A detailed legal guide to remote work policies and the legal responsibilities of HR teams in Turkey, covering written contracts, equipment, expenses, working time, overtime, data protection, occupational health and safety, equal treatment, and termination risks.
Remote work is no longer a temporary management solution. In Turkey, it is a legally recognized working model with its own statutory structure, contract rules, data-protection implications, and occupational health and safety consequences. For HR teams, this means remote work cannot be managed only through informal manager approval, an email saying “you may work from home,” or a global policy imported from another jurisdiction. The legal framework is built mainly on Article 14 of Labour Act No. 4857, the Remote Work Regulation issued under that article, the Occupational Health and Safety Law No. 6331, and the Personal Data Protection Law No. 6698. Together, these sources make clear that remote work is a formal employment model that must be documented and governed carefully.
The starting point is the legal definition. The Remote Work Regulation defines remote work as a written employment relationship in which the employee performs all or part of the work outside the workplace, typically at home or elsewhere outside the workplace by using technological communication tools, within the employer’s work organization. The same Regulation states that it applies to remote workers and their employers under Article 14 of the Labour Act. In other words, Turkish law does not treat remote work as a casual arrangement layered on top of an ordinary employment relationship without documentation. It treats it as a specific written working model.
That written-form requirement is one of the most important issues for HR. The Regulation states expressly that remote-work employment contracts must be made in writing, and both the Regulation and Article 14 of the Labour Act require the contract to include the job description, the manner in which the work will be performed, the duration and place of work, wage and payment matters, the equipment supplied by the employer and the obligations related to protecting that equipment, the method of communication between employer and employee, and the general and specific working conditions. This means HR cannot safely rely on a general handbook clause or an unwritten manager practice when an employee works remotely on a sustained basis. The remote-work arrangement itself must be properly reduced to writing.
For HR teams, this has a practical drafting consequence. A lawful remote-work contract in Turkey should not stop at saying “the employee works from home.” It should define where and how the work is performed, how the employer will communicate with the employee, which work tools are provided, how those tools must be protected, what working hours apply, how wage payment operates, and what special remote-work conditions govern the role. The Regulation does not present these as optional best practices. It lists them as required contractual subjects. A thin contract may therefore leave the employer exposed not because remote work is forbidden, but because the legal content of the arrangement was never properly documented.
Remote work also changes how the workplace itself is organized. Article 6 of the Regulation states that, where necessary, arrangements concerning the place from which remote work will be performed must be completed before work starts, and that the method for covering the costs arising from those arrangements must be determined jointly by the employer and the remote worker. This is a significant point for HR policy design. Turkish law does not impose a single rigid cost formula for every remote arrangement, but it does require the parties to determine how work-space-related arrangements and their costs will be handled. That means the employer should not leave this topic entirely vague if the job actually depends on a suitable remote workspace.
Equipment and work tools are regulated even more clearly. Article 7 of the Regulation states that, unless otherwise agreed in the employment contract, the materials and work tools necessary for the production of goods or services in remote work are to be supplied by the employer. It also requires the principles governing their use, maintenance, and repair to be communicated clearly to the remote employee. If work tools are supplied by the employer, a written equipment list showing their value at the time of delivery must be given to the employee, and a signed copy must be kept in the employee’s personnel file unless the list is already incorporated into the contract or a contractual annex prepared on the same date. This makes equipment control a legal documentation issue, not merely an IT issue.
Production-related costs also need contract-level attention. Article 8 of the Regulation states that matters concerning the identification and payment of mandatory costs directly related to the production of goods or services must be specified in the employment contract. The law therefore does not say that every possible home-office expense must automatically be borne by the employer in every case. What it does say is that mandatory costs directly related to the performance of the work must be addressed contractually. HR teams should therefore avoid both extremes: neither assuming the employer pays nothing by default nor promising reimbursement of every household expense without a documented rule. The safer legal approach is to define which mandatory work-related costs will be covered and how.
