INFORMATION SECURITY POLICY

Purpose: The purpose of this Information Security Policy is to define the approach and objectives of the senior management and to inform all employees and relevant parties of these objectives in order to prevent violations of the law, fulfillment of legal, regulatory or contractual obligations and to to comply with all kinds of security requirements.

Scope: This Policy covers the information assets of Penguen Gıda Sanayi A.Ş.

Confidentiality: Ensuring that information is only accessible to authorized persons and units.

Integrity: Ensuring that information is current, valid and complete.

Accessibility: Ensuring that information is available and usable when needed.

 CORE PRINCIPLES

• To protect information assets against internal and external intentional or unintentional threats;
• To improve performance by providing the right information to the right user;
• To ensure the confidentiality and integrity of information;
• To ensure compliance with laws and regulations;
• To continuously improve the effectiveness of our management system and to provide the necessary resources for the development of such system;
• To strengthen the information security culture by continuously informing employees about information security risks and the correct behavior to avoid risks;
• To systematically manage security violations that may occur and to impose penalties when necessary.

Main responsibilities under the Policy

Board of Directors: To provide the means and tools for physical security, information systems security, communications, auditing and human resources management. To ensure the classification and protection of information.
Managers: To ensure the training of employees in their department, to enter into agreements with external partners, to ensure compliance, to lead by example and to oversee practices.
Employees: To learn and apply the information security rules and to report any information security breach.
Penguen Gıda is committed to providing the necessary resources and tools for the development and implementation of action plans to protect its information assets, to continuously improve its information security management system, and to continuously monitor relevant practices.

Ş. Aykan SÖZÜÇETİN

       General Manager

 ENVIRONMENTAL POLICY

 Purpose: The Company’s main objective is to create a sustainable business model and protect natural resources by adopting an environmentally sensitive approach. This Policy was developed to manage our business processes in an environmentally friendly manner and to minimize any adverse environmental impacts.

Scope: This policy covers all business units, supply chain and operations of the Company. It also includes the environmental impacts of our products throughout their lifecycle.

CORE PRINCIPLES

• To comply with national and international environmental regulations in the regions where we operate; to develop innovative practices that go beyond legal obligations;
• To continuously review our Environmental Policy in order to reduce the adverse impacts that we might have on the environment and to improve our environmental performance;
• To measure our environmental performance through goals and targets and to report the results;
• To encourage responsible environmental management by communicating with all stakeholders and to receive the opinions of our stakeholders regarding our efforts in this regard;
• To develop processes for wastewater treatment and recycling, to utilize water resources efficiently;
• To contribute to the fight against climate change, implement production models that support the transition to a low-carbon economy and minimize greenhouse gas emissions by promoting efficient use of resources;
• To explore innovative solutions to minimize emissions in logistics and transport operations;
• To work to reduce air emissions beyond greenhouse gases;
• To provide the necessary human, technological and financial resources to reduce waste at its source to the extent possible, to apply recycling and recovery techniques and to dispose of waste in an environmentally friendly manner in line with the “Zero Waste” principle;
• To participate in efforts to protect natural habitats and support biodiversity, and to protect biodiversity in the supply chain of our products;
• To ensure sustainability by taking measures to reduce our water consumption;
• To ensure increased individual responsibility by providing training to our employees on specific issues in order to increase environmental awareness and ensure sustainability.

In line with these principles, we are committed to ensuring continuous improvement and sustainability by regularly reviewing and updating our Policy.

Implementation

The Sustainability Committee, which is responsible for the management of the environmental policy, convenes at least twice a year, and reviews, monitors and audits the environmental policy and practices. It informs the Board of Directors about the decisions made and the decision-making process. The Company shares its environmental performance with the public every year in line with the principle of transparency. We collect the views of our stakeholders on environmental issues as part of the stakeholder analysis studies that we conduct to identifying the priority issues within the scope of sustainability reporting.  

Ş. Aykan SÖZÜÇETİN

       General Manager

ENERGY POLICY

Purpose: This Policy aims to ensure that the Company complies with national and international legislation and regulations regarding energy consumption and efficiency, and carries out its activities by providing all necessary information and resources within an energy management system committed to continuous improvement and sustainability.

Scope: This policy covers all business units, supply chain and operations of the Company. It also includes energy consumption of our products throughout their lifecycle.

CORE PRINCIPLES

• To adopt the latest technologies in our production and all our processes and to incorporate practices that increase energy efficiency into our system as soon as possible;
• To reduce energy losses through the efficient use of energy and natural resources, and to improve the efficiency of the energy management system continuously and ensure compliance with all requirements;
• To provide all necessary training to our employees to enable them to perform their duties in a way that ensures energy efficiency;
• To ensure that all our employees adopt the principle of working in a way that improves energy performance by posting our Energy Policy in appropriate places in our workplace;
• To continuously improve and enhance our Policy with contributions of all employees and managers.

In line with these principles, Penguen Gıda is committed to continuously improve its energy performance by strongly emphasizing energy efficiency.

Implementation

The Sustainability Committee, which is responsible for the management of the Energy Policy, convenes at least twice a year, and reviews, monitors and audits the Energy Policy and energy-related practices. It informs the Board of Directors about the decisions made and the decision-making process. The Company shares its energy performance with the public every year in line with the principle of transparency. We collect the views of our stakeholders on environmental and energy-related issues as part of the stakeholder analysis studies that we conduct to identifying the priority issues within the scope of sustainability reporting.  

Ş. Aykan SÖZÜÇETİN

       General Manager

GMO POLICY

Being aware of its responsibilities regarding the production, use and consumption of GMOs, the Company acts in line with the following principles.

Purpose: To produce GMO-free products.
Scope: This Policy applies to all products produced by Penguen Gıda Sanayi A.Ş.

CORE PRINCIPLES

• Science-based Approach: To adopt a science-based approach to assessing the environmental and health impacts of GMOs, taking into account the research and expert opinions of the scientific community and making decisions based on scientific knowledge;

• Product Monitoring and Evaluation: To regularly monitor and evaluate our products containing or associated with GMOs to ensure the quality and safety of our products;

• Labeling and Information: Provide consumers with clear and unambiguous information about the content of our products, as labeling enables consumers to make an informed decision;

• Sustainability: To promote sustainable agricultural practices and support the protection of natural resources in order to contribute to environmental sustainability, which is the main priority of our Company;

• Social Responsibility: To fulfill our social responsibilities by assessing the social impacts of the use of GMOs and taking into account the concerns and views of society in order to make a positive contribution;

• Cooperation: To comply with national and international regulations on GMOs and to cooperate with relevant regulatory bodies, scientists and industry stakeholders;

• Training and Competence Building: To provide training on GMO technologies and GMO Policy in order to encourage our employees and suppliers to adopt best practices regarding GMOs.

The Company operates in line with these principles and is committed to ensuring the trust of all our stakeholders.

This Policy reflects the Company’s approach and commitments regarding GMOs. The GMO Policy is adapted to changing scientific, technological and social conditions and is constantly being improved.

Penguen Gıda will continue to reach wider audiences with its sensitivity and awareness-raising efforts on GMOs and the impact it creates every year with the contributions of its stakeholders and solution partners.

Ş. Aykan SÖZÜÇETİN
General Manager

 HUMAN RESOURCES POLICY

 Penguen Gıda ensures further development with social and economic activities that enable its employees to adopt the corporate culture by using human resources in the most effective way, with an understanding of continuous development and improvement.

Purpose: Penguen Gıda aims to ensure the selection, recruitment, assignment and development of human resources that will ensure the effective and efficient execution of its business, to develop and implement plans to identify and meet training needs of its employees, to identify and manage competencies, and to conduct activities such as performance management and career planning to ensure the continuity of competencies. With this perspective, the Company is committed to accountability, respect for human rights and the rule of law, and continuous improvement and development by fulfilling its legal requirements.

Scope: This Policy applies to all employees of Penguen Gıda. All departments and employees are responsible for complying with the Human Resources Policy.

