The Regulation on the Amendment of the Regulation on Commercial Communication and Commercial Electronic Messages, which introduced significant amendments to the Regulation on Commercial Communication and Commercial Electronic Messages dated 15 July 2015 ("Regulation"), has been published in the Official Gazette on 4 January 2020.
With the amendments to the Regulation, Commercial Electronic Message Management System ("CMMS") was established and the rules regarding the use of the CMMS was introduced.
I. Effective dates
Article 10/A of the Regulation on the establishment of the CMMS and the Provisional Article 2 of the Regulation, which determines the deadlines for service providers to upload their existing databases to the CMMS and for the recipients to check their approval status uploaded to the CMMS, shall enter into force on 4 January 2020, on the date of publication of the amendments to the Regulation. On the other hand, the provisions for the active use of the CMMS in message transmission, such as registration with the CMMS, obtaining marketing permissions through the CMMS, offering the possibility of opt-out through the CMMS, and obligation to check the permission status over the CMMS brought to the intermediary service providers before the sending of the messages shall enter into force on 1 September 2020. Accordingly, the timeline for the steps to be taken to comply with the Regulation are as follows:
II. Rules related to CMMS
- In order to control the commercial electronic message permissions from a single center, the organization authorized by the Ministry Trade will establish the CMMS.
The main functions of the CMMS are: (i) obtaining commercial electronic message permissions, (ii) using the right to opt-out by recipients, and (iii) managing the complaints regarding unsolicited commercial electronic messages.
- All natural and legal persons who wish to send commercial electronic messages must register with the CMMS. Service providers are required to transfer commercial electronic message permissions that they already received in accordance with the Regulation, to the CMMS by 1 June 2020.
At the end of this period, the CMMS will send a message to the recipients whose contact information is uploaded, stating that their permission is active in the system and that they will be able to use their right to reject through the CMMS until September 1, 20191. If the right of rejection is not exercised by this date, messages sent after that date will be considered solicited.
- Whether the recipient has provided permission or not shall be confirmed through the CMMS, prior to the sending of the messages.
The service providers and the intermediary service providers that initiate the commercial electronic message transmission at the service provider's instructions are obliged to check through the CMMS whether the recipient has provided permission for the communication or not.2 It is forbidden to send messages to people who do not appear to have given permission over the CMMS.
- Recipients will be able to provide commercial electronic message permissions and use their right to opt-out through the CMMS.
Approvals received by a method other than CMMS will have to be reported to the CMMS within three working days, and permissions that are not reported to the CMMS within this period will be considered as invalid. Service providers shall also notify the opt-outs to the CMMS within three working days.
- Individual numbers will be assigned to all service providers and their brands registered in the CMMS and service providers will be able to manage the opt-in and opt-out notices through these numbers.
Service providers shall include an accessible contact address provided by itself or offered by CMMS such as customer service number, text message number, or a URL address specific to opt-out notifications in the commercial electronic message so that the recipient can use their opt-out right over these channels.
- In some cases where messages can be sent without permission, the obligation to make permission check through CMMS has been exempted.
There is no obligation of approval control before sending the following messages:
- Commercial electronic messages regarding changes in, use and maintenance of supplied goods or services,
- Messages including notifications on ongoing subscription, membership or affiliate status, as well as collection, debt reminder, update information, purchase and delivery or similar occasions;
- Commercial electronic messages sent to customers by brokerage firms in accordance with the legislation on the capital market.
- However, when sending messages based on these exceptions, service providers shall notify the intermediary service provider regarding which exception that they are relying on when they are sending messages without prior permission. When sending commercial messages to recipients who are merchants or craftsmen, it shall be checked through CMMS whether the recipients have opted out or not.
- Complaints regarding commercial electronic messages can be made through CMMS.
In addition to complaints that can be made through the e-Devlet (turkiye.gov.tr), the website of the Ministry of Trade and the provincial directorate at the place of residence of the complainant, the recipients can also report their complaints through the CMMS.
III. Other Amendments
- Phrases Specifying Intermediary Service Providers in the Message: The obligation to include information on the trademark, trade name or business name of the intermediary service provider in the commercial electronic messages sent via the intermediary service provider has been removed.
- Obligation to Retain Records Regarding Permissions and Messages: The one-year period during which the approval records must be retained starting from the date of expiration of validity of approval and other records regarding delivery of message must be retained starting from the date of record has been increased to three years.
- Information to be Provided to Recipients During Voice Calls: A provision, which sets forth that trade names for merchants and name and surname for craftsmen shall be provided in the voice call contents, and that service provider may also include other identifying information such as brand or business name has been introduced.
IV. Steps to be Taken for Compliance
The main actions that service providers need to take to comply with the amendments in the Regulation are as follows:
- Registration with the CMMS,
- Separation of permissioned/not permissioned contact information data by evaluating the existing commercial electronic messaging permissions in accordance with the consent texts and evidence related to approval,
- Converting data related to the recipients identified as permissioned to the data format determined by the CMMS and uploading them to the CMMS,
- Confirming the compliance of existing opt-in/opt-out processes with CMMS processes and making necessary amendments for full compliance where necessary,
- Improving the existing commercial electronic message management systems in a way that they can obtain opt-in/opt-out information from CMMS, send this information to CMMS and control permission status before sending each commercial message,
- Updating record retention periods for existing permissions and message deliveries.
1. The Ministry of Customs and Trade is authorized to postpone the period foreseen for transferring the existing databases to the CMMS and for checking these approvals by the recipients for 3 months.
2. Intermediary service providers have no obligation to check approval for commercial electronic messages transmitted by e-mail.