GEKTERNA Group is committed to reducing the impact of its operation on the environment and to protect the safety and health of employees, through the implementation of the Health, Safety and Environment Management System, according to standards ISO 14001:2015 and ISO 45001:2018, in the phases of design, planning, construction, maintenance and operation of projects and facilities.

GEKTERNA Group is committed to:
• Comply with applicable legal and other requirements to ensure the protection of the Environment and the Health & Safety of its employees.
• Protect the environment, identify and evaluate the environmental aspects of its activities.
• Identify the risks and minimize their consequences to all employees, by taking appropriate preventive measures.
• Prevent injuries, diseases and adverse health and safety incidents that could result from its operation and activities.
• Provide appropriate training and ensure the participation of employees in matters relating to Occupational Health and Safety.
• Not pollute the environment, reduce the amount of waste generated and ensure the environmentally correct handling and disposal of waste.
• Save natural resources through the reuse and recycling of materials, the supply of recycled materials and the use of recyclable packaging and other materials.
• Use energy responsibly in all its operations.
• Protect employees and the society in which it operates, adopting safe technologies and operating procedures.
• Disclose its commitment to the protection of the Environment and Health & Safety of its employees, its suppliers, its customers and the society in which it operates.
• Protect ancient monuments, cultural heritage and the flora-fauna of the ecosystem, adopting environmentally friendly methods and technologies.
• Cooperate with environmental agencies and services for the protection of the environment.
• Continuously improve the Health, Safety and Environment Management System.

The Company’s Management believes and considers that the Protection of the Environment and the Health & Safety of its employees, is the obligation of ALL and is committed to the implementation of every possible measure and procedure to minimize and/or eliminate the relevant negative consequences.

ISO 14001:2015
ISO 45001:2018

1. ABOUT PERSONAL DATA POLICY

1.1 Introduction

We would like to assure you that it is of prime importance for GEK TERNA Group to protect the personal data of natural persons who deal in any way with the company. This is why we are taking appropriate steps to protect the personal data we process and to ensure that the collection and processing is always carried out in accordance with the obligations laid down by the applicable legal framework, both by the company itself and by third parties processing personal data on behalf of the company.

1.2 Data Controller – Data Protection Officer (DPO)

GEK TERNA S.A. (website: www.gekterna.com ), informs that, for the purposes of its business activities, it processes personal data which results to identification relating to natural persons (such as, for example, the clients of the company, their suppliers, shareholders and investors, as well as ordinary users of the website), in accordance with applicable national law and European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) asapplicable.For any matter concerning the processing of personal data, please contact the Data Protection Officer directly (DPO), email: dpo@gekterna.com

1.3 What data do we process?

The personal data you provide to us, such as contact details (eg name, address, email, telephone number, other additional personal information, etc.), data required under an employment relationship (eg education / training / special knowledge and skills, past professional experience, social security, income tax, etc.) we only process when we have a legitimate reason to do so.

2. What are the legitimate reasons for processing your personal data?
Legitimate reasons for processing your personal data consist of:
the performance of a contract that you assign to us or which you intend to assign to us, such as the execution of a work or the provision of services in order to fulfil our contractual obligations in the above framework.
conservation and protection of your as well as ours legitimate interests.
compliance with statutory obligations, such as the publication of transactions and assets of the societe anonyme (including personal identification data, eg shareholders) in accordance with article 7b of Act No. 2190 / 1920, data processing to support and satisfy legal claims,
your consent – under the specific conditions set out in the legal framework.

3. How and why we use your personal data?
For proper compliance with our contractual commitments and the maintenance of communication between us.
Deriving from the contractual relationship between us (whether it is a contract for works from a contractor / subcontractor, or a supply contract, or a service contract, etc., or dealing with the processing of personal data at pre-contractual stage), we draw and use the information required for a smooth development of our co-operation, for example for the signing of amendments to the main project contract, the management of financial pending issues resulting from some cooperation, etc.

For communicating with you and managing our relationship with you.
We may need to contact you via email for administrative reasons, such as through the contact form on our website to answer your questions or comments to improve both our relationship with you and the quality of our services

For complying with our legal obligations.
For example, when publishing on our website, on the G.C.R. website or the ATHEX, the personal data of natural persons of the company (for example, data of the shareholders-natural persons), when it is necessary to disclose significant participations to the Securities and Exchange Commission pursuant to the provisions of Act No. 3556/2007 and others.