CORE PRINCIPLES

• To cooperate with organizations such as private employment agencies, the Turkish Employment Agency, and digital recruitment agencies in order to identify and select qualified candidates who will enable the Company to perform its operations effectively and efficiently and to ensure that they are recruited with a “right person for the right job” approach;
• To ensure that the rights of employees are protected by complying with regulations on recruitment, termination of employment, etc.;
• To ensure that our employees are aware of all kinds of developments and changes in the nature of their work, to improve their job satisfaction, to determine and implement training programs aimed at providing them with the knowledge, skills, attitudes and behavior required to be more participatory in the business environment and to ensure continuity, and to measure the effectiveness of training, taking into account the benefit to both employees and the Company;
• To develop a performance management system that will enable employees to see the results, in other words the outputs, of their own work and to evaluate the results of their individual achievements;
• To develop and implement a career management system that ensures the continuous development of employees within the organization, prepares them for responsibilities above their current position, and ensures that skills of employees at all levels who are willing to take responsibility are utilized in the most effective way;
• To collect information about the scope of the work performed in our Company, human resource requirements and working conditions, and to establish competency tables to assess this information and to implement the compensation system;
• To identify training and activity needs, to measure employee satisfaction, and to ensure the necessary improvements and developments by taking the opinions of employees through surveys and similar means;
• To prevent gender inequality with an understanding of “equal pay for equal work”;
• To treat all employees equally without discrimination on the basis of religious beliefs, language or race;
• To support social responsibility projects together with employees.

In line with these principles, Penguen Gıda is committed to continuing its efforts to ensure the social and economic well-being and continuous development of its employees and to ensure that all employees are included in the production system and that the corporate culture is adopted at the highest level.

Ş. Aykan SÖZÜÇETİN

       General Manager

CODE OF BUSINESS ETHICS AND ETHICS POLICY

This Policy covers the code of business ethics. This policy covers the code of business ethics. The Code of Ethics is a set of rules that guide us in all our conduct in carrying out our activities and business in accordance with the laws, regulations and procedures.

Purpose: PENGUEN GIDA SAN.A.Ş. is committed to displaying attitudes and behaviors that comply with the Code of Ethics detailed below in all its activities and relations with the persons and organizations with which it has business relations at home and abroad, the society in which it exists, its customers, suppliers, partners and employees, to comply with the ethical criteria accepted by the Company and to strive for the widespread adoption of all of these principles, especially in its own industry.
Scope: This Policy applies to all employees, customers and suppliers of Penguen Gıda.

OUR CORE PRINCIPLES

Integrity
Penguen Gıda complies with its commitments and agreements regarding the products it provides to its customers. Penguen Gıda avoids unauthorized use of patents, copyrights, trade secrets, trademarks, computer software or other intellectual and industrial property rights by itself or through other companies.

Respect for the Law
Penguen Gıda acts in accordance with legal rules in all its activities. The Company ensures that ongoing services that it procures from other organizations are provided in accordance with the law and conducts the necessary audits. Penguen Gıda aims to fulfill its tax and other legal obligations fully and on time and to be a model for the society. The Comnpany does not engage in illegal or criminal activities. In business life, Penguen Gıda does not resort to means and methods that do not comply with business and social ethics. Unless explicitly authorized by the managers, the Company’s employees may not engage in any act to represent the Company before third parties and may not make correspondence in this regard.

Human Resources
Penguen Gıda protects the rights of its employees pursuant to labor laws and rules of business ethics. The Company avoids all forms of coercive and oppressive labor. It fulfills its legal obligations towards all employees of the Company in preventing child labor effectively, preventing discrimination in hiring and business processes, and fulfills all its legal obligations towards all employees of the Company. Penguen Gıda does not interfere with the private information and private life of its employees, and keeps all data of its employees confidential. The Company does not discriminate on the basis of gender, age, ethnicity and religious beliefs in its practices regarding its employees. It creates healthy and safe working conditions at the level required by the law and endeavors to improve these conditions to the extent possible.

Collection, Use and Protection of Data
Penguen Gıda provides accurate and complete data about the Company and its activities to the public and relevant social stakeholders as part of its disclosure policies. The Company does not disclose the proprietary information of the companies which provide services to the Company to third parties without their permission. Employees may not disclose confidential and proprietary information which they have acquired as a result of their position or work. All documents used or created by employees to perform their duties belong to Penguen Gıda.

Occupational Health and Safety and Environment
Occupational Health and Safety (OHS) is very important at Penguin Gıda. Each employee is responsible for both their own occupational safety and the occupational safety of their colleagues, as well as all procedures and instructions related to OHS and Environment that they are obliged to comply with. Each employee is required to know and comply with this policy.
Penguen Gıda is committed to Corporate Social Responsibility projects. The Company supports a preventive approach to environmental issues before any damage occurs. It takes initiatives to promote a more effective environmental responsibility. It strives for the development and widespread adoption of environmentally friendly technologies. The Company adopts the principle of keeping the soil, water and air clean by not polluting the environment during any of its activities.

PRACTICES THAT SUPPORT THE CODE OF ETHICS

Protection and Efficient Use of Assets
The Company protects its interests in the use of its assets in business practices. Business assets (such as machinery, equipment, vehicles, fixtures, goods, raw materials, auxiliary materials, etc.) may not be used for any purpose and without authorization, under any name and on behalf of or for the benefit of anyone, without considering the interests of the company. Company assets cannot be taken out of the Company’s premises without authorization outside of working hours. Employees may only be engage in Company-related activities during working hours. Managers cannot assign personal tasks to employees.
All employees must use Company resources in the most efficient way possible. They must use time, one of the most important resources, effectively and complete meetings with visitors in a reasonable time so as not to interfere with the flow of work.

Commitment to Efficient Use of Resources
Penguen Gıda is committed to preventing waste and ensuring savings in the use of resources in its operations and the projects it carries out. This principle must be taken into consideration in business decisions and internal audits. Similarly, Penguen Gıda employees approach the economic and highly efficient use of the material resources of our Company with the same sensitivity they show to their own family budgets. Each Penguin Gıda employee must have the awareness and understanding of the fact that this behavior, which is adopted as a common corporate principle, provides the Company with a competitive advantage.

Use of Information Technologies and Information Security
Our principle regarding Information Security is to minimize the risk of data loss and to ensure data security.
Our employees (end users), who have an important role in supporting the security of information in electronic media, are required to exercise due care in keeping confidential and not sharing their passwords with anyone, including their colleagues.
Penguen Gıda respects the personal computer, e-mail and internet usage of its employees in accordance with their right to personal information privacy. In case of any violation of Penguen Gıda’s Code of Business Ethics, electronic communication channels may be monitored as necessary. Company computers must be used for business purposes only. 
 
Conflict of Interest and Unfair Advantage
Employees may not benefit themselves, their families, relatives, and/or third parties and institutions/organizations with whom they have business relations outside of the employment contract by taking advantage of their position at the Company. Employees may not engage in any business, on their own behalf or on behalf of third parties including their close relatives, which may affect the important fundamental elements of Penguen Gıda, conflict with the interests of Penguen Gıda, or benefit from Penguen Gıda. Employees may not gain personal benefits, directly or indirectly, from any transaction or contract to which the Company is a party.

Working at Another Job
Penguen Gıda employees may not work for another person and/or organization for a salary or similar benefit during or outside of working hours. However, it is possible for employees to work for another person (family member, friend, other third parties) and/or organization outside of working hours in return for a salary or similar benefit with the approval of senior management, provided that such work does not cause a conflict of interest with their duties at the Company, does not violate the rules of business ethics and does not adversely affect their performance at the Company. Employees may work in non-profit organizations and universities for social responsibility and charity purposes with the approval of the management, provided that it does not interfere with their duties within the Company. Employees may submit such requests to the Human Resources department in consultation with the relevant department manager.

Business Ethics and Conduct
It is not acceptable under any circumstances to receive, give or offer bribes and/or commissions under any name whatsoever. Employees may not, directly or indirectly, offer, promise, give or mediate the giving of money or anything of value to any person with whom they have a business relationship in order to gain unfair advantage. Employees must diligently avoid unethical conduct such as bribery, corruption or misconduct. Penguin Gıda employees must perform their duties in an egalitarian, transparent, accountable and responsible manner. Mutual love, respect, trust and cooperation should be the basis of their relations with their colleagues and other people they work with.
All employees must respect the rights of and cultural differences between individuals in the performance of their duties at Penguen Gıda.
Penguen Gıda employees cannot engage in disruptive behavior inside or outside the Company. Employees must also avoid any act that may constitute mobbing, which is also regulated by the law. Such conduct negatively affects the Penguen Gıda community and damage the Company’s reputation.

Gifts
Employees may not give or accept non-cash gifts such as cash equivalents, services, promotions, memberships, recruitment promises, etc.
Employees may consult the Ethics Committee regarding the giving or receiving of any gift or the offering or accepting of any hospitality, if they have any doubt as to whether the act in question is in compliance with the customs, traditions, business practices and Penguin Gıda Ethics Policy due to the reason or frequency of the relevant act.
Employees are allowed to give or receive gifts with very limited monetary value as part of routine operations. However, gifts that may be perceived as personal should be avoided.
Gifts and hospitality must not influence the decision-making mechanisms of the Company or third parties or cause such a perception and must not cause any conflict of interest.