Working-time management is another core HR responsibility in remote work. The Labour Act states that weekly working time is, in general, a maximum of forty-five hours, and that unless otherwise agreed it is divided equally among working days. The same article allows different daily allocation by agreement, provided daily working time does not exceed eleven hours and average weekly working time remains within the statutory limit during the equalization period. The Working Time Regulation separately states that working time is the time spent in the work in which the employee is employed and that rest breaks are not counted as working time. In remote work, these ordinary working-time rules still apply; working from home does not create a separate law of unlimited availability.
The Remote Work Regulation adds a remote-specific layer to this. Article 9 requires the contract to specify the time interval and duration of remote work and states that, subject to statutory limits, the parties may agree on changes to working hours. The same article further provides that overtime may be performed only upon the employer’s written request and with the employee’s acceptance, in accordance with legislation. That rule should be read together with Article 41 of the Labour Act, which defines overtime as work exceeding forty-five hours per week, requires employee consent for overtime work, and caps annual overtime at 270 hours. For HR teams, this means remote-work flexibility does not remove the need to control scheduling, overtime authorization, and documentary evidence of employee consent.
Communication rules must also be managed consciously. Article 10 of the Remote Work Regulation states that the method and time interval of communication in remote work are to be determined by the employer and the remote employee. This matters because one of the most common remote-work failures is the collapse of boundaries between communication and constant availability. Turkish law does not create a general “always online” rule for remote workers. Instead, it expects the parties to determine communication structure within the broader framework of working-time limits. A compliant HR policy should therefore define communication channels, expected response windows, escalation routes, and the difference between ordinary contact and urgent operational contact.
Equal treatment is another essential legal principle. Article 14 of the Labour Act states that, unless there is an essential reason, remote workers may not be treated differently from a comparable employee solely because of the nature of the employment relationship. That means remote status alone does not justify inferior treatment in pay, core rights, or comparable working conditions. It also means HR policies should be reviewed for hidden inequality. A company that excludes remote employees from promotion pathways, development opportunities, or core benefits merely because they are not physically present may create legal risk unless it can show an essential and objective reason.
The data-protection dimension of remote work is especially important for HR. Article 11 of the Remote Work Regulation states that the employer must inform the remote worker about workplace rules and applicable legislation regarding the protection and sharing of workplace- and work-related data, must take the necessary measures to protect those data, and must define in the contract the definition and scope of the data that must be protected. The same article also makes compliance with employer-defined data-protection rules mandatory for the remote worker. For HR, this means remote-work governance is inseparable from privacy governance. A remote-work arrangement without clear data-handling rules is legally weak, especially where laptops, cloud storage, messaging tools, video calls, and home networks are involved.
That remote-work rule sits inside the broader framework of the Personal Data Protection Law. KVKK applies to natural persons whose personal data are processed and to natural or legal persons processing such data by automated means or as part of a data filing system. The law defines explicit consent as freely given, specific, and informed consent, and it requires all personal-data processing to comply with lawfulness, fairness, accuracy where necessary, specified and legitimate purpose, proportionality, and storage limitation. It also allows processing without explicit consent in several situations highly relevant to HR, including where processing is directly related to the establishment or performance of a contract, necessary for compliance with a legal obligation, necessary for the establishment, exercise, or protection of a right, or necessary for the controller’s legitimate interests so long as the employee’s fundamental rights and freedoms are not violated. In remote work, that means employers should identify the real legal basis for monitoring logs, access management, device administration, and support processes rather than defaulting mechanically to consent. (KVKK)
Special-category data require even more care. KVKK classifies health data, trade-union membership, criminal-conviction data, biometric data, and several other categories as special categories of personal data. Processing is generally prohibited unless one of the statutory conditions exists, including explicit legal permission, necessity for the establishment, exercise, or protection of a right, or necessity for legal obligations in employment, occupational health and safety, social security, social services, and social assistance. In remote-work practice, this matters when employers handle ergonomic health records, occupational physician documents, disability accommodation information, or biometric access tools tied to hybrid work systems. HR should therefore be careful not to over-collect sensitive information simply because the worker is outside the traditional workplace. (KVKK)
