As a Contract Research Organization (CRO), we accept protecting the confidentiality, integrity, and accessibility of information as our highest priority commitment in all our activities. To this end, our company pledges the following:

• Protecting Information Assets: Protecting all sensitive data belonging to our sponsors, customers, and volunteers participating in clinical research, as well as our corporate information assets, against unauthorized access, misuse, and cyber threats
• Legal and Sectoral Compliance: Fully fulfilling information security obligations arising from the Personal Data Protection Law (KVKK), ISO/IEC 27001 standard, ICH-GCP (Good Clinical Practice) guidelines, and other national/international legal regulations and contracts
• Risk Management: Periodically assessing information security risks and implementing the necessary technological and administrative controls to reduce them to acceptable levels
• Awareness and Competence: Based on the principle that 'Security starts with people,' organizing training to increase the awareness of all our employees and stakeholders on information security and continuously developing the security culture
• Business Continuity: Maintaining and testing business continuity plans to prevent service disruption in possible information security breaches or disaster scenarios
• Continuous Improvement: Regularly measuring the performance of the established Information Security Management System (ISMS), following technological developments, and continuously improving and keeping the system dynamic

General Manager — 02.01.2026