Information Security Policy Statement

Public · v1.00 (Final) · Approved 12 May 2025 by Dr. Theodoros Ntouskas

Information is a critical asset to XENIOS BLOCKCHAIN GROUP operations and its ability to achieve strategic business objectives. As a result, protection of confidentiality, integrity, and availability of information is imperative to the business. The objective of this policy is to provide the main principles required to protect information assets from a wide range of threats and effectively lower the business risks.

Information Security Policy provides the management direction and support for information security in accordance with business requirements and relevant laws and regulations.

This policy applies to all XENIOS BLOCKCHAIN GROUP systems, people and processes, including board members, directors, employees, contractors and other third parties who have access to XENIOS BLOCKCHAIN GROUP information systems.

XENIOS BLOCKCHAIN GROUP has adopted the Information Security Policy and is committed to the effective implementation and provision of resources for the improvement of the Information Security Management System (ISMS).

The Information Security Policy aims to ensure:

• Continuous protection of information against unauthorized access.
• The confidentiality of XENIOS BLOCKCHAIN GROUP information, clients and partners.
• The integrity of XENIOS BLOCKCHAIN GROUP information, clients and partners.
• The availability of information and business transactions.
• Compliance with the legislative and regulatory requirements concerning XENIOS BLOCKCHAIN GROUP.
• The maintenance of an effective Business Continuity Plan.
• The adequate training of the XENIOS BLOCKCHAIN GROUP employees in information security issues.
• The identification and investigation of potential information security breaches are reported to the Information Security Officer and are thoroughly investigated and dealt with in time and effectively.
• Appropriate procedures and individual security policies are in place to support the policy, including technical and organizational measures of protection.
• Compliance with the legislation and requirements of ISO 27001:2022, and the ongoing monitoring and implementation of the ISMS is ensured.

The Information Security Officer is responsible for maintaining the Information Security Policy and for providing support and advice in its implementation.

XENIOS BLOCKCHAIN GROUP Top Management is responsible for the implementation of the Information Security Policy as well as for ensuring the compliance of the supervised personnel.

Compliance with the Information Security Policy is mandatory for all parties that have been or are cooperating with XENIOS BLOCKCHAIN GROUP.

Any violations of the Information Security Policy are subject to disciplinary actions. The decision depends on the nature and impact of the violation.