Our Quality Management System Policy

With a vision to “become a global fashion brand that makes you go WOW”, we stand out in our sector with our innovative and dynamic approach, adopting the principle of “continual development”. We are committed to continually add value to all our suppliers, employees and other stakeholders by offering our products to all customers via all of our international sales channels at an affordable price, with a range suitable for any time of the day, in a timely fashion, and with an expected level of quality. When we design processes in our business ecosystem, we aspire to make everyone go “WOW” with our eco-conscious approach sensitive to people’s needs.

Our Information Security Management System Policy

On the path to become a global brand, we target sustainable operational excellence in the apparel retail sector. In line with these goals, we established an Information Security Management System, by which we aim at:

  • preventing Information Security risks at the Corporate Risk Management level
  • making the work “safe” and “continuous” by relying on our employees
  • supporting the decision-making mechanisms by making information complete, accurate and accessible
  • providing access to information by authorised persons
  • guaranteeing change management while continuously developing information systems and their components
  • constantly strengthening the organization’s information security awareness.
In this context DeFacto:
  • defines the organisational roles to establish, implement, protect and continually improve the information security management system; defines these roles’ authority and responsibilities; and provides the required resources.
  • defines the information and its sources while designing its business processes in its omnichannel trade sales channels; evaluates risks; and takes the required actions.
  • in order to protect information system components from cyber attacks, invests in the required infrastructure, which it keeps under control through periodic screenings and tests.
  • makes plans to ensure the continuity of critical business processes and information resources to provide uninterrupted service in different geographies and distributed systems, and monitors these.
  • offers trainings to its employees and third party collaborators to increase their awareness of information security in business processes. It ensures that information security is regarded as part of organisational process management.
  • evaluates these activities’ effectiveness and compliance with the corporate goals through periodic audits and management overview meetings

We accept and commit to abide by all requirements and obligations by following the legal regulations to achieve information security objectives; and to enhance our information security management system’s performance by continuously improving it.