STAKEHOLDER RELATIONS AND RESPONSIBILITIES

Relations with Print and Social Media
It is subject to the approval of the senior management of the Company to make a statement to any media organization on behalf of Penguen Gıda, to give an interview and to participate in seminars, conferences and similar events as a speaker. It is forbidden to use the Company’s name on social media without written approval. Employees may not make statements and comments on religious, social, political, etc. issues by using the Company’s name on social media. Official statements to the media are to be made by the person or persons expressly authorized by the management.

Responsibilities of Employees
Penguen Gıda employees are expected to conduct themselves in compliance with Company procedures and rules and to maintain these principles in all of their activities.
All employees must:

• Read, know, understand and internalize the Code of Business Ethics of Penguen Gıda and act in accordance with the rules, principles and values contained therein;
• Know the general and specific policies of the Company and the policies and procedures related to their work and act accordingly,
• Encourage their colleagues to comply with Company policies, and if they witness any intentional or unintentional misconduct, report it to the relevant line manager, or if the relevant manager is involved in the misconduct, directly to the human resources department or by using the whistleblowing hotline.

Responsibilities of Managers
All managers must ensure that their employees are aware of the Code of Business Ethics of Penguen Gıda. Managers are responsible for building and maintaining a company culture and working environment that supports the Code of Ethics, setting an example with their conduct, encouraging and supporting their employees to communicate their and their team’s questions, complaints, suggestions and feedbacks regarding the Code of Ethics to the human resources department.

COMPANY’S RESPONSIBILITIES TO STAKEHOLDERS
On behalf of Penguen Gıda, the management takes due care to fulfill the following responsibilities to its customers, employees, company partners, suppliers and business partners, competitors, society and humanity in addition to its legal responsibilities.

Legal Responsibilities
Penguen Gıda conducts all domestic and international activities and operations in compliance with the laws of the Republic of Turkey and international law, and submits accurate, complete and comprehensible information to regulatory bodies and organizations in a timely manner.
All undocumented activities are prohibited and the accuracy and consistency of documents and records are essential. The Company fulfills its obligations to all kinds of public institutions and organizations, administrative bodies, non-governmental organizations, political parties, etc. without any expectation of benefit, by maintaining an equal distance, with a sense of responsibility, and by considering the benefit of society.

Responsibilities towards Shareholders
Penguen Gıda strives to achieve sustainable profitability in line with the goal of creating value for its shareholders by emphasizing business continuity. Acting with financial discipline and accountability, the Company’s resources, assets and time are managed with an awareness of efficiency and savings. The Company is committed to increasing its competitiveness and investing in areas with growth potential and high returns. The Company provides the shareholders and the public with timely, accurate, complete and understandable information on financial statements, investments and risks.

Responsibilities to External Customers
Penguen Gıda works with an approach that focuses on customer satisfaction and responds to the needs and demands of its customers as quickly and accurately as possible. The Company offers its services on time and under the promised conditions. It approaches its customers with respect, fairness, equality and kindness.

Responsibilities to Employees
Penguen Gıda provides employees with their personal rights fully and accurately. The Company treats its employees honestly and fairly, and provides them with a safe and healthy working environment. It strives for the individual development of its employees. Employees are encouraged to take part in appropriate social and community activities with a sense of social responsibility. The Company is committed to balance work life and personal life.

Responsibilities to Suppliers/Business Partners
The Company fulfills its obligations in a timely manner. It carefully protects the confidential information of the persons and organizations and business partners with whom it conducts business.

Responsibilities to Competitors
The Company does not engage in unfair competition and competes legally and ethically. It does not slander competitor products and does not engage in misleading advertising.

Responsibilities to Society, Humanity and Nature
With a sense of corporate citizenship, the Company is committed to being a pioneer in social issues and a first responder in natural disasters, to act responsibly, to provide services in the public interest, and to be sensitive to the traditions and cultures of the regions in which it operates, both domestically and internationally.
The Company endeavors to take all measures that may or may not be required by the law in terms of protection of nature and natural life, consumer rights and public health in places where it operates.

APPLICABLE LAW
Since Penguen Gıda operates in both domestic and foreign markets, the Company’s operations are subject to the laws of the Republic of Turkey as well as the laws and regulations of various countries. In case of any doubt regarding ethical business conduct in different countries, employees must first comply with the laws of the country where the business is conducted. In such cases, employees must, first of all, observe the applicable laws of the country and/or countries where the business is to be conducted, and if such conduct may conflict with the ethical values adopted by Penguen Gıda, which operates on an international platform, employees must seek solutions within the ethical rules and procedures that the Company has in place. Employees may consult the Ethics Board, if necessary.

NON-COMPLIANCE WITH ETHICAL RULES
Those who violate the Code of Business Ethics and Company policies and procedures may be subject to disciplinary action, up to and including termination of employment, if necessary. Disciplinary action may also be taken against those who approve, facilitate, or have knowledge of improper behavior and violations of the Code and fail to report such conduct appropriately.

ETHICS BOARD
The Ethics Board is tasked with investigating and resolving complaints and reports of violations of ethical rules set out in the Code of Business Ethics of Penguen Gıda. The Ethics Board cooperates with the human resources department of Penguen Gıda. The Ethics Board, which reports to the General Manager of Penguen Gıda, consists of the following persons.

Chairperson: Ş. Aykan SÖZÜÇETİN General Manager
Member: Taner BULAMACI Factory Manager
Member: Hasan SERTTÜRK Human Resources Manager
Member: Abdurrahman KIVRAK Environment/OHS/DGSA Manager

EFFECTIVENESS AND WORKING PRINCIPLES OF THE ETHICS BOARD
All employees of Penguen Gıda are deemed to have accepted the terms and conditions specified in this Policy as of the date of its publication, and those who join the Company after this date are deemed to have accepted these principles as of their start date.
The Ethics Board fulfills its duties in line with the following principles:

• The Board keeps confidential the reports and complaints and the identity of the whistleblower.
• The Board conducts all investigations in confidentiality to the extent possible.
• The Board is authorized to request the information, documents and evidence related to the investigation directly from the department in question. It examines all kinds of information and documents, only to the extent required for the investigation.
• The Board keeps a written record of the investigation process from the start. Information, evidence and documents are attached to meeting minutes.
• The minutes are signed by the chairperson and members.
• The Board conducts the investigation and reaches a conclusion as swiftly as possible.
• The Board discusses the decisions and puts them into practice immediately.
• The Board informs the relevant authorities about the outcome.
• The chairman and members of the Board act independently of their department managers and the hierarchy within the organization while fulfilling their duties. They will not be pressured or influenced in any way.
• The Board may seek expert opinion (e.g. universities, consultant firms, relevant persons/institutions, etc.) if it deems necessary without violating the principles of confidentiality during the investigation.

IMPLEMENTATION OF ETHICAL RULES
The fundamental duty of Penguen Gıda employees is to protect and improve the values and working principles of Penguen Gıda, its corporate reputation and reliability across all locations where it operates. Employees are expected to act in accordance with the Company’s Code of Business Ethics in order to achieve this goal. The ethical rules regarding the values and principles described in this Policy are crucial as a guide to conduct business by taking our Company values into consideration and to determine the most appropriate behavior in any situations that we encounter. Penguen Gıda expects its employees to take personal responsibility and initiative to act in accordance with these rules. The three main issues that employees can help the management in creating a high ethical culture and environment within the Company are as follows.

1. To understand the Code of Business Ethics of Penguin Gıda;
2. To reflect ethical rules in everyday life and business life;
3. To consult with a manager or members of the Ethics Board in case of uncertainty about what to do about an issue.
It is the shared responsibility of every Penguen Gıda employee to report any decision or conduct that violates business ethics to the Ethics Board. Penguen Gıda Ethics Board is responsible for investigating and resolving complaints and reports of violations of ethical rules.

ETHICS HOTLINE
Employees should report any significant wrongdoing (e.g. unauthorized use of company assets for personal purposes, wastage, embezzlement, etc.), especially fraud (corruption), to their direct manager first. If the division manager is also involved in the wrongdoing in question, employees can report the wrongdoing to the Ethics Board or to the ethics hotline, the contact information of which is given below. Otherwise, the employee will also be responsible.

Ethics Board Members: Human Resources Manager – Environment/OHS/DGSA Manager
Ethics Hotline (E-mail): etik@penguen.com.tr
Ethics Hotline (Phone): 0 850 723 51 74
Address : Balkan Mah. Mümin Gençoğlu Cad. No/1 Nilüfer/BURSA

Ş. Aykan SÖZÜÇETİN
General Manager

OCCUPATIONAL HEALTH AND SAFETY POLICY

Penguen Gıda acts with the belief that all occupational accidents and illnesses are preventable and with the goal of creating the necessary culture and awareness with the Occupational Health and Safety Policy and by valuing human life in its search for flavor, which it has adopted in its activities in the food industry with the slogan of flavor, health and trust. The Company continuously improves its processes with this understanding and approach, and moves forward on this basis.

