Information Security Policy

IMPERIA SCM has decided to implement an Information Security Management System based on ISO 27001 standard with the aim of preserving the confidentiality, integrity, and availability of information and protecting it from a wide range of threats. This Management System is intended to ensure business continuity, minimize damage, maximize return on investments and business opportunities, and continuous improvement.

The Management of IMPERIA SCM is aware that information is an asset that has high value for the Organization and therefore requires appropriate protection.

Basic Objectives and Principles of Information Security

The Management of IMPERIA SCM establishes the following as basic objectives, starting points, and support for the objectives and principles of information security:

• Protection of personal data and privacy of individuals
• Safeguarding organization records
• Protection of intellectual property rights
• Documentation of the information security policy
• Allocation of security responsibilities
• Training and education for information security
• Recording of security incidents
• Business continuity management
• Management of changes related to security in IMPERIA

Commitments of IMPERIA SCM

By developing and implementing this Information Security Management System, the Management of IMPERIA SCM undertakes the following commitments:

• Develop products and services in compliance with legal requirements, identifying the applicable legislation for the business lines developed by the organization and included within the scope of the Information Security Management System.
• Establish and comply with contractual requirements with stakeholders.
• Define security training requirements and provide necessary training to stakeholders through the establishment of training plans.
• Prevent and detect viruses and other malicious software by developing specific policies and establishing contractual agreements with specialized organizations.
• Manage business continuity by developing continuity plans in line with internationally recognized methodologies.
• Establish the consequences of security policy violations, which will be reflected in contracts signed with stakeholders, suppliers, and subcontractors.
• Act at all times with the highest professional ethics.

This Policy provides the framework for the continuous improvement of the Information Security Management System and for establishing and reviewing the objectives of the Information Security Management System. It is communicated to the entire Organization through the document management system installed in the organization and its publication on informative panels. It is reviewed annually for adequacy and extraordinary when special situations and/or substantial changes occur in the Information Security Management System. It is available to the general public.

SCOPE

The requirements for compliance with ISO/IEC 27001 Information Security Management standard are applicable to all our information services that support the processes of development and commercialization of our proprietary software, as well as in consulting services in the supply chain field, located at Angels Capital, Sc Puerto, 13, 46024 Valencia (Spain).

Considering that IMPERIA SCM is not an isolated entity, but that we consider its environment, assimilate and understand the context in which we operate, its internal and external stakeholders, as well as the results of risk assessment, service requirements, legislative or regulatory requirements, and any other relevant factors, our purpose is to meet all their expectations by providing services aligned with information security.

Users can establish direct and effective communication with Imperia through written communication sent to the indicated address, as well as to the email contacto@imperiascm.com.

Please note that excessive, outdated, and incompatible personal data with Imperia's activities will not be accepted at this email address. If the request for establishing contact with Imperia does not meet these requirements, it will be automatically destroyed.

Valencia, January 15, 2023.