suggestions and recommendations directed to regulation and management of genetic data mostly directed at regulatory and health authorities.  

By Gonenc Gurkaynak, Partner, Ceren Yildiz, Partner, Berna Aytac, Senior Associate, Ece Terziahmetoglu, Associate, ELIG Gürkaynak Attorneys-at-Law

Former Loomis Turkey Legal Affairs & Compliance Manager Nihat Ozbek has joined Guleryuz Partners as a Partner.

According to the firm, Ozbek specializes in transportation, employment, unions, litigation, and corporate legal matters.

Before joining Guleryuz Partners, Ozbek spent over four years with Loomis Turkey. Prior to that, he spent six months as the Legal Counsel of Tamek Holding and a year and a half as Head of Legal with Hitay Holding, between 2015 and 2016. Earlier, he spent almost six years as a Senior Lawyer with Tofas, after spending a year as a Lawyer with Akleasing, between 2008 and 2009.

With the Regulation Amending the Distance Contracts Regulation [“Amendment Regulation”] published on the Official Gazette on 23 August 2022, many amendments were introduced to the Distance Contracts Regulation [the “Regulation”] published on the Official Gazette numbered 29188 and dated 27 November 2014. Many of these amendments aim to provide harmonisation with the amended Law no.6563 on the Regulation of Electronic Commerce [the “Law”] on 7 July 2022, and to regulate the liabilities of intermediary service providers in a comprehensive manner.

Most of the amendments will come into effect as of 1 October 2022, whereas the regulations regarding (i.) payment of the return expenses by the consumer; (ii.) return period of the good in case of withdrawal; (iii.) restriction on the right of withdrawal with regard to mobile phones, smart watches, tablets and computers; and (iv.) return liability of intermediary service providers, as further explained below, will enter into force as of 1 January 2024[1].

In this article, we will discuss the important provisions introduced by the Amendment Regulation.

Additions to Definitions

With the Amendment Regulation, the definitions of “intermediary service provider” and “platform” are provided. Accordingly, while  an “intermediary service provider” is defined as “a real or legal person who mediates the establishment of a distance contract on behalf of the seller or supplier by using or making available the remote communication tools with the system he/she has created” a “platform” is defined as “the system created by the intermediary service provider to mediate the establishment of a distance contract, excluding the common public electronic platform where public services are offered from a single point”.

Liabilities for Intermediary Service Providers

Intermediary service providers are now subject to Regulation provisions which regulate the liabilities of the seller or the provider on preliminary notification. Accordingly, in addition to the seller and the provider, it will be compulsory that intermediary service providers to share their name or title, MERSIS number or tax identification number, full address, telephone number and similar contact details with the consumer. In addition, it is necessary to provide the consumer with a communication channel through which the consumer can submit their complaints, with other information regarding the delivery and performance in accordance with the promised time in payment, commercial advertisements, and promotions, as well as recommended solutions for frequent complaints. From now on, the intermediary service provider, together with the seller and the provider, will be jointly and severally liable for these preliminary notification obligations.

In addition to the obligation of the seller or the provider to establish the necessary system for the consumer to use the right of withdrawal, the intermediary service provider is now also liable for establishing this system. In this respect, if the consumer submits the declaration of withdrawal through the necessary channels, the intermediary service provider is liable to immediately convey to the consumer the confirmation that it has transmitted this declaration to the seller or provider.

In the event that the intermediary service provider collects payment on behalf of the seller or provider through the platform, and then the consumer exercises their right of withdrawal, the intermediary service provider will be jointly liable with the seller and the provider for the refund of the payment to the consumer, except for cases where the payment is transferred to the seller or provider after the delivery or performance of the goods or services to the consumer.

Right of Withdrawal and Exceptions

In accordance with the Regulation, if the consumer used their right of withdrawal, they were obliged to send the goods to the seller or supplier or an authorized person within 10 days from the date of this notification. The Amendment Regulation increases such return period to 14 days and introduces regulations that require the consumer to bear the expenses. In this respect, unless otherwise agreed, if the seller includes the carrier information and expenses in the preliminary notification, the consumer will be responsible for the expenses for return, provided that it does not exceed the delivery expense. However, if the goods delivered to the consumer are defective, it is still the seller’s obligation to cover the delivery expense.

One of the most important provisions introduced by the Amendment Regulation is the provision added to the exceptions of the consumer’s right of withdrawal. As such, (i.) contracts for mobile phones, smart watches, tablets, and computers delivered to the consumer, (ii.) contracts for the installation or assembly of goods which are installed and assembled by the seller or the authorized service provider as specified in the introduction and user manual, (iii.) contracts concluded in the form of live auctions, and (iv.) contracts regarding movables whose registration is required according to the Highway Traffic Law and contracts for registered unmanned aerial vehicles are included to the exceptions. Therefore, unless otherwise agreed by the parties, the consumer will not be able to exercise their right of withdrawal in the above-mentioned distance contracts. In particular, the consumer will not be able to return the mobile phone, smart watch, tablet, and computer purchased through a distance contract, unless the good is defective.

