Information Security Management Policy

METAL BRIDGE S.M.P.C. recognizes the critical importance of protecting information assets, maintaining business continuity, and ensuring secure operations throughout all trading, sourcing, and logistics activities. This Information Security Management Policy establishes the framework for safeguarding the confidentiality, integrity, and availabilityof all information processed by the company.

1. Purpose

The purpose of this policy is to:

  • protect corporate and customer information from unauthorized access, alteration, or loss,

  • ensure secure handling of digital and physical data,

  • support compliance with applicable laws, including the EU General Data Protection Regulation (GDPR),

  • establish internal responsibilities and procedures for information protection.

2. Scope

This policy applies to:

  • all METAL BRIDGE employees, contractors, and authorized third parties,

  • all digital and physical information systems, including email, communication platforms, documentation, cloud services, and devices used for business operations.

3. Information Security Objectives

METAL BRIDGE is committed to:

  • safeguarding sensitive business, financial, technical, and customer information,

  • ensuring continuity of operations through secure IT systems,

  • identifying and mitigating security risks,

  • maintaining secure storage, transmission, and processing of data,

  • preventing unauthorized disclosure, manipulation, or destruction of information.

4. Access Control & Confidentiality

  • Access to corporate information is granted strictly based on role and necessity.

  • All employees and contractors are required to sign confidentiality agreements (NDAs).

  • Sensitive files, documentation, and business data are stored in protected systems with restricted access.

5. Digital Security Measures

To secure information systems, METAL BRIDGE implements:

  • strong password policies and multi-factor authentication where applicable,

  • regular system updates, security patches, and vulnerability monitoring,

  • firewalls, encryption technologies, and endpoint protection tools,

  • secure backup processes for data recovery and business continuity.

6. Information Handling & Data Protection

Employees must ensure:

  • secure use and storage of devices and documents,

  • protection of login credentials,

  • safe handling of files shared electronically or physically,

  • no transmission of sensitive information through unsecured channels.

7. Security Incident Management

  • Any suspected or actual security breach must be reported immediately.

  • Security incidents are recorded, investigated, and addressed through corrective actions.

  • Stakeholders are notified where legally required.

8. Training & Awareness

METAL BRIDGE provides ongoing training to ensure all personnel understand:

  • their responsibilities regarding information security,

  • how to identify threats such as phishing or cyber-fraud,

  • proper handling of confidential documents and digital systems.

9. Continuous Improvement

The company regularly reviews and updates information security procedures to:

  • adapt to evolving cybersecurity risks,

  • incorporate technological improvements,

  • support secure and compliant international operations.

 

 

METAL BRIDGE  is fully committed to maintaining a secure, compliant, and resilient information environment that protects our partners, our operations, and our long-term business integrity.