Information Security Policy

RobotPOS Computer Systems Industry and Commerce Inc. ("RobotPOS") recognizes as a fundamental corporate responsibility to protect the confidentiality, integrity and accessibility of all information assets generated, processed, stored and transferred within the scope of its activities.

The purpose of this Information Security Policy is; To reveal the information security approach regarding software development, system management and information technologies activities carried out within RobotPOS, to determine the principles for protecting information assets and to define the framework of controls operated within the scope of ISO/IEC 27001:2022 Information Security Management System.

This policy;

• System, database, network and web-based software,
• Desktop and mobile applications developed specifically for customers,
• Software development life cycle processes,
• Information technology infrastructure,
• All information processed electronically, physically and verbally, the
• Employees, managers, business partners, suppliers and third-party service providers

It covers all information assets processed within the scope of.

RobotPOS carries out information security management within the framework of the following regulations and standards:

• ISO/IEC 27001:2022 Information Security Management System Standard,
• Relevant national and international legislation, the
• Contractual obligations and sectoral good practices.

In this context, RobotPOS has documented, implements and constantly improves the Information Security Management System.

RobotPOS addresses information security not only as a technical issue; It is an integral part of corporate governance, risk management and sustainability.

In this direction;

• Information assets are identified and classified,
• Information security risks are analyzed regularly,
• Appropriate technical and administrative controls are applied to risks, the
• Preventive and corrective actions are carried out systematically.

RobotPOS’s approach to information security is based on the following key principles:

• Privacy: Information is accessible only to authorized persons, the
• Integrity: Maintaining the accuracy and immutability of information,
• Accessibility: Authorized users have access to information when they need it,
• Traceability and Accountability: Recording and auditing of transactions on information assets.

• Senior management is committed to the implementation and continuity of the information security policy.
• Employees and all interested parties are obliged to comply with information security rules within the scope of their duties.
• Third parties are bound by information security obligations under the conventions established by RobotPOS.

RobotPOS in order to ensure information security within the organization;

• Access control and authorization mechanisms,
• Authentication and user management processes,
• Network and system security measures,
• Logging, monitoring and recording mechanisms,
• Backup, business continuity and disaster recovery processes

It is implemented in accordance with the ISO/IEC 27001:2022 standard.

Incidents related to information security breaches are immediately recorded and analyzed and necessary preventive/corrective actions are implemented. If deemed necessary, the relevant parties and competent authorities are informed.

Information security awareness is a core element of RobotPOS corporate culture. In this context, awareness studies and training activities for employees are carried out regularly.

This policy;

• Legislative changes,
• Technological developments,
• Risk assessment results

it is periodically reviewed and updated accordingly.