To safeguard our legitimate interests and protect individuals and goods.
When using CCTV and security cameras in order to be able to protect the security of individuals, materials and facilities of the company.

4. Who may receive your data?
The Company may forward personal data to the following categories of recipients:
Public Authorities
When, and to the extent necessary, in the course of an audit (eg application of financial, stock, tax, insurance, labor, or other general and / or more specific legislation) and in all cases according to the applicable legal procedures.
Partners of our company (partner subcontractor banks, insurance companies, auditing company, etc.)
The Company maintains partners to whom it assigns the processing of personal data on its behalf (eg subcontracts, bank transactions, audit of the transfer of shares by a certified auditor). In these cases, the Company remains responsible for the processing of your personal data and sets out the details of the processing, executing a specific contract with the subcontractors to whom it entrusts the execution of processing activities in order to ensure that processing is carried out in accordance with the applicable legal framework and that any natural person may freely and without hindrance exercise the rights conferred by the legal framework.
In third countries where the company is doing business.
In the case where the Company needs to transmit personal data outside the EU within the exercise of its legitimate activities, it fully complies with the applicable provisions of Chapter V of the Regulation.

5. Storage Time
The length of the data storage period is decided on the basis of the following specific criteria, as appropriate:
When processing is required as a requirement under provisions of the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions.
When processing is done according to a contract, your personal data will be stored for as long as is necessary to perform the contract and for the foundation, exercise, and / or support of legal claims under the contract.
6. What are your rights with respect to your personal data
Any natural person whose data is being processed by the Company enjoys the following rights:

Right of Access

You have the right to be aware and verify the legitimacy of the processing. So, you can access your data and get additional information about how we process it.

Right of Rectification

You have the right to study, correct, update or modify your personal data by contacting the Data Protection Officer (DPO) at the above contact details.

Right of Erasure

You have the right to request the deletion of your personal data under the restrictions of Article 17 of the Regulation.

Right to Restriction of Processing

You have the right to request a limitation on the processing of your personal data in the following cases: (a) when you contest the accuracy of your personal data and until it has been verified, (b) when you object to the erasure of personal data, c) when personal data is not needed for processing purposes, it is, however, indispensable for the foundation, exercise, support of legal claims, and (d) when you object to the processing and until it is verified.

Right to Object Processing

You have the right to object at any time to the processing of your personal data where, as described above, it is necessary for the purposes of legitimate interests we seek as processors.

Right to Portability

You have the right to receive your personal data free of charge in a format that allows you to access, use, and edit it with commonly used editing methods. You also have the right to ask us, if technically feasible, to pass the data directly to another processor. This right exists for the data you have provided to us and is processed by automated means based on your consent or performance of a relevant contract.

Right to Revoke Consent

Where processing is based on your consent, you have the right to recall it freely, without prejudice to the lawfulness of the processing which was based on your consent prior to you recalling it.
In order to exercise any of these rights you can contact the Data Protection Officer (DPO) postal address: 85, Mesogeion Ave., Athens 11526, email: dpo@gekterna.com

Right to File a Complaint with the DPA
If you exercise any of your rights above and are not satisfied, you havethe right to file a complaint with the Data Protection Authority (www.dpa.gr): Call Centre: +302106475600, Fax: +30210 6475628, Email: complaints@dpa.gr

7. Security of Personal Data

GEK TERNA S.A. shall implement appropriate technical and organizational measures to ensure the safe processing of personal data and to prevent accidental loss or destruction and unauthorized and / or unauthorized access to, use, modification or disclosure of such data. In order to ensure the appropriate level of security against such risks and in order to select appropriate technical and organizational measures, the company takes into account the latest technological and other developments, the cost of implementation, the nature, the scope and the purposes of the processing, as well as on the one hand, the likelihood and risk of occurrences of accidental loss or destruction and unauthorized and / or unauthorized access to personal data, use, modification or disclosure, and, on the other, how serious the consequences on the rights and freedoms of natural persons will be.

8.Updating the Privacy Policy

Information about the Company’s privacy policy reflects the current state of data processing on our website. In case of changes in data processing, this data protection information will be updated accordingly. We will always have the latest version of this data protection information on our site so you can keep up with our website’s scope of processing.

