Company Policy

EPAFOS IT Systems S.M. S.A. is committed to the evolution and continuous improvement of our services. Our goal is to establish long-lasting and sustainable relationships with our customers by providing high-level services that are completely adapted to their needs. We prioritize the health, safety, and well-being of our employees and partners, and we are constantly striving to minimize the impact of our actions on the environment. We are committed to monitoring applicable legislation and ensuring our full compliance with it.

In order to successfully reach our objectives, we have implemented our Company's Integrated Management System. This system adheres to the strict guidelines set forth by the ISO 45001:2018, 9001:2015, 14001:2015, 27001:2013, and 22301:2019 standards.

Every day, our customers are asked to evaluate the quality of our services. Our policy is a reflection of our primary objective, which is to stay up-to-date with the latest advancements and meet market demands effectively.

Our philosophy of service provision is achieved through the following methods:

Application of all the rules and procedures provided by the legislation for the health and safety of projects and the protection of the environment.

Implementation and compliance with the client's additional health and safety rules and procedures.

Full compliance at all times with the applicable Legislation and in particular with what is determined by the General Data Protection Regulation (EU) 2016/679 (GDPR) for the protection of personal data. The company is constantly improving its existing practices in order to fully meet the obligations deriving from these provisions.

Developing direct and flexible communication with our customers in order to recognize their different needs and expectations and focus on their satisfaction by always providing them with personalized solutions in order to fully meet their requirements.

Continuous information and training of all personnel and partners involved in the company's operations, encouraging them to actively participate in the goal of improving quality.

Search and identify for any potential risks that may pose a threat to the health and safety of all personnel involved and implement appropriate measures to avoid or minimize their impact.

Protection of both employees and the community in which the company operates, by implementing sacure technologies and operating procedures.

Respecting the environment and conservating natural resources by adopting sustainable practices such as reusing and recycling materials, sourcing recycled materials, and using recyclable packaging and other materials

Providing the necessary resources for the smooth, effective and efficient operation of each department of the company.

Continuous monitoring the effectiveness of our company's policies at all levels, constant search and adoption of new methods to enhance the quality of our services, ensuring safety and occupational health in our work environment and improving the environmental management system we implement.

It is imperative that all staff and partners of our company adhere to the regulations outlined in this text. 

Ensuring high quality, promoting environmental awareness, and prioritizing occupational health and safety are the collective responsibilities of every member of EPAFOS IT Systems S.M. S.A.. This includes management, staff, and partners. The daily actions of each individual contribute to the continuous improvement of our products, services, and overall company image.

For the Administration,
CHRISTOS CHALDAIOPOULOS

SAFETY AND HEALTH POLICY STATEMENT

EPAFOS IT Systems S.M. S.A. is committed to providing a safe and healthy working environment for its valued staff. We take proactive measures to effectively manage and continuously improve our safety and health protocols, with the ultimate goal of minimizing or eliminating potential risks. Our dedication to maintaining a healthy workplace is unwavering, and we strive to ensure that our employees feel secure and supported at all times.

Ensuring the safety and well-being of our staff, partners, and third parties is a fundamental aspect of our organization. We prioritize accident and disease prevention in all of our activities, from the highest levels of management to the day-to-day operations.

The management of the company is committed to:

• ensuring Health and Safety,
• management of any possible change in view of the Safety and Health of the workers,
• complying with all laws and regulations in the workplace,
• proviede the required resources and logistical infrastructure so that the Safety, Health and Well-being of our staff, partners, and third parties are in line with the highest standards,
• prioritize the continuous training of our staff in both general and specific safety and health matters,
•  investigate all incidents, regardless of their frequency or severity,
• monitor, document, and evaluate safety and health at work, and review our policies to ensure that we are always improving our safety standards.

For all of the above, EPAFOS implements a Safety and Health Management System that adheres to the ISO 45001:2018 standard. This system is applied by all staff members independently to ensure a safe working environment.

On behalf of the Administration, we are committed to upholding these principles of health and safety in the workplace.

QUALITY POLICY STATEMENT

At EPAFOS, we prioritize the satisfaction of our customers by providing them with personalized, high-quality solutions. To achieve this, we have established an integrated Quality Management System that adheres to the ISO 9001:2015 standard. Our commitment is to consistently deliver services of a known and constant quality, while continuously improving our processes across all tasks we undertake. 

