Security

Last updated: February, 2026

General Information Security Policy

• Protect the Company’s informational and IT assets (including but not limited to all computers, mobile devices, networking equipment, software, and sensitive data) against all internal, external, deliberate, or accidental threats and mitigate risks associated with theft, loss, misuse, damage, or abuse of these systems.
• Ensure information is protected against unauthorized access. Users shall only have access to resources they are specifically authorized to access. Allocation of privileges shall be strictly controlled and reviewed regularly.
• Protect CONFIDENTIALITY of information by preventing disclosure to unauthorized parties.
• Ensure INTEGRITY of information by preventing unauthorized modification.
• Maintain AVAILABILITY of information for business processes by ensuring authorized parties can access information when needed.
• Comply with, and wherever possible exceed, national legislative and regulatory requirements, standards, and best practices.
• Continuously improve the Information Security Management System by implementing corrective actions that improve effectiveness.
• Develop, maintain, and test business continuity plans to ensure operational resilience despite disruptions.
• Raise awareness of information security by making security training available for all employees. Security awareness and targeted training shall be conducted consistently, security responsibilities reflected in job descriptions, and compliance with security requirements expected and accepted as part of our culture.
• Ensure that no action is taken against any employee who discloses an information security concern through reporting or direct contact with the Information Security Management Leader, unless such disclosure indicates, beyond any reasonable doubt, an illegal act, gross negligence, or repetitive deliberate or willful disregard for regulations or procedures.
• Report all actual or suspected information security breaches to security@acewaves.com.