Gridex AIGridex AI

Incident Response Policy

Last updated: November 2025

1. Purpose

The goal of this policy is to clearly identify IT roles and responsibilities for computer security incidents and data breaches investigation and response.

2. Scope

This policy applies to all personnel, including employees, temporary workers, contractors, those employed by contracted entities, and others authorized to access TeleCetli Kft. information resources, regardless of ownership or location of information systems used to store, process, transmit, or access TeleCetli Kft. data.

3. Responsibilities

3.1 Primary Security Responsible

Responsible Person: Tamas Szilagyi

Primary responsibilities include:

  • Reporting of security incidents
  • Identification of security vulnerabilities
  • Investigation of security breaches
  • Resolution of security incidents
  • Implementation of security measures
  • Communication with stakeholders

3.2 External Communication

Responsible Person: Tamas Szilagyi

Responsible for external communication on significant security-related issues (both the event and the resolution of the issue).

3.3 All Personnel Responsibilities

All members of TeleCetli Kft. are responsible for promptly reporting any suspected or confirmed security incident involving TeleCetli Kft. data or an associated information system, even if they have contributed in some way to the event or incident.

Reporting Methods:

  • Email: [email protected]
  • Direct Communication: Verbally or via messaging to the security responsible person (Tamas Szilagyi)

4. Incident Response Procedure

In the case of a security incident, the following steps should be taken by the security responsible towards resolution:

1

Investigate and Reproduce

Analyze the reported incident to understand its scope and nature. Attempt to reproduce the issue to confirm the vulnerability.

2

Determine Breach Size and Type

Assess the extent of the security breach, including affected systems, data, and users. Classify the type of incident (data breach, system compromise, etc.).

3

Define Communication Plan (Issue)

Establish internal and external communication protocols for notifying stakeholders about the incident.

4

Classify Technical Area

Identify whether the incident affects front-end, back-end, infrastructure, or other technical areas.

5

Define Technical Responsibility

Assign the appropriate technical personnel responsible for implementing the resolution.

6

Resolve and Deploy

Implement the fix and deploy it to all affected environments (development, test, production).

7

Implement Automatic Detection

Identify possible ways of automatic detection and notification for this and similar security issues in the future.

8

Review Policies

Review all relevant security policies and update them if necessary based on lessons learned.

9

Define Communication Plan (Resolution)

Establish internal and external communication protocols for notifying stakeholders about the incident resolution.

5. Incident Classification

Security incidents are classified by severity to ensure appropriate response times and resource allocation:

Severity LevelDescriptionResponse Time
CriticalData breach exposing sensitive customer data, complete system compromise, active exploitationImmediate (within 1 hour)
HighSecurity vulnerability allowing unauthorized access, potential data exposure, service disruptionWithin 4 hours
MediumSecurity weakness that could lead to compromise, minor data exposure, degraded security controlsWithin 24 hours
LowMinor security issues with limited impact, informational security findingsWithin 7 days

6. Contact Information

For security incident reporting and inquiries:

Company Name: TeleCetli Kft.

Security Contact: Tamas Szilagyi

Email: [email protected]

Legal

Privacy PolicyTerms of ServiceCookie Settings

Security

Information SecurityIncident ResponseVulnerability Disclosure

Help

Support

© 2026 Gridex AI. All rights reserved.

Back to Gridex AI