Information
Security Policy

At the request of the Management of Navozyme Maritime Technologies S.L. carrying out its activity in Barcelona, Spain located at Entresol 2ª, Carrer del Comte de Salvatierra, 5, 08006 Barcelona, the information security officer has established and implemented a Management System based on the requirements of the ISO 27001 Standards. This involves efficient and secure management of the services provided, while ensuring compliance with all applicable legal obligations, and maintaining the confidentiality, integrity, and availability of information systems.

The main objective of this Information Security Policy is to establish an operational framework fostering a corporate culture, decision-making processes, and work methodologies that uphold the constant values of information security and the protection of personal data.

We will support and develop an organization that:
1. Ensures the confidentiality, integrity, and availability of information, preventing unauthorized disclosure and access.
2. Maintains the integrity of the information, ensuring its accuracy and preventing deterioration.
3. Establishes annual objectives related to information security.
4. Complies with legal, contractual, and business requirements and standards.
5. Effectively implements service continuity by developing a process of analysis, management, and treatment of risks related to information assets.
6. Promotes the professionalism, specialisation, and experience of staff through training and awareness activities in information security processes.
7. Informs all employees of their security functions and obligations.
- Reports security violations.
- Preserves the confidentiality, integrity, and availability of information assets in compliance with this policy.
- Complies with the policies and procedures inherent to the Information Security Management System.
8. Continuously improves our management systems to establish the corresponding control objectives to eliminate hazards and mitigate detected risks.
9. Ensures efficient and effective service delivery to clients.
10. Meets requirements agreed upon through service level agreements.
11. Ensures that all involved services guarantee customer satisfaction and other stakeholders.
12. Guarantees continued service and proper management of incidents.
13. Manages risks efficiently.
14. Promotes secure internal and external communication.
15. Ensures customer satisfaction and meets customer requirements.
16. Promotes continuous improvement, recognizing individual and team achievements.
17. Ensures the availability of information, across all mediums, whenever it is required.

This information security policy will always be aligned with the company's general policies and those that frame other internal management systems, such as quality policies or software development standards.

The assurance that all individuals who influence the company are aware of the Policy and the objectives set is achieved through its dissemination by the system's responsible party at all levels of the organization.

We acknowledge that these are the shared values within Navozyme Maritime Technologies S.L.

In Barcelona, on 4th Dec 2023

Aniket Mavlankar - DPO