```html

Information Security Policy

Last updated: April 2025

GANBARU SMARTECH S.L. is a company whose mission is to provide its clients with Information Security and Cybersecurity through the provision and supply of specific products and services.

GANBARU SMARTECH S.L, in order to adapt to the demands of Information Security, has an Information Security Management System in compliance with the requirements of the international standard ISO-IEC 27001:2023, the European directive (EU) 2022/2555 (NIS2).

GANBARU SMARTECH expressly states its commitment to providing quality services, so that the general guidelines and objectives of the organization are intended to implement and maintain an Information Security Management System.

In the development and operation of these services, information is an asset that has high value. GANBARU SMARTECH recognizes the need to ensure at all times the availability, integrity, traceability, authenticity, and confidentiality of information as a means of preserving the corporate image and the correct performance of the services provided by GANBARU SMARTECH against potential threats that may occur.

The primary objective of this information security policy is to provide guidelines for the management of information security, and as a consequence, to obtain the highest level of assurance in the treatment and custody of information in GANBARU SMARTECH's systems. To achieve these goals, risks that threaten our information systems will be identified and assessed permanently, control and reduction of these will be planned when possible, and their constant monitoring in other cases. All of the above is framed in a commitment to continuous improvement, using the established compliance framework and a scrupulous respect for the applicable legislation.

The Management, committed to providing the necessary means, relies on the collaboration of all staff and assumes responsibility for their motivation and training in the knowledge and compliance with this policy.

The guidelines set by GANBARU SMARTECH in its Security Policy include:

1. Information Protection Implement measures to ensure the confidentiality, integrity, availability, traceability, and authenticity of information. Use access controls to restrict information only to authorized personnel. Establish encryption policies for the transmission and storage of sensitive data.

2. Regulatory Compliance

Comply with all applicable regulations on data protection and information security.
Conduct periodic internal audits to verify compliance with regulations and security standards.

3. Risk Management

Continuously identify and assess information security risks.
Apply mitigation measures to reduce vulnerabilities and protect digital assets.

4. Awareness and Training

Promote staff training and awareness in good information security practices.
Establish incident response protocols and internal communication mechanisms.

5. Access Control and Resource Use

Define roles and permissions for access to information and critical systems.
Monitor the use of corporate devices and networks to prevent unauthorized access
6. Incident Management
Implement incident response plans, with clear actions for mitigation and recovery.
Maintain event logs and incident analysis to improve future risk prevention.

7. Continuous Improvement

Review the security policy and update it periodically to adapt to new challenges and regulations.
Foster an organizational culture based on security and information protection.

The Management of GANBARU SMARTECH understands its duty to ensure information security as an essential element for the correct performance of its services, therefore, it supports the objectives and principles established in this policy. Thus, this information is exposed for the knowledge of the personnel who operate with us, interested third parties, as well as for its exposure and knowledge of the general public through publication on our official website.

```

About cookies

This website stores cookies on your computer that are used to collect information about your interaction with our website and allow us to remember you. We use this information to improve and personalize your browsing experience and to generate analytics and metrics about our visitors to this website and other media. For more information about cookies, please see our Privacy Policy.

If you decline, your information will not be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.

About cookies

This site uses cookies. We use cookies primarily to improve and analyze your experience on our websites and for marketing purposes. As we respect your right to privacy, you can choose not to allow the use of some types of cookies. Click on the different category headings to learn more and change the default settings. Blocking some types of cookies may adversely affect your experience on the site and limit the services we can provide you.

> Required

Always active

These cookies are necessary for the website to function and cannot be disabled on our systems. They are generally only enabled in response to any action you take that represents a request for services, such as setting your privacy preferences, logging in or filling out forms.

> Analytical

These cookies help us understand how visitors interact with the website. We may use a set of cookies to collect information and report site usage statistics. In addition to this, the data collected may also be used, together with some of the advertising cookies described above, to help display the most relevant advertisements on the website and to measure interactions with the advertisements we display.

> Advertising

We use cookies to make our ads more attractive and useful to site visitors. Some of the most common functions of cookies are to select advertising based on user interests, improve information about the performance of advertising campaigns, and avoid showing ads that the user has already seen.

> Functional

We use a set of cookies that are optional for the website to function. They are usually only set in response to information provided to the website to personalize and optimize your experience, as well as to remember your chat history.