PERSONAL DATA PROTECTION LAW No. 6698 is a law consisting of 33 original and 2 provisional articles, which was adopted by the Parliament on March 24, 2016 and entered into force on April 7, 2016, by being published in the Official Gazette. Purpose of creation as stated in the law; to protect the fundamental rights and freedoms of individuals, especially the privacy of private life, in the processing of personal data, and to regulate the obligations of natural and legal persons who process personal data and the procedures and principles to be followed. To look at a short history in terms of the development of the law; Since the 1970s, issues related to data security have been discussed in different parts of Europe, especially in Germany (the "Data Protection Law" created in the State of Hessen). Two of the most important sources that can be taken as a basis in this field are as follows: 1. Convention on the Protection of Persons Against Automatic Processing of Personal Data, dated 1981 and numbered 108, adopted by the Council of Europe. In addition, the Committee of Ministers of the Council of Europe has issued a total of 13 recommendations determining the procedures and principles for the implementation of the Convention No. 108. 2. Directive 95/46/EC published by the European Union on October 24, 1995. It is stated that the KVKK No. 6698 has been prepared in accordance with these texts, and that the "General Data Protection Regulation (GDPR) - (General Data Protection Regulation)" is being implemented by the European Union in the coming years (probably between 2023 and 2025) within the European Union negotiation processes and the published development plans. It should be noted that we are waiting for our transition to Importance of Law on Protection of Personal Data in International Trade It should be taken into account that there are many different legislations regarding personal data protection in the international arena and that these compliance processes will become the reason of choice in international trade. For example, as of the 1st quarter of 2020, when this article was written, there is no data protection regulation within the framework of the United States of America, only the state of California has the "California Consumer Privacy Act" legislation. For this reason, in international trade, we must first document that we apply the legislation of our country correctly, and then pay attention to the legislation of the country we do business with regarding personal data. This difficult process will not be experienced with the European Union countries at least if GDPR is implemented in our country in the coming years. Import-export institutions can overcome the problems that may occur in the coming period by starting the necessary studies for GDPR compliance from today.