Quality Approaches

Informatıon Securıty And Personal Data Policy

As Varaka Kağıt Sanayi A.Ş., we aim to maintain information and personal data security at the highest level across all our activities within the scope of information security and privacy by targeting:

a) Confidentiality : Ensuring that information is accessible only to authorized individuals.
b) Integrity : Protecting information from unauthorized alterations and detecting any changes made.SYS
c) Availability : Ensuring that information is available to authorized users when needed.

Acting with the awareness that information must be protected with the highest level of security and privacy, VARAKA aims to manage information in printed and electronic formats according to the principles of "confidentiality, integrity, and availability," in compliance with legal regulations and in alignment with our Holding structure, including both VARAKA and its IT infrastructure and technologies, using risk management methods.

To achieve this, VARAKA will:

• Fulfill the requirements of information security and privacy standards.
• Comply with all relevant legal regulations related to information security and privacy.
• Identify risks to information assets and manage these risks systematically.
• Continuously review and improve the Information Security and Personal Data Policy.
• Conduct training programs to enhance technical and behavioral competencies to increase information security and privacy awareness, and develop key policies.
• Clearly define the roles and responsibilities in the information security awareness process to establish a successful and effective process.

In conclusion,

The purpose of our Information Security and Personal Data Policy is to protect information assets, ensure the confidentiality of information and data, safeguard against unauthorized access that might compromise their integrity, and thereby eliminate situations that could undermine VARAKA’s trust and reputation.

We commit to these actions. (BGYS.PT.001/RV05)