At Dedge Security, a company dedicated to software development and maintenance services (Dedge Security) for the cybersecurity sector in a Web3 environment, we are aware of the importance of information security for the daily development of our activity and the correct management of information and assets in our organization.

In order to ensure this management, Dedge Security has implemented an Information Security Management System in accordance with the requirements of the ISO/IEC 27001:2022 standard to guarantee the continuity of information systems, minimize risks, and ensure the fulfillment of the established objectives. 

To guarantee the effectiveness and application of the Information Security Management System, an Information Security Committee is established, which will be responsible for the approval, dissemination, and compliance of this Security Policy, as well as the supervision, implementation, development, and maintenance of the Management System. 

The objective of this Security Policy is to establish the necessary framework for action to protect information resources against internal or external, deliberate or accidental threats, in order to ensure the fulfillment of confidentiality, integrity, and availability of information. To this end, the following commitments are issued:

• Comply with current legislation on information security.

• Ensure the privacy of data managed by Dedge Security concerning clients, employees, suppliers, and third parties.

• Guarantee the confidentiality, availability, and integrity of our organization's own information assets.

• Identify and reduce information security risks relevant to our organization.

• Ensure the capacity to respond to emergency situations, reestablishing the operation of critical services in the shortest possible time.

• Protect information assets according to their value or importance.

• Promote awareness and training in information security.

• Establish a reference framework for fulfilling objectives and goals in information security, as well as continuous improvement in our activities and processes.

Every person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to strictly comply with the Security Policy.