Privacy Notice on the processing of personal data through a video surveillance system (CCTV)

1. Data Controller:
The Company under the company name “GEK TERNA S.A” and the distinctive title “GEK TERNA” headquartered in Athens Municipality, on 85, Mesogeion Avenue, PC 115 26, Greece, telephone number: 210 6968000 and email: info@gekterna.com, hereinafter called the “Company”.

2. Data Protection Officer:
The contact details of the appointed Data Protection Officer (PISTIOLIS–TRIANTAFYLLOS & ASSOCIATES LAW FIRM, ANDERSEN LEGAL, Greece) is the following email: dpo@gekterna.com

3. Purpose and legal basis of the data processing:
We use closed-circuit television (CCTV) in order to protect natural persons and goods (security). The processing is necessary for the purposes of the legitimate interests we pursue as a data controller (article 6 para. 1. (f) GDPR).

4. Legal interests
Our legal interest is the need to protect our premises, and the goods therein included against illegal actions, such as, indicatively, thefts. We also need to ensure life safety, physical integrity, health as well as the property of our staff and third parties lawfully located in the areas under surveillance. We only collect image data and limit the surveillance to places where we have previously assessed that there is an increased possibility of illegal actions e.g. such as thefts, in the entrance and exit points, without focusing on places where privacy of the persons captured by the CCTV may be severely restricted, including their right to respect their personal data.

5. Recipients
The material held is accessible only by our competent / authorized personnel who is in charge of security of the premises as detailed above or/and by external security companies, assigned with the monitoring and management of the CCTV system, to which the assignment of data processing has been concluded in writing in accordance with the specific conditions set out in Art. 28 of the GDPR.
This material shall not be disclosed to third parties except in the following cases: (a) to the competent Judicial, Prosecutorial and Police Authorities when it contains information necessary to investigate a criminal offense involving persons or goods of the data controller; (b) to the competent Judicial, Prosecutorial and Police Authorities when lawfully requesting data within the performance of their duties, and (c) to the victim or perpetrator of a criminal offense, in the case of data which may constitute evidence of the offense.

6. Data Retention
We keep the data for fifteen (15) days, subject to more specific provisions of the legislation
in force, following which, they are automatically deleted. If during these periods an incident occurs, we isolate part of the video and keep it on a separate file for up to thirty (30) days in order to investigate the incident and initiate legal proceedings to defend our legal interests, while if the incident concerns third parties, we will keep the video for up to three (3) more months.

7. Data subjects’ rights
Data subjects have the full range of rights as provided in chapter III of the GDPR, whereas in basic CCTV surveillance systems, the data subjects have in principle the following rights:
Right of access: you have the right to know if we process your image and if so, to receive a copy of it
Right to restriction of processing: you have the right to request us to restrict processing, for example, you may ask us not to delete data that you deem necessary to establish, exercise or support legal claims.
Right to object: you have the right to object to the processing.
Right to erasure: you have the right to request that we erase your personal data.
You may exercise your rights by sending an e-mail to dpo@gekterna.com or a letter to our postal address 85, Mesogeion Avenue, PC 11526 or by submitting the request to us in person, at the seat of the Company. To examine a request related to your image, you should tell us when you were within the range of the cameras and give us a picture of you to facilitate us to locate your data and hide the data of third parties pictured. Alternatively, we give you the opportunity to come to our facilities to show you the images in which you appear. Moreover, we would like you to note that exercising the right to object or the right to erasure does not imply the immediate erasure of data or the modification of the processing. In any case, we will answer you in detail as soon as possible, within the deadlines set by the GDPR.

8. Right to lodge a complaint
In case you consider that the processing of your data violates Regulation (EU) 2016/679, you have the right to lodge a complaint with the competent Supervisory Authority (www.dpa.gr) through its online portal (https://eservices.dpa.gr/). For more information, please consult the website of the Hellenic Data Protection Authority.

1. Purpose

At GEK TERNA Group we recognize the importance of respecting human rights as the foundation of responsible business behavior and contribution to sustainable development.

The purpose of this Policy, which is based on the guiding Principles of the United Nations on Business and Human Rights, is primarily the voluntary expression of our commitment to respect and uphold internationally recognized human rights, while simultaneously acknowledging the responsibility to identify, assess, manage, and address potential impacts on the rights of stakeholders.

