Information Security Policy

NOZZLE , in order to ensure the confidentiality, integrity, and availability of the services within the scope of its Information Security Management System (ISMS) and Personal Data Management System (PDMS), hereby declares and commits to providing the necessary resources to fulfill the following fundamental principles:

• Unauthorized use, alteration, disclosure, or damage—whether intentional or unintentional—of all information assets within the scope will be prevented.
• The security, accuracy, and completeness of information received from customers regarding services covered by ISMS and PDMS will be ensured.
• Information collected from customers for business purposes will be used solely for this purpose and will not be shared with any third parties under any circumstances.
• The confidentiality of NOZZLE Software Joint Stock Company’s corporate and personal information, as well as information belonging to third parties, will be safeguarded under all conditions.
• Access control will be implemented in accordance with the “need-to-know” principle, and information will be protected against unauthorized access.
• Through the design, implementation, and maintenance of ISMS and PDMS, risks will be reduced to acceptable levels.
• Requirements defined by the laws, regulations, circulars, and contracts of the Republic of Türkiye will be met, and full compliance with these requirements will be ensured.
• Regular training will be provided to company personnel to increase information security awareness and encourage their contribution to the effective operation of the system.
• The necessary support and contribution will be provided to ensure business continuity and maintain planned levels of access to information at all times.
• The necessary resources will be allocated for the implementation, maintenance, and continual improvement of the Information Security Management System and the Personal Data Management System.

By integrating ISO 27001 Information Security Management System and ISO 27701 Personal Data Management System into our business processes, information security and personal data privacy requirements will be taken into consideration at every stage.