Quality Certificates

INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

The main theme of ISO 27001 Information Security Management System is to show that the information security is ensured in the coverage of the Payroll, HR Management and Consultancy, Personnel Hiring, Payroll and HR Software which are carried out within BOSS YÖNETİŞİM HİZMETLERİ A.Ş. (BOSS GOVERNANCE SERVICE INC.) to secure the risk management, to measure the information security and privacy process performance and to ensure the arrangement of the relationships with the third parties.

The applications relating to information security and privacy concern all of the parties that are affected by all of our work processes, employees, customers, solution partners, suppliers and the consequences of the works which we perform by means of complying with the obligations arising from the agreements and the work obligations, by means of working in coherence with the applications, laws and regulations relating to information security.

All of the assets which belong to our company are shown in the Asset Inventory. The Asset Inventory may change in the frame of the changes and developments which occur in the course of time. The information security and privacy applications are an inevitable dimension of all of the activities realized and reviewed once in a year.

The continuity of three fundamental elements of the information security management system will be ensured in all of the activities carried out.

• Confidentiality: Preventing the unauthorized accesses to the important information.
• Integrity: Showing that the accuracy and integrity of the information are ensured.
• Accessibility: Showing the accessibility to the information under necessary cases by the authorized persons, related system standards, are related with the security of all of the data in written, printed, oral and similar environments but not the data which are kept in electronic environment only.

CUSTOMER COMPLAINTS AND SATISFACTION POLICY

By means of operating the process of taking up to the customer complaints effectively, BOSS YÖNETİŞİM HİZMETLERİ A.Ş. (BOSS GOVERNANCE SERVICE INC.) targets;

• To make the undertaking of taking up the complaint carefully, with the process of taking up the complaint transparently and responsibly through which it could reach our company easily at any moment of complaint,
• To increase and make sustainable the capability of our company to solve the complaints in a constant, systematic and responsible manner and satisfying the complainant and the corporation,
• To increase the capability of our company to eliminate the tendencies, identification and reason of the complaints and to improve the quality of the service provided,
• To develop a customer-focused approach in solving the complaints which reach our company and in order to encourage the employees of BOSS YÖNETİŞİM HİZMETLERİ A.Ş. (BOSS GOVERNANCE SERVICE INC.) on the subject of improvement of their capabilities in working with the customer,
• To provide a sound foundation in order to review continuously and analyze the solution of the customer complaints and the process improvements performed.

QUALITY POLICY

Boss Yönetişim Hizmetleri A.Ş. adopts the Excellence Model approach in its services. Our goal as a corporation committed to continuous development as a lifestyle and leading in technology and quality is to offer the services that will bring utmost benefit to our customers as the best solution partner, and to ensure the sustainable customer satisfaction.

Our Main Objectives:

• Rigorously abiding by the laws and legal arrangements, to keep the quality service understanding at the forefront at all times, to make no concessions on the principles of trust and privacy, to be aware that the way to satisfying our customers passes through happiness and satisfaction of our employees.
• Providing the best working environment to our employees, to promote continuous development with trainings, and to reduce our costs, to increase our efficiency and longterm profitability, to secure our future, to work in mutual cooperation and trust with our suppliers.
• To ensure the quality awareness in all activity sites and service units in systematic and regular way, to adopt the total quality management as a lifestyle, and to improve effectiveness of all the processes that influence our service quality continuously.
• Continuously developing our knowledge and creativity for customer satisfaction, to put forth effective service models and technologies.

Realizing the business excellence and our zero error targets through Total Quality Management is the duty of all of us as the employees of Boss Yönetişim Hizmetleri A.Ş..

BUSINESS CONTINUITY MANAGEMENT SYSTEM POLICY

Boss Yönetişim Hizmetleri A.Ş aims the conformity with the requirements regarding establishment of an effective Business Continuity Management System and continuous improvement in accordance with the international standard ISO 22301.

