Türkiye Odalar ve Borsalar Birliği

OUR INFORMATION SECURITY AND ACCEPTABLE USE POLICY

1. Introduction

Information security and Acceptable Use Policy sets the necessary rules for the use of information and communication assets for business purposes in Karacabey Commodity Exchange (hereinafter referred to as KTB).

2. Scope

All KTB employees, temporary officers and other institution / organization / company employees, members of the Board of Directors and institution members who are permitted to access information assets must comply with the rules stated in this policy.

3. Responsibilities

The KTB Board of Directors is responsible for the development, implementation and renewal of the Information Security and Acceptable Use Policy.

The KTB Board of Directors is responsible for ensuring that the Information Security and Acceptable Use Policy is known and understood by users, and that all other policies and procedures are consistent with this policy.

All users covered by this policy are responsible for knowing and following the Information Security and Acceptable Use Policy and the rules in the relevant policy and procedure.

4. Policy

4.1 General Rules

A- Information and communication systems and equipment of the KTB (including internet, e-mail, telephone, pagers, fax, computers, mobile devices and mobile phones) should be used for the execution of the KTB works. The use of these systems in any way that is illegal, inconvenient, against the organization's other policies, standards and guidelines, or in any way harmful to KTB, means that this policy has been violated.

B- KTB reserves the right to monitor, record and periodically audit these systems and the activities performed with these systems.

C- The following rules shouldn’t be considered as a comprehensive list of rules to be followed. The activities performed should be consistent with the rules here.

4.2 Information Security and Acceptable Internet Usage Rules

4.2.1 Corporate Use

A- KTB internet resources should be used primarily for the realization of official and approved KTB works.

B- The Personal use of internet resources is limited as long as it doesn’t conflict with the interests of KTB.

C- The relevant laws and regulations must be followed when using KTB internet resources.

D- Users are responsible for all transactions performed on the internet with their own user accounts. For this, users should keep their credentials properly and not share them with others.

4.2.2 Improper Use

A- KTB internet resources can’t be used illegally in any way, can’t contradict the corporate interests and prevent the normal operation and business activities of the KTB.

B- KTB resources cannot be used to store, link, add, access and send inappropriate content.

C- It is forbidden to participate in chat groups, forums, electronic news groups, except for the execution of official institutions.

D- Users are not allowed to give the necessary credentials to others to use the system.

E- Unless written permission is allowed, port scan or security scan cannot be done.

F- It is forbidden to monitor the network and attempt to receive data that is not for the user, unless written permission is permitted.

E-All activities that will ensure that critical information of KTB or the services of the institution become inaccessible are prohibited.

4.2.3 Browser Software

A- Users can only use browser software and configurations approved by authorized units of KTB.

B- No adjustments can be made to loosen the current security settings of the scanner software.

4.2.4 Monitoring

A- KTB reserves the right to monitor all transactions made using internet systems.

B- KTB reserves the right to share information about the user's activities on the internet system with third parties, law enforcement or the judiciary without the user's consent.

4.3 Information Security and Acceptable Email Usage Rules

4.3.1 Institutional Use

A- KTB e-mail sources should be used primarily for the realization of official and approved institution works.

B- Personal use of e-mail resources is restricted to a limited extent, as long as it does not conflict with the interests of KTB.

C- When using KTB e-mail sources, the relevant laws and regulations must be followed.

D- Users are responsible for all e-mail transactions performed with their own user accounts.

4.3.2 Improper Use

A- KTB e-mail sources can’t be used illegally, can’t contradict the interests of KTB and prevent the normal operation and business activities of KTB.

B- KTB e-mail sources cannot be used to store, link, add, access and send inappropriate content.

C- Users are forbidden to provide the necessary credentials to others to use the email system.

D-KTB e-mail sources; "Chain emails" can’t be used to send unsolicited messages (SPAM), such as advertising, deception, scribble.

E-Unauthorized use of the e-mail system and counterfeiting in the message content or header is prohibited.

4.3.3 Email Software

A-Users can only use e-mail software and configurations approved by authorized units of KTB.

B-No adjustments can be made to loosen the current security settings of the e-mail software.

