INFORMATION SECURITY POLICY STATEMENT

.

The Security Policy establishes the guidelines and principles established by People Experts to guarantee the protection of the information, as well as the fulfillment of the defined security objectives, thus ensuring the confidentiality, integrity and availability of the information systems and of course, guaranteeing compliance with all applicable legal obligations.

The People Experts management, aware of the importance of information security in the workplace, assumes and has the following commitments with respect to the Information Security Management System (ISMS):

• Ensure that information security objectives are established, always aligned with the company's strategy.

• Ensuring that security requirements are integrated into the organization's processes.

• Ensure the necessary resources for the management system.

• Communicate the importance of effective information security management in accordance with the requirements of the information security management system.

• Ensure that the information security management system achieves the expected results.

• Direct and support people, to contribute to the effectiveness of the information security management system.

• Promote continuous improvement of the management system.

• Support the relevant roles to demonstrate their leadership applied to their areas of responsibility.

To do this, management will ensure that People Experts staff comply with regulations, policies, procedures and instructions regarding information security.

Through the development of its Information Security Management System, People Experts intends to guarantee the following security objectives:

1. Ensure the confidentiality, integrity and availability of the information.

2. Comply with all applicable legal requirements.

3. Have a continuity plan that allows processes and activities to be recovered in the event of an incident, in the shortest possible time.

4. Train and educate all employees on information security.

5. Meet the expectations and security needs of customers, employees, suppliers, partners and other interested parties.

6. Properly manage all incidents that have occurred.

7. All employees will be informed of their security duties and obligations and are responsible for fulfilling them.

8. Continuously improve the ISMS and therefore, the security of the organization's information.

To ensure the correct performance of the Management System and comply with the established objectives and requirements, the People Experts management has appointed an ISMS Manager and a Committee that will ensure compliance with the guidelines set forth in this policy.

The information security policy is reviewed regularly at planned intervals, at least once a year, or if significant changes occur to ensure its continued suitability, efficiency and effectiveness. In a generic way, it is reviewed annually in the internal audit process by the ISMS Committee.

The management system policy is communicated internally by sending it by email. The statement of this policy will be made available to interested parties external to People Experts through its website.