As Roof Stacksand its employees, in order to manage any threat and risk to our information security and information assets;

• To fulfill the requirements required by the law on information security by considering customer data (financial data, personal data, etc.b),corporateinformation, personnel personal information valuable and critical,

• To provide the necessary infrastructure and to take the necessary security measures in order to ensure the uninterrupted continued information services used in the realization of our corporate activities and to access personal and private data only by authorized persons,

• To document and continuously improve our information security management system in a way that meets the standard of ISO/IEC 27001,

• To comply with all legal regulations and contracts related to information security,

• To systematically manage risks to information assets,

• To carry out trainings to improve technical and behavioral competencies in order to increase information security awareness,

we work with all our strength to be an exemplary organization with our leadership in terms of information security in our sector by managing it in an integrated way with other systems we implement.