Information Security Policy

Information Security Policy - ISO 27001


NOZZLE Software Inc. undertakes and declares to provide the necessary resources to fulfill the following basic principles in order to ensure the confidentiality, integrity, and accessibility of its services within the scope of the Information Security Management System.  

  •  Unauthorized use, modification, disclosure, and damage to all information assets within the scope will be prevented, whether knowingly or unknowingly.  
  • The information obtained from customers regarding the services within the scope of the Information Security Management System will be secure, accurate, and complete. 
  • Information collected for the business purposes of customers will only be used for this purpose and will not be shared with any third parties.  
    NOZZLE Software Inc. will ensure the confidentiality of corporate, personal information, and information belonging to third parties in all circumstances. 
  • Access control will be provided in compliance with the "need-to-know" principle, and information will be protected against unauthorized access.  
  • Risks will be reduced to acceptable levels through the design, implementation, and maintenance of the Information Security Management System. 
  • Requirements specified by the laws, regulations, directives, contracts, and agreements of the Republic of Turkey will be met, and compatibility will be ensured.  
  • Regular training will be provided to increase staff awareness of information security and encourage them to contribute to the operation of the system.  
  • Support and contribution will be provided to ensure that access to information is constantly maintained at planned levels and business continuity is ensured.  
  • The necessary resources will be provided for the implementation, maintenance, and continuous improvement of the Information Security Management System.  

The ISO 27001 Information Security Management System will be integrated into our company's business processes, considering the information security requirements at every stage.