information security

Sawex S.A. adopts high standards of data protection and archiving.

Each employee of the Company is obliged to exercise due diligence in order to protect and secure the information entrusted to him. The employee’s obligations in this respect result from the provisions of employment contracts, as well as from submitted declarations obliging them to comply with information security procedures. Employees are obliged not to disclose the obtained information to unauthorized persons and to protect the information against unauthorized access.

The Company has documented procedures for archiving and securing documentation in paper form. Paper documentation is not shared with third parties without the prior consent of the Management Board of the Company.

The Company adopts high standards of backing up data stored in electronic form. The most important data is archived every night on the local disk array. In relation to the most important data of the Company, additionally a weekly archiving to a portable disk is performed. The safe-storage of the portable disk is maintained outside the registered office of the Company.

All IT systems of the Company work in local networks under the control of a domain server. Any remote access is possible only through dedicated VPNs installed by the IT administrator.

In order to detect potential vulnerabilities to breaching security and system gaps that could threaten information safety, the Company periodically commissions external entities to perform security stress tests.