Purpose: Objective Penguen Gıda aims to minimize potential risks in the workplace by maintaining the health and safety of its employees at the highest level, to provide a sustainable working environment and to promote an occupational health and safety culture.

Scope: This Policy applies to all business processes, facilities and employees of Penguen Gıda. All units are obliged to comply with the Occupational Health and Safety Policy.

CORE PRINCIPLES

• To ensure that Occupational Health and Safety (“OHS”) Management includes proactive and reactive approaches and that the combination of these approaches covers all stages of the OHS Management System;
• To evaluate every activity carried out within the Company with the risks it poses and to establish the relevant procedures by taking these risks into consideration with the belief that all accidents can be prevented with the right perspective, the right planning and effective practices;
• To proactively identify hazards in the work environment, taking into account the effects of human behavior, and to eliminate or minimize the risks associated with these hazards at their source;
• To vigorously support all initiatives and efforts necessary to achieve the zero occupational accidents and occupational illnesses goal, and to work with its employees and stakeholders to this end;
• To investigate all accidents and incidents in detail in order to determine the root causes, to share the results of investigations and all assessments with all Company employees by discussing them at OHS Board and Management Review (MR) meetings in order to take the necessary measures, since accident investigation and reporting is an important part of the OHS Management System to prevent accidents from recurring;
• To ensure that its employees have access to medical support whenever they need it without any restrictions, as Penguen Gıda considers the health of its employees and stakeholders as its top priority;
• To provide a safe and accommodating working environment for its employees, suppliers, subcontractors and visitors, and to prevent injuries and impairments to their health;
• To measure OHS performance through objectives and targets and to report the results;
• To communicate with all stakeholders, encouraging them for responsible OHS activities, and to receive the opinions of stakeholders regarding its efforts in this regard;
• To increase awareness and responsibility by providing training on OHS issues to its employees and stakeholders, and to cooperate with all organizations that observe public interests in this regard;
• To comply with all applicable laws and regulations regarding OHS;
• To ensure and encourage continuous improvement by monitoring implementation results;
• To ensure that OHS policies are easily accessible to relevant parties.

Penguen Gıda is committed to taking all reasonable steps to ensure the health, safety and welfare of its employees and other persons who may be affected by its business operations by ensuring the continuity of its efforts in line with these principles.

Implementation

The Policy is announced to all employees and presented in an understandable manner. Compliance is ensured by conducting regular audits on occupational health and safety issues. Root cause analysis is conducted to understand incidents and accidents and prevent recurrences. The Policy is continuously improved by taking into account the feedback and suggestions of employees.

Ş. Aykan SÖZÜÇETİN

       General Manager

QUALITY AND FOOD SAFETY POLICY

As a company that creates value by combining its high sense of quality, leadership in modern agricultural techniques and constantly increasing its revenues with efficiency efforts, Penguen Gıda has ISO 9001 Quality Management System, ISO 22000 Food Safety Management System, IFS and BRCGS Global Standard for Food Safety – Level A certification. Our priority is to produce high quality products that comply with food safety requirements.
Purpose: Penguen Gıda aims to ensure that its efforts and achievements are sustainable by maintaining the following core principles as part of its corporate culture.
The Company produces all of its products in compliance with national and international food safety standards and the requirements of the relevant legislation by adopting customer satisfaction as a principle.
Scope: This Policy applies to all employees, stakeholders and all products produced by Penguen Gıda.

CORE PRINCIPLES

• Customer orientation: To understand the expectations of our consumers, to keep customer satisfaction at the highest level at all times, and to adopt the principle of responding to customer and consumer demands;
• Risk Management: To work with an awareness of continuous efficiency improvement by using all our resources in the most effective way, to take measures by evaluating risks and to aim to minimize weaknesses;
• Compliance and Standards: To produce products that comply with laws, food regulations, customer demands and expectations and human health under hygienic conditions with our trained and informed employees in parallel with technological developments;
• Continuous Improvement: To ensure the continuity of our improvement and development efforts with the contribution of all our employees;
• Leadership and Commitment: To continue to be the leading company in our industry with the pioneering steps we constantly take in our fields of activity;
• Competence and Training: To continue to fulfill our social responsibilities in order to secure the future of our country, and to provide training on quality and food safety rules at a level that our employees can understand;
• Business Processes and Performance: To evaluate the performance of processes and fully meet customer needs and expectations;
• Cooperation and Communication: To raise quality awareness with the participation of all our employees and stakeholders;
• Food Safety: To prevent food safety hazards that may occur in all our products from the farm to the consumer, to identify and manage all risks in advance, and to produce legal and unique products of the specified quality. To prevent risks at their source by taking into account their impact on food safety when preparing projects related to products and processes;
• Management Responsibility: To plan and urgently implement measures to minimize risks in case of any food safety hazard that may occur during our production processes, to ensure that food safety is guaranteed by keeping customer satisfaction at the highest level in our fields of activity, to continuously improve our food safety and quality culture, and to continuously evaluate all risks and opportunities that may arise.

In line with these principles, Penguen Gıda is committed to act with the satisfaction and full participation of all our employees.

Ş. Aykan SÖZÜÇETİN
General Manager

Profit Distribution Policy

Our company distributes profits within the framework of the provisions of the Turkish Commercial Code, Capital Market Regulations, Tax Regulations and other relevant regulations and the relevant article on the profit distribution of our Articles of Association. A balanced and consistent policy is followed between the interests of the shareholders and the Company in accordance with the Corporate Governance Principles in profit distribution and our long-term company strategy, investment and financing policies, profitability and cash position are taken into account in determining the annual profit distribution amount.

A minimum of 50% of the distributable period profit calculated within the framework of the Capital Market Regulations is distributed in cash and/or as bonus shares as long as the relevant regulations and financial possibilities allow in principal.

It is aimed to distribute the profit within one month at the latest after the General Assembly Meeting and the General Assembly decides on the profit distribution date. The General Assembly, if authorized, the Board of Directors may decide to distribute the dividend in installments in accordance with the Capital Market Regulations.

According to the Articles of Association of the company, the Board of Directors may distribute the advance dividends provided that it is authorized by the General Assembly and that it complies with the Capital Market Regulations.

Ş. Aykan SÖZÜÇETİN
General Manager
25.06.2008

PERSONAL DATA PROTECTION AND PROCESSING POLICY

Purpose: Penguen Gıda Sanayi A.Ş. (“Company“) Personal Data Protection and Processing Policy (“Policy“) is intended to protect the fundamental rights and freedoms of individuals, especially the privacy of individuals, in the processing of personal data and to regulate the obligations of natural and legal persons who process personal data and the procedures and principles to be complied with.

The Policy aims to maintain and improve the practices of the Company in compliance with the principles set forth in the LPPD and to inform data subjects.

Scope: Data subjects whose personal data are processed within the scope of this Policy are categorized as follows:

Definitions: The definitions of terms used in this Policy are as follows:

1.General Principles of Personal Data Processing

Pursuant to Article 3 of the LPPD, processing of personal data includes any operation performed upon personal data such as collection, recording, storage, retention, alteration, re-organization, disclosure, transferring, taking over, making retrievable, classification or preventing the use thereof, fully or partially through automatic means or provided that the process is a part of any data registry system, through non-automatic means.

The following principles must be complied with in the processing of personal data:

a.Compliance with the law and the rules of integrity

The Company carries out its personal data processing activities in accordance with the law and rules of integrity pursuant to the LPPD and the relevant legislation, in particular the Constitution.

b.Accuracy and being up to date, where necessary

The Company takes all administrative and technical measures to ensure the accuracy and timeliness of personal data in the course of processing personal data.

c.Processing for specific, explicit, and legitimate purposes

Before starting the processing of personal data, the Company clearly and precisely determines its legitimate purpose for processing personal data within the framework of the information/disclosure texts.

d.Being relevant with, limited to and proportionate to the purposes for which they are processed

The Company processes personal data to the extent necessary for the realization of the purposes of the Company. No data processing activity is carried out with the assumption that the data can be used later.

e.Retaining the data for the period of time stipulated by relevant legislation or the purpose for which they are processed

The Company stores personal data for a limited period of time as stipulated in the LPPD and the relevant legislation or as required by the purposes of the data processing activity.

