INFORMATION SECURITY POLICY

Saves Enerji Anonymous Company (“Saves Enerji” or the “Company”) aims to establish and maintain an Information Security Management System in accordance with the ISO 27001 standard requirements. The primary purpose of the system is to ensure the confidentiality, integrity, and availability of information that must be protected by regulation in our service delivery and internal processes.

In the scope of Information Security:

• Establishing and continuously improving the information security management system,
• Identifying, assessing, and systematically managing relevant risks to ensure its continuity within the framework of the strategic business plan and risk management,
• Enhancing awareness of information security among employees,
• Compliance with all legal regulations related to information security, as well as adherence to contracts with our customers, business partners, suppliers, civil society organizations, and public institutions,
• Ensuring the continuity of our company’s managerial, operational, and supporting business activities with minimal interruptions,
• Protecting the confidentiality and integrity of information assets such as customer and supplier information related to our existing activities within the scope of information security,
• Ensuring the protection of all information related to employees and stakeholders as required,
• Evaluating opportunities for continuous improvement to sustain the information security management system,

We commit to working diligently to achieve these objectives and to become an exemplary organization in terms of information security within the industry.