Our Information Security Policy

As Kar Porselen, in our activity field, it is highly important for us to meet the legal requirements, to ensure
the service delivery to meet the needs and expectations of our customers, suppliers and third party
interlocutors, to provide access to services offered in a quality, fast and secure manner, and to reach the
information assets of our Employees in a timely, complete, accurate and uninterrupted manner. In order to
protect information belonging to Karol porcelain itself, its customers and third-party interlocutors, it has
decided to establish an Information Security Management System (ISMS) in accordance with the ISO/IEC
27001 standard.
The purpose of establishing the Information Security Management System is to evaluate the information
within the scope of privacy, integrity and accessibility and to protect it from all threats that may come from
inside and/or outside, and to ensure that the activities are carried out effectively, accurately, quickly and
safely.
Information security is an institutional responsibility and is in line with our corporate goals. The necessary
roles for the healthy operation of information security processes have been defined, responsibilities have
been determined and those responsible have been appointed. These responsibilities particularly include all
units using the information technology infrastructure, users accessing information systems as third parties,
and suppliers providing technical support for information systems. With the establishment of the ISMS in
our company, it is aimed to determine and evaluate possible risks in all areas within the scope, to reduce
them to an acceptable level by matching them with the controls in accordance with the standard, and
keeping the ISMS alive within the institution by applying the risk assessment procedure.
In this context, our Company undertakes to fulfill the requirements of the standard, to meet the legal
requirements, to activate all applicable controls, and to continuously improve the Information Security
Management System with new application areas and developing technology every year.