OPTIMUS PRICE Information Security Policy

1.- INTRODUCTION

‍

OPTIMUS PRICE recognizes the critical importance of protecting confidential information and company assets from internal and external threats. Implementing and maintaining an Information Security Management System (ISMS) in accordance with the requirements of ISO 27001 is essential to ensure the confidentiality, integrity and availability of information, as well as to maintain the trust of our customers, employees and stakeholders.

‍

‍

2.- SCOPE

‍

This policy applies to all employees, contractors, suppliers and third parties that interact with OPTIMUS PRICE's information systems and information assets.

The scope of OPTIMUS PRICE's ISO 27001 certification would apply to:

The information security management system that supports the business activities of: Development, programming and marketing of "SaaS" type software, intended for monitoring data in the market, as well as the recommendation of prices for our clients according to the current applicability declaration.

‍

‍

3.- GOALS

‍

The main objectives of our information security policy are:

• Protect the confidentiality, integrity and availability of company information.
• Comply with laws, regulations and contractual requirements related to information security.
• Minimize the risk of information security incidents.
• Promote a culture of information security among employees and stakeholders.

‍

‍

4.- INFORMATION SECURITY PRINCIPLES

‍

OPTIMUS PRICE is committed to following the following information security principles:

• Responsibility: All employees are responsible for protecting confidential information and company assets.
• Confidentiality: Confidential information will be handled and disclosed only as necessary and authorized.
• Integrity: Controls will be implemented to ensure the accuracy and integrity of information.
• Availability: Information will be ensured to be available to those who need it when they need it.
• Compliance: We will comply with all laws, regulations and contractual requirements related to information security.
• • Continuous Improvement: Periodic reviews of the ISMS will be conducted to ensure its effectiveness and to continually improve information security.

‍

5.- RESPONSABILITIES

‍

All employees have specific responsibilities to ensure compliance with this policy and the ISMS, including, but not limited to:

• Comply with the information security policies and procedures established by OPTIMUS PRICE.
• Protect the company's information assets against security threats.
• Report any information security incidents to the designated responsible parties.
• Participate in information security training and awareness.

‍

6.- COMPLIANCE AND REVIEW

‍

This policy will be reviewed periodically to ensure its continued relevance and effectiveness. OPTIMUS PRICE senior management is committed to providing the necessary resources to implement and maintain the ISMS in accordance with the requirements of ISO 27001.

‍

‍

7.- APPROVAL

‍

This Information Security Policy has been approved by senior management and is available to all relevant OPTIMUS PRICE employees and stakeholders.

This information security policy sets out the framework for protecting OPTIMUS PRICE's critical information assets and for ensuring compliance with internationally recognised security standards.

‍

‍

‍

Mr. Juan Antonio Guerrero

Management

November 2024

‍

‍