2. Scope of Application
The Policy covers all countries where GEK TERNA Group operates and identifies human rights by categories of stakeholder groups, as follows:

a. Human rights for employees, subcontractors and suppliers:

• The right to fair and favorable working conditions that foster an environment of progress, principles, and meritocracy.
• We provide equal opportunities to all employees. All actions concerning employees, such as promotions, compensation, transfers to other departments, participation in groups, etc., are based solely on meritocratic criteria related to the value, ethics, performance, abilities, achievements, effectiveness, and qualifications of each employee.
• All employees are expected to treat their colleagues and every collaborator fairly and with respect, and not to exclude them from the processes of the Group, as long as they meet the necessary conditions and cooperation requirements.
• The right of everyone to enjoy the highest attainable standard of physical and mental health.
This is ensured through the following systematic actions:
• Implementation of a Certified Occupational Health and Safety Management System based on the international standard ISO 45001, with the adoption of appropriate procedures and allocation of necessary resources to protect every employee.
• Implementation of Safety and Health Plans for all projects and facilities.
• Conducting a Professional Risk Assessment Study based on applicable legislation for all facilities.
• Regular inspections of facilities and construction sites by competent personnel, as well as by safety technicians and occupational physicians, while monitoring compliance with legislation and any required conformity based on changes in the legislative/regulatory framework.
• Targeted training and implementation of Safety Guidelines for the execution of hazardous tasks.
• Systematic implementation of personnel training programs.
• Provision for First Aid in case of injury.
• Consultation with employees for the improvement of each planned action and for the collection of information and experiences.
• Establishment and implementation of a compliance assessment process with legislative and regulatory requirements.
• Implementation of a Policy to combat violence and harassment in the workplace.
• Implementation of a reporting hotline for compliance, health and safety issues, as well as for environmental matters.
• Monitoring of the established Inspection Reports provided by the Labour Inspection Body for controlling the implementation of labor legislation and ensuring both labor rights and the safety and health of employees.
• Preparation of an annual evaluation of suppliers and subcontractors, aiming to provide accurate information in view of new collaborations.
• Implementation and monitoring of processes for determining requirements in terms of protection measures, health, and safety of subcontractors and suppliers.
• Physical security of facilities and control of visitor access, supported by modern electronic means, with the aim of protecting the health and safety of both themselves and employees.
• Continuous contact and information from the Official Public Health Bodies (EODY / WHO) and Health and Safety at Work (SEPE / ELINYAE).
• Preparation of a Written Risk Assessment for crisis management during a pandemic, such as the Covid-19 pandemic.
• Drafting of an Internal Regulation, Protocols, and Operating Instructions for the implementation of measures for the prevention and protection of health against the spread of a pandemic such as Covid-19, under the supervision of the Incident Management Team and the Health and Safety Department.
• Increased presence of doctors, occupational physicians, or nurses whenever necessary.
• Provision of appropriate Personal Protective Equipment to all employees.
• All employees are provided with a contract for additional private Life and Health coverage.
• Ensuring the necessary health and safety equipment for healthcare and technical staff on a case-by-case basis.
• Contributing to the creation of an environment with adequate hygiene conditions, with daily presence of cleaning crews, continuous presence of cleaning staff, waste management, collection and management of any hazardous waste through specialized collection bins, regular checks on the preparation of beverages and fast food items internally, regular inspection and maintenance of refrigeration/heating and natural or artificial ventilation systems.
• Ensuring the readiness of fire safety installations in the workplace and conducting evacuation drills in case of emergency.

The right to be free from discrimination.
• Any form of discrimination based on race, religion, gender, social status, culture, politics, sexual preference, or any other category is not allowed.
• There is full respect and protection for the rights of minorities.
• There is full respect and protection for the rights of women.

The right to freedom of association.
• The right of employees to negotiate collectively is acknowledged.
• The right of employees to negotiate in individual groups is also acknowledged.

The right to be free from forced or compulsory labor.
• We commit to never having and to never allowing forced labor or labor under any conditions, anywhere.
• We base our work relationships on mutual respect, transparency, integrity, and fairness.
• We create the appropriate conditions to express our ideas, beliefs, and opinions in our work environment, encouraging open and two-way communication on any matter related to work and company activities.
• We do not tolerate any form of bullying, harassment, or aggressive behavior in the workplace.

Children’s rights.
• We never employ workers under the age of 18.
• The right of access to safe water for human consumption and sanitary use.

b. Human rights related to customers and end users

The right to privacy.