2. Terms of Personal Data Processing

The Company may process personal data and sensitive personal data with the explicit consent of the data subject or without explicit consent in cases stipulated in Articles 5 and 6 of the LPPD

2.1. Processing of Personal Data

As a rule, the Company processes personal data based on the explicit consent of the data subject. However, the Company may also process personal data without seeking explicit consent in accordance with the data processing terms set forth in Article 5 of the LPPD, provided that:

• It is clearly provided for by the laws;
• It is necessary for the protection of life or physical integrity of the person or of any other person who is bodily incapable of giving his consent or whose consent is not deemed legally valid;
• It is necessary for the protection of life or physical integrity of the person or of any other person who is bodily incapable of giving his consent or whose consent is not deemed legally valid;
• It is necessary for the controller to be able to perform its legal obligations;
• Data has been made public by the data subject himself/herself;
• It is necessary for the establishment, exercise, or protection of any right;
• It is necessary for the legitimate interests of the controller, provided that this processing does not violate the fundamental rights and freedoms of the data subject.

2.2. Processing of Personal Data of Special Nature:

The Company processes personal data of special nature, which carries the risk of discrimination when processed unlawfully, in accordance with the data processing terms set forth in Article 6 of the LPPD. In addition, adequate measures determined by the Board are also required in the processing of personal data of special nature. It is prohibited to process sensitive personal data without the explicit consent of the data subject. However, personal data of special nature may be processed without the explicit consent of the personal data subject in the following cases:

a. Processing of Personal Health Data:

Personal health data may be processed in the presence of one of the conditions listed below, by (i) taking adequate measures to be stipulated by the Ministry of Health, (ii) acting in accordance with the general principles of data processing, (iii) acting under the obligation of confidentiality:

• Explicit written consent of the data subject
• Presence of adequate measures as an employer for occupational health and safety and compliance with the obligations arising from the legislation
• Protection of public health
• Preventive medicine
• Provision of medical diagnosis, treatment and care services
• Planning and management of health care services and financing

b. Processing of Personal Data of Special Nature Other Than Health and Sexual Life

Processing of such data is possible with the explicit consent of the data subject or in cases stipulated by law.

3.Ensuring the Security and Confidentiality of Personal Data

In accordance with Article 12 of the LPPD, the Company takes all necessary technical and administrative measures to prevent unlawful processing of and access to personal data and to ensure the appropriate level of security to protect personal data.

3.1. Technical Measures Taken to Ensure Lawful Processing of Personal Data and Prevent Unlawful Access

The Company has taken all necessary technical and technological security measures to protect personal data and protects personal data against possible risks.

Technical measures are taken in accordance with the developments in technology, and the measures taken are periodically updated and renewed. Software and hardware including virus protection systems and firewalls are available. Employees are informed that they cannot disclose the personal data they have come to know to anyone else in violation of the provisions of the Law and cannot use such data for purposes other than lawful processing, and that this obligation will continue after the termination of their employment, and the necessary undertakings are sought from the employees in this respect, and security policies including the rules to be followed in the workplace are published for the employees. The Company uses up-to-date systems for the storage of personal data in secure media.

Administrative and Technical Measures Taken to Ensure Lawful Processing of Personal Data and Prevent Unlawful Access:

• Network security and application security are ensured.
• Closed system network is used for personal data transfers via networks.
• Security measures are taken in the procurement, development and maintenance of information technology systems.
• There are disciplinary arrangements including data security provisions for employees.
• Regular training and awareness sessions are held for employees on data security.
• Access logs are kept regularly.
• Organizational policies on access to personal data, data security, use, storage, and destruction have been prepared and implemented.
• Confidentiality undertakings are signed.
• Authorizations of employees who have changed positions or who have left their jobs are being removed.
• Up-to-date antivirus systems are used.
• Firewalls are used.
• Data security provisions are included in agreements executed.
• Policies and procedures regarding personal data security have been set out.
• Personal data security is monitored.
• Necessary physical security measures are taken regarding entry and exit to physical spaces containing personal data.
• Physical media containing personal data are secured against external risks (fire, flood, etc.).
• Media containing personal data are secured.
• Personal data is reduced as much as possible.
• Personal data is backed up and the security of the backed up personal data is also ensured.
• User account management and authorization control system is implemented and monitored.
• Log records are kept so that no user intervention is possible.
• Attack detection and prevention systems are used.
• Cyber security measures have been taken and their implementation is constantly monitored.

3.2.  Measures Taken in Case of Unlawful Disclosure of Personal Data

In the event that the processed personal data is unlawfully acquired by others despite the security measures taken, the Company notifies the relevant data subject and the PDP Board within 72 hours from the date of becoming aware of such event. In this respect, the Company has established and published the Personal Data Vulnerability and Notification Procedure and the relevant job descriptions.

4. Personal Data Processing Purposes and Retention Times

4.1. Personal Data Processing Purposes

The Company processes personal data for the purposes listed below:

• Creating and Tracking Visitor Records,
• Performing Management Activities
• Providing Information to Authorized Persons, Institutions and Organizations
• Executing Supply Chain Management Processes
• Ensuring the Security of Movable Property and Resources
• Tracking Requests / Complaints
• Performing Contracting Processes
• Performing Storage and Archive Activities
• Executing Advertising / Campaign / Promotion Processes
• Performing Customer Satisfaction-Related Activities
• Executing Customer Relationship Management Processes
• Executing Goods / Service Sales Processes
• Executing Goods / Service Procurement Processes
• Performing Logistics Activities
• Performing Occupational Health / Safety Activities
• Executing / Overseeing Business Activities
• Planning Human Resources Processes
• Performing Communication Activities
• Monitoring and Conducting Legal Affairs
• Ensuring the Security of Physical Space
• Conducting Finance and Accounting Activities
• Performing Activities in Compliance with the Legislation
• Managing Access Authorizations
• Conducting Training Activities
• Executing Processes Related to Employee Benefits
• Fulfilling Employment Contracts and Regulatory Obligations to Employees
• Executing the Application Processes of Employee Candidates
• Executing Employee Candidate / Intern / Trainee Selection and Placement Processes
• Executing Information Security Processes
• Executing Emergency Management Processes

4.2. Personal Data Retention Times

The Company determines whether a period of time is stipulated in the relevant legislation for the retention of personal data. If a certain period of time is stipulated in the relevant legislation, the Company shall comply with this period; if no period of time is stipulated, the Company retains personal data for the time required for the purpose for which such data is processed. If the purpose of processing personal data has ceased and the retention periods set forth by the relevant legislation and/or the Company have expired, personal data may only be retained for the purpose of constituting evidence in possible legal disputes, asserting a right related to personal data or establishing a defense. The Company does not retain personal data on the basis of the possibility of future use.

5. Deletion, Destruction and Anonymization of Personal Data

Pursuant to Article 7 of the LPPD, the Company deletes, destroys or anonymizes personal data ex officio or upon the request of the data subject, in the event that the reasons requiring the processing of personal data no longer exist, even if such personal data has been processed in accordance with the relevant legislation.

The procedures and principles regarding this matter are implemented in accordance with the LPPD and the Regulation on Deletion, Destruction or Anonymization of Personal Data published in the Official Gazette No. 30224 on 28 October 2017.

In the first periodic destruction process following the date on which the Company’s obligation to delete, destroy or anonymize personal data arises, the Company deletes, destroys or anonymizes personal data.

Personal data is deleted, destroyed or anonymized within a maximum period of 6 (six) months following the date on which the Company’s obligation to delete, destroy or anonymize personal data arises.

The time interval for periodic destruction is six months.

When you apply to the Company and request the deletion or destruction of your personal data:

a) If all of the conditions for the processing of personal data have disappeared; your relevant personal data is deleted, destroyed or anonymized. Your request will be finalized within thirty days at the latest and you will be notified.

b) If all of the conditions for the processing of personal data have ceased to exist and the personal data subject to the request has been transferred to third parties, this will be notified to such third parties and necessary actions will be taken in accordance with the LPPD.

c) If all of the conditions for the processing of personal data have not ceased to exist, your request may be rejected by explaining the reason in accordance with the third paragraph of Article 13 of the LPPD, and the rejection response will be sent to you in writing or electronically within thirty days at the latest.

5.1.  Personal Data Deletion and Destruction Techniques

Deletion of personal data is the process of rendering personal data inaccessible and unusable for the users concerned.

Destruction of personal data is the process of rendering personal data inaccessible, unrecoverable and unusable by anyone in any way.

Examples include physical destruction, secure masking through software and secure deletion by an expert.

5.2.  Personal Data Anonymization Techniques

Anonymization is the process of rendering personal data impossible to link with an identified or identifiable natural person, even through matching them with other data.

Examples include masking, data derivation, pseudonymization, aggregation and data hashing.

