Information Security Policy

DATAGATE AŞ TS ISO/IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

PURPOSE

The ISMS policy is a document that sets out the rules to be followed in order to establish an Information Security Management System (ISMS) in accordance with the standard TS ISO / IEC 27001 in order to protect and manage the sensitive information assets owned by Datagate AŞ and to obtain a certificate of conformity for this system. The purpose of the "TS ISO/IEC 27001 Information Security Management System Standard (ISMS)" certificate, which is a standard for ensuring corporate information security, is to outline the information security requirements that employees and relevant parties within Datagate AŞ must comply with and to determine the written rules by ensuring the confidentiality, integrity and accessibility of our information assets within the scope by authorised persons when necessary.

SCOPE and MANAGEMENT COMMITMENT

As Datagate AŞ, we are committed to:

improving the effectiveness of the Information Security Management System, which we have established to meet the requirements of TS ISO / IEC 27001 standard,

ensuring continuity in the security of our system against possible threats related to information security,

minimising the threats that may occur with infrastructure, working environment, hardware, software and training investments,

ensuring the confidentiality, integrity and accessibility of all information, personal data, especially of our customers, by the relevant parties of the products and services we offer,

managing risks against information assets,

complying with national and international legal and standard requirements,

increasing the awareness of our employees regarding information security,

guaranteeing compliance with the legal legislation, contractual requirements and standards required by ISMS and monitoring the implementation of ISMS as an indispensable part of Datagate AŞ's corporate culture.

MANAGEMENT'S ACKNOWLEDGEMENT

As Datagate AŞ, we hereby declare that the implementation and control of the ISMS Policy and the execution of the necessary sanctions in case of security violations are supported by the management.