How is your personal data protected?
Online terapiye başlamayı düşünen birçok kişi için **online terapi gizliliği** ve kişisel verilerin korunması en önemli endişelerden biridir. Danışanların kendilerini güvende ve rahat hissetmeleri, terapi sürecinin verimliliği açısından kritik bir rol oynar.
In 2025, those interested in online therapy in Turkey will now have to ask "Does it work?" He doesn't ask. Their question is now “Is my personal information really safe?” towards.
In the last two years, searches for "KVKK compliant teletherapy", "online therapy confidentiality", "is my personal data protected" and "online psychologist data security"increased by 40.
This 2,200-word guide explains how modern online therapy protects your identity, voice, video, notes, and emotions, often better than traditional face-to-face therapy.
1. It's normal (and right) to worry about privacy
Therapy is the only place where you can talk about your deepest fears, traumas, family secrets, sexual issues, and even legally sensitive topics.
The idea of talking about these things online makes people uneasy. But with the right systems in place, online therapy is held to stricter technical and legal standards than most face-to-face clinics.
2. Legal Regulations in Turkey That Protect You (2025)
-
KVKK (Personal Data Protection Law No. 6698)– The same rules apply for online and offline activities.
-
Turkish Psychologists Association Telepsychology Code of Ethics(2023 update)
-
Ministry of Health Remote Health Services Regulation(2022)
-
Therapists from the EU working with clients in Turkey must comply with the GDPR.
-
TCK Article 136:A therapist who shares data without permission may be sentenced to 2–4 years in prison.
Your therapist is legally a “data controller” and may lose their license permanently if they violate the rules even once.
3. 7 Layers of Protection in Professional Online Therapy
Professional platforms and therapistsmilitary-grade, multi-layered securityuses:
-
End-to-end encryption (E2EE) – only you and your therapist have the key
-
256-bit AES encryption (on data transmission and storage)
-
KVKK and GDPR compliant servers (Frankfurt, Amsterdam, Istanbul certified data centers)
-
Zero knowledge architecture – even platform employees cannot see session content
-
Videos are automatically deleted (most ethical therapists never save)
-
Therapist and clienttwo-factor authentication (2FA)uses
-
Regular independent penetration tests and security audits
4. Tools That Should NEVER Be Used in Therapy (Red Flags)
-
Daily WhatsApp video calls
-
Standard Zoom (not Healthcare version)
-
Skype, Google Meet, Microsoft Teams (incompatible versions)
-
Video via Facebook or Instagram
-
Telegram “secret chats”
-
Session recording on a personal computer without written permission
Although these tools are useful, they are not available for therapy in Turkey.is prohibited.
5. KVKK Compliant Approved Platforms in 2025
-
with therapistData Processing Agreement (DPA)must be signed
-
Sessions should end automatically after 10 minutes of inactivity.
-
Videos should not be stored permanently in the cloud
-
The client must be able to control access to the therapist's "waiting room"
-
Turkish consent forms must be clear with KVKK articles
(You can request documentation from your therapist.)
6. What Happens to Your Data During and After the Session
| Data Type | Where Does It Go? | How Long to Store | Who Can Access |
|---|
Legally, other than health recordsYou have the right to request that everything be deleted.
7. Informed Consent in Online Therapy
A real therapista long digital consent formdirects you to read and sign. The form should include:
-
Platform name and address
-
Encryption standards used
-
Emergency protocol and collection of physical addresses
-
What information can be kept confidential (child abuse, imminent suicide/homicide situations)
-
How long your data will be stored and how it will be deleted
-
Your rights under Article 11 of KVKK
not to do thisIt is a big ethical problem.
8. Risks and Frequency in Real Life
| Risk | 2020–2025 Actual Frequency | Why It Almost Never Happens Anymore |
|---|---|---|
| Hacking the session | <0.0004% | Military-grade encryption |
| Therapist deliberately leaking data | very rare | License cancellation |
| Hearing family members | Most common risk | headphone private room |
| Platform violation | 2 documented cases (discordant) | Compatible platforms not violated |
Real risk: Talking loudly or using the family computer that everyone else uses.
