We adopt and maintain an Information Security & Privacy Management System (IS&PMS) aligned with ISO 27001:2022 and ISO 27701:2019. We commit to:

• Ensuring confidentiality, integrity, and availability of all information we manage
• Responding promptly to incidents affecting information security or privacy
• Minimizing the impact of security incidents on business continuity and reputation
• Complying with applicable legal, regulatory, and contractual obligations
• Handling personal data fairly, lawfully, and only as necessary, maintaining confidentiality and security
• Continuously improving our IS&PMS to meet evolving business and technological needs
• Providing the necessary resources for effective implementation
• Ensuring all employees understand, adopt, and follow IS&PMS procedures

Our IS&PMS covers ICT solutions, consulting services, and ICT project management. Management regularly reviews the system and objectives to ensure alignment with business goals, market developments, and legal requirements. All personnel can access, understand, and apply this policy.

We deliver IT services that consistently meet customer requirements, contractual obligations, and regulatory standards. Our Service Management System covers application support, product maintenance, hosting, consulting, and software development. We commit to:

• Designing, delivering, monitoring, and improving services
• Ensuring consistent service delivery through documented processes and roles
• Identifying and managing service-related risks and opportunities
• Managing changes to minimize disruptions
• Monitoring performance and taking corrective or improvement actions
• Encouraging open communication with stakeholders
• Ensuring staff competence, training, and awareness
• Providing resources for effective service delivery and continuous improvement

We operate with integrity and zero tolerance towards bribery and corruption. Our Anti-Bribery Management System ensures:

• Prevention of bribery and compliance with applicable laws
• Prohibition of improper payments or benefits
• Identification and reduction of bribery risks, including third-party due diligence
• Promotion of transparency, clear responsibilities, and effective controls
• Employee awareness and ethical conduct
• Monitoring and continuous improvement of anti-bribery practices

All employees and partners must not offer or accept anything of value that could influence business decisions and must declare conflicts of interest. Concerns or suspected misconduct are encouraged to be reported. This policy is communicated internally, available to stakeholders, and regularly reviewed.

We operate with integrity, transparency, and accountability, ensuring compliance with all applicable legal, regulatory, contractual, and internal requirements. Complementing our Anti-Bribery Policy, our Compliance Management System:

• Identifies, monitors, and ensures compliance with obligations
• Integrates compliance into decision-making, strategy, and operations
• Identifies and manages compliance risks through controls
• Continuously improves the compliance framework and performance
• Encourages reporting of concerns without fear of retaliation
• Sets measurable compliance objectives and ensures employee awareness
• Provides necessary resources for effective implementation

Management reviews and improves compliance practices regularly to ensure effectiveness and alignment with company objectives.

We recognize that our activities impact the health and safety of employees and visitors. Our Occupational Health & Safety Management System ensures:

• Safe and healthy working conditions
• Prevention of work-related injuries and ill health
• Continual improvement of occupational health and safety performance
• Compliance with legal and other requirements
• Identification and mitigation of hazards and risks
• Employee awareness, training, and participation
• Provision of necessary resources for effective implementation
• Monitoring, evaluation, and annual review of measurable objectives