Lawyers Burak Özdağıstanli

    Burak Ozdagistanli is a partner at Ozdagistanli Ekici Attorney Partnership where he leads the firm’s data protection and cyber security team. Ozdagistanli Ekici is a leading independent firm in Istanbul that is ranked in several respected and well-known legal publications in data and technology, including GDR100. The firm is well-known for sound business advice and a great understanding of their clients’ businesses.

    Burak has extensive experience and is a well-known expert in the field of privacy. He provides advice to world’s leading data driven companies in different sectors on a daily basis.

    Among other roles, he is a founding board member of the Data Protection Association in Turkey and the former General Secretary of the Istanbul Bar Association’s Data Protection Commission.

    He also served as the Publications Advisory Board of the International Association of Privacy Professionals (“IAPP”) and Istanbul KnowledgeNet Chapter Co-Chair. He is also a Fellow of Information Privacy (“FIP”) and he holds CIPP/E and CIPM certificates by the IAPP. As of 2023, he will serve on the Privacy Section Advisory Board of the IAPP.

    He has an LL.M. degree in technology law, and he is working on his PHD thesis on legal characteristics of personal data and the legal basis of consent.

    Practice Areas & Work Department

    Technology, Media and Telecom

    Data Protection

    Electronic Commerce







    Istanbul Bar Association

    Former General Secretary – Istanbul Bar Association Data Protection Committee

    Founding Board Member – Data Protection Association - Turkey

    International Association of Privacy Professionals (IAPP)

    IAPP – Privacy Bar Section Board Member (2023 – 2025)

    IAPP – Publications Advisory Board Member (2017-2019)

    IAPP – KnowledgeNet Chapter Co-Chair – Istanbul (2017-2019)

    ITechLaw Association


    INPLP – International Network of Privacy Law Professionals

    Awards & Recognitions

    WWL Data 2021 - 2022 - 2023

    Chambers Fintech 2021 - 2022 - 2023

    Administrative Fines to be Imposed in 2023 under the Personal Data Protection Law

    Administrative fines to be imposed in case of violation of the Law on Protection of Personal Data No. 6698 (“DPL”) are regulated in Article 18, titled “Misdemeanors”, of the DPL. Within the scope of this article, those who do not fulfill the following obligations may be subject to administrative fines ordered by the Personal Data Protection Board (“Board”):
    Burak Özdağıstanli

    Regulation on E-Commerce Intermediary Service Providers and E-Commerce Service Providers

    The Law on the Regulation of Electronic Commerce was amended on 07.07.2022. Accordingly, the Regulation on Electronic Commerce Intermediary Service Providers and Electronic Commerce Service Providers (“Regulation”) was published in the Official Gazette on 29.12.2022. Within the scope of the relevant Regulation, the obligations of electronic commerce intermediary service providers (“ETAHS”) and electronic commerce service providers (“ETHS”), unfair commercial practices in electronic commerce, illegal content, intermediation agreement, electronic commerce license and other issues related to electronic commerce are regulated.
    Burak Özdağıstanli

    Turkish Data Protection Authority Started Enforcement Against Foreign Controllers

    Recently, the Turkish Data Protection Authority (“DPA”) started sending information request letters dated August 15, 2022, to foreign controllers (data controllers located outside Turkey but collect/process personal data from Turkey) that did not register with the Data Controllers’ Registry (“VERBIS”) by the deadline.
    Burak Özdağıstanli