CTN Group
Türkçe English
Protection of Personal Data
  • Home
  • Protection of Personal Data

Protection of Personal Data

CTN GROUP INFORMATION SECURITY MANAGEMENT POLICY

1. Purpose

For CTN Group, information is one of the most valuable assets for the sustainability of company activities. The purpose of our information security management policy is to ensure that business processes are conducted uninterruptedly and safely by protecting the confidentiality, integrity, and availability of corporate information.

2. Scope and Bindingness

This policy applies to all employees within CTN Group, as well as contracted personnel, consultants, interns, and third-party service providers who provide access to information systems. All requirements of the policy apply regardless of geographical location and unit.

3. Policy Principles

Confidentiality, Integrity, and Availability: We guarantee the confidentiality, integrity, and accessibility of our information assets when necessary.

Risk Management: We systematically identify risks to information assets and apply control mechanisms in line with ISO 27001 standards to reduce risks to acceptable levels.

Legal Compliance: It is our primary obligation to comply with all national and international regulations and contracts related to information security; and to work in compliance with personal data protection legislation.

Training and Awareness: We conduct regular training programs to increase our employees' awareness of information security. Creating information security awareness and encouraging good practices is the responsibility of the information security management representative.

Continuous Improvement: We commit to continuously developing the Information Security Management System (ISMS), measuring performance, and evaluating improvement opportunities.

4. Responsibilities

Senior Management: Responsible for determining information security targets, sustainability of the ISMS, and providing necessary resources. Senior management supports information security activities and reviews performance regularly.

Information Security Management Representative: Responsible for the implementation of the ISMS, preparation of standards and procedures, and implementation throughout the organization. Identifies the training needs of employees and provides guidance.

Employees and Third Parties: All personnel are obliged to comply with the information security policy and related procedures. Protects confidential information, keeps user identities and passwords confidential, avoids transferring information to unauthorized persons.

5. Implementation and Monitoring

Policies, procedures, and controls defined within the scope of the ISMS are reviewed at regular intervals and supported by internal audits. Information security events are recorded and necessary corrective activities are implemented.

CTN Group aims to create a reliable and sustainable business environment by announcing its commitment to information security to all stakeholders.

Let’s plan the engineering and production support for your project together.

Share your needs; let the CTN team review with you shortly the solution approach, scope, and initial guidance aligned with your investment goal.

Get in Touch