Recrugate always prioritizes customer satisfaction in its activities of "Developing, Consulting, Selling and Supporting Artificial Intelligence Supported Human Resources Business Applications Software", aims to understand legislation, standards, customer expectations and needs, and to produce projects that anticipate possible needs and expectations by paying utmost attention to information security, protection of personal data and quality.

In this context,

OUR POLICY:

• To manage information assets, determine their security values, needs and risks, develop and implement controls for security risks
• To define the framework that methods will determine for identifying information assets, their values, security needs, vulnerabilities, threats to assets, and the frequency of threats.
• To define a framework for evaluating the confidentiality, integrity, and availability impacts of threats on our processes and assets, as well as the confidentiality impacts of personal data.
• To set out the principles for processing risks.
• To continuously monitor risks by reviewing technological expectations within the scope of the services provided
• To fulfill the requirements of national or international regulations, legal and relevant legislation, obligations arising from agreements, and information security requirements arising from company responsibilities towards internal and external stakeholders.
• To reduce the impact of information security threats on service continuity and contribute to continuity
• To have the competence to respond quickly to possible information security incidents and minimize their impact
• To maintain and improve the level of information security over time with a cost-effective control infrastructure.
• To provide all personnel with awareness, information, and training on Information Security Management System Policy, Processes, etc. To repeat this training at certain intervals.
• To continuously improve the system by considering the results of implementation, audit, and corrective actions within the scope of the Information Security Management System.
• To work to understand and meet the requirements of the Personal Data Protection Law (KVKK); additionally, to understand and meet the requirements of the General Data Protection Regulation (GDPR) when working with international stakeholders and business partners subject to European Union data protection laws.
• To enhance company reputation and protect against adverse effects based on information security.

As Recrugate, we commit to the implementation, review, and continuous improvement of practices related to the Information Security Management System.