Transparency is mandatory under KVKK as well. Article 10 requires the data controller to inform the data subject, at the time personal data are obtained, about the identity of the controller, the purposes of processing, transfer recipients and purposes, the legal basis and method of collection, and the data subject’s rights. Article 11 then gives employees rights including learning whether their data are processed, understanding the purpose of processing, learning transfer recipients, requesting correction, requesting erasure or destruction under Article 7, objecting to adverse outcomes produced solely by automated systems, and seeking compensation for unlawful processing. For HR teams, this means remote-work privacy compliance needs more than a general confidentiality clause; it requires remote employees to be informed clearly about device rules, monitoring, support access, data sharing, and cross-border processing where relevant. (KVKK)
Security obligations are equally significant. Article 12 of KVKK requires the data controller to take all necessary technical and organizational measures to prevent unlawful processing, prevent unlawful access, and ensure protection of personal data, and it makes controllers jointly responsible with processors acting on their behalf for those measures. In remote work, this has concrete implications for HR and IT governance: role-based access control, encrypted devices, secure VPN use, password policies, incident escalation, and processor oversight are not merely technical preferences. They are part of the employer’s legal compliance architecture. This becomes even more important where group-wide HR systems or foreign vendors process employee data. (KVKK)
International data transfers need special attention in remote-work environments because remote employees often use global software stacks. Under Article 9 of KVKK, personal data may be transferred abroad if one of the Article 5 or Article 6 conditions is met and an adequacy decision exists; in the absence of adequacy, transfer may still occur if the data subject retains enforceable rights and effective legal remedies and one of the appropriate safeguards is used, including Board-approved binding corporate rules, a Board-published standard contract, an approved written undertaking, or certain agreements between relevant institutions. The Turkish Authority announced in August 2024 that English translations of the new by-law and standard contract texts for cross-border transfers were available. For HR, this means global remote-work platforms should not be treated as a purely technical deployment question. Cross-border transfer compliance must be assessed explicitly. (KVKK)
Occupational health and safety remains fully relevant in remote work. Article 14 of the Labour Act states that, taking into account the nature of the work carried out by the remote employee, the employer must inform the employee about occupational health and safety measures, provide the necessary training, ensure health surveillance, and take the necessary safety measures regarding the equipment supplied. Article 12 of the Remote Work Regulation repeats the same structure in more specific terms. These rules must also be read together with Article 4 of the Occupational Health and Safety Law, which requires the employer to ensure the health and safety of workers in every aspect related to the work, take the necessary preventive measures, provide information and training, carry out risk assessment, and consider the worker’s capabilities in relation to health and safety when assigning tasks. Remote work therefore does not remove OHS obligations; it relocates them.
For HR, the practical implication is that remote-work OHS compliance should not be reduced to a generic sentence in the contract. The employer should identify remote-work risks connected to the role, provide appropriate information and training, assess whether supplied equipment is safe, and coordinate health surveillance where the nature of the work requires it. Article 6 of the OHS Law also reminds employers that even where external services are used, the employer remains responsible for occupational health and safety obligations. In other words, outsourcing assessments or relying on a third-party provider does not transfer the legal duty away from the employer.
Not every job may be performed remotely. Article 13 of the Remote Work Regulation states that remote work may not be carried out in jobs involving work with hazardous chemical substances and radioactive substances, the processing of such substances or their waste, or work processes involving exposure to biological agents. The same article also states that, in public institutions and organizations, the responsible public body may determine which strategically important units, projects, facilities, or services may not be performed remotely. This is important for HR policy design because remote work in Turkey is not defined solely by employee preference or technological possibility. The nature of the work itself can make remote work legally unavailable.