These are ensured through the following actions:
• Full compliance with GDPR.
• Appointment of a Data Protection Officer (DPO) and the existence of a Data Protection Unit.
• Personal data undergoes lawful, fair, and transparent processing.
• Personal data is collected only for specific, clear, and lawful purposes.
• Personal data must be adequate, relevant, and limited to what is necessary for processing.
• Personal data must be accurate and up-to-date, and efforts should be made to erase or correct it without delay.
• Personal data is kept in a way that the data subject can only be identified if necessary for processing.
• Personal data is processed in a secure manner.
• The data controller is able to demonstrate compliance with the other principles of GDPR (Principle of Accountability).
• Maintenance of backups and security systems.
• Implementation of an Information Security Management System – ISO 27001.

Avoidance of bribery and corruption.

It is ensured through the following indicative measures:
• Implementation of an Anti-Corruption and Bribery Policy.
• Implementation of a Corporate Gifts Policy.
• Implementation of a Donations and Sponsorships Policy.
• Implementation of a Conflict of Interest Policy.
• Installation and implementation of a Regulatory Compliance and Anti-Bribery • Management System according to ISO 37301 and ISO 37001 standards.
• Ongoing education and fostering a culture against bribery and corruption.
• Implementation of a reporting hotline for regulatory compliance, corruption, and bribery issues.
• Establishment of a Regulatory Compliance Unit and a Compliance Committee as independent bodies for monitoring regulatory compliance matters and addressing bribery.

c. Human rights in the local communities of the geographical areas of activity

To ensure the right to a safe, clean, healthy, and sustainable environment in the local communities of the geographical areas of activity, the following actions are taken:
• Conducting an Environmental Impact Assessment for each project to assess its potential environmental effects
• Strict adherence to approved Environmental Conditions to minimize any negative impacts on the environment.
• Implementing an Environmental Management System based on the international standard ISO 14001 to effectively manage environmental aspects and impacts.
• Conducting regular inspections to monitor environmental issues and ensure compliance with environmental regulations.
• Analyzing, assessing, and monitoring any environmental impacts that may arise from the company’s activities.
• Managing waste through licensed companies and collective systems to ensure proper disposal and minimize environmental harm.
• Developing and implementing Emergency Response Plans to effectively handle any environmental emergencies that may arise.
• Education and training of staff on environmental protection.
• Adequate supply of equipment for fire detection/suppression, as well as instruments for measuring and monitoring environmental factors.
• Availability of equipment for containment and cleanup of spills (spill kits, oil collection tanks).
• Implementation of environmental protection measures in accordance with environmental conditions and legal requirements.
• Analysis and assessment of environmental issues and impacts, and implementation of relevant monitoring programs.
• Identification of interests of environmental organizations for each project through the implementation of the Risk Assessment Process and development of an action plan if required.
• Development of Corporate Social Responsibility actions for the benefit of local communities.
• Publication of an Annual Corporate Responsibility – Sustainable Development Report (ESG).
• Monitoring changes in each legislative framework.
• Operation of a dedicated department for monitoring and renewing environmental permits.

Respect for the rights of local communities.

To ensure the respect of the rights of local communities, the following actions are taken:
• Monitoring the interests of the local and wider community to understand their needs, concerns, and priorities.
• Managing issues of interest through effective communication channels, including engagement with local media to address any concerns or provide updates on relevant matters.
• Drafting a Corporate Social Responsibility Report that outlines the company’s activities and initiatives related to local communities and their well-being. This report is then posted on the company’s website to ensure transparency and accountability.

3. Policy harmonization.

The policy is based on the United Nations Guiding Principles on Business and Human Rights, taking into account the following:
• The Universal Declaration of Human Rights of the United Nations.
• The International Covenant on Civil and Political Rights of the United Nations.
• The International Covenant on Economic, Social and Cultural Rights of the United Nations.
• The United Nations Guiding Principles on Business and Human Rights.
• The United Nations Global Compact Principles.
• The Declaration of the International Labour Organization(ILO) on Fundamental Principles and Rights at Work.
• United Nations Resolution 46/7 on Human Rights and the Environment.
• The voluntary commitments of the Management for safety and human rights.

