01
EU AI Act conformity
Risk classification, conformity assessment pathways, technical documentation and transparency obligations for your system.
AI Ethics & Compliance Counsel
Build AI the regulators will trust.
Legal and ethical compliance counsel for AI companies — from risk classification under the EU AI Act to KVKK and GDPR data governance, documented and ready to attest.
Advising under
- EU AI Act
- GDPR
- KVKK
- FSEK
- EO 14110
- CAIA
- NAIS
- SDAIA
- PDPL
The practice
Compliance is no longer a checkbox. It is how AI products earn the right to ship.
I help AI companies turn fast-moving regulation into clear, defensible decisions. The work pairs the rigor of contract and technology law with a practical understanding of how models are actually built and deployed — so compliance fits your roadmap instead of fighting it.
The output is never a vague opinion. It is documented: a gap assessment you can act on, and a signed legal attestation you can show to investors, partners, and regulators.
Capabilities
Compliance, built into how you ship.
02
KVKK & GDPR data governance
Lawful basis, data processing inventories, DPIAs, and lawful cross-border transfers for training and inference data.
03
Legal & ethical compliance review
A documented gap assessment plus a signed legal attestation you can share with customers, partners, and investors.
04
AI governance & policy
Internal AI use policies, model and system cards, human-oversight design, and incident response that hold up under scrutiny.
05
Contracts & IP for AI
Data licensing, vendor and customer terms, output ownership and liability allocation drafted for AI realities.
06
Founding-client pilots
Hands-on pilot engagements that harden your compliance posture quickly and build a record you can stand behind.
Engagement
A defensible, documented path.
-
1
Scope & map
We map your system, data flows, and the obligations that actually apply — no boilerplate.
-
2
Gap assessment
A clear, prioritised report of where you stand against the EU AI Act, KVKK, and GDPR.
-
3
Remediation
Concrete fixes — documentation, policies, and contract language — sequenced to your roadmap.
-
4
Attestation
A signed legal attestation summarising the review and your compliance posture.
Selected work
Clients we've helped ship with confidence.
A selection of engagements — and how the compliance work supported each team.
NKY Architects & Engineers
Providing legal consultancy services in multiple regions, such as Georgia, Turkey and Saudi Arabia.
Vossloh AG
Provided legal consultancy services in Turkey.
Teknomedika
Provided legal consultancy services in the dental field in Turkey.
China State Construction Engineering Corporation (CSCEC)
Provided legal consultancy services in the construction field in Turkey.
Shemen Oil and Gas Explorations
Provided legal consultancy services international contracts.
Turkish Coal Enterprises
Provided services in the field of multi-national contracts.
Founding-client pilot
Be a founding client.
A limited number of early-stage AI companies can join a founding-client pilot: a focused, lower-cost engagement designed to deliver a real compliance review and a head start before scrutiny arrives.
AI Insights
Notes on AI law & governance.
Beyond the Hype: Structuring Corporate AI Liability in Türkiye and the GCC
As artificial intelligence integrates into core business operations across Türkiye and the Gulf Cooperation Council (GCC) region, the question of corporate liability is shifting from hypothetical debates to boardroom realities. This article explores how organizations can navigate the evolving legal frameworks, allocate risk in international AI vendor contracts, and protect their operations against algorithmic failures.
Algorithmic Discrimination in HR: Navigating the Ethical and Legal Minefield in Türkiye and the Middle East
As Human Resources departments across Türkiye and the GCC increasingly rely on AI to screen CVs, analyze video interviews, and predict employee performance, the risk of algorithmic discrimination is skyrocketing. This article breaks down the legal frameworks, from KVKK to GCC employment laws, governing automated decision-making and how global companies can prevent biased algorithms from triggering severe legal and reputational damage.
Training AI Across Borders: Data Flow Mechanics Between Türkiye and the GCC
The fuel for any enterprise AI system is data, but moving that data across international borders to train or host models triggers immense legal complexities. Following recent amendments to Türkiye’s KVKK and the evolution of GCC privacy laws, this article analyzes the legal mechanics and cloud infrastructure strategies required to lawfully transfer training data between Türkiye, the Middle East, and global tech hubs.