Information Security Management System Policy

Merkoteks Textile Industry and Trade Inc. considers the protection of the confidentiality, integrity, and availability of all its information assets as a fundamental responsibility. In this context, we aim to ensure compliance with legal and regulatory requirements, effectively manage information security risks, and establish a sustainable security structure.

The core principles we adopt in this scope are as follows:

• Merkoteks Textile Industry and Trade Inc. protects the confidentiality, integrity, and availability of all its information assets.

• Compliance with applicable legal, regulatory, and contractual requirements related to information security is ensured.

• Information security risks are regularly assessed, and appropriate controls are implemented for unacceptable risks.

• Customer, supplier, and operational data are protected against unauthorized access, disclosure, and loss.

• Regular training and awareness activities are carried out to enhance employees’ information security awareness.

• Information security incidents are detected, reported, and managed effectively in a timely manner.

• The security and continuity of information systems used in operations are ensured.

• Suppliers and business partners are expected to comply with information security requirements and are monitored accordingly.

• Business continuity measures are implemented to support the uninterrupted operation of critical information systems.

• The Information Security Management System is regularly reviewed and continuously improved.

• The use of information technologies that support energy efficiency and environmental sustainability is encouraged.

• The impacts of climate change, energy outages, and environmental risks on information systems are evaluated.