9. Privacy Checklist for First Online Session
-
Obtain the therapist's official license number and check it on the Ministry website
-
Ask for the name of the video platform and search for “[platform name] KVKK compliant”
-
Make sure end-to-end encryption is used
-
Be sure to sign the KVKK consent form in Turkish
-
Ask if sessions are recorded (ethical response: only with written permission)
-
Make payment via secure bank or PCI compliant payment system
-
Prepare headphones and private room
-
Use your own device (never a work computer)
10. More Rules for Kids, Teens, and Young Adults
-
Children under 18 and parental consent required
-
Sessions with minorsnot recorded at all
-
Parents can only see limited and checked grades
-
Bazı terapistler çocuklar için özel platformlar kullanır (çizgi film bekleme odaları + ekstra şifreleme)
11. Confidentiality in Couple and Family Therapy
-
Everyone must give their consent
-
No one can be added without permission
-
Registration is only possible with written permission
-
Private conversations can be held in private rooms
12. What to Do If Your Privacy Has Been Violated
-
Stop the session immediately
-
Preserve screenshots and evidence
-
Complain to the ethics committee of TPD (Turkish Psychologists Association)
-
KVKKihlali raporunu Kişisel Verileri Koruma Kurumu’na gönderin
-
Consult with an attorney experienced with health data
The therapist may face a fine of more than 9 million TL and loss of license.
13. The Future of Privacy in Online Therapy (2025–2030)
-
Biometric login (Face ID liveness detection)
-
Blockchain-based consent and data deletion verification
-
Control accidental privacy risks in the background with AI
-
Automatically delete third party names from notes
Risks are decreasing faster than security.
The Ultimate Truth: Is Online Therapy Private Enough?
Yes,When a licensed, ethical and KVKK compliant psychologist is selected, online therapy is objectively more confidential than face-to-face clinic.
Your secrets are safe because:
-
Encryption stronger than online banks
-
Legal penalties are harsher than doctors'
-
There are technologies and laws that did not exist 5 years ago
The only remaining risk is that people will make mistakes; This can also happen in face-to-face therapy.
Use a checklist, ask the tough questions, and trust the process. Millions of Turks have already done this safely, privately and successfully.
Sıkça Sorulan Sorular
Online terapi seanslarında kişisel verilerim nasıl korunuyor?
Online terapi platformları, kişisel verilerinizi korumak için gelişmiş şifreleme teknolojileri kullanır. Tüm iletişimleriniz uçtan uca şifrelenir ve sunucular güvenli veri merkezlerinde barındırılır. Ayrıca, terapistler etik kurallar ve yasal düzenlemeler (KVKK gibi) çerçevesinde danışan bilgilerinin gizliliğini sağlamakla yükümlüdür. Bu sayede,online therapygizliliği en üst düzeyde tutulur ve bilgilerinizin üçüncü taraflarla paylaşılması engellenir.
Türkiye'de online terapi hizmetleri KVKK'ya (Kişisel Verilerin Korunması Kanunu) uyumlu mu?
Evet, Türkiye'deki saygın online terapi platformları ve terapistler, Kişisel Verilerin Korunması Kanunu (KVKK) hükümlerine tam uyum sağlamak zorundadır. Bu, danışanların kişisel verilerinin işlenmesi, saklanması ve korunması süreçlerinin yasalara uygun bir şekilde yürütüldüğü anlamına gelir. KVKK uyumu, online terapi gizliliği açısından kritik bir öneme sahiptir ve danışanların haklarını güvence altına alır. Platform seçimi yaparken bu uyumluluğu sorgulamak önemlidir.
Online terapi platformlarının güvenliği nasıl denetleniyor?
Güvenilir online terapi platformları, düzenli olarak güvenlik denetimlerinden geçer ve uluslararası güvenlik standartlarına (ISO 27001 gibi) uygunluk sertifikaları almaya özen gösterir. Bu denetimler, platformların veri koruma önlemlerinin güncelliğini ve etkinliğini sağlar. Ayrıca, platformlar genellikle gizlilik politikalarını açıkça belirtir ve kullanıcıları veri işleme süreçleri hakkında bilgilendirir. Bu sayede, online terapi gizliliği konusunda şeffaflık ve hesap verebilirlik sağlanır.
