The eBizLab team has established an Information Security Policy which supports the mission, vision, core values, and goals of the Company while committing to maintaining and improving information security within the Company, and minimizing its exposure to all risks. The policy is as follows:

• Ensure the confidentiality of both Company and client information and the protection of that information against unauthorized access
• Maintain the integrity of all information shared between Company and client, and ensure maximum availability of all information as required for authorized individuals
• Provide information security training and awareness for all employees, including mandatory onboarding information security training and regular information security training for current trends, updates, and refreshers
• Supply information to all relevant business process and employees as required while observing the principle of least functionality
• Meet all regulatory and legislative requirements
• Maintain and regularly test disaster recovery and business continuity plans
• Conduct regular penetration testing to ensure security of information
• Ensure that breaches of Information Security will be reported and investigated by the Company, and appropriate steps will be documented and observed, including the identification and implementation of opportunities for improvement
• Communicate this policy statement both internally and externally and on request

This policy is subject to change, as Information Security is a dynamic area. Change may occur after annual reviews, system upgrades, or as necessary to ensure maximum security. The Company commits to regular and continuous improvement through a process of ongoing management reviews, risk assessments, regular internal and external audits, security incident reporting, and regular training for employees.