6. Third Parties to whom Personal Data is Transferred and Purposes of Transfer

The procedures and principles that apply to personal data transfer are regulated in Articles 8 and 9 of the LPPD, and the data subject’s personal data and personal data of special nature may be transferred to third parties at home and abroad. The Company may transfer the data subject’s personal data and personal data of special nature to third parties (third party companies, group companies, third natural persons) by taking the necessary security measures in line with the lawful personal data processing purposes. In this respect, the Company acts in accordance with the provisions provided for in Article 8 of the LPPD.

Even without the explicit consent of the data subject, if one or more of the following conditions exist, personal data may be transferred to third parties by the Company by taking due care and all necessary security measures, including the methods stipulated by the Board.

• The transfer of personal data is explicitly stipulated by law;
• The transfer of personal data by the Company is directly related to and necessary for the establishment or performance of a contract;
• The transfer of personal data is necessary for the Company to fulfill its legal obligations;
• The transfer of personal data by the Company is limited to the purpose of publicization, provided that the personal data has been made public by the data subject;
• The transfer of personal data by the Company is necessary for the establishment, use or protection of the rights of the Company or the data subject or third parties;
• The transfer of personal data is necessary for the legitimate interests of the Company, provided that such transfer does not violate the fundamental rights and freedoms of the data subject;
• The transfer of data is necessary for the protection of the life or bodily integrity of a person who is unable to express consent due to actual impossibility or whose consent is not legally valid.

Your personal data may be shared by the Company with Authorized Public Institutions and Organizations, infrastructure providers of the Company, trainers, third parties from whom the Company procures services, travel agencies, legal entities providing e-archiving and e-invoicing services, legal entities providing e-archiving services, hosting service providers for our websites, insurance companies, banks/financial institutions, debt collection companies, workplace physicians, natural and legal persons with whom we are in a power of attorney relationship in order for the Company to carry out its commercial activities and to fulfill legal obligations.

However, in any case, personal data may not be transferred without the explicit consent of the data subject, save for the exceptions provided for in the LPPD. Therefore, in cases where the personal data of the data subject is transferred by the Company, no personal data is transferred to third parties or disclosed in any way without the explicit consent of the data subject.

6.1.  Domestic Transfer of Personal Data

In accordance with Article 8 of the LPPD, personal data may be transferred domestically provided that one of the conditions specified in Section 2 of this Policy titled “Terms of Processing Personal Data” is met.

6.2. Transfer of Personal Data Abroad

In accordance with Article 9 of the LPPD, in cases where personal data is transferred abroad, the existence of one of the following conditions is sought in addition to the conditions for domestic transfers:

• The country to which the personal data will be transferred must be listed among the countries with adequate protection measures by the PDP Board;
• In case the destination country does not have the adequate protection measures in place, the data controller in Turkey and in the relevant foreign country must undertake in writing to provide adequate protection and obtain the permission of the PDP Board.

Data transferred abroad by the Company includes identity data, contact data and audio and visual recordings.

6.3. Categories of Persons to whom Personal Data is Transferred by the Company

In accordance with Articles 8 and 9 of the Law, the personal data of data subjects managed by this Policy may be transferred to the categories of persons listed below in line with the purposes mentioned herein:

7.  The Company’s Obligation to Inform

In accordance with Article 10 of the LPPD, the Company informs data subjects during the collection of personal data. In this context, the Company fulfills its obligation to inform on the following subjects:

a. The title of the Company as the data controller

b. The purpose for which personal data will be processed

c. To whom and for what purpose the processed personal data may be transferred

d. The method and legal reason for personal data collection

e. The rights of the data subject specified in Section 1 of this Policy titled “Right to Apply”

8. Rights of Data Subjects and Exercise of These Rights

In accordance with Article 13 of the LPPD, the exercise of the rights of data subjects and the provision of the necessary information to data subjects are ensured through the Company’s Data Subject Application Form as well as this Policy. Data subjects may submit their complaints or requests regarding the processing of their personal data to the Company in line with the guidelines set out in the relevant form.

8.1.  Right to Apply

In accordance with Article 11 of the LPPD, anyone whose personal data has been processed may apply to the Company and request the following:

a. To learn whether or not your personal data has been processed;

b. To learn the processing purpose of your personal data and whether such data is used in accordance with the intended purpose;

c. To learn the processing purpose of your personal data and whether such data is used in accordance with the intended purpose;

d. To learn about the third parties at home or abroad to whom your personal data has been transferred;

e. To request rectification in case your personal data has been processed incompletely or inaccurately and to request notification of such rectification to the third parties to whom your personal data has been transferred;

f. To request the deletion, destruction or anonymization of personal data in the event that the reasons for the processing of personal data no longer exist and to request notification of the action taken in this regard to third parties to whom personal data has been transferred,

g. To object to occurrence of any result that is to your detriment by means of analysis of processed data exclusively through automated systems,

h. To request compensation for the damages in case you suffer any damages due to unlawful processing of your personal data.

8.2.  Exceptions to the Right to Apply

In accordance with Article 28 of the LPPD, data subjects cannot exercise their right to apply if:

a. Their personal data is processed by natural persons entirely for activities concerning them or their family members living in the same residence, provided that it is not disclosed to third parties and data security obligations are complied with;

b. Their personal data is processed for purposes such as research, planning and statistics by anonymizing such data through official statistics;

c. Their personal data is processed for artistic, historical, literary or scientific purposes or within the scope of freedom of expression, provided that it does not violate national defense, national security, public security, public order, economic security, privacy of individual life or personal rights or does not constitute a crime;

d. Their personal data is processed within the scope of preventive, protective and intelligence activities carried out by public institutions and organizations authorized by law to ensure national defense, national security, public security, public order or economic security;

e. Their personal data is processed by judicial authorities or enforcement authorities in relation to an investigation, prosecution, trial or execution procedure.

In accordance with paragraph 2 of Article 28 of the LPPD, data subjects cannot exercise their right to apply, with the exception of the right to claim damages, if:

a. The processing of personal data is necessary for the prevention of a crime or conducting a criminal investigation;

b. Their personal data has been made public by the data subject himself/herself;

c. The processing of personal data is necessary for the execution of supervisory or regulatory duties and disciplinary investigation or prosecution by authorized public institutions and organizations and professional organizations in the nature of public institutions based on the authority granted by the law;

d. The processing of personal data is necessary for the protection of the economic and financial interests of the State in relation to budgetary, tax-related or financial matters.

8.3.  Response Procedure

In accordance with Article 13 of the LPPD and the Communiqué on the Procedures and Principles of Application to the Data Controller, the Company finalizes the application requests made by data subjects free of charge, in the shortest time possible and no later than 30 (thirty) days, depending on the nature of the request. In accordance with Article 13 of the LPPD, the application must be submitted to the Company in writing or by other methods determined by the Board.

The application of the personal subject may be rejected in the following cases:

a. The application violates the rights and freedoms of other persons;

b. The response to the application requires disproportionate effort;

c. The information is publicly available;

d. The application jeopardizes the privacy of others;

e. Any other case outside the scope of the LPPD.

9.  Personal Data Processing Activities Performed inside the Company and Data Processing Activities Performed on the Website

9.1.  Camera Surveillance inside the Company

The Company conducts camera surveillance inside the Company and its factory in order to protect the interests of the Company and ensure the security of persons.

In line with the provisions of the LPPD, the Company has published this Policy on its website regarding camera surveillance and posted a notice of surveillance at the entrances of areas where surveillance is conducted.

There is no surveillance in areas that may result in invasion of the privacy of an individual. Only a limited number of Company employees have access to security camera recordings. These persons who have access to the recordings have signed a confidentiality undertaking and declared that they will protect the confidentiality of the data to which they have access.

9.2. Entry and Exit of Persons Visiting the Company

Personal data processing activities are carried out to track the entry and exit of our guests visiting the Company. While the name-surname, motor vehicle license plate number, entry-exit time-date information of the persons visiting the Company are collected, the data in question is processed only for this purpose and the relevant personal data is recorded in a physical registry.

9.3 Personal Data Protection Unit

In order to fulfill its obligations under the LPPD, the Company assigns the necessary personnel for the performance of tasks specified in this Policy and establishes procedures accordingly. A Personal Data Protection Unit has been established by the Company to manage this Policy and the procedures related to this Policy pursuant to the LPPD. The unit has duties such as distributing the necessary tasks to increase awareness within the Company, following up the audits to be conducted, taking the necessary actions to process the applications of relevant persons, managing the Company’s relations with the Board, etc.

This Policy may be revised by the Company when deemed necessary. In case of any revision, the most up-to-date version of the Policy will be available on the Company’s website.

