Inspired by innovation and driven by holistic products and services, we aim to implement and commit to the following fundamental principles to ensure the privacy, integrity, accessibility, continuity, and sustainability of information assets through the establishment of an Information Security Management System for a sustainable future that is preferred in the global composite industry:

• Ensuring necessary participation and support to achieve compliance with Information Security Management System standard requirements,

• Ensuring compliance with the laws, regulations, directives of the Republic of Turkey, customer contracts, and legal requirements required by the business,

• Ensuring the confidentiality of personal, corporate, or Third-Party-owned (produced and/or used) information in all circumstances,

• Ensuring that information is only accessible by authorized individuals, following the principle of “need-to-know,”

• Preventing unauthorized use, alteration, disclosure, and damage to all information assets, whether knowingly or unknowingly,

• Providing the necessary support and contributions to efforts to assess and reduce identified risks to acceptable levels,

• Providing the necessary support for planning awareness programs for information security that will increase the awareness of employees and encourage their contribution to the functioning of the system, to be regularly provided to employees and relevant supplier employees when applicable,

• Providing the necessary support for efforts to detect, report, close, and prevent the recurrence of real or suspected information security incidents,

• Ensuring business continuity and providing the necessary support and contribution for continuous access to information at planned levels,

• Providing the necessary resources for the implementation, maintenance, and continuous improvement of the Information Security Management System,

We will strive to integrate the ISO 27001 Information Security Management System into our company’s business processes, considering information security requirements at every stage.