The Board and Management of Babelway, located at 6 Chemin du Cyclotron, Louvain-la-Neuve, Belgium, providers of an Internet platform for automated data exchanges, are committed to preserving the confidentiality, integrity and availability of all Babelway's physical and information assets in order to safeguard customer proprietary information, competitive edge, financial health, legal, regulatory and contractual compliance and commercial image. Information and information security requirements will continue to be aligned with Babelway's goals and customer expectations.

Babelway’s business objectives and risk management framework provide the context for identifying, assessing, evaluating and controlling security risks through the establishment and maintenance of an Information Security Management System (ISMS).  The ISMS is intended to be an enabling mechanism for information sharing, for electronic operations, for e-commerce and for reducing information-related risks to acceptable levels. The Board has set-up the Information Security Committee in charge of establishing and maintaining the ISMS and the Chief Security Officer is responsible for ensuring compliance with the ISMS.

Key to this policy are business continuity and contingency plans, data back-up procedures, virus/hacker avoidance measures, access control to systems and information security incident reporting are fundamental to this policy. Control objectives for each of these areas are contained in the ISMS Manual and are supported by specific, documented policies and procedures.

All Babelway employees and external parties identified in the ISMS are required to comply with this policy and with the ISMS implementing this policy. All staff, and certain external parties, will receive or be required to provide appropriate training.

The ISMS is subject to continuous, systematic review and improvement

Babelway is committed to achieving certification of its ISMS to ISO27001:2005

This policy will be reviewed annually (or more often as appropriate) in response to any changes in the risk assessment or risk treatment plan and at least annually.