A holistic business continuity management structure is in place at BOSS for taking effective measures in disaster, crisis or interruption situations, minimizing the operational, financial, legal and reputational negative effects, ensuring continuance of the operations which have been identified to be critical in the targeted timeframe, and reverting to the state before the crisis.

In case the events which may interrupt our services are at such extent that would endanger human life, protecting human life is of paramount importance and priority for our company.

For a successful business continuity management, all our employees, suppliers and business partners should be aware of the duties and responsibilities falling to them, implement these before and during the event, and be prepared to such events.

Responsibilities have been defined within the company for establishment and implementation of the business continuity planning and management system. The company employees are the main responsibility holders in determination of the business interruptions involving the operational processes the are part of, takin measures, and putting into effect the business continuity plan that has been created in advance also with their contributions when necessary, at the right time and free of error.

Boss Yönetişim Hizmetleri A.Ş. undertakes that the practices concerning Business Continuity and Information Security are realized, continuously developed, in conformity with all the legal requirements, reviewed, and continuously improved.

INTEGRATED MANAGEMENT SYSTEM POLICY

1. PURPOSE

The primary purpose of this Policy is to establish the principles related to the methods and processes to be applied within the framework of the Integrated Management System (TS ISO/IEC 9001-27001-27701-22301-10002) and the Personal Data Protection Law (KVKK).

Customer Orientation: We provide innovative, high-quality, and tailored solutions to simplify business processes and enhance performance for companies.

Technology and Innovation: We develop advanced technologies to meet the rapidly evolving needs of the business world, supporting digitalization and efficiency in processes.

Social Responsibility: As a socially and environmentally responsible company, we integrate the principles of sustainable development into our business models, adding value to the future with community-focused projects.

Team Spirit: We foster a corporate culture that supports employee development, encourages innovative thinking, and prioritizes teamwork.

Trust and Transparency: We are committed to building long-term business partnerships based on mutual trust with our customers, without compromising ethical values in all business processes.

At CottGroup, we aim to lead the sustainable growth of the business world by offering innovative, reliable, and integrated solutions that meet global standards. As a leading brand in technology, consulting, and outsourcing services, we strive to alleviate our clients’ operational burdens while helping them achieve their strategic goals. With our high ethical standards, environmental awareness, and commitment to continuous improvement, we aim to be a solution partner that makes a difference in the business world.

Professionalism: We prioritize expertise and quality in every service we deliver.

Innovation: We continuously develop innovations to adapt to the changing business environment.

Sustainability: We embrace sustainability in business processes, considering our environmental and social responsibilities.

Excellence: We strive to meet and exceed excellence standards in all our services.

Confidentiality: We ensure the security of customer and corporate information, working in compliance with information security standards and KVKK regulations.

2. RESPONSIBILITY

All employees are responsible for adhering to the legal and ethical principles defined within this Policy and the Integrated Management System.

3. IMPLEMENTATION

This Policy covers and applies to all integrated management activities of the Company that are related to the Personal Data Management System, the Business Continuity Management System and Information Technology Service Management including the requirements of Personal Data Protection Law (KVKK), Legal Compliance and Quality Management System, and the Information Security Management System.

1. I. Ensuring the security of customer and personal data while meeting the objectives and expectations of the Integrated Management System.
2. II. Complying with all applicable laws, regulations, and obligations under the KVKK framework.
3. III. Prioritizing the satisfaction of employees, suppliers, partners, and customers while adhering to environmental, social responsibility, and sustainability principles.
4. IV. Allocating financial resources and personnel for effective risk management and evaluating opportunities.
5. V. Engaging in continuous improvement activities to ensure service sustainability and enhance customer satisfaction.
6. VI. Aligning all company activities with legal regulations and KVKK requirements.
7. VII. Ensuring business continuity during crises while prioritizing the protection of human life.

As Boss Yönetişim Hizmetleri A.Ş., we commit to working in compliance with this Policy and the procedures implemented under it. Regulations concerning Quality, Information Security, Personal Data Security, and Business Continuity may be updated with the approval of the board of directors when necessary.