Policies

Corinth Pipeworks S.A. is one of the world's leading producers of steel pipes and hollow sections for the energy and construction sectors. The protection of information and its processing systems is of strategic importance to the Company in order to ensure its smooth operation and, at the same time, to achieve its short-term and long-term objectives.

Recognizing the critical role of information and information systems in the execution of its business operations, Corinth Pipeworks S.A. implements an information security policy with the aim of:

• Ensuring the confidentiality, integrity, and availability of the information it manages
• Guaranteeing the proper functioning of information systems
• Promptly addressing incidents that could endanger the Company's business operations
• Complying with legislative and regulatory requirements
• Continuously improving the level of information security

To this end:

• The organizational structures necessary for monitoring information security matters are defined
• Technical control measures and restrictions on access to information and information systems are established
• The method of classifying information according to its importance and value is determined
• The necessary protective measures for information during the stages of processing, storage, and transmission are described
• Processes for informing and training the Company's employees and associates on information security matters are defined
• Procedures for handling information security incidents are identified
• The means by which the secure continuity of the Company's business operations is ensured in cases of information system failure or disaster are described

Corinth Pipeworks S.A. conducts risk assessments related to information security at regular time intervals and takes the necessary measures to address them. It implements a framework for evaluating the effectiveness of information security processes through which performance indicators are defined, the methodology for measuring them is described, and periodic reports are generated, which are reviewed by the Company's Management with the aim of continuously improving the system.

The Information Security Officer is responsible for monitoring and overseeing the policies and procedures related to information security and for taking the necessary initiatives to eliminate all those factors that could jeopardize the availability, integrity, and confidentiality of the Company's information.

All employees of Corinth Pipeworks S.A. and their associates with access to the Company's information and information systems are responsible for complying with the applicable information security policies.

• Business Code of Conduct
• Business Partners’ Code of Conduct
• Occupational Health and Safety Policy
• Labour and Human Rights policy
• Energy and Climate Change Policy
• Environmental Policy
• Sustainability policy
• Responsible Sourcing Policy
• Quality policy