Information Security Policy

Information Security Policy

In line with our management approach of “Sustainable, Agile and Innovative Management”, and within the framework of our Information Security Management System established with the objective of ensuring stakeholder satisfaction, our policy is to:

  • Ensure information security by protecting the confidentiality, integrity and availability of our information assets,

  • Protect the reliability of the institution and the corporate image it represents,

  • Ensure the uninterrupted continuation of institutional activities and maintain business continuity,

  • Take the necessary security measures to ensure the security of all information assets used in the delivery of the institution’s information technology services,

  • Systematically manage risks in order to minimize or eliminate all information security risks that may arise from our activities,

  • Prevent the unauthorized transfer of institutional information to third parties,

  • Monitor security breaches, establish mechanisms to prevent them, and respond rapidly to any incidents that may occur in order to minimize their impact,

  • Comply with applicable legal regulations and other relevant requirements,

  • Encourage innovative thinking and deploy innovative technologies and practices at a pace that maximizes the benefits to be achieved,

  • Ensure that technologies, hardware and software to be used in line with circular economy and sustainability principles are procured in accordance with Green IT standards,

  • Ensure that necessary sanctions are applied in the event of any violation of this policy,

  • Comply with the requirements of our Information Security Management System, regularly review our performance, and continuously improve its effectiveness.

This Information Security Policy covers all departments using the institution’s information technology infrastructure, all users who access information systems as third parties, and all hardware, software, technical support and service providers. All individuals who use the Gürmen Giyim corporate network and access corporate information resources are obliged to comply with this policy, all supporting policies and related procedures, and to use corporate information resources in accordance with applicable laws and regulations.

As Gürmen Giyim Sanayi ve Ticaret A.Ş., we hereby declare and undertake that we will ensure the fulfillment of the requirements of this policy and establish the necessary awareness accordingly.