INFORMATION SECURITY POLICY

SUMMARY OF THE OF INFORMATION SECURITY POLICY

The NAVIERA ARMAS TRASMEDITERRÁNEA GROUP (hereinafter the GROUP) has established a solid Information Security Policy to protect and guarantee the quality of its information and the continuity of its services. With the aim of ensuring confidentiality, integrity, availability and legality of the information managed, an Information Security Management System (ISMS) will be established to promote continuous improvement, and complementary guidelines and procedures will be implemented. 
The GROUP is firmly committed to customer satisfaction and meeting customers’ needs, so this policy applies to all people, providers, third-parties, systems, and media that access and use the information. Therefore, the following application terms are defined to be taken into account in the framework of the ISMS:

• Protect information assets and the technology used for their processing against any type of threat, to ensure compliance with their confidentiality, integrity and availability.
• Have a systematic set of proven methodologies and practices that increase resilience to disasters or unwanted disruptive incidents. Ensure the recovery of operational continuity with the least possible impact.
• Introduce security measures in systems, from their development, implementation and maintenance, with the aim of reducing the risks of human error and natural events.
• The information processed by the GROUP shall be complete, accurate and valid; it shall be accessible and usable by authorised users and by the authorised means; and its persistence shall be guaranteed in the event of any foreseen eventuality.
• The GROUP shall guarantee compliance with all applicable legislation and regulations in force relating to the processing of personal data.

The Information Security Policy has the approval of the company's management, is known to all users and will be reviewed annually to ensure that it is in line with the strategy and needs of the GROUP.