INFORMATION SECURITY POLICY

CHOOSE responding to the demands of modern business reality and aiming to the protection of the information it manages in terms of integrity, confidentiality and availability, always aiming to the uninterrupted and exemplary service of its Customers, decided to design and install a Secure Information System according to the requirements of the International Standard ISO 27001: 2013.

The Information Security Management System of the Company covers the Provision of IT and telecommunication equipment withdrawal services as well as secure deletion and destruction of confidential and sensitive data and resale of withdrawn equipment and was designed according to the needs and aspirations of the Company and its Legal and Regulatory and Community Legislation.

The main objectives, as they are reffered in the procedures of the Company's Information Security Management System, are:

• creating a basis for the continuous improvement of the efficiency of its processes, having in mind the continuous satisfaction of the needs and the expectations of its customers as much as possible
• minimizing the number of incidents that may affect the continuity of business processes, as well as minimizing their impact
• information handling, managed by the company in a way that protects their security in terms of their confidentiality, integrity and availability.
• company's compliance with the law and the regulations to which is subject
• continuous improvement of the system.

Company's system is reviewed at regular intervals by the Management, in order to adapt to new needs and market developments, legal requirements, but also to achieve the goal of continuous improvement of the company's operations.

Management is committed to the disposal of the infrastructure and equipment that is deemed necessary for the implementation and availability of its work. Each employee is responsible to respond, assimilate and implement the procedures required by the Information Security Management System through its daily activities. For this reason, all employees, depending on their responsibilities, are informed about the System and act in accordance with the established rules of security and confidentiality.

The Information Security Policy is communicated, understood and applicable by all human resources, with the ultimate goal of continuous, stable development of its business activity, with unwavering commitment to its principles and the constant offer to its customers of excellent quality services. It is reviewed at regular intervals with the aim of its continuous harmonization with the market conditions, the technological developments and the current legislation.

Procedures, flows and actions, which do not guarantee the fulfillment of the set goals, are stopped immediately by those responsible, cause analyzes are carried out and the necessary improvement measures are defined.