Ş. Aykan SÖZÜÇETİN

       General Manager

CORPORATE COMMUNICATION POLICY

The Company communicates with all its stakeholders in all business areas in line with the principles of transparency, integrity, impartiality and inclusiveness, with a commitment to sustainability and social responsibility.

Purpose: The Company aims to ensure an effective corporate communication by maintaining stable cooperation with all stakeholders and to create a dynamic and interactive communication environment that improves its corporate culture and values by protecting the reputation, image, perception and value of its corporate brand.

Scope: This Policy applies to all employees and stakeholders of Penguen Gıda.

CORE PRINCIPLES

• To act in accordance with its corporate culture and corporate identity in all internal and external communication and media relations;
• To develop messages that support the Company’s corporate image in order to reach internal and external stakeholders;
• To operate with a planning that aligns the different disciplines of communication (public relations, advertising, digital and social media management, etc.) in line with an umbrella strategy and corresponding shared goals;
• To ensure that the Company appears in the media more frequently through media relations, preparing media interviews, writing news bulletins, and writing news releases;
• To use a clear and accurate language that respects religious, ethnic, cultural and social values, unifies people and respects personal rights and freedoms;
• To implement a communication model for all our stakeholders in which women and men are equally represented, benefit equally from resources and opportunities, assume equal roles, and equally participate in decision-making processes;
• To develop an effective language that motivates and ensures strong coordination in the flow of information in all departments;
• To protect the confidentiality of personal data and to comply with legal requirements related to intellectual property rights and copyrights.

In line with these principles, the Company is committed to displaying an effective, equal, impartial and unifying attitude in communication with all stakeholders as part of its corporate culture and to ensure continuous development.

Ş. Aykan SÖZÜÇETİN

       General Manager

CORPORATE RISK MANAGEMENT POLICY

Purpose: The Company aims to minimize potential risks by analyzing all legal, strategic, operational and financial risks.

Scope: This Policy applies to all business processes, facilities and employees of Penguen Gıda. It also includes all stakeholders, from suppliers to customers.

CORE PRINCIPLES

• To support the implementation of a risk management system aligned with strategic goals;
• To ensure continuous improvement by developing the necessary action plans to anticipate, monitor and manage potential risks in all processes;
• To analyze environmental, social and governance risks and develop action plans;
• To review all risks and take measures to reduce them to an acceptable level in coordination with the Early Detection of Risk Committee;
• To meet the resource requirements for the management of identified risks;
• To ensure compliance with applicable laws and regulations;
• To measure and monitor risks and contribute to the use of risk factors in decision-making processes.

In line with these principles, Penguen Gıda is committed to ensuring that the Company takes the necessary measures against the identified risks, manages the risk and ensures development within a corporate and systematic structure.

Implementation

The Company ensures that risk management policies and practices are adopted and implemented by all Company units and employees. The Early Detection of Risk Committee ensures that all kinds of risks, including strategic, operational, financial, compliance and other risks that may jeopardize the existence, development and continuity of the Company and that affect the decision-making processes of the Company, are identified, that the necessary measures and actions are taken, and that the risks are managed and reviewed by a risk management system.

Ş. Aykan SÖZÜÇETİN

       General Manager

SUSTAINABILITY POLICY

Purpose: The Company aims to create a sustainable management system by adopting the sustainability culture at all levels of the organization.
Scope: This Policy applies to all business processes, facilities and employees of Penguen Gıda. It also encourages all stakeholders, from suppliers to customers, and includes them in our system.

CORE PRINCIPLES

• To provide an environment of trust for our employees and all our stakeholders by providing a healthy and safe environment;
• To ensure high quality standards in our production processes by adopting the principle of complete customer satisfaction;
• To analyze environmental, social and governance risks and develop action plans;
• To receive the support and contributions of all our stakeholders in order to provide social benefit;
• To operate without damaging the soil composition in order to preserve biodiversity;
• To contribute to sustainable development by supporting the use of innovative technologies;
• To follow all national and international regulations and to act in accordance with laws and legal obligations;
• To support efforts to protect human rights by contributing to social responsibility projects;
• To work towards increasing sustainable performance in the supply chain.

In line with these principles, Penguen Gıda is committed to promoting sustainable development in line with the UN Sustainable Development Goals.

Implementation
The Policy is announced to all employees and presented in an understandable manner. The Sustainability Committee and sub-working groups ensure the adoption of a sustainability approach at all levels of our Company and include all our stakeholders in this culture, enabling them to contribute to sustainable development.

Ş. Aykan SÖZÜÇETİN
General Manager

COMPENSATION POLICY

Purpose: The Company follows the Labor Law in force (requirements of Law No. 1475-4857-6331) in determining the compensation policy for its employees.
Scope: This Policy applies to all employees of Penguen Gıda.

In this framework:

Severance Pay
The Company calculates severance pay to the employees who have seniority for the periods specified in the Labor Law, based on the working term of the employee and the gross wage of the last month in case the employment contract has been terminated under one of the circumstances stipulated in the Law.

Severance Pay is paid to employees with a certain period of seniority or to their heirs in the event of the death of the employee, based on the employment term and the last gross wage of the employee in question, pursuant to Articles 14, 24, 25 of specified in the Law No. 1475-4857.

Payment in Lieu of Notice
Pursuant to Article 17 of the Labor Law, the termination of an employee’s indefinite employment contract becomes effective at the end of the periods determined according to the seniority of the employee, and the employer pays the employee’s salary during this notice period and also grants the employee permission to look for a new job in accordance with the Labor Law. Pursuant to the authority granted by the Labor Law, the Company has the right to terminate the employment contract of an employee with immediate effect by paying the employee’s salary for the notice period (payment in lieu of notice) in advance.

The payment in lieu of notice is made in cash to the employee pursuant to Article 17 of the Law No. 4857 or the employee may be given time off to look for a new job by notifying the employee that their employment contract will be terminated within the period stipulated by the Law depending on the seniority of the employee.

Aykan SÖZÜÇETİN
General Manager

SUPPLIER DIVERSITY POLICY

Purpose:  As a company that creates value by combining its high sense of quality, leadership in modern agricultural techniques, continuously increasing turnover with efficiency studies, we aim to develop long-term and sustainable relationships with various suppliers who are open to innovations and continuous improvements that add value to our supply chain by increasing supplier diversity.
Scope:  This Policy applies to all suppliers of Penguen Gıda.

CORE PRINCIPLES

• To encourage our suppliers to seek certification by national and international certification bodies;
• To ensure that our suppliers contribute to sustainable development by committing to the UN Sustainable Development Goals;
• To ensure that our suppliers act in accordance with the minimum age provisions stipulated in applicable laws and regulations, and to ensure that the necessary measures are taken to prevent child labor;
• To ensure that our suppliers act in a way that respects human rights;
• To ensure that our suppliers highly value employee health and safety, to ensure that they comply with legal provisions related to working hours;
• To contribute to creating social benefit by encouraging our suppliers to support social responsibility projects;
• To ensure that our suppliers are aware of the importance of efficiency, minimizing risks and taking the necessary measures.

In line with these principles, Penguen Gıda is committed to contributing to sustainable development by increasing supplier diversity and encouraging all suppliers to adopt a culture of sustainability.

Ş. Aykan SÖZÜÇETİN
General Manager

Wage Policy

WAGE POLICY FOR SENIOR EXECUTIVES AND MEMBERS OF BOARD OF DIRECTORS
This policy document defines the wage system and practices of our members of board of directors and senior executives within the scope of those being found under the administrative responsibility of the FMB regulations.

A fixed wage is determined at the ordinary general meeting every year in order to be valid for all members of the board of directors.

Payment is made to the executive members of the board of directors within the scope of the policy determined for the senior executives, whose details are explained below.

At the end of the year, premiums determined by the board of directors can be paid to the members of the board of directors to take part in the committees to be established by the board of directors in accordance with the opinion of the Corporate Governance Committee by predicating on the basis of their contributions, participation in meetings, and functions.

Performance based payment plans cannot be used for the remuneration of independent members of board of directors.
The members of the board of directors are paid on the basis of criteria by taking into account the period that they have served as of their appointment and leaving dates. The expenses (transportation, telephone, insurance etc. expenses) borne by the members of the board of directors due to their contributions to the company can be covered by the company.

The Senior Manager wages consist of two components by fixed and performance-based payment.

The Senior Executive fixed fees are determined in accordance with international standards and legal obligations by taking into account the macroeconomic data in the market, the wage policies prevailing in the market, the size and long-term targets of the company and the positions of the individuals.
The Senior Manager premiums are calculated according to premium basis, company performance and individual performance. The information regarding the criteria is summarized below.