For EPAFOS, the concept of quality includes the following:

• Focusing on meeting the needs and expectations of our customers.
• Providing services characterized by high quality, reliability and security to the user.
• Commercial policy to maintain competitive prices.
• Quick response to service delivery requests.
• Honesty, clarity and reliability in communication and cooperation with customers.
• Compliance with laws and regulations.

This quality policy is reviewed and checked for its continued suitability, and is communicated to all executives of our Company.

ENVIROMENTAL POLICY

EPAFOS IT Systems S.M. S.A. Company is committed to sustainable development. We recognize the importance of using natural resources in a responsible manner to minimize negative impacts on the environment. To achieve this goal, we have developed and implemented an Environmental Management System that adheres to the ISO 14001:2015 standard.

In our Company:

• We are committed to upholding Environmental Legislation and meeting the requirements set forth by the competent authority.
• Our staff is an integral part of this commitment, and we encourage them to contribute creatively to our efforts. We provide ongoing training to ensure that our team is equipped with the knowledge and skills necessary to maintain our high standards.
• We are also selective in our choice of suppliers, evaluating their environmental awareness before making any decisions. This ensures that we work with partners who share our values and commitment to sustainability.
• Our Environmental Management system is applied throughout all aspects of our operations.
• We are constantly seeking ways to improve our prevention and emergency response procedures.

None of this would be possible without the dedication and sense of responsibility demonstrated by our team. They are the driving force behind our success, and we are grateful for their support in implementing our Environmental Management system on a daily basis.

This policy is reviewed and checked for its continued suitability, and is communicated to all executives of our Company.

INFORMATION SECURITY MANAGEMENT POLICY STATEMENT

At EPAFOS, we recognize the critical importance of information security. That's why we have implemented a management system that adheres to the ISO 27001:2013 Standard for information security management. Our system fully covers all requirements outlined in the Standard.

Our policy regarding information security management is as follows:

• We are committed to complying with all applicable laws, regulations, and contractual obligations.
• We prioritize the confidentiality, integrity, and availability of the data and information we manage.
• We ensure that only authorized personnel have access to our information resources.
• We ensure that only authorized personnel have access to our information resources.
• We have established and implemented a business continuity plan to ensure the availability of information and communication systems even in the event of a major security incident.
• We provide information security training to all EPAFOS employees to minimize the risk of security incidents.
• We require our partners and suppliers to comply with our information security needs and requirements.
•  We have established systematic controls to assess the implementation, adequacy, and effectiveness of our information security system. 
• We investigate all security incidents and alleged weaknesses with competent staff.
• We hold EPAFOS management directly responsible for implementing this policy and ensuring compliance among all staff in their areas of responsibility. Any deviations from this policy could result in legal and financial consequences for both the individual and the company.

At EPAFOS, we are fully committed to upholding all legal and regulatory requirements, as well as contractual obligations to our customers, in matters of information security and personal data protection related to our activities.

We understand that the information security system is dynamic and goes beyond the necessary technological infrastructure. It requires the active participation of all personnel within our Company.

To ensure that we maintain the highest standards of information security and personal data protection, we regularly review and check our policies for continued suitability. We also communicate these policies to all executives within our Company.

BUSINESS CONTINUITY POLICY STATEMENT

At EPAFOS IT Systems S.M. S.A. we understand the potential risks that could disrupt our operations and systems. To ensure the continuity of our critical activities, we have implemented a Business Continuity Management System in accordance with the international standard ISO 22301:2019, in order to:

• Ensure the uninterrupted operation of our facilities, even in the event of an incident that renders them unavailable or inaccessible.
• Restore our operations to acceptable levels as quickly as possible.
• Minimize the impact of any interruptions on our reputation and the trust of our customers.

The Company has adopted strategic contingencies in accordance with the Standard to ensure the safety of personnel and protect the reputation of the organization. These measures are combined with the continuous and reliable provision of services for stakeholders, while maintaining contractual and legal compliance with regulations.

To achieve these objectives, the Company has implemented a Business Continuity Management System that adheres to policies, procedures, and related Business Continuity plans. The system aims to:

• safeguard the health and safety of staff and protect the image and reputation of the Company
• ensure the continuity of activities that generate value
• ensure the Company's ability to provide its services and products without interruption.
• establish systematic methods for the design and evaluation of the Company's Business Continuity requirements
• establish the development of recovery strategies and applicable Business Continuity incident response plans, are integral components of the system.

The Company's Management is committed to complying with applicable requirements and continuously improving the adequacy, suitability, and effectiveness of the Business Continuity Management System.

This policy is regularly reviewed and checked for its continued suitability and communicated to all executives of the Company.