Information Security General Policy

As Esbilgi, our policy statement within the scope of ISO 27001 Information Security Management System and ISO 27701 Personal Data Management System;

• To provide secure access to the information assets of itself and its stakeholders,
• To be aware of the risks on the confidentiality, accessibility and integrity of all kinds of personal data and information assets belonging to our company, customers, suppliers and business partners and to manage these risks,
• Protecting the credibility and brand image of the organization,
• To impose sanctions deemed necessary in case of information security and personal data breach,
• To create full company-wide participation in personal data and information security in the processes it owns and to create high awareness in information security,
• To make personal data and information security a structure that continuously improves, develops and does not allow new risks to occur by systematically addressing personal data and information security,
• Keeping service continuity and efficiency at the highest level in processes by incorporating the best available techniques into our business processes with customer-oriented and innovative approaches in our products and services,
• To be a pioneer and an example in the virtues of reliability and consistency by adhering to the laws and ethical rules in relations with stakeholders, acting honestly and transparently, keeping promises made, and acting with the principles of “Respect for Information”, “Respect for People”, “Respect for Individual Rights and Privacy”,
• Tüm müşteri şartlarına ve yasal yükümlülüklere, ilgili standartlara uyum sağlamak,
• To comply with all customer requirements, legal obligations and relevant standards,
  Measuring the performance of its processes with healthy data, accurate methods and systems and providing input for continuous improvements.