C-Users cannot use features of the e-mail software to hide the sender's identity.

D-Users cannot use the automatic message forwarding features of the e-mail software.

4.3.4 Downloaded Software

A- KTB's e-mail system cannot be used to receive, send or store any free or commercial software.

B- All e-mail content and attachments must be scanned for malicious code and viruses before opening.

4.3.5 Monitoring

A- KTB reserves the right to monitor all transactions made using e-mail systems.

B- KTB reserves the right to share information about the user's activities in the e-mail system with third parties, law enforcement or the judiciary without the user's consent.

4.3.6 Email Retention Capacity Limits

A- The e-mail attachment size should be maximum 10MB in terms of security and performance.

B- The following limits apply on the user's e-mail box.

* The user will be notified when the e-mailbox size exceeds 150MB.

* The user can’t send e-mail when the e-mailbox size exceeds 200MB

* The user can’t send or receive e-mail when the e-mailbox size exceeds 250MB..

C- Users are responsible for deleting unnecessary messages.

D- E-mail messages containing critical data about KTB must be stored on KTB servers in order to be backed up properly.

4.4 Information Security and Acceptable Telecommunications Equipment Usage Rules

4.4.1 Institutional Use

A- KTB telecommunication devices should be used primarily for the realization of official and approved KTB works.

B- The personal use of telecommunication devices is restricted as long as it doesn’t conflict with the interests of KTB.

C- The relevant laws and regulations must be followed when using KTB telecommunication devices.

D- Users are responsible for all communication with their telecommunication devices.

4.4.2 Improper Use

A- KTB telecommunication devices can’t be used illegally in any way, can’t contradict the interests of KTB and prevent the normal operation and business activities of KTB.

B- KTB telecommunications devices can’t be used to store, access, download and transmit inappropriate content.

C- Users are forbidden to give the necessary credentials to others to use their telecommunications devices.

4.4.3 KTB Telephone System

A- Users should set up the KTB phone system to prevent access to systems that are not allowed or tracked.

B- During telephone conversations, before using speakers, audio and video recorders, video conferencing and similar devices, everyone in the conversation should be informed and permission should be obtained from everyone.

C- Conversations between cities and nations should be made by approved users.

D- Users shouldn’t discuss in environments where sensitive information belongs to KTB can be obtained by unauthorized people. In addition, wireless devices or mobile phones shouldn’t be used during such conversations.

4.4.4 Faxes

On the first page of all faxes sent on behalf of KTB, the following should be stated:

“This fax may contain private, confidential or copyrighted information about the KTB. This fax is for the specified recipient only. If you are not the recipient of this fax, it may be illegal to read, change or copy the content of this fax. If this fax was received by mistake, do not use the content in any way. In this case, please notify the person sending the fax and delete all their electronic and written copies.”

4.4.5 Modems

Modem usage should be done within the framework of Remote Access rules.

4.5 Information Security and Acceptable Software Usage Rules

4.5.1 Corporate Use

A- Users must comply with all software copyright laws.

B- All licenses used by KTB must be obtained legally.

C- The relevant laws and regulations must be followed when using software belonging to the KTB.

4.5.2 Improper Use

A- The software owned by KTB can't be used illegally, contrary to KTB policies or against the interests of KTB.

B- It is forbidden to reproduce software belongs to KTB without permission.

C- KTB communication infrastructure can't be used free and for unauthorized copying, sending, receiving or reproducing any trial or commercial software.

4.6 Information Security and Acceptable Portable Information Processing Devices Rules of Use

4.6.1 Institutional Use

A- Only approved portable computing devices should be used to access KTB information sources.

B- Portable information processing devices of KTB should be used primarily for the realization of official and approved KTB works.

C- Portable information processing devices should be stored in a physically safe place or manner when left unattended.

D- The personal use of these devices is limited as long as they do not conflict with the interests of KTB.

E- The relevant laws and regulations must be followed when using these devices.

4.6.2 Improper Use

A- KTB's portable computing devices can’t be used in any way illegal, contradicting KTB interests or preventing normal operations and business activities.

B- KTB confidential information can’t be stored in portable data processing devices without a password. It should be protected by encryption methods approved by KTB.