Conclusion

The Amendment Regulation introduces many provisions that result in joint liability of intermediary service providers against the consumer, together with the seller and the provider. In order to fulfill these liabilities, intermediary service providers must align their platforms with the new provisions of the Regulation by 1 October 2022. On the other hand, the new rules restricting consumer’s right to return electronic products such as mobile phones and computers purchased on internet, and those requiring the consumer to pay the return expenses have already raised debates.

[1]             With the new regulation published in the Official Gazette dated 14.9.2022 and numbered 31953, the effective dates of the referred articles of the Amendment Regulation have been postponed to 1.1.2024.

By Aziz Can Cengiz, Attorney at Law, and Beliz Boyalikli, Legal Intern, Guleryuz & Partners

Dentons Turkish affiliate Balcioglu Selcuk Ardiyok Keki Attorney Partnership has advised Sabanici Ventures and Turkiye Development Fund’s TKYB Sermaye Fonu on their investment in Figopara. Nazali advised L2G Ventures on leading the USD 11 million round. The Gokce Attorney Partnership advised Figopara. Kolcuoglu Demirkan Kocakli advised Logo Yazilim on its investment. Reportedly, BTS & Partners advised Eczacibasi on participating in the round. 

Sabanci Ventures is the corporate venture capital arm of Sabanci Holding, a Turkish conglomerate active in financial services, energy, industrials, building materials, and retail sectors.

Figopara is a Turkish fintech company founded in 2017, developing supply chain finance solutions enabling businesses to optimize cash flow.

BASEAK’s team included Partner Okan Arican and Associate Dilruba Guldogan.

Nazali’s team included Partners Ayse Ulku Yalaz and Nilay Goker Duran and Associates Tugce Gelir and Burak Emre Cetin.

Gokce’s team included Partner Deniz Okuyucu, Managing Associate Elif Aksoz, Senior Associate Yilmaz Toygun Tecirli, and Associates Sibel Postacioglu, Hilal Aydin, Hasancan Ufak, and Ozan Ozanoglu.

Kolcuoglu Demirkan Kocakli’s team included Partner Melis Oget Koc and Senior Associate Ipek Yuksel.

Electricity generation, transmission, distribution, and trade are considered public services by court decisions. The liberal economy policies enforced following the entry into force of the 1982 Constitution also find their place in the electricity market. Accordingly, providing the public services via civil law contracts was made possible with the amendments to the Turkish Constitution in 1999.

The Electricity Market Law no. 4628 was later introduced in 2001, and services in the electricity market were provided by private persons for the first time. On the other hand, due to the monopoly nature of electricity markets, these markets are highly regulated and subject to supervision. In order to fulfil such regulation duties, the Electricity Market Regulatory Authority was founded in 2001, and afterwards, its mandated areas of activity expanded to other types of energy branches as well, thus, it was rechristened as the Energy Market Regulatory Authority [the “EMRA”]. The EMRA, which has a public legal entity separate from the central government and is administratively and financially autonomous; establishes regulatory procedures and audits the electricity, natural gas, petroleum and LPG markets.

Due to the delicate and vital function of the electricity market, all those who wishes to operate in this market, whether a private person or a public entity, must obtain a license under the Electricity Market Law numbered 6446 [the “EML”] [available in Turkish only]. The EML, however, also permits unlicensed electricity generation if specific conditions are met. This article will deal with licensed and unlicensed electricity generation in general.

Licensed Electricity Generation

As per the definition in the EML, a license is a permit granted to legal entities, enabling them to operate within the market. Accordingly, public and private sector generation companies and organized industrial zone legal entities may carry out generation alongside the following activities within the scope of their licenses:

• Sale of electricity or generation capacity to supply companies, free consumers and persons with whom it has established private direct lines;
• Trade of electricity or generation capacity;
• Purchase of electricity or generation capacity in order to secure the electricity or generation capacity it is obliged to supply, provided that the annual amount of electricity generated that is stated in its license for a calendar year does not exceed the rate determined by the EMRA.

Depending on the nature of the activity, a license is given for a minimum of 10 and a maximum of 49 years. If the generation company wishes to carry out this activity in more than one facility, it must obtain a separate pre-license for each facility.

Pre-licenses are permits given for a set amount of time to obtain necessary documentation such as approvals, licenses, and permits necessary to start investments on the generation facility. Holders of pre-licenses may apply to the EMRA for a license as long as they carry out their obligations under the pre-license. The private companies in the electricity market must be incorporated as limited liability or joint stock companies, and in case of joint stock companies, the shares must be in registered form. It should be noted, some activities of the companies in this market require approval from the EMRA.

