Data Security and Personal Data Management Policy

FEEDBACK4E Yazılım Danışmanlık A.Ş., within the scope of the ISO 27001 Information Security Management System (ISMS) and ISO 27701 Privacy Management System (ISMS) requirements, undertakes to:

• Comply with the requirements of national, international or sectoral regulations, relevant laws and standards, and fulfill obligations arising from contracts.
• Meet the information security requirements arising from internal and external stakeholders.
• Ensure the processing, storage, transfer and destruction of personal data in accordance with the Personal Data Protection Law No. 6698.
• Allow access to customer information and other sensitive data only by authorized employees and ensure the security of such access.
• Provide its stakeholders with secure access to their information assets.
• Protect the availability, integrity and confidentiality of information.
• Protect the reputation and brand image of the company.
• Subject any act that could jeopardize the security of information belonging to employees, customers or suppliers to disciplinary action and/or legal action.
• Ensure the sustainability of business and service continuity and uninterrupted service provision to customers.
• Establish and ensure the effectiveness of an organization that can respond quickly and effectively to emergencies in the areas of information security and data protection.
• Qualify employees through the necessary training and provide them with participation, motivation and communication.
• Continuously improve the management of information security and data protection processes by effectively managing risks and opportunities.