INFORMATION SECURITY POLICY

Due to our activity in design, development and maintenance of tools for electronic invoicing processes, suppliers and customers, and reporting of immediate supply of information, in easyap we know that information is an asset with a high value for both our organization and our customers and therefore requires adequate protection and management in order to give continuity to our line of business and minimize possible damage caused by failures with respect to the integrity, availability and confidentiality of information.

For all this easyap makes the following commitments:

• - The permanent will of easyap in Information Security Management will be shown through training and awareness programs that promote participatory management in these areas, enabling the skills of staff to be used for continuous improvement of the production process.
• - To guarantee the development of its activities within the applicable rules and regulations, it will comply with the legislation, as well as other requirements signed with its clients including those referring to Information Security.
• - Comply with the requirements and continuously improve the effectiveness of the Information Security Management System, through the implementation of measurement and monitoring systems of the solutions and developments made for our clients, as well as Information Security objectives.
• - Ensure business continuity by developing continuity plans in accordance with recognized methodologies.
• - Carry out and periodically review a risk analysis based on recognized methods that allow us to establish the level of information security and minimize risks by developing specific policies, technical solutions and contractual agreements with specialized organizations.
• - The easyap staff will carry out their work oriented towards the achievement of the objectives set and in accordance, at all times, with the legal requirements.