Privacy Policy

Grayphite specializes in tailoring software solutions, encompassing design, development, and comprehensive quality assurance testing. Grayphite is committed to protecting its information assets by deploying information security and privacy controls that minimize the impact of any security incident.

To establish, uphold, and continually enhance the Information Security Management System (ISMS) while providing a framework for defining objectives and targets, Grayphite commits to the following:

• The Information Security and Privacy Management System shall be established in accordance with the ISO 27001 and ISO 27701 baseline, ensuring full adherence to its principles.
• All applicable legal and contractual requirements are fulfilled.
• Grayphite shall uphold the highest standard for privacy protection and ensure the Confidentiality, Integrity, and Availability (CIA) of the information assets is ensured through systematic deployment of the security controls.
• Business continuity plans are established, maintained, and tested.
• Risks to all corporate assets (tangible/intangible and human) are assessed and against all risks, appropriate controls are implemented, mitigation, and contingency plans are defined.
• All corporate assets (tangible/intangible, and people) are preserved within a secure and safe environment.
• A conducive work environment shall be provided to the human resource, free from accidental and occupational hazards.
• All personnel are trained in information security and privacy practices, roles, and responsibilities.
• All relevant data protection controls shall be applied throughout Grayphite.
• All personal information which is subject to different laws shall be protected according to the applicable law and Grayphite's security policies.

This policy is reviewed annually (or when required) to ensure the suitability, adequacy, and effectiveness of ISMS and is communicated to our interested parties.