Transition into and out of remote work is another area where HR teams need procedural discipline. Article 14 of the Remote Work Regulation states that the employment relationship may be established directly as a remote-work contract, or an existing on-site employment contract may be converted into remote work if the employee and employer agree. An employee’s request to work remotely must be made in writing, assessed according to workplace procedure, and answered within thirty days using the same method by which the request was made. If the request is accepted, a contract complying with Article 5 must be executed. The employee may later request to return to on-site work through the same procedure, and the employer must give that request priority consideration. The Regulation also states that where remote work is implemented across all or part of the workplace due to compelling reasons recognized by legislation, employee request or consent is not required for the transition. (KVKK)
This transition regime should be read together with Article 22 of the Labour Act, which provides that a substantial change in working conditions arising from the employment contract, personnel regulations annexed to the contract, similar sources, or workplace practice can be made only by written notice to the employee. A change not made in this manner and not accepted by the employee in writing within six working days does not bind the employee. If the employee does not accept the proposed change, the employer may terminate only by explaining in writing that the proposed change is based on a valid reason or that another valid reason exists, and by complying with notice rules. For HR, this means remote work can quickly become a change-of-conditions issue if the employer tries to impose or revoke it outside the statutory framework.
Dismissal risks remain significant in remote-work arrangements. Article 18 of the Labour Act requires employers in workplaces with thirty or more employees to rely on a valid reason when dismissing an employee with at least six months of seniority engaged under an indefinite-term contract, and it expressly excludes reasons such as sex, family responsibilities, pregnancy, and similar protected factors from valid dismissal grounds. Article 19 requires written termination notice and a clear and precise reason, and also bars conduct- or performance-based dismissal without first giving the employee an opportunity to defend against the allegations, except in narrow Article 25/II situations. Article 20 then places the burden of proving the valid reason on the employer and requires employees seeking reinstatement to apply to mandatory mediation within one month from service of the dismissal notice. For HR teams, this means remote work does not weaken dismissal protections; if anything, it often makes evidence and process more important because performance, communication, and availability disputes can be harder to document.
Working-time disputes are particularly common in remote setups, which is why HR teams should maintain a defensible system for availability, output expectations, and overtime authorization. The Labour Act sets the ordinary weekly maximum at forty-five hours, requires employee consent for overtime, and limits total annual overtime; the Working Time Regulation defines working time and excludes rest breaks from it; and the Remote Work Regulation requires the contract to specify the time interval and duration of remote work while also making overtime dependent on the employer’s written request and the employee’s acceptance. A compliant remote-work policy should therefore avoid two extremes: neither assuming that remote workers are free from working-time discipline nor treating them as permanently on call.
The strongest HR approach is therefore an integrated one. First, remote work should be documented through a written agreement or written conversion consistent with Article 14 of the Labour Act and Article 5 of the Regulation. Second, the agreement should address equipment, cost allocation, working hours, communication, data protection, and remote-work conditions with enough detail to guide practice. Third, HR should coordinate with IT and legal teams on privacy notices, security controls, and cross-border data flows. Fourth, HR should coordinate with OHS functions on risk assessment, training, and health surveillance appropriate to the role. Fifth, managers should be trained to avoid informal arrangements that contradict statutory working-time, change-of-conditions, or dismissal rules. These are not merely best practices; they are the operational consequences of the legal framework itself.
In conclusion, remote work policies and legal responsibilities of HR teams in Turkey should be treated as a formal compliance subject, not a convenience policy. Turkish law requires remote work to be documented in writing, expects the contract to cover specific subjects, regulates equipment and cost issues, keeps ordinary working-time limits in force, requires written overtime procedures, obliges employers to protect data and inform employees, preserves full occupational health and safety duties, bars unjustified unequal treatment of remote workers, and regulates transitions into and out of remote work through agreement-based and change-of-conditions rules. Employers that treat remote work casually often discover that legal risk surfaces later in disputes over timekeeping, expenses, privacy, performance, or dismissal. Employers that structure it properly give HR a far stronger and more defensible framework for flexible work.
Yanıt yok