Information Security Policy

1. Purpose

TXOne Networks' security policy aims to ensure the protection of TXOne Networks' information assets against all internal, external, deliberate, or accidental threats. This document establishes principles, responsibilities, and practices for managing company information resources.

2. Scope

This policy covers all TXOne Networks personnel, including employees, contractors, consultants, and temporary staff. It applies to third-party affiliates as well. The policy encompasses all information systems, networks, hardware, software, data, and communication devices owned or operated by TXOne Networks.

3. Policy Statement

TXOne Networks commits to safeguarding information confidentiality, integrity, and availability through:

• Risk Management: Regular assessment and mitigation of information security risks

• Access Control: Grant access based on business needs following least privilege principles

• Data Protection: Implement encryption, access controls, and robust data handling procedures

• Incident Management: Establish response plans for security breaches and incidents

• Training & Awareness: Provide regular security education to all personnel

• Compliance & Improvement: Maintain regulatory adherence and continuously update security practices

4. Compliance

Non-compliance may result in disciplinary action up to and including termination of employment or contract, as well as legal action where applicable. TXOne Networks holds ISO/IEC 27001:2022 certification.