LinkedIn YouTube
LinkedIn YouTube




Information Security Management Policy

The purpose of the Information Security Policy is to ensure the protection of all Romb Technologies information assets from unauthorized access, loss, misuse, alteration, or destruction, and to ensure the confidentiality, integrity, and availability of information in accordance with business objectives and applicable regulations. The established information security management system defines, implements, monitors, reviews, maintains, and improves processes and controls related to information security, and is based on risk management.

The Policy applies to all employees and external associates, all information systems, applications, and IT data equipment (computers, mobile devices, network equipment), and all business processes that involve information processing. All users of the information system are obliged to familiarize themselves with the security practices prescribed by this document and other internal acts regulating information security, as well as with the proper use of any part of the information system.

Romb Technologies ensures the confidentiality, integrity, and availability of information created and used within the defined scope of the information security management system, in order to enable the protection of information from internal, external, accidental, or intentional threats and to ensure business continuity.

Romb Technologies takes into account all legal and contractual obligations in managing the information security system in order to prevent violations of legal and contractual obligations and requirements related to the security of the information system.

The information security management system is based on risk assessment. Romb Technologies regularly identifies information risks, assesses likelihood and impact, defines risk reduction measures, and monitors the effectiveness of these measures.

By adopting this Policy, the Company's Management clearly expresses its commitment to the current and future continuous improvement and development of the information security management system. It commits to complying with all relevant legal regulations and justified demands of interested parties, as well as providing all necessary resources for successful business operations and the improvement of information security.

This Policy is reviewed by the Management upon any significant change in the management system, and at least once a year. This Policy is made publicly available.

Last update: 27th of April 2026