C- Institutional information can’t be transmitted wirelessly from portable information processing devices without using encryption methods and transmission methods approved by KTB. Also, information can’t be transferred to the corporate network without being scanned for malware.

4.6.3 Monitoring

A- KTB reserves the right to monitor all transactions made using portable information processing devices.

B- KTB reserves the right to share information about the user's activities with portable information processing devices with third parties, law enforcement or the judiciary without the user's consent.

5. Practice and Punishment

Disciplinary action is initiated and legal action is taken against those; who do not comply with the Information Security and Acceptable Use Policy and other policies and procedures specified here.

6. Review and Approval

The Information Security and Acceptable Use Policy is reviewed every six (6) months by the Secretary General and any changes are approved by the Chairman of the Board of Directors.

OUR COMMUNICATION POLICY 

The Communication Unit ensures recognition and adoption of the Stock Exchange in the society, conducts all public relations activities, establishes communication with the press and takes an active role in the activities and activities that take place within the Exchange. It is responsible for tracking monthly and annual bulletins and sending them to the relevant public institutions and organizations.

Follows the social, economic and cultural issues in the province, district, region, country and international framework. It examines the issues that are prepared by the government and which concern our members and producers, evaluates the studies and the results compiled, prepares reports, and uses our official website and local, national, visual, print organs to publicize these studies. In communication with our Stock Exchange members and manufacturers; It uses SMS, website, e-mail, fax, telephone, mail, cargo, print and visual media.

In communication strategy of our institution Computer Operator Pınar TUTKA will perform the tasks written below.

* Coordinating the stock market relations with the media,

* To ensure that the public and relevant authorities are illuminated in a timely and accurate manner,

* To publish the news provided by the Stock Exchange on time,

* To ensure that necessary studies are started to inform Stock Exchange on issues that concern community interests and the interests of the Stock Exchange,

* To carry out necessary activities to regulate press relations to strengthen the Stock Exchange in the press,

* To make necessary studies for the publication of stock market news in local, regional and national press,

* To fulfill other duties to be given to the stock market regarding the press,

* Bulletin, magazine and etc. to be prepared by the Stock exchange Providing support in the production of publications, producing news and photos,

* To prepare the speeches of the Chairman of the Board of Directors of the Exchange upon request.

OUR FINANCIAL POLICY 

Karacabey Commodity Exchange; As stated in Article 28 of the Law No. 5174, within the framework of the principles written in this law, it is a public legal entity established to engage in the sale and sale of substances included in the stock exchange and the determination, registration and announcement of the prices on the stock exchange.

Fiscal policy of Karacabey Commodity Exchange consists of registration fee, annual dues, registration fees, fees for services provided, document fees, donations and aids, interest income, rental income, authorization given by law number 5174 and various income.

OUR MEMBER SATISFACTION AND COMPLAINT POLICY

With the Law and regulations No. 5174 and the services carried out within the framework of the rule of law, to make efforts to resolve complaints from all its members, members, to the extent possible, and take necessary measures.

COMPLAINT ASSESMENT COMMITMENT

Karacabey Ticaret Borsası;

Within the framework of Law No. 5174 and regulations, it will evaluate the complaints submitted by the members in a timely and effective manner,

In the resolution of complaints; All stock exchange bodies and personnel, especially the Board of Directors, will take active duty,

It will provide all kinds of resources from the transmission of complaints to the Exchange to its solution,

As a result of the suggestions made by both members and staff within the framework of complaints submitted within the scope of continuous improvement; undertakes to work effectively to improve all services and processes.

HUMAN RESOURCES POLICY

* Employing a sufficient number of personnel in line with the qualifications, skills and budget opportunities required by the job,

* To increase the competence through trainings and to ensure continuous professional and personal development,

* To carry out a wage policy in line with the responsibility, risk, experience and merit required by the job description,

* To comply with the relevant regulations, laws and labor laws for the rights and responsibilities of our personnel,

* To prioritize the corporate belong and motivation of the employees,

* To monitor employee performance regularly, apply penalty and reward in line with its performance, and support open communication about it,

* To consider employee suggestions and expectations,

* To create equal opportunities between employees,

* To review and continuously improve human resources policy.