• Premium Base: The premium bases are updated at the beginning of each year and vary according to the business size of positions of the managers. When updating the premium bases, the senior management premium policies in the market are taken into account.

• Company Performance: The company performance is obtained by measuring the financial and operational targets (Market share, export, overseas activities, productivity, etc.) given to the company at the beginning of each year at the end of the period. When determining the company targets, the sustainability of success and improvements compared to the previous years are the principles that are taken into consideration.

• Individual Performance: In determining the individual performance, the targets related to the employee, customer, process, technology and long-term strategy are taken into account together with the company targets. In the measurement of individual performance, the principle of long-term sustainable improvement outside the financial areas is considered in parallel with the performance of the company.

The total amounts determined in accordance with the above principles and paid to the Senior Executives and Members of Board of Directors during the year are submitted for the information and/or approval of the shareholders in accordance with the legislation at the following general assembly meeting.

Ş. Aykan SÖZÜÇETİN
General Manager
25.06.2008

GREEN PROCUREMENT POLICY

 Purpose: To ensure the procurement of energy efficient and environmentally friendly products and services in order to increase environmental and economic benefits.

Scope: This Policy applies to all units of the Company, raw materials and energy used in production, all offices, office equipment and supplies, all employees and all other stakeholders.

CORE PRINCIPLES

• To minimize greenhouse gas emissions,
• To maximize energy and water efficiency,
• To minimize waste with the zero waste principle,
• To ensure the procurement of environmentally friendly products and packaging,
• To improve awareness regarding the purchasing process, to provide training on the use of environmentally friendly products and to reduce unnecessary purchases,
• To prevent the destruction of habitats in order to protect nature by avoiding damage to the soil,
• To take high level measures regarding health and safety issues.

 Implementation

The Policy will be communicated to all employees to raise awareness on energy efficiency.

In line with the principles above, Penguen Gıda is committed to reducing greenhouse gas emissions, protecting nature and preventing pollution by supplying products with high energy efficiency.

Ş. Aykan SÖZÜÇETİN

       General Manager

USER AGREEMENT

Before using this internet site, please carefully read and review the following User Agreement.
The internet site named http://www.penguen.com.tr/alan (“Site” or “Internet Site”) belongs to PENGUEN GIDA SANAYİ ANONİM ŞİRKETİ (“PENGUEN GIDA”).
By becoming a member of thisInternet Site , you accept the User Agreement below.

1. Acceptance

By visiting this Site, you agree to act and comply within the conditions described in this User Agreement (“Agreement”).

PENGUEN GIDA reserves the right to change these conditions and also other all kinds of information, including the Privacy Policy taking place on this internet site, from time to time and without any notice if it deems necessary. You can always access the current version of this Agreement and the Privacy Policy on the internet site. Entering into this Internet Site means that you accept this Agreement and any changes that may occur in the Agreement at any time. All kinds of usage and disposal authority on the Internet Site belong to PENGUEN GIDA.

2. Responsibility

You can find the catalog of all products offered by PENGUEN GIDA on the Internet Site (http://www.penguen.com.tr/BASIN/Kurumsal_Malzemeler).

PENGUEN GIDA always reserves the right to make changes on the prices and products and services offered. You agree in advance that you will not take any other action to find or obtain the source code in the use of the Internet Site; otherwise, you will be responsible for the damages arising from the 3rd persons and legal and criminal action will be taken against you. You accept that you will not produce and share the contents which are contrary to the general morality and etiquette, contrary to the law, violates rights of the 3rd Persons, misleading, offensive, obscene, pornographic, violates the personal rights, contrary to the copyright and encourages the illegal activities in the activities within the site, in any part of the site or in your communications. Otherwise, you will be fully responsible for any damage that will occur. In this case, the ‘Site’ officials will be able to suspend, terminate such accounts, and use their right to initiate legal proceedings. For this reason, PENGUEN GIDA reserves the right to share information requests from the judicial authorities regarding the activity or user accounts. The members of the site are responsible for their relationships with each other or with the third parties.

The visitor/user of this Site is responsible for the accuracy of all information given to the Site and the risks that will be able to arise from using the site. In the case where the information is incorrect or wrong and the situation is determined by PENGUEN GIDA, the User will be able to be banned from entering the Internet Site. The failure to use or delay in using any of its rights in this Agreement by PENGUEN GIDA does not mean that this right is waived.

PENGUEN GIDA has the right to remove or delete the content presented on the Site without serving any notifications and has no responsibility in the case where these parts cannot be accessed. PENGUEN GIDA has the right to block some or all users from accessing to the Site. The accounts are specific for the personal use, and any information given to you within the scope of the username, password or security measure is in confidential capacity.

PENGUEN GIDA is not responsible for any damages that will arise as a result of your action in line with the information on this Site. Moreover, PENGUEN GIDA is not responsible for any direct or indirect damage, loss of profit and/or data loss arising from your use of or relying on any content on this Site.

3. Trust to Published Information

The information taking place on the Internet Site is completely general information and the accuracy of this information is not guaranteed. All responsibility arising from trust in the information obtained from the Internet Site belongs to you. PENGUEN GIDA does not have any responsibility regarding the accuracy of the information provided by the third parties.

4. Registration and Confidentiality

Please read our Internet Privacy Policy to learn about processing, saving and protecting the personal information that you submit to the Internet Site.

5. Links Given to Other Internet Sites

Links to other internet sites belonging to the third parties can be provided from this internet site. PENGUEN GIDA is not responsible for the content taking place on the internet sites being linked and has no obligation to check their accuracy, quality or up-to-dateness. PENGUEN GIDA assumes no responsibility from being incorrect of the information in question or the information contained in the internet site content or containing incomplete and misleading content and any legal, criminal or bodily responsibility such as injury etc. that may occur due to content which violates the rights of the third parties. The visitors/users will access to these sites by taking their own potential risks.

6. Intellectual Property Rights

This internet site and all its pages and this internet application software and all visual works, designs, interfaces, user controls, processes, programs and software components found in it and all kinds of rights without being limited thereto belong to PENGUEN GIDA, licensor or other providers.

The Intellectual Property Rights contain all designs, drawings, products that are subject to the order, all intellectual products that are subject to the registration or not without being limited thereto.

Unless otherwise clearly specified, not any element in the content of the internet site does not provide any license or right or any permission accordingly or transfer by implication of right or any license within the framework of any other proprietary right or any patent, trademark, copyright of PENGUEN GIDA or a third party .The use of the items that are subject to this right without the consent of the owner of the intellectual property right in any way, including but not limited to the above, is a violation of rights and infringement of such intellectual property rights is subject to both civil and criminal sanctions. PENGUEN GIDA can apply to all kinds of legal and criminal remedies in order to protect the intellectual property rights on the Internet Site and its content.

7. Compensation for Damages

You accept that you will keep the PENGUEN GIDA, its affiliates, licensors and their employees, managers, representatives, suppliers and successors free from all kinds of claim, liability, damage, decision, judgment, loss, expense or fee (including attorney’s fee) which will arise from the violation of these provisions or the use of the Internet Site by you and compensate the damages.

8. Applicable Law and Resolution of Disputes

Turkish law will be applied to this Agreement without constituting any confliction and in the cases where it is not possible to resolve the dispute as a result of the mutual negotiations, the dispute will be resolved before Bursa Courts and Enforcement Offices.

PRIVACY INFORMATION

Penguen Gıda A.Ş or its affiliated companies accepts, declares and undertakes that that it will not sell, rent or use your name, e-mail address, work and home address, telephone number and personal information to a third party submitted by its visitors through forms on this site.

It cannot be held responsible for direct and indirect loss or damage arising from the use of companies affiliated with Penguen Gıda, party and individuals who undertake the construction of this site.

Penguen Gıda A.Ş. or its affiliated companies will use the Personal Information depending on the following purposes:

• To send you the printed publications or other correspondences,
• To send you the press releases or notifications by e-mail,
• To evaluate your applications during recruitment processes, and
• To deliver the products that you purchased.

The Personal Information can only be accessed by authorized personnel of Penguen Gıda A.Ş. or its affiliated companies and third parties who have agreed to keep your Personal Information confidential. Penguen Gıda A.Ş or its affiliated companies will be able to use the data that can be obtained from the Personal Information (age, gender, geographical location, etc.) to improve the internet site and to learn more about its consumers in general without disclosing the Personal Information. Penguen Gıda A.Ş. or its affiliated companies have all the rights and responsibilities on the Personal Information data.

Penguen Gıda A.Ş. or its affiliated companies do not make any guarantees about the privacy policies of third party internet sites that you can access via the links on the internet site. These data can only be used for the specified purpose and cannot be used for unilateral communication without your consent.