We believe that achieving our vision depends on the implementation and continuity of management systems designed to continuously improve performance. Therefore, as Yataş Group, we declare that we adopt the following principles as our Information Security Management System Policy and commit to conducting all our activities in accordance with this policy:

a) Protecting the confidentiality, integrity, and availability of the information assets of our organization, our customers, and our suppliers,

b) Assessing and managing the risks that may arise regarding the information assets of our organization, our customers, and our suppliers,

c) Protecting the reliability and brand image of our organization,

d) Applying necessary sanctions in the event of an information security breach,

e) Ensuring information security requirements arising from national, international, or sectoral regulations to which we are subject, applicable legislation and standard requirements, contractual obligations, and corporate responsibilities toward internal and external stakeholders,

f) Reducing the impact of information security threats on business/service continuity and ensuring the continuity and sustainability of operations,

g) Maintaining and improving the level of information security through the established control infrastructure,

h) Providing training to enhance competencies in order to increase information security awareness.

We hereby declare that we have adopted this policy as our Information Security Management System Policy and undertake to carry out all our activities in compliance with it.