Although as a rule the license cannot be transferred, it is possible to transfer the license through merger or spin-off and through other exceptions under the Turkish Commercial Code no. 6102 and with prior permission of the EMRA. For instance, with the EMRA’s permission, the legal entity holding the license may transfer it to another legal entity that intends to continue to conduct the operations under the license. Furthermore, with EMRA’s permission, the licensee’s legal entity may conduct a merger within the same body or within the body of another legal entity, or it may perform a full or partial demerger.

With several exceptions, the applicant legal entity is not allowed to transfer its shares throughout the license obtaining process. For legal entities holding a license; the transfer of shares representing 10% or more of the capital of the company –or the transfer of shares representing 5% or more if the company is publicly held– and other transactions that create the same result are subject to the EMRA’s approval. In other cases, where the permission from the EMRA is not required to transfer the shares of the legal entity holding a license, the EMRA must be notified, and a submission for a license amendment must be made if necessary.

Unlicensed Electricity Generation

In accordance with the Regulation on Unlicensed Electricity Production in Electricity Markets [the “Unlicensed Electricity Generation Regulation“] [available in Turkish only], it is possible to generate electricity without having to apply for a license or pre-license or incorporate a company. Accordingly, consumers may generate their own electricity in their own generation facilities in close proximity to the point of consumption. Surplus generated that is limited to the last year’s electricity consumption may be sold in the general system.

With the unlicensed electricity generation introduced, especially aiming to encourage renewable energy production, 1.9% of the electricity supply in 2020 was met from unlicensed generation facilities where 92% of such electricity was generated through solar energy. Again, to further encourage renewable energy production, the installed power limit of the generation facility, which was initially one megawatt, was increased to 5 megawatts in 2019.

That being said, the recent amendments dated 11 August 2022 to the Unlicensed Electricity Generation Regulation, stipulate that the amount of surplus energy that can be sold may not exceed the total consumption of the consumer. The excess energy generated over the facility’s last year consumption will not be sold but will be given away to the Renewable Energy Resources Support Mechanism free of charge.

In order to generate electricity without a license, an application must first be submitted to the grid operator. The application is then reviewed over the documents submitted and is examined technical wise. The person who prevails from such review and examination by receiving an alternative connection opinion are given a call letter to the connection agreement. The construction phase starts after the connection agreement is signed, and the Ministry of Energy and Natural Resources completes the temporary acceptance processes. The generation facility will only start to be constructed once such procedure is completed and the system usage contract has been signed.

By Yasemin Keskin, Senior Associate, and M.R. Cafer Koc, Legal Intern, Guleryuz & Partners

Bezen & Partners has advised the Asian Infrastructure Investment Bank on its USD 50 million loan to Akbank financial leasing subsidiary Aklease.

According to Bezen & Partners, the loan is intended for “funding financial leases for renewable energy and energy efficiency related assets.”

Founded in 1988, Aklease is a Turkish financial leasing company with a particular focus on air vehicles and the renewable energy industry. 

Bezen & Partners’ team included Senior Partner Yesim Bezen, Partner Banu Bolukemini, and Associates Berkay Sezginci and Sevinch Murtazaeva.

Bezen & Partners did not respond to our inquiry on the matter.

Kinstellar and its Turkish affiliate firm Gen Temizer Ozer have advised Unifonic on the acquisition of Sestek.

Unifonic is a cloud-based customer communication and engagement solutions provider. Sestek is an R&D-focused AI-powered conversational automation company in Turkey.

According to Kinstellar, “Unifonic’s solutions integrate customer communication channels, including text, voice, messaging, and web into a single platform that enables companies to create stronger customer relationships. With proven expertise in emerging markets since 2006, Unifonic is committed to delivering excellence, handling over 10 billion annual transactions for millions of recipients in over 160 countries, backed by a local corporate presence in five countries and a dedicated team of over 300 professionals.”

Kinstellar and Gen Temizer Ozer’s team included Partner Emre Ozer and Senior Associate Dila Topuz.

The firms did not respond to our inquiry on the matter.

Dentons Turkish affiliate Balcioglu Selcuk Ardiyok Keki Attorney Partnership has advised Magic Games on its USD 5 million seed stage investment round, led by Makers Fund. Reportedly, Orrick advised Magic Games as well, and Fladgate LLP advised Makers Fund.

Hummingbird Ventures Managing Partner Firat Ileri also participated in the round.

Magic Games is an Istanbul-based mobile gaming company. According to BASEAK, “Magic Games is working on its as of yet untitled first game that is going to be a social game with a match-3 core. Magic Games’ founding members include former members of Peak Games, acquired by Zynga in 2020.”

BASEAK’s team included Partner Selahattin Kaya and Associate Dilruba Guldogan.