INFORMATION SECURITY POLICY

Microtechno Vietnam Co., Ltd. recognizes the importance of information assets, personal data, and information systems in its business operations. To protect the legitimate rights and interests of customers, partners, employees, and other stakeholders, the Company is committed to complying with applicable legal requirements and security obligations, while maintaining and continually improving its Information Security Management System (ISMS).

1. Protection of Information Assets and Personal Data

The Company implements appropriate organizational, technical, physical, and personnel controls to ensure the confidentiality, integrity, and availability of information assets and personal data, and to prevent unauthorized access, disclosure, loss, alteration, or destruction of information.

2. Compliance with Legal and Contractual Requirements

The Company complies with applicable laws and regulations relating to information security, cybersecurity, and personal data protection, as well as security requirements specified in contracts with customers, partners, and relevant stakeholders.

3. Training, Risk Management, and Incident Response

The Company conducts information security risk assessments and implements risk controls, raises employee awareness through training, and establishes mechanisms for the prevention, detection, and timely response to information security incidents.

4. Continual Improvement

The Company periodically evaluates the effectiveness of its Information Security Management System and continually improves its processes to enhance information security performance.