4. Roles and responsibilities

Τhe Division of Corporate Social Responsibility and Sustainable Development of the General Division of Strategic Communication and Sustainability collaborated with the Division of Health, Safety and Environment, the Division of Human Resources, the Regulatory Compliance Unit and the respective Compliance Committee in drafting and finalizing the present Policy.

The policy is submitted for approval to the ESG Committee of the Board of Directors. The Human Resources Department is responsible for monitoring compliance with the Human Rights Policy and conducting periodic reviews.

Mechanism for complaints and grievances.

The Human Rights Policy is covered by the complaints and grievances mechanism of the Company’s Regulatory Compliance Unit, which is available at the following link.: https://gekterna.integrityline.com/frontpage .

The fundamental principles and values adopted by GEK TERNA Group, in conjunction with our beliefs, our corporate culture, our business ethics and primarily our voluntary ethical and compliance commitments are crucial pillars of our operations.

In this context, the established Purchasing Policy reflects and reinforces these principles and creates an agreed and transparent operating and behavioral framework with all our partners, subcontractors and suppliers.

Based on the Policy, we expect all our suppliers, partners and subcontractors to operate and behave based on the following principles, values and commitments:

• Respect for Human Rights
• Protection of the Environment
• Protection of the Environment
• Promotion of Health and Safety at Work
• Quality of products and services
• Meritocracy and Transparency / Anti-corruption
• Employment is freely chosen
• Respect to freedom of association
xChild labor shall not be used
• Living wages are paid
• Working hours are not excessive
• No discrimination is practiced
• Regular employment is provided
• No harsh or inhumane treatment is allowed
• Incidents of violence and harassment are not allowed
• Confidentiality and Personal Data Protection
• Fair Competition
• Tackling with climate change

Purchasing policy

The fundamental principles and basic conditions to protect Data and Systems from threats and breaches, to create a digitally secure work, investment and development environment, are reflected in the Information Security Policy of the GEK TERNA Group.

Information Security is an absolute priority and an explicit commitment for GEK TERNA Group.

We have adopted a security framework which includes a long list of technical, administrative and organizational protection measures. In compliance with the European Data Protection Regulation (GDPR) monitoring newer regulatory frameworks such as NIS2 and AI Act and based on International Standards such as ISO 27001 and ISO 22301, as well as internationally recognized best practices and advanced technologies, we implement Policies and Procedures that ensure the integrity, confidentiality and availability of our data.

The security measures cover both the protection perimeter within the Group and its environment. They include – among others – organization with specialized staff with many years of experience, access management to data and systems, staff training and awareness, as well as assessment of the level of security of our partners and suppliers to manage threats, while in addition there are institutionalized speaking bodies for instant digital transformation and IT security decisions.

At the same time, we implement continuous preventive monitoring of information systems and infrastructures and prepare regular resistance tests with the aim of immediately identifying and managing any incident before it turns into a threat. Through the most modern and valid tools and technologies, which are constantly upgraded, we ensure that any attempted breach or malicious activity is detected and dealt with in a timely manner.

The “management commitment” that we apply in practice is one of the main factors to ensure the desired result, thus actively supporting the existing security framework, as well as any action to upgrade it, so that we continue to be at the forefront of a continuous digital transformation.

The Information Security Policy is accompanied by the following policies, which shape the data and systems security framework:

• Remote Access
• Classification of Information
• Acceptable use of IT resources
• Password management
• Integration of New IT Applications
• Access to third parties outside the Group
• Security logic management
• Change management
• Security exceptions
• Update management
• Event recording of equipment, applications & networks
• Backups
• Proper use of the workplace
• Security incident management
• Information security audit & testing

At GEK TERNA Group we are committed to consistently ensuring the uninterrupted operation of our services and activities, fully understanding the responsibility towards our professional obligations.

The Business Continuity Policy is designed to:

• Minimize the impacts of events and activities that may affect the continuity of our operations.
• Ensure the timely recovery of critical processes and the smooth return to normal.
• Protect critical data as well as the integrity of our systems.

Our Strategy is based on:

• Analysis and assessment of risks in matching with appropriate countermeasures
• Development, implementation and regular revision of integrated Business Continuity Plan, certificated to the Standard of ISO 22301.
• Training and raising awareness of our staff for effective crisis management.
• Definition and training of working groups and crisis management.
• Performing regular tests of our Plan to ensure its effectiveness and our readiness.

With this policy, we ensure that we are prepared to respond effectively to any challenge with professionalism, responsibility and reliability.