Türkiye’s data protection authority has ruled that residential building managers may no longer publicly display residents’ debt information in shared spaces such as elevators, entrances or corridors.
The decision, published in the Official Gazette, addresses widespread practices in apartment complexes where lists detailing unpaid dues — such as maintenance fees, advance payments and shared expenses — were posted with identifying details including names, unit numbers, debt amounts and payment delays.
The authority emphasized that such disclosures expose personal data to an undefined audience, including visitors, delivery personnel and non-residents, thereby violating personal data protection obligations. It concluded that these postings fail to ensure adequate data security measures as required by law.
Instead, building administrations are instructed to use restricted communication channels — such as closed email groups or dedicated messaging applications — accessible only to relevant parties. Non-compliance may result in administrative penalties, it added.
