Information Security Management System Policy

Within the scope of Information Security Management System, SECHARD provides software development, marketing, sales, installation and post-technical support services related to information security in accordance with ISO/IEC 27001 Information Security Management System Standard.

SECHARD has defined its core values as “Ethics”, “Innovative” and “Creative”. SECHARD believes that the most valuable resource of an institution is “information”. The purpose of all our services is to make our customers strong in tough competitive conditions, to ensure their growth by protecting their assets and to help them produce reliable and continuous services to their own customers. SECHARD has determined its Information Security Management System Policy in this direction and continues to operate its corporate policies without making concessions.
As SECHARD and its employees, we establish, implement, review and continuously improve an Information Security Management System in order to manage all kinds of risks to our business continuity and information assets, provide the necessary resources to achieve the goals and objectives of the management system, comply with legal and other requirements, in accordance with the Information Security Management System Policy, the Constitution of The Republic of Turkey on the protection of personal data, It undertakes to comply with the principles and rules introduced by the Personal Data Protection Law No. 6698 and other legislation and to protect the rights and freedoms of individuals whose data are processed:

  • To support innovative and creative approaches,
  • To increase the technical and behavioral competencies of our employees by taking into account their satisfaction
  • To provide improvement by measuring the performance of our processes,
  • To achieve the highest performance in our processes by taking into account the relevant risks and opportunities,
  • To share our customers all knowledge, experience and the latest technologies we use for their development and growth
  • To ensure the continuity of customer satisfaction by taking into account the requirements and expectations of our customers and related parties, to ensure a reliable cooperation and successful sustainability,
  • To realize our cooperation with our stakeholders based on mutual trust and profit,
  • To provide sustainable and safe products, solutions and services in compliance with national and international regulations and standards affecting our products and services,
  • To fulfill the requirements by systematically ensuring the awareness of quality and continuous improvement in all processes, adopting the approach of “Excellence” within the framework of our strategic principles,
  • To provide the confidentiality, integrity, accessibility and data security of information assets,
  • To comply with all legal regulations and agreements regarding information security and privacy,
  • To produce, access and store information in full compliance with the law,
  • Systematically manage risks to information assets,
  • To apply the most up-to-date and high-tech security controls,
  • To impose sanctions within the scope of the relevant legal and regulatory legislation and company procedures against internal or external persons and legal entities that act against the system,
  • To ensure the continuity of all business activities with minimum interruption,
  • To create information security and privacy awareness for all stakeholders,
  • To maximize the level of compliance of the employees with the awareness, awareness, security and privacy requirements,
  • Not to keep personal data longer than the purpose of processing,
  • To take all necessary administrative and technical measures to prevent the capture of personal data,
  • To meet the contractual or legal requirements regarding the deletion of personal data,
  • To consider the applicable personal data protection legislation and/or regulations during the development and maintenance of information security and privacy policies,
  • To carry out trainings that will develop technical and behavioral competencies in order to increase information security awareness,
  • Being an exemplary organization in terms of information security and privacy in the information technology sector by managing the SECHARD Information Security Management System,
  • It has been determined as the Information Security Management System Policy.