Updated - January, 2024

Information Security Policy

Purpose

This policy articulates requirements that assist the General Management in defining a structure that establishes a safe environment. It provides the general framework to safeguard the Information Technology (IT) Resources, achieving the confidentiality, integrity and availability of the data and IT resources used in the provision of the Biometric Agreement service.

All areas of Biometric Agreement, Inc. seek to meet the company's general information security objectives, including compliance with laws, regulations, policies and standards to which your data and technological resources are subject.

Scope of the Information Security Policy

All Biometric Agreement, Inc. employees must comply with this policy.

All areas of Biometric Agreement, Inc. are required to ensure compliance with this policy by any business partner that accesses the company's IT Resources, information assets or shared environments for the provision of the Biometric Agreement service.

All areas of Biometric Agreement, Inc. are required to ensure compliance with this policy by suppliers and third parties who, by contractual relationship, access IT Resources, information assets or shared environments of the company for the provision of the service Biometric Agreement.

Information Security Policy Statement

Through this policy, Biometric Agreement, Inc. reiterates its commitment to information security and establishes the organization's approach to managing information security in line with its strategy and business objectives, for which:

Establishes alignment with your business strategy and goals.

Establishes and approves the risk acceptance criteria, as well as the way to manage it.

It recognizes that information assets are essential for its operation and therefore need to be adequately protected, for which it provides the necessary resources for the implementation of security controls.

Supervises the effectiveness of the Information Security Management System to guarantee continuous improvement.

Approves information security training and awareness.

Ensures the establishment of communication channels for the dissemination of policies, procedures and security measures.

Ensures the identification and compliance with the Laws, Rules and Regulations applicable to the business.

Promotes knowledge and compliance with this policy and all those that derive from it to its internal employees and suppliers.

General Information Security Policy

All of us who participate in Biometric Agreement, Inc. are committed to systematically and continuously improving to become a technological ally of our clients, building long-term relationships based on trust, mutual benefit and best business practices, with a growing environmental awareness and social responsibility.

We support our services in a culture of quality of people, processes and practices, following the guidelines of national and international standards with full adherence to current standards.

At Biometric Agreement, Inc. we are committed to ensuring that the confidentiality, integrity and availability of the information assets under our responsibility are preserved in the work environment, especially those related to our clients, ensuring compliance with the policies, processes and procedures of the company’s security. We are committed to developing, implementing, maintaining and continuously improving the Information Security Management System (ISMS).