Information Security Policy

The following statement applies for “Cloud Services” and “Public facing SaaS solutions.”

It is the policy of Cloud Services to prohibit unauthorized access, disclosure, modification, diversion, destruction, loss, misuse or theft of our confidential and strictly confidential information assets. Cloud Services will control information risks in the areas of

• Confidentiality — Ensuring that information is accessible only to authorized users
• Integrity — Safeguarding the accuracy and completeness of information and information-processing methods
• Availability — Making information assets available to authorized users when needed

A risk and cost-effective balance is made between the level of information security measures and the value of the information in Cloud services, taking both internal and external demands into account.