Skip to content

Information Security Policy

Edition: 02 — Edition date: 02/10/2026.

This document is the exclusive property of Growketing, and its reproduction is prohibited without the consent of the System Manager.

The Growketing Management, through the Information Security Committee (ISC), establishes, drives and disseminates at all levels of the organization the following policy and objectives for the management of information security, cybersecurity and privacy protection.

The information generated and managed by Growketing constitutes a key strategic asset to ensure business continuity. In this context, the Information Security Policy is oriented to protecting information, the means that allow its management, including the people who access and/or manipulate the information. All this with the aim of ensuring its integrity, availability and confidentiality.

1. STATEMENT OF MANAGEMENT INTENT

Growketing will protect information resources and the technology used for their processing from internal or external threats, deliberate or accidental, with the goal of ensuring the integrity, availability and confidentiality of information. Furthermore, it commits to ensuring the continuity of information systems, minimizing the risk of damage and ensuring the efficient fulfillment of its strategic objectives.

2. INFORMATION SECURITY PRINCIPLES

  • Promote an organizational culture oriented to information security.
  • Engage Growketing’s top authorities in the dissemination, consolidation and compliance with the policy.
  • Implement security measures identifying available resources and budget allocations.
  • Maintain updated policies, regulations and procedures, in order to ensure their validity and effectiveness.
  • Promote practices to ensure the continuity of Growketing’s functions.
  • Comply with legal and regulatory requirements, those of the organization itself and continuous improvement.

3. INFORMATION SECURITY MANAGEMENT OBJECTIVES

The objective is to achieve adequate levels of integrity, confidentiality and availability for Growketing’s information and that of its clients, ensuring the operational continuity of the processes and services it develops by safeguarding the information assets associated with the critical business processes.

Specific objectives are detailed in the specific objectives document of the Information Security Management System.

4. SCOPE OF THE INFORMATION SECURITY POLICY

Growketing’s Information Security Policy is issued in compliance with current legal provisions, with the objective of properly managing information security.

This policy must be known and complied with by all personnel of the “Data and Artificial Intelligence” area of Growketing (managers, employees, contractors) as well as the support areas that interact with it, and will be communicated within the organization. In addition, it will be available as documented information for interested parties when appropriate.

This policy applies to the entire scope and projects of the “Data and Artificial Intelligence” area of Growketing, to its resources and to all internal and external processes linked to the area and the projects it carries out.

5. GENERAL ASPECTS

The Information Security Policy has been drafted in accordance with the legislation in force in the country. Top Management commits to taking actions to allow operational continuity, address interruptions of institutional activities, protect critical processes and ensure the timely resumption of information systems.

6. POLICY APPROVAL

The Information Security Policy will be approved by Top Management, clearly reflecting their commitment, support and interest in developing an information security culture at Growketing.

7. POLICY DISSEMINATION

It will be the responsibility of the Information Security Officer (ISO) to disseminate relevant security topics. Security policies will be communicated to all Growketing personnel and to third parties providing services to the organization.

For policy dissemination, the means available in the organization will be used, as well as awareness and training instances. A Plan for Dissemination, Awareness and Training in information security will be defined, implemented and evaluated.

8. POLICY REVIEW

The Information Security Policy will be reviewed annually to keep it up to date. In addition, modifications will be made based on possible technological changes, the impact of security incidents, structural changes at Growketing, legal conditions or at the request of Management. Modifications will be the responsibility of the Information Security Committee and will be approved by Management.

EXPAND
YOUR
HORIZONS

Subscribe to our newsletter
and discover the latest trends and updates of the digital world.

LET'S CONNECT