Pragma-IoT, responding to the requirements of modern business reality and aiming at the protection of its information systems, always aiming at the uninterrupted and exemplary service of its Customers, decided to design and install an Information Security Management System according to the requirements of the International Standard ISO 27001:2022 in order to:

• To ensure the confidentiality, availability and integrity of the information managed by the
• Be able to deal promptly with any incident reported or detected that may indicate a breach of confidentiality, integrity and availability.
• To minimize the impact that information security incidents may have on the Company’s credibility and reputation with its customers.

The Company’s Information Security Management System covers the following area:

“Analysis, Design, Implementation and Deployment of IT Hardware and Software Solutions / Consulting Services

Planning, Management and Execution of IT Projects”

and was designed in accordance with the needs and objectives of the Company, the Legal and Regulatory Requirements of the current Greek and Community Legislation, the contractual obligations and the requirements of the standard related to information security.

The main objectives, as expressed within the procedures of the Company’s Information Security Management System, are:

• the creation of a basis for the continuous improvement of the efficiency of its processes, with a view to the continuous satisfaction of the needs and expectations of its customers to the maximum extent possible.
• reducing the impact of events that may affect the Company’s business continuity,
• the Company’s compliance with the laws and regulations to which it is subject,
• the handling of information, held and circulated in any way through its electronic and non-electronic systems, which constitutes data of exceptional importance for its operation and market position, in a manner that protects its security in terms of confidentiality, integrity and availability.
• the continuous improvement of the

Information security objectives are consistent with the Company’s strategic objectives, and the Company ensures that the resources required for the ISMS are available.

Management’s objective with regard to the protection of personal data is to comply with the following principles:

• Processing personal data in a fair and lawful
• Personal data is kept in a lawful and fair manner and in a lawful and fair
• Personal data should be kept strictly limited to what is strictly necessary for the achievement of those
• Protection of personal data through appropriate security
• Retention of personal data for a certain period of time (depending on the purposes).

The Company’s System is regularly reviewed by the Management, in order to adapt to new needs and developments in the market, to legislative requirements, but also to achieve the Company’s information security objective. On an annual basis, the Information Security objectives are also reviewed and, if necessary, adjusted.

The Management is committed to allocate the necessary resources for the implementation of its work and the implementation of the EMS.

Each employee is responsible for meeting, assimilating and implementing the procedures required by the Information Security Management System through their daily activities.

For this reason, all employees, depending on their responsibilities, are informed about the System and act demonstrably in accordance with the established security and confidentiality rules.

The Information Security Policy is available, understandable and applicable by all human resources, with the ultimate goal of continuous, steady growth of its business, with unwavering commitment to its principles and the continuous offer to customers of services of excellent quality and maximum security. It is reviewed at regular intervals in order to ensure that it is constantly in line with market conditions, technological developments and legislation in force.

Pragma-IoT underlines its commitment to providing high quality services by continuously striving to improve operations and deliverables for the benefit of customers, employees and stakeholders and to improve its overall business performance.

To achieve this goal, we have established an integrated Quality Management System, based on the following principles:

• Customer focus: we understand the needs and expectations of our customers, offering customized solutions that add value and optimize their operations.
• Continuous Improvement:We promote a culture of continuous improvement of our processes, products and services, keeping abreast of technological developments and market requirements.
• Specialisation & Human Resources: We invest in our people, who are our greatest asset, by providing continuous training and encouraging collaboration, creativity and professional development.
• Compliance with Regulations & Standards:We are committed to complying with legislation, regulatory requirements and international quality standards in accordance with ISO 9001, ensuring compliance in all our business activities.
• Risk Management & Opportunities: We identify, assess and manage risks and opportunities that may affect the quality of our services, aiming to continuously improve our business performance.
• Privacy & Data Security:We respect and protect our customers’ information by implementing appropriate security measures and complying with applicable data protection regulations.

The Management of Pragma-IoT is committed to providing the necessary resources to maintain and improve the Quality Management System, with the aim of continuously increasing customer satisfaction and strengthening the competitiveness of the company.

The Quality Policy is regularly reviewed to ensure its relevance and effectiveness, taking into account developments in the business environment and stakeholder requirements.

Driven by responsibility, innovation and continuous improvement, Pragma-IoT is committed to providing high quality solutions that contribute to the sustainable development of its customers and the communities in which it operates.