Information Security Policy

Hoteza is committed to preserving the confidentiality, integrity and availability of information stored and processed in Hoteza, whether it belongs to Hoteza, our employees, partners, customers, or suppliers.
For this purpose, Hoteza is establishing and implementing an information security management system (ISMS) in accordance with ISO 27001 and other best particles. Hoteza maintains and continually improves the ISMS.
Hoteza’s management demonstrates leadership and commitment concerning the ISMS by:

• ensuring the information security policy and the information security objectives are established and aligned with the strategic direction of the organisation;
• ensuring the integration of the ISMS requirements into the organisation’s processes;
• assigning specific roles and responsibilities;
• ensuring that the resources needed for the ISMS are available;
• supporting awareness-raising on information security; and
• promoting continual improvement of the ISMS.

The key objectives of the ISMS include the following:

• Ensuring compliance with applicable information security regulations and expectations of interested parties;
• Ensuring cyber resilience and process continuity in Hoteza;
• Identifying information security risks and reducing them to an acceptable level.

The fundamental principles of the ISMS are as follows:

• Information security is a crucial component of every procedure, process, or activity undertaken by Hoteza.
• At Hoteza, all employees consider information security an essential aspect of their daily tasks.
• Hoteza continually improves the suitability, adequacy and effectiveness of the ISMS.

The Information Security Policy is subject to periodic assessment, revision and updating every two years or, if necessary, at shorter intervals to reflect changing conditions.
Current version: ver.1, September 29th, 2023. Any previous versions are no longer valid or up-to-date.