Quality and Information Security Policies

QUALITY POLICY

SIDERIS GIS GREECE considers it a primary objective that the services provided to its customers exceed their expectations.

With the aim of continuously and consistently satisfying customer requirements and fostering relationships of trust, the management of all processes operates in accordance with the principles and requirements of the international standard ISO 9001.

To this end, SIDERIS GIS GREECE has designed, developed, and implemented a comprehensive Quality Management System in line with ISO 9001, which it is committed to consistently applying. This ensures the provision of integrated services in the Supply Chain and the continual improvement of both the system itself and the company’s operational processes and services.

SIDERIS GIS GREECE listens to, evaluates, and processes its customers' needs, and is committed to meeting their requirements consistently. It ensures that, through the adoption of appropriate methodologies, it improves its services, keeps up with technological developments in its field of activity, and remains informed about current legislative and regulatory provisions relevant to its operations.

SIDERIS GIS GREECE operates in the following areas:

  • Commercial representation of telematics systems
  • Wholesale trade of parts and accessories for cars and vehicles
  • Design, development, installation, technical support, and provision of integrated IT solutions and fleet management/monitoring systems

The company’s continuous and systematic improvement efforts focus on the following objectives:

Ongoing enhancement of existing products and services

  • Continuous improvement of customer satisfaction levels
  • Respect for the customer regardless of size — every customer is a valued partner
  • Reduction of customer complaints
  • Continuous training and support of our human resources
  • Conducting business with integrity and respect toward customers, partners, and employees

The three pillars of this Quality Policy are:

  • Adherence to the Quality Management System
  • Customer satisfaction
  • Continuous improvement of the system
     

This Quality Policy is communicated to all employees of the company, is implemented and supported by every employee, and is available to all interested parties.

INFORMATION SECURITY POLICY

1.    Purpose

The Information Security Policy defines the guiding principles for protecting the information of SIDERIS T.M. KAI SIA O.E. from internal or external, intentional or accidental threats. Its goal is to ensure the confidentiality, integrity, and availability of information resources and compliance with the ISO/IEC 27001:2022 standard, as well as with applicable legislation and the company’s contractual obligations.

2.    Scope

This policy applies to:

  • All employees, partners, and third parties with access to information systems.
  • All applications, databases, cloud infrastructures, devices, and platforms used in the provision of the company’s services.

3.    Information Security Principles

The company is committed to:

  • Confidentiality: Information is accessible only to authorized individuals.
  • Integrity: Information is maintained accurately, completely, and protected from unauthorized modification.
  • Availability: Information and systems are accessible when required.

In addition, the company adopts and is committed to:

  • Compliance with applicable laws and regulations related to its activities
  • Identifying the requirements and consequent needs of interested parties as expressed through documented information (e.g., contracts, correspondence, etc.)
  • Adherence to the ISO/IEC 27001:2022 management system requirements
  • Continuous staff training and awareness
  • Investigation of non-conformities, root causes, and complaints, and determination of preventive/corrective measures
  • Recognizing risk management and business knowledge as opportunities for improvement
  • Protecting the interests and confidentiality of those who entrust the company with their sensitive data
  • Ensuring the availability, integrity, and confidentiality of information generated, received, and transmitted through the company’s systems

4.    Management & User Responsibilities

  • Management provides the resources, support, and direction for the implementation of the Information Security Management System (ISMS).
  • All users are responsible for the security of the information they handle.
  • Training and awareness programs are conducted periodically for all staff.

5.    Protection Mechanisms

This policy is supported by specific procedures and controls, such as:

  • Access management and strong authentication (e.g., MFA)
  • Data encryption in transit and at rest
  • Security incident management
  • Risk management
  • Continuous monitoring and audit logs
  • Vulnerability assessments and penetration testing
  • Business Continuity Planning (BCP)

6.    Compliance

The company complies with:

  • ISO/IEC 27001:2022
  • Contractual obligations with customers and partners
  • Applicable technical security standards as required

7.    Monitoring and Review

  • The policy is reviewed at least annually or whenever required due to legal, technological, or operational changes.
  • ISMS performance is evaluated through internal audits, management reviews, and targeted performance indicators (KPIs).

8.    Statement of Commitment

Management explicitly states its commitment to information security and encourages the continual improvement of the ISMS and the overall security culture within the organization.

Revision date: May 29, 2025

For any inquiries related to these policies, please contact Frotcom Greece (SIDERIS GIS GREECE):

Address:
SIDERIS GIS GREECE
Niriidon 25, 
19016, Artemis, 
Greece

Phone: 22940 81033
Email: info@gr.frotcom.com