MPD GREECE Single-Member S.A. implements an Information Security Management System that
complies with the ISO 27001:2022 standard and is committed to:

. Ensuring the confidentiality, integrity and availability of information processed, stored,
transferred electronically or physically through the company’s staff and information systems.

. The timely and rapid identification and response to emergencies related to a breach (or
possible breach) of the security of the company’s information.

. Ensuring the information security policy and the information security objectives are
established and are compatible with the strategic direction of the company.
. The protection of the company’s investment in information and communication
technologies.

. Compliance with the requirements of the applicable legislation in matters of personal data
management, communications privacy, copyright, etc. in the area of its activities.

. The continuous improvement of the Information Security Management System.

. Define the business requirements regarding information systems availability.

. Define the interested parties and internal/external issues.

. The proper assessment and monitoring of Risks and Opportunities.

It is important for MPD GREECE Single-MemberS.A. to have the necessary resources to support
the Information Security Management System and to provide the necessary knowledge to its staff
in matters of information security, utilizing their skills and abilities.

MPD GREECE Single-Member S.A. fully recognizes the objectives of the Information Security
Management System and supports their implementation.

Management Representative

Balzan Pierre

05/05/2025