Information Security Policy

The protection of information and its processing systems is of strategic importance for the Company in order to achieve its short and long-term goals and at the same time, to ensure the privacy of the customers receiving its services.

Network Dynamics, recognizing the criticality of information and its processing systems in the performance of its operational functions, implements an Information Security Policy with the aim of:

• Ensuring the confidentiality, integrity, and availability of the managed information.
• Ensuring the proper operation of the information processing systems.
• Responding in a timely manner to incidents that may endanger the Company’s operational capability.
• Satisfying the legislative and regulatory requirements.
• Constantly improving the Company’s Information Security level.

For this purpose, Network Dynamics:

• Defines the organizational structures necessary for the monitoring of issues related to Information Security.
• Defines the technical measures to control and restrict access to information and information processing systems.
• Determines the information classification according to its importance and value.
• Describes the necessary protection actions of information during the stages of their processing, storage, and handling.
• Determines the ways of informing and training the company’s employees, partners, and contractors regarding Information Security.
• Determines the methodology of dealing with Information Security incidents.
• Describes the ways in which the Company’s operational status is ensured in cases of malfunctioning of information processing systems or in cases of disasters.

The Company carries out regular risk assessments regarding Information Security and takes the necessary measures to address them. The Company also implements a framework for evaluating the effectiveness of Information Security procedures and determines related KPIs (key performance indicators), their measurement methodology is defined, and periodic reports are produced which are reviewed by the Company’s Management in order to achieve a continuous improvement of the system.

The Information Security Officer is responsible for controlling and monitoring the policies and procedures related to Information Security and taking the necessary initiatives to minimize or eliminate any factors that may jeopardize the availability, integrity, and confidentiality of the Company’s information.

All employees, partners, and contractors with access to information and information processing systems of the Company are obligated to comply with the rules of the applicable Information Security Policy.

Network Dynamics is committed to the continuous monitoring and compliance of the regulatory and legislative framework and to the continuous implementation and improvement of the effectiveness of the Personal Data Management System and Information Security System.