Gridex Support Gridex

Information Security Policy

Last updated: March 2026

1. Purpose and Scope

This Information Security Policy establishes the framework for protecting SupportHub's information assets, customer data, and technology infrastructure. The policy defines security standards, responsibilities, and procedures to ensure the confidentiality, integrity, and availability of all information systems.

Scope: This policy applies to all employees, contractors, consultants, temporary workers, and third parties who access SupportHub systems, networks, or data, regardless of location or device ownership.

2. Roles and Responsibilities

Information security is a shared responsibility across the organization:

2.1 Security Officer

Name: Tamas Szilagyi

Email: [email protected]

Responsibilities:

2.2 All Personnel

3. Data Classification

SupportHub classifies data into three categories to determine appropriate security controls:

3.1 Public Data

Information intended for public disclosure or already publicly available.

Examples:

Controls: No special handling required, but integrity must be maintained.

3.2 Confidential Data

Internal business information that could harm the company if disclosed.

Examples:

Controls: Access restricted to employees with business need; encrypted in transit; secure storage required.

3.3 Highly Confidential Data

Sensitive information that could cause significant harm if disclosed, including all customer data.

Examples:

Controls: Strict access controls with MFA required; encrypted at rest and in transit; audit logging enabled; regular access reviews; secure deletion procedures.

4. System Architecture and Trust Boundaries

SupportHub operates a cloud-native architecture entirely within the Microsoft Azure ecosystem. This section describes the system components, trust boundaries, and data flows.

4.1 System Components

4.2 Trust Boundaries

Trust boundaries define where data crosses from untrusted to trusted zones. SupportHub enforces security controls at the following boundaries:

5. Access Control and Authentication

SupportHub implements strong access controls to protect systems and data:

5.1 Authentication Requirements

5.2 Access Control Principles

5.3 Password Policy

6. Data Protection and Encryption

SupportHub implements comprehensive encryption to protect data throughout its lifecycle:

6.1 Encryption Standards

6.2 Infrastructure Security

6.3 AI Model Data Protection

Customer data used with AI models receives special protection:

7. Email and Communications Security

7.1 Email Usage Policy

8. Network and Wireless Security

8.1 Wireless Network Security

9. Security Incident Response

SupportHub maintains a comprehensive Incident Response Policy to handle security events effectively.

For detailed incident response procedures, severity classifications, and response times, please refer to our Incident Response Policy.

10. Business Continuity and Disaster Recovery

SupportHub maintains business continuity and disaster recovery capabilities to ensure service availability:

10.1 Data Backup and Recovery

11. Employee Responsibilities

All SupportHub personnel must adhere to the following security practices:

12. Policy Compliance and Enforcement

12.1 Compliance Monitoring

13. Policy Review and Updates

This Information Security Policy is reviewed and updated at least annually, or more frequently in response to significant security incidents, regulatory changes, or business needs. All personnel will be notified of material changes and required to acknowledge updated policies.

14. Questions and Contact Information

For questions about this Information Security Policy or to report security concerns:

Security Officer: Tamas Szilagyi

Email: [email protected]

TeleCetli Kft.

7634 Pecs, Darazs dulo 70., Hungary