INFORMATION SECURITY POLICY

As a company, it is of utmost importance that we meet legal requirements in the areas within our field of activity; that we provide services in a way that meets the needs and expectations of our customers, suppliers, and third-party stakeholders; that we ensure access to high-quality, fast, and secure services; and that our employees have timely, complete, accurate, and uninterrupted access to our information assets. To protect the information belonging to the company, its customers, and third-party stakeholders, the company has decided to establish an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001:2022 standard. The purpose of establishing the Information Security Management System is to protect information from all threats, whether intentional or accidental, that may come from inside and/or outside, by evaluating it in terms of confidentiality, integrity, and availability, and to ensure that the activities carried out are effective, accurate, fast, and secure. Information security is a corporate responsibility and is aligned with our corporate goals. Necessary roles have been defined, responsibilities determined, and responsible persons assigned for the healthy operation of information security processes. These responsibilities primarily encompass all units utilizing information technology infrastructure, third-party users accessing information systems, and suppliers providing technical support to information systems. In our company, the establishment of the ISMS aims to identify and assess potential risks in all areas within its scope, reduce them to acceptable levels by matching them with standard-compliant controls, and maintain the ISMS within the organization through the implementation of risk assessment procedures.

QUALITY POLICY

In our company's field of activity, meeting legal requirements, providing services that meet the needs and expectations of our customers, suppliers, and third-party stakeholders, ensuring access to high-quality, fast, and secure services, and achieving customer satisfaction are of paramount importance. The Quality Management System is a corporate responsibility and aligns with our corporate goals; our primary objectives are to maintain customer satisfaction at the highest level, increase effectiveness and efficiency, manage resources efficiently, effectively manage customer feedback, and continuously improve the products and services we provide. To ensure the healthy operation of the quality management system processes, necessary roles have been defined, responsibilities have been determined, and responsible parties have been assigned.

INFORMATION TECHNOLOGY SERVICE MANAGEMENT POLICY

As a company, we are committed to ensuring that the services offered in our field of activity are carried out in accordance with the ISO 20000-1 Information Technology Service Management standard; continuously increasing the effectiveness of the Service Management System and services; ensuring the IT service infrastructure and continuity for all transactions carried out through the electronic applications offered by the organization; ensuring the satisfaction of users and stakeholders to whom IT services are provided; ensuring coordination among the departments providing the service to understand and prioritize customer needs and to meet these needs correctly; implementing the necessary measures to create, develop and ensure the effectiveness of a structure in accordance with the requirements of information technology service management, meeting legal requirements; effectively managing risks and opportunities to fulfill the requirements of the ISO 20000 standard and continuously improving all IT processes.

BUSINESS CONTINUITY MANAGEMENT POLICY

As a company, we ensure that the services offered in our field of activity are carried out in accordance with the ISO 22301 Business Continuity Management System standard; in the event of disasters or any emergency beyond our control, we continuously maintain and improve our business continuity plans to prioritize life safety and then ensure that all our services and activities are not affected or are affected to the least extent foreseen in previous studies; to ensure that our plans work in emergency situations by conducting drills, taking into account our legal obligations, policies, and customer expectations; to identify potential risks that may cause service interruptions and to carry out analyses to take precautions against these risks; to manage internal and external communication on business continuity issues; to meet the requirements of suppliers, customers, shareholders, employees, and legal authorities; and to prepare our business continuity plans by considering our customers' expectations, corporate policies, and legal obligations.

PERSONAL DATA PROTECTION POLICY

The primary purpose of this Policy is to provide explanations regarding the personal data processing activities conducted by the Company in accordance with the law and the systems adopted for the protection of personal data. In this context, it aims to ensure transparency by informing individuals whose personal data is processed by our company, including our customers, potential customers, employees, job applicants, company officials, visitors, employees and officials of institutions with which we cooperate, and third parties. For personal data processed by the Company: we are committed to ensuring compliance with the ISO 27701 Personal Data Management System standard, meeting legal requirements, and continuously improving by managing the risks associated with personal data processing.

CUSTOMER SATISFACTION POLICY

The company adopts a customer-focused approach, prioritizing transparency in its customer relations and accepting the resolution of all customer dissatisfactions as a main principle. It ensures that customer requests and dissatisfactions are easily communicated, handled objectively, fairly, carefully, and confidentially, evaluated in accordance with legal requirements and company policies, and that necessary improvements and controls are continuously implemented to prevent the recurrence of the same dissatisfaction. Our customer satisfaction rules are: We first and foremost consider our customers to be "right" and examine the reason for their complaints from this perspective; We investigate every issue brought to our attention and find opportunities to improve ourselves; We foster an understanding that aligns with our customers' expectations of quality service; We aim to establish strong, accurate, clear, and continuous customer relationships following the products and services our organization provides to customers.

COMPLAINT POLICY

No fee is charged to the customer for the evaluation of complaints, and no profit is made in any way. Company employees consider objectivity criteria in the resolution process: The complaint procedure is clear and accessible to customers. Complaints are handled impartially and fairly. Integrity is ensured in uncovering the facts related to the subject of the complaint, and all parties involved are taken into account. Customer information in complaints is confidential. Information is not shared with third-party organizations and individuals outside the Company unless it is necessary for the resolution of the complaint.

In this context, our company is committed to fulfilling the requirements of Integrated Management System standards, meeting legal requirements, enabling all applicable controls, and continuously improving the established Integrated Management System at regular intervals each year with new application areas and evolving technologies.