Information Security Policy

Information and information security requirements will be in line with our corporate goals. Our company's management will employ well-trained, open-to-change, competent personnel and will provide financing, adequate equipment, and infrastructure to ensure competition with our rivals in the sector. Along with this infrastructure and personnel, the necessary financing will also be provided.

Business continuity and emergency plans, data backup procedures, avoidance of viruses and hackers, access control systems, and information security breach notifications will form the cornerstones of our key operations. Vulnerabilities and threats identified as a result of risk assessments will be eliminated, ensuring secure access to information for our customers and staff.

In addition, our goals will be determined as a result of risk assessments, and the resources and conditions required to achieve these goals will be provided.

To implement this policy, we expect our employees in particular to turn the requirements of the Information Security Management System into a way of working. All personnel and designated third parties will be provided with appropriate training regarding the Information Security Management System.

Applicable requirements regarding information security and the opportunities and requirements brought by these conditions will be fulfilled, and these terms will be continuously improved. In addition, the adaptation of our company, our staff, and all related parties to this system will be ensured.

Our Information Security Policy is reviewed once a year or in the event of significant changes related to our company, with the participation of management and unit heads, to ensure its compliance, accuracy